Xacamaster

15 de março

Olá,

Recentemente sofri alguns episódios de clonagem de cartão de crédito, razão pela qual desconfiei que talvez minha máquina estivesse infectada. Dito isso, por via das dúvidas, fiz um scan completo em meus HDs com o antivírus Kaspersky - e surpreendentemente foi encontrado o seguinte vírus em alguns arquivos do word: HUER:Trojan.MSOffice.Alien.gen. Não sei se foi o responsável pelo vazamento de dados, mas foi o suficiente para ligar o alerta. O antivírus diz que eliminou os arquivos, contudo ainda estou com uma pulga atrás da orelha, motivo pela qual peço pela ajuda dos nobres aqui.

Dito isso, segue logs.

AdwCleaner

Citação

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build:    03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-15-2024
# Duration: 00:00:01
# OS:       Windows 10 (Build 19045.4170)
# Cleaned: 4
# Failed:   0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.HPUsageTrackingLEDM   Folder   C:\Program Files (x86)\HP\HP UT LEDM\BIN
Deleted       Preinstalled.HPUsageTrackingLEDM   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPUsageTrackingLEDM
Deleted       Preinstalled.HPUsageTrackingLEDM   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|HPUsageTrackingLEDM
Deleted       Preinstalled.HPUsageTrackingLEDM   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{853F464A-B2B8-404E-BA3E-B98FF6862C41}

*************************

[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [36337 octets] - [22/07/2020 20:42:43]
AdwCleaner[S00].txt - [1467 octets] - [22/07/2020 20:43:30]
AdwCleaner[C00].txt - [1735 octets] - [22/07/2020 20:44:07]
AdwCleaner[S01].txt - [1590 octets] - [23/08/2021 23:34:12]
AdwCleaner[C01].txt - [1858 octets] - [23/08/2021 23:36:08]
AdwCleaner[S02].txt - [2216 octets] - [10/04/2023 12:02:31]
AdwCleaner[S03].txt - [2277 octets] - [15/03/2024 11:04:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

ZHPCleaner

Citação

~ ZHPCleaner v2024.3.9.10 by Nicolas Coolman (2024/03/09)
~ Run by Angelo (Administrator) (15/03/2024 11:09:01)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : D:\Área de Trabalho\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Angelo Braz\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point :
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 19045)

---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.

---\\ Services (0)
~ No malicious or unnecessary items found.

---\\ Browser internet (10)
FOUND file: C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\History    =>.SUP.BrowserHistoric
FOUND file: C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\History    =>.SUP.BrowserHistoric
FOUND folder: C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
FOUND folder: C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
FOUND folder: C:\Users\Angelo Braz\AppData\Local\Chromium\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
FOUND folder: C:\Users\Angelo Braz\AppData\Local\Mozilla\Firefox\Profiles\ncjbv9eo.default\Cache2 =>.SUP.BrowserCache
FOUND folder: C:\Users\Angelo Braz\AppData\Local\Mozilla\Firefox\Profiles\tczzhnvm.default-release-1691629413015\Cache2 =>.SUP.BrowserCache
FOUND folder: C:\Users\Angelo Braz\AppData\Local\Thunderbird\Profiles\ncjbv9eo.default\Cache2 =>.SUP.BrowserCache
FOUND folder: C:\Users\Angelo Braz\AppData\Local\Thunderbird\Profiles\tczzhnvm.default-release-1691629413015\Cache2 =>.SUP.BrowserCache
FOUND data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;localhost;] =>Hijacker.Proxy

---\\ Hosts file (1)
~ The hosts file is legitimate (2)

---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\ Explorer ( File, Folder) (12)
FOUND file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3809.tmp    =>.SUP.Temporary.Office
FOUND file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3E3D.tmp    =>.SUP.Temporary.Office
FOUND file: C:\Users\Angelo Braz\AppData\Local\Temp\wct657C.tmp    =>.SUP.Temporary.Office
FOUND file: C:\Users\Angelo Braz\AppData\Local\Temp\wct6F58.tmp    =>.SUP.Temporary.Office
FOUND file: C:\Users\Angelo Braz\AppData\Local\Temp\wctC4D5.tmp    =>.SUP.Temporary.Office
FOUND file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD723.tmp    =>.SUP.Temporary.Office
FOUND file: C:\Users\Angelo Braz\AppData\Local\Temp\wctFE11.tmp    =>.SUP.Temporary.Office
FOUND file: C:\Users\Angelo Braz\AppData\Local\Temp\~DF86727A937870F5EF.TMP    =>.SUP.Temporary.Other
FOUND file: C:\Users\Angelo Braz\AppData\Local\Temp\~DF8A80E9E9638805BF.TMP    =>.SUP.Temporary.Other
FOUND folder: C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
FOUND folder: C:\WINDOWS\Installer\MSI5756.tmp- =>.SUP.Empty
FOUND folder: C:\WINDOWS\Installer\MSI6467.tmp- =>.SUP.Empty

---\\ Registry ( Key, Value, Data) (251)
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE.FriendlyAppName [Word] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE.ApplicationCompany [Microsoft Corporation] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE.FriendlyAppName [Excel] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE.ApplicationCompany [Microsoft Corporation] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE.FriendlyAppName [Office XML Handler] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLED.EXE.ApplicationCompany [Microsoft Corporation] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.FriendlyAppName [Office XML Handler] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE.ApplicationCompany [Microsoft Corporation] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Riot Games\Riot Client\RiotClientServices.exe.FriendlyAppName [Riot Client] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Riot Games\Riot Client\RiotClientServices.exe.ApplicationCompany [Riot Games, Inc.] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE.FriendlyAppName [Outlook] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\OUTLOOK.EXE.ApplicationCompany [Microsoft Corporation] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\POWERPNT.EXE.FriendlyAppName [PowerPoint] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Microsoft Office\Root\Office16\POWERPNT.EXE.ApplicationCompany [Microsoft Corporation] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Anki\anki.exe.FriendlyAppName [anki.exe] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReader.exe.ApplicationCompany [Foxit Software Inc.] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Angelo.FriendlyAppName [Angelo] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\ZHPCleaner (1).exe.FriendlyAppName [ZHPCleaner] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\ZHPCleaner (1).exe.ApplicationCompany [Nicolas Coolman] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Angelo Braz\AppData\Local\Programs\Cisco Spark\CiscoCollabHost.exe.FriendlyAppName [Webex] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Angelo Braz\AppData\Local\Programs\Cisco Spark\CiscoCollabHost.exe.ApplicationCompany [Cisco Systems, Inc] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\PROCESSO MONITOR\Procmon.exe.FriendlyAppName [Process Monitor] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\PROCESSO MONITOR\Procmon.exe.ApplicationCompany [Sysinternals - www.sysinternals.com] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\PROCESSO MONITOR\Procmon64.exe.FriendlyAppName [Process Monitor] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\PROCESSO MONITOR\Procmon64.exe.ApplicationCompany [Sysinternals - www.sysinternals.com] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\PROCESSO MONITOR\Procmon64a.exe.FriendlyAppName [Process Monitor] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\PROCESSO MONITOR\Procmon64a.exe.ApplicationCompany [Sysinternals - www.sysinternals.com] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\instala_1.0.0.4.exe.FriendlyAppName [Foto3x4 Setup] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\instala_1.0.0.4.exe.ApplicationCompany [Qualiom Sistemas Computacionais] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Angelo Braz\AppData\Local\Programs\Python\Python311\pythonw.exe.FriendlyAppName [Python] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Users\Angelo Braz\AppData\Local\Programs\Python\Python311\pythonw.exe.ApplicationCompany [Python Software Foundation] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\devenv.exe.FriendlyAppName [Microsoft Visual Studio 2022] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\devenv.exe.ApplicationCompany [Microsoft Corporation] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe.FriendlyAppName [Microsoft Visual Studio Version Selector] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe.ApplicationCompany [Microsoft Corporation] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\Nova pasta (3)\LG DESCRYPT\RUN.BAT.FriendlyAppName [RUN.BAT] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\PDFsam Basic\pdfsam.exe.FriendlyAppName [pdfsam.exe] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\Nova pasta (3)\LG DESCRYPT\LIST.bat.FriendlyAppName [LIST.bat] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\Nova pasta (3)\LG DESCRYPT\main.bat.FriendlyAppName [main.bat] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\CapCut_2_5_3_801_capcutpc_0_creatortool.exe.FriendlyAppName [CapCut] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\CapCut_2_5_3_801_capcutpc_0_creatortool.exe.ApplicationCompany [Bytedance Pte. Ltd.] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\avpui.exe.FriendlyAppName [Kaspersky] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\avpui.exe.ApplicationCompany [AO Kaspersky Lab] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\MBSetup.exe.FriendlyAppName [Malwarebytes Setup] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\MBSetup.exe.ApplicationCompany [Malwarebytes] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe.FriendlyAppName [Malwarebytes] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe.ApplicationCompany [Malwarebytes] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\non-whql-win10-64bit-radeon-software-crimson-relive-16.2.1-sep20.exe.FriendlyAppName [Radeon Software Crimson Edition installer] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\non-whql-win10-64bit-radeon-software-crimson-relive-16.2.1-sep20.exe.ApplicationCompany [AMD Inc.] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReader.exe [Foxit PDF Reader] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReader.exe.FriendlyAppName [Foxit PDF Reader] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\jre-8u401-windows-x64.exe.FriendlyAppName [Java Platform SE binary] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\jre-8u401-windows-x64.exe.ApplicationCompany [Oracle Corporation] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\GDsetupStarsignCUTx64.exe.FriendlyAppName [Setup Launcher Unicode] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\GDsetupStarsignCUTx64.exe.ApplicationCompany [Giesecke & Devrient GmbH] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\SafeSignIC30124-x64-win-tu-admin.exe.FriendlyAppName [SafeSign Standard] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\SafeSignIC30124-x64-win-tu-admin.exe.ApplicationCompany [A.E.T. Europe B.V.] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\PJeOffice.exe.FriendlyAppName [pje-office Setup] =>.SUP.Orphan.MUICache
FOUND value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\D:\Área de Trabalho\PJeOffice.exe.ApplicationCompany [Conselho Nacional de Justica - CNJ] =>.SUP.Orphan.MUICache
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\AMD\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\HP\HP UT LEDM\bin\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Kaspersky Lab\KSDE5.15\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Kaspersky Lab\KSDE5.15\Bases\Cache\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Kaspersky Lab\KSDE5.15\Temp\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Kaspersky Lab\KSDE5.15\Traces\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Kaspersky Lab\AVP21.15\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Kaspersky Lab\AVP21.15\Traces\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\Common Files\Kaspersky Lab\K4W-21-15\klhk\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\MOM-InstallProxy\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Skins\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\de\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\de\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\en-US\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\en-US\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\es\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\es\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\fr\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\fr\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\it\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\it\Images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\ko\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\ko\Images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\pt-BR\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\pt-BR\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\zh-CHS\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Welcome\zh-CHS\Images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\cs\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\da\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\de\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\el\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\es\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\fi\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\fr\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\hu\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\it\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ja\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ko\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\nl\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\no\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\pl\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\pt-BR\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ru\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\sv\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\th\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\tr\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\cs\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\cs\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\da\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\da\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\de\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\de\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\el\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\el\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\es\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\es\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\fi\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\fi\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\fr\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\fr\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\hu\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\hu\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\it\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\it\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\ja\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\ja\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\ko\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\ko\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\nl\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\nl\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\no\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\no\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\pl\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\pl\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\pt-BR\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\pt-BR\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\ru\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\ru\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\sv\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\sv\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\th\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\th\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\tr\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\tr\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\zh-CHS\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\zh-CHS\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\zh-CHT\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\zh-CHT\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\zh-CHS\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\zh-CHT\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\cs\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\da\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\de\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\el\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\en-US\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\es\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\fi\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\fr\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\hu\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\it\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\ja\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\ko\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\nl\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\no\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\pl\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\pt-BR\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\ru\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\sv\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\th\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\tr\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\zh_CHS\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\zh_CHT\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\ATI Technologies\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\ATI Technologies\ATI.ACE\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\cs\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\da_DK\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\de\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\el_GR\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\es_ES\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\fi_FI\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\fr_FR\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\hu_HU\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\it_IT\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\ja\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\ko_KR\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\nl_NL\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\no\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\pl\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\pt_BR\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\ru_RU\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\sv_SE\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\th\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\tr_TR\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\zh_CN\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Localisation\zh_TW\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Qt\labs\folderlistmodel\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Qt\labs\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Qt\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\Qt\labs\settings\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtCanvas3D\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtCanvas3D\designer\default\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtCanvas3D\designer\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtCanvas3D\designer\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtCharts\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtCharts\designer\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtCharts\designer\default\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtCharts\designer\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtDataVisualization\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtDataVisualization\designer\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtDataVisualization\designer\default\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtDataVisualization\designer\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtMultimedia\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQml\Models.2\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQml\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\Styles\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\Styles\Flat\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\Private\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\Extras\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\Extras\designer\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\Extras\designer\images\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\PrivateWidgets\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtQuick.2\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtTest\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\QtWinExtras\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\audio\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\bearer\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\iconengines\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\imageformats\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\mediaservice\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\platforms\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\playlistformats\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\qmltooling\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\scenegraph\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\translations\ [No Folder] =>.SUP.Obsolete.NoFolder
FOUND value: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNBranding\ [No Folder] =>.SUP.Obsolete.NoFolder

---\\ Summary of the elements found (9)
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserHistoric
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserCache
https://nicolascoolman.eu/2017/04/03/hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Office
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Other
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Temporary.Chrome
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Empty
https://nicolascoolman.eu/forum/Topic/orphan-muicache-logiciel-potentiellement-superflu-lps/ =>.SUP.Orphan.MUICache
https://nicolascoolman.eu/forum/Topic/logiciels-potentiellement-superflus-lps/ =>.SUP.Obsolete.NoFolder

---\\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Microsoft Edge OK
~ Mozilla Firefox OK
~ Microsoft Internet Explorer OK
~ Thunderbird OK
~ Chromium OK

---\\ Statistics
~ Items scanned : 121618
~ Items found : 332
~ Items cancelled : 0
~ Space saving (bytes) : 561148
~ Items options : 17/18

---\\ OPTIONS NOT ACTIVES
~ Start browsers with extensions removed

~ End of search in 00h16mn23s

---\\ Reports (3)
ZHPCleaner-[R]-13072023-17_10_08.txt
ZHPCleaner-[S]-13072023-16_54_50.txt
ZHPCleaner-[S]-15032024-11_25_24.txt

FRST

Citação

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 14.03.2024
Executado por Angelo (administrador) em DESKTOP-T0H8SRB (15-03-2024 11:34:00)
Executando a partir de D:\Área de Trabalho\FRST64.exe
Perfis Carregados: Angelo
Plataforma: Microsoft Windows 10 Pro Versão 22H2 19045.4170 (X64) Idioma: Português (Brasil)
Navegador padrão: FF
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\avp.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.16\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.16\ksdeui.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\pje-office\jre\bin\javaw.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\avp.exe <3>
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.16\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [CertificateRegistration] => C:\WINDOWS\system32\aetcrss1.exe [25088 2017-05-09] (A.E.T. Europe B.V.) [Arquivo não assinado]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803976 2016-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation) [Arquivo não assinado]
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [142302312 2023-08-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [pje-office] => C:\Program Files (x86)\pje-office\PJeOffice.exe [59392 2022-09-02] (Conselho Nacional de Justica - CNJ) [Arquivo não assinado]
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation) [Arquivo não assinado]
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpfpp70w: C:\Windows\System32\spool\prtprocs\x64\hpfpp70w.dll [249856 2009-04-20] (Hewlett-Packard Corporation) [Arquivo não assinado]
HKLM\...\Print\Monitors\Advanced TCP/IP Port Monitor: C:\WINDOWS\system32\mvtcpmon.dll [541184 2009-06-25] (Marvell Semiconductor, Inc.) [Arquivo não assinado]
HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\WINDOWS\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP1006LM: C:\WINDOWS\system32\HP1006LM.DLL [198144 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1100LM: C:\WINDOWS\system32\HP1100LM.DLL [288768 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\novaPDF 7 Monitor: C:\WINDOWS\system32\novamnk7.dll [29008 2011-02-15] (Softland -> Softland)
HKLM\...\Print\Monitors\PCL hpf3l70w.dll: C:\WINDOWS\system32\hpf3l70w.dll [136704 2009-04-20] (Hewlett-Packard Company) [Arquivo não assinado]
HKLM\...\Print\Monitors\Wondershare PDF Converter Monitor: C:\WINDOWS\system32\WSMonitorX64.dll [98152 2016-04-15] (Wondershare Software Co., Ltd. -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.129\Installer\chrmstp.exe [2024-03-14] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\pje-office.lnk [2024-02-29]
ShortcutTarget: pje-office.lnk -> C:\Program Files (x86)\pje-office\PJeOffice.exe (Conselho Nacional de Justica - CNJ) [Arquivo não assinado]

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {55065062-A9DE-488A-97E3-0B6BF0EA88FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {E1FB5B62-6B72-4BB6-85FB-3264951AC391} - System32\Tasks\Apple Diagnostics => eReporter-AppX.exe (Nenhum Arquivo)
Task: {86C6DD9C-E1E2-45D3-A920-DECF91C85D2E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4F1ADF3E-B0BA-476E-AAAD-061229A21E92} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "7bde81e5-df76-4cdb-b6c4-cb680b94b0fd" --version "6.21.10918" --silent
Task: {C3C69662-F7DA-4E2E-888B-7422EB16FEF7} - System32\Tasks\CCleanerSkipUAC - Angelo => C:\Program Files\CCleaner\CCleaner.exe [38778272 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1653EF45-EFBA-4B27-903C-99B5B1631D52} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6342.2{1E0DCA4A-4CE5-418E-8031-FB530D282E0A} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
Task: {EFA80727-575F-4CB0-8AB3-0627F51F5D69} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {227CE81E-5187-4567-AA99-5552E8BDF4BE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28491856 2024-03-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD819EFA-52E0-43E5-84E4-1FF8E36790E7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE6ED7F0-A142-4D45-BC78-E5121A4578F0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309320 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B23A5C4A-2C9B-4D48-B16C-473328918DEB} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170024 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {165D2D2E-003A-4EC8-B831-1C0575C4B29E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {43F215E4-B867-40EA-99AC-E00497F73098} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E26A9EE8-14B0-4983-B010-9094108654C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A06DE57-A912-463D-A7B8-89C17DD7F085} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5719D563-8B12-4D40-82D2-A8CFA8C5A422} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-03-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {B3E0BA3D-66ED-48B8-B9D0-B10A55AD1AEF} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {1639C450-E403-4441-9524-FAC451B0E1FD} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-467048075-196725563-1868618205-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206512 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: 127.0.0.1 assinador-desktop.serpro.gov.br
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{66864f60-3d59-461f-95d3-14aaadb86dcd}: [NameServer] 198.51.100.1,198.51.100.2
Tcpip\..\Interfaces\{aefc6c3f-cce1-4eff-a167-ccde2f24d849}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f91de001-c0b5-48b3-94ee-3ccec5151877}: [NameServer] 1.0.0.1,1.1.1.1
Tcpip\..\Interfaces\{f91de001-c0b5-48b3-94ee-3ccec5151877}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-15]
Edge DownloadDir: Default -> D:\Downloads
Edge Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-03-07]
Edge Extension: (Google Docs Offline) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-07]
Edge Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2024-03-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-07]
Edge HKU\S-1-5-21-467048075-196725563-1868618205-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: ncjbv9eo.default
FF ProfilePath: C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\ncjbv9eo.default [2024-02-23]
FF ProfilePath: C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\tczzhnvm.default-release-1691629413015 [2024-03-15]
FF NetworkProxy: Mozilla\Firefox\Profiles\tczzhnvm.default-release-1691629413015 -> type", 4
FF Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\tczzhnvm.default-release-1691629413015\Extensions\[email protected] [2023-08-12]
FF Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\tczzhnvm.default-release-1691629413015\Extensions\[email protected] [2024-02-21]
FF Extension: (TWP - Translate Web Pages) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\tczzhnvm.default-release-1691629413015\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2024-03-11]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF Plugin: @java.com/DTPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.401.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-08-09] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-08-09] <==== ATENÇÃO

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default [2024-03-15]
CHR Extension: (Reduza: Testador de cupons para suas compras) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\adblhjgamdlpmikabkcdleflikihalej [2022-07-03]
CHR Extension: (Kaspersky Protection) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-02-02]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-02-27]
CHR Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-22]
CHR Extension: (Gerar DANFe/DACTe) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnalonmlenogoaknbeikifdbaokkhmjj [2022-02-02]
CHR Extension: (Documentos Google off-line) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-22]
CHR Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2024-02-29]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S2 AutoRun_MBIM; C:\WINDOWS\SysWOW64\WIN8_MBIM.exe [163840 2014-03-06] () [Arquivo não assinado]
R2 AVP21.16; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\avp.exe [32008 2024-01-12] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 Change Modem Device Service; C:\WINDOWS\SysWOW64\ChgService.exe [135168 2014-02-20] () [Arquivo não assinado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14097992 2024-03-04] (Microsoft Corporation -> Microsoft Corporation)
S2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe [913408 2021-10-26] () [Arquivo não assinado]
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-12-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncHelper.exe [3516848 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348512 2023-03-29] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-03-29] (GOG sp. z o.o -> GOG.com)
S2 GoogleUpdaterInternalService124.0.6342.2; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6342.2; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe [4721952 2024-03-06] (Google LLC -> Google LLC)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Arquivo não assinado]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-08] (HP Inc. -> HP Inc.)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-04-07] (Hewlett-Packard Company -> HP)
S3 klvssbridge64_21.16; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\vssbridge64.exe [551848 2024-01-12] (AO Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.16; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.16\ksde.exe [32008 2024-01-12] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7770888 2017-05-09] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.025.0204.0003\OneDriveUpdaterService.exe [3853744 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2703192 2022-12-22] (Rockstar Games, Inc. -> Rockstar Games)
S2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [X]

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-28] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [282624 2023-05-10] (Microsoft Corporation) [Arquivo não assinado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2022-04-13] (Microsoft Corporation) [Arquivo não assinado]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [245200 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2023-08-08] (GAS INFORMATICA LTDA -> GAS Tecnologia)
R1 klbackupdisk.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klbackupdisk.sys [90544 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt.K4W-21-16; C:\WINDOWS\System32\DRIVERS\K4W-21-16\klbackupflt.sys [235456 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\kldisk.sys [108576 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [53576 2024-01-12] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 KLFLT.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klflt.sys [646688 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse.K4W-21-16; C:\WINDOWS\System32\DRIVERS\K4W-21-16\klgse.sys [824528 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLHK.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klhk.sys [1999568 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids.K4W-21-16; C:\ProgramData\Kaspersky Lab\AVP21.16\Bases\klids.sys [235704 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF.K4W-21-16; C:\WINDOWS\System32\DRIVERS\K4W-21-16\klif.sys [1365024 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [88096 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klkbdflt.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klkbdflt.sys [96280 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klmouflt.sys [91168 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd.K4W-21-16; C:\WINDOWS\System32\DRIVERS\K4W-21-16\klpd.sys [58400 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klpnpflt.sys [84400 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [90032 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_K4W-21-16_arkmon; C:\WINDOWS\System32\Drivers\klupd_K4W-21-16_arkmon.sys [384656 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_K4W-21-16_klark; C:\WINDOWS\System32\Drivers\klupd_K4W-21-16_klark.sys [354640 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_K4W-21-16_klbg; C:\WINDOWS\System32\Drivers\klupd_K4W-21-16_klbg.sys [183120 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_K4W-21-16_mark; C:\WINDOWS\System32\Drivers\klupd_K4W-21-16_mark.sys [262712 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\klwtp.sys [515096 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps.K4W-21-16; C:\WINDOWS\system32\DRIVERS\K4W-21-16\kneps.sys [337840 2024-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-18] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [163048 2022-07-24] (MEDIATEK INC. -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-18] (Microsoft Windows -> Microsoft Corporation)
S3 dcdbas; \SystemRoot\System32\drivers\dcdbas64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2024-03-15 11:33 - 2024-03-15 11:34 - 000000000 ____D C:\FRST
2024-03-15 09:08 - 2024-03-15 09:08 - 000000000 ____D C:\WINDOWS\LastGood
2024-03-14 10:33 - 2024-03-15 07:28 - 000173072 _____ C:\WINDOWS\SysWOW64\AppRulesStorage-wal
2024-03-14 10:33 - 2024-03-14 10:43 - 000032768 _____ C:\WINDOWS\SysWOW64\DnsStorage-shm
2024-03-14 10:33 - 2024-03-14 10:43 - 000032768 _____ C:\WINDOWS\SysWOW64\AppRulesStorage-shm
2024-03-14 10:33 - 2024-03-14 10:33 - 000000000 ___HD C:\$WinREAgent
2024-03-14 10:33 - 2024-03-14 10:33 - 000000000 _____ C:\WINDOWS\SysWOW64\DnsStorage-wal
2024-03-09 11:38 - 2024-03-09 11:38 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\NVIDIA
2024-03-09 11:30 - 2024-03-09 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-03-09 11:29 - 2016-11-14 06:45 - 000615992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2024-03-09 11:28 - 2016-12-09 11:59 - 016279288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2024-03-09 11:28 - 2016-12-09 11:58 - 017722448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2024-03-09 11:28 - 2016-12-09 11:58 - 014046888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2024-03-09 11:28 - 2016-12-09 11:58 - 013957376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-03-09 11:28 - 2016-12-09 11:58 - 011378672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2024-03-09 11:28 - 2016-12-09 11:58 - 011315752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-03-09 11:28 - 2016-12-09 11:58 - 002856736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-03-09 11:28 - 2016-12-09 11:46 - 031532728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2024-03-09 11:28 - 2016-12-09 11:45 - 024217784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2024-03-09 11:28 - 2016-12-09 11:45 - 000960576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-03-09 11:28 - 2016-12-09 11:45 - 000923200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-03-09 11:28 - 2016-12-09 11:38 - 004262584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-03-09 11:28 - 2016-12-09 11:38 - 004004536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-03-09 11:28 - 2016-12-09 11:38 - 001917640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434201.dll
2024-03-09 11:28 - 2016-12-09 11:38 - 000919104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-03-09 11:28 - 2016-12-09 11:38 - 000885824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-03-09 11:28 - 2016-12-09 11:37 - 023009344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2024-03-09 11:28 - 2016-12-09 11:37 - 015310400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2024-03-09 11:28 - 2016-12-09 11:18 - 001566920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434201.dll
2024-03-09 09:14 - 2024-03-09 09:14 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-09 09:12 - 2024-03-09 09:12 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-07 14:27 - 2024-03-07 14:27 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2024-03-07 13:50 - 2024-03-07 13:50 - 000000000 ____D C:\ProgramData\Dell
2024-03-07 09:07 - 2024-03-07 09:07 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-03-06 08:21 - 2024-03-08 16:56 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-02-29 10:46 - 2024-02-29 10:46 - 000000000 ____D C:\Users\Angelo Braz\.pjeOffice
2024-02-29 10:46 - 2024-02-29 10:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pje-office
2024-02-29 10:45 - 2024-03-13 08:28 - 000000000 ____D C:\Program Files (x86)\pje-office
2024-02-23 17:17 - 2024-02-23 17:17 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\PJERJ
2024-02-23 17:16 - 2024-02-23 17:16 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AssinadorLivre
2024-02-23 17:16 - 2024-02-23 17:16 - 000000000 ____D C:\Program Files (x86)\AssinadorLivre
2024-02-23 13:25 - 2024-02-23 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeSign Standard
2024-02-23 13:25 - 2024-02-23 13:25 - 000000000 ____D C:\Program Files\A.E.T. Europe B.V
2024-02-23 13:24 - 2024-02-23 13:24 - 000000000 ____D C:\ProgramData\A.E.T. Europe B.V
2024-02-23 13:01 - 2024-02-23 13:01 - 000000000 ____D C:\ProgramData\SZCCID
2024-02-23 13:01 - 2024-02-23 13:01 - 000000000 ____D C:\Program Files (x86)\G&D
2024-02-23 12:57 - 2024-02-23 12:57 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Sun
2024-02-23 12:57 - 2024-02-23 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2024-02-23 12:57 - 2024-02-23 12:57 - 000000000 ____D C:\Program Files\Java
2024-02-23 12:57 - 2023-12-19 13:01 - 000200320 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2024-02-20 19:04 - 2024-02-20 19:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-02-14 11:51 - 2024-03-13 22:01 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-14 11:13 - 2024-02-14 11:19 - 000000000 ____D C:\MATS
2024-02-14 09:58 - 2024-02-14 09:58 - 000037669 _____ C:\Users\Angelo Braz\.pdfbox.cache
2024-02-14 09:58 - 2024-02-14 09:58 - 000000000 ____D C:\Users\Angelo Braz\.java
2024-02-14 09:56 - 2024-02-14 10:09 - 000000000 ____D C:\Program Files (x86)\Assinador Serpro
2024-02-14 09:56 - 2024-02-14 09:56 - 000000000 ____D C:\Users\Angelo Braz\.signer
2024-02-14 09:56 - 2024-02-14 09:56 - 000000000 ____D C:\Users\Angelo Braz\.serpro

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2024-03-15 11:34 - 2022-02-09 20:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-03-15 11:29 - 2023-08-17 09:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-03-15 11:29 - 2023-07-13 16:09 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\ZHP
2024-03-15 11:25 - 2020-08-17 17:46 - 000004182 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D560E2BD-2729-4B68-9016-45F841C9ACEA}
2024-03-15 09:23 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-15 09:22 - 2015-07-31 15:53 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Word
2024-03-15 08:38 - 2020-08-17 17:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-14 20:02 - 2015-07-31 15:54 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Excel
2024-03-14 18:48 - 2021-12-16 21:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-14 18:48 - 2015-08-11 22:57 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-14 10:47 - 2020-08-17 17:43 - 001749624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-14 10:47 - 2019-12-07 11:53 - 000755378 _____ C:\WINDOWS\system32\prfh0416.dat
2024-03-14 10:47 - 2019-12-07 11:53 - 000149432 _____ C:\WINDOWS\system32\prfc0416.dat
2024-03-14 10:47 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-14 10:43 - 2023-10-04 16:21 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-14 10:43 - 2020-08-17 17:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-14 10:43 - 2020-08-17 17:33 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-14 10:42 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-03-14 10:42 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-14 10:42 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-14 10:42 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-14 10:42 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-14 10:42 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-14 10:42 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-03-14 10:42 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-14 10:41 - 2020-08-17 15:16 - 000000000 ____D C:\Users\Angelo Braz
2024-03-14 10:32 - 2023-05-02 15:25 - 000012288 _____ C:\WINDOWS\SysWOW64\AppRulesStorage
2024-03-14 09:27 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-14 09:24 - 2020-08-17 17:36 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-14 09:06 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-14 09:06 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-14 08:53 - 2023-08-07 18:38 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\com.adobe.dunamis
2024-03-14 08:51 - 2017-08-30 09:34 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-14 08:51 - 2015-08-12 12:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-14 08:46 - 2015-08-12 12:56 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-13 22:02 - 2023-08-07 18:20 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-13 20:09 - 2017-10-18 01:12 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\Packages
2024-03-12 17:00 - 2019-11-15 21:44 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\MPC-HC
2024-03-11 11:30 - 2023-06-03 12:49 - 000000000 ____D C:\ProgramData\Piriform
2024-03-11 11:29 - 2015-07-30 13:48 - 000000000 ____D C:\Program Files\CCleaner
2024-03-09 11:30 - 2023-06-01 12:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-03-09 11:30 - 2023-06-01 12:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-03-09 11:30 - 2016-12-03 10:14 - 000000000 ____D C:\TEMP
2024-03-09 11:02 - 2020-08-17 17:33 - 000473352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-09 11:00 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-09 11:00 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-09 11:00 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-09 08:50 - 2023-10-03 14:35 - 000000000 ____D C:\Program Files\RUXIM
2024-03-09 08:03 - 2020-04-06 13:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-08 17:14 - 2022-03-22 08:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-03-08 17:14 - 2021-07-27 22:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-03-08 16:56 - 2023-10-11 07:42 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-08 16:56 - 2015-07-30 14:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-03-07 22:24 - 2023-10-09 21:21 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-467048075-196725563-1868618205-1001
2024-03-07 22:24 - 2023-10-09 21:21 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-07 22:24 - 2023-10-09 21:21 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-07 14:27 - 2017-05-20 09:45 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\Aplicativo Itau
2024-03-07 09:06 - 2020-04-19 14:02 - 000000000 ____D C:\Program Files\Microsoft Office
2024-03-07 08:46 - 2023-08-09 22:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-03-06 09:04 - 2021-03-09 16:52 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-03-06 08:19 - 2020-08-17 17:46 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-06 08:19 - 2020-08-17 17:46 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-05 19:59 - 2015-08-19 17:05 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-05 19:58 - 2018-11-29 23:01 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\CrashDumps
2024-02-27 19:48 - 2021-01-20 23:50 - 000000000 ____D C:\WINDOWS\Minidump
2024-02-23 13:45 - 2020-08-17 15:37 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\SystemCertificates
2024-02-23 13:31 - 2023-07-30 10:16 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-02-23 13:01 - 2017-08-26 19:26 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-02-20 19:04 - 2015-08-11 22:55 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-20 09:48 - 2023-08-05 20:20 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-02-20 09:48 - 2023-07-30 10:16 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-02-14 11:56 - 2015-07-31 22:27 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\Adobe
2024-02-14 11:51 - 2022-01-31 22:33 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-02-14 11:02 - 2021-03-25 14:21 - 000000000 ____D C:\Program Files (x86)\FOXIT SOFTWARE
2024-02-14 10:12 - 2021-08-12 20:31 - 000000000 ____D C:\Users\Public\Foxit Software
2024-02-14 10:11 - 2019-03-27 12:40 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Foxit Software

==================== Arquivos na raiz de alguns diretórios ========

2016-03-26 12:02 - 2016-03-26 12:02 - 000000001 _____ () C:\Users\Angelo Braz\AppData\Local\llftool.4.40.agreement
2016-03-26 12:03 - 2016-03-26 12:03 - 000000019 _____ () C:\Users\Angelo Braz\AppData\Local\llftool.license
2017-09-04 22:53 - 2017-09-04 22:53 - 000003379 _____ () C:\Users\Angelo Braz\AppData\Local\recently-used.xbel
2015-11-02 21:17 - 2022-11-30 14:48 - 000007610 _____ () C:\Users\Angelo Braz\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Addition

Citação

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 14.03.2024
Executado por Angelo (15-03-2024 11:36:17)
Executando a partir de D:\Área de Trabalho
Microsoft Windows 10 Pro Versão 22H2 19045.4170 (X64) (2020-08-17 20:46:23)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-467048075-196725563-1868618205-500 - Administrator - Disabled)
Angelo (S-1-5-21-467048075-196725563-1868618205-1001 - Administrator - Enabled) => C:\Users\Angelo Braz
Convidado (S-1-5-21-467048075-196725563-1868618205-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-467048075-196725563-1868618205-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-467048075-196725563-1868618205-1006 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-467048075-196725563-1868618205-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1046-1033-7760-BC15014EA700}) (Version: 24.001.20604 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.08.02.027 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{94dc9043-935f-4e10-ac8b-5ce0ac055188}) (Version: 5.08.02.027 - Advanced Micro Devices, Inc.) Hidden
Anki (HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Anki) (Version: 2.1.66 - )
Aplicativo Itaú (HKLM-x32\...\{386AC299-C87A-4F2E-9919-348708B3654D}) (Version: 1.0.186 - Banco Itaú)
AssinadorLivre (HKLM-x32\...\{369B7318-9434-4938-9595-58DB0200AD12}) (Version: 1.0.5 - PJERJ)
Atualizações da NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CapCut (HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\CapCut) (Version: 2.8.0.917 - Bytedance Pte. Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 6.21 - Piriform)
Configurações da câmera Logitech (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.)
CrystalDiskInfo 9.1.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.1.1 - Crystal Dew World)
digiCamControl (HKLM-x32\...\{051b8fc1-d433-4428-bcd1-f90aa50afa23}) (Version: 2.1.4.0 - ) Hidden
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{59C0032B-88B5-41F3-B8FD-5B3356670B4F}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4B31654B-80C2-405C-91C9-49B14AEB0F42}) (Version: 2.0.32.0 - Epic Games, Inc.)
Giesecke & Devrient GmbH StarSign CUT (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84217}) (Version: 1.7.17.0 - Giesecke & Devrient GmbH) Hidden
Giesecke & Devrient GmbH StarSign CUT (HKLM-x32\...\SZCCID) (Version: 1.7.17.0 - Giesecke & Devrient GmbH)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.61.63 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.129 - Google LLC)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
IRPF 2023 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\6908-8355-8468-2086) (Version: 1.3 - Receita Federal do Brasil)
IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
IRPF2018 (HKLM-x32\...\IRPF2018) (Version: 1.4 - Receita Federal do Brasil)
IRPF2019 (HKLM-x32\...\IRPF2019) (Version: 1.5 - Receita Federal do Brasil)
IRPF2020 (HKLM-x32\...\IRPF2020) (Version: 1.9 - Receita Federal do Brasil)
IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.2 - Receita Federal do Brasil)
IRPF2022 (HKLM-x32\...\IRPF2022) (Version: 1.3 - Receita Federal do Brasil)
Java 8 Update 401 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180401F0}) (Version: 8.0.4010.10 - Oracle Corporation)
Kaspersky (HKLM-x32\...\{3DE3615C-3799-3403-92E4-E0BE05A531B5}) (Version: 21.16.6.467 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{3DE3615C-3799-3403-92E4-E0BE05A531B5}) (Version: 21.16.6.467 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{69513344-0E15-3C30-9BDC-04C3706E6CE9}) (Version: 21.16.6.467 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{69513344-0E15-3C30-9BDC-04C3706E6CE9}) (Version: 21.16.6.467 - Kaspersky)
K-Lite Codec Pack 17.1.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.1.5 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x86) (HKLM-x32\...\{B8AD6FF3-F1AE-4B6C-8221-27115C288906}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x86) (HKLM-x32\...\{445A9CB5-FB36-4D43-B5E6-EDA1D91D1BF5}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.28 (x86) (HKLM-x32\...\{EC87845D-BC44-440E-800D-DCCC48655E89}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft 365 Apps para Grandes Empresas - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.17328.20162 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.80 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.025.0204.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Teams) (Version: 1.6.00.22378 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x86) (HKLM-x32\...\{F25834D2-0460-4995-8585-8E41BD074159}) (Version: 48.87.64723 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x86) (HKLM-x32\...\{74947d38-8303-49cd-91a9-0ae2929e3331}) (Version: 6.0.28.33420 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.28 (x86) (HKLM-x32\...\{E7F502FB-1F92-4EC3-9F8F-5E0ACD4DAFF5}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 123.0.1 (x64 pt-BR)) (Version: 123.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 116.0.2 - Mozilla)
Mozilla Thunderbird (x64 pt-BR) (HKLM\...\Mozilla Thunderbird 115.8.1 (x64 pt-BR)) (Version: 115.8.1 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Driver de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17328.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.17328.20142 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.)
PDFsam Basic (HKLM\...\{24493C22-01EA-4E07-AB21-84910EB826B0}) (Version: 4.3.3.0 - Sober Lemur S.a.s. di Vacondio Andrea)
pje-office versão 1.0.28 (HKLM-x32\...\{C510F90E-98E9-4AE1-A79D-3F3A7DD79356}_is1) (Version: 1.0.28 - Conselho Nacional de Justica - CNJ)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.64.316.2023 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5880 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
SafeSign 64-bits (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.124 - A.E.T. Europe B.V.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.22378 - Microsoft Corporation)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 82.0 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Zoom (HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\ZoomUMX) (Version: 5.15.12 (21574) - Zoom Vídeo Communications, Inc.)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-13] ()
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-14] (Microsoft Corporation)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2020-05-08] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-08] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2402.13001.0_x64__8wekyb3d8bbwe [2024-02-27] (Microsoft Corporation) [Startup Task]
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe [2023-12-08] (Microsoft) [Startup Task]

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-467048075-196725563-1868618205-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Angelo Braz\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23199.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-467048075-196725563-1868618205-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-467048075-196725563-1868618205-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Angelo Braz\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-467048075-196725563-1868618205-1001_Classes\CLSID\{f8d7c4d0-e9cb-4fb3-830f-f3dfcdf2a6ba}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers1: [Kaspersky Plus 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Nenhum Arquivo
ContextMenuHandlers1: [Kaspersky Premium 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll [2024-02-01] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Plus 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Nenhum Arquivo
ContextMenuHandlers2: [Kaspersky Premium 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll [2024-02-01] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers4: [Kaspersky Plus 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Nenhum Arquivo
ContextMenuHandlers4: [Kaspersky Premium 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll [2024-02-01] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.025.0204.0003\FileSyncShell64.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers6: [Kaspersky Plus 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Nenhum Arquivo
ContextMenuHandlers6: [Kaspersky Premium 21.16] -> {AE776072-9FCA-48AF-941C-5759266BB644} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\x64\shellex.dll [2024-02-01] (AO Kaspersky Lab -> AO Kaspersky Lab)

==================== Codecs (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Arquivo não assinado]

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos Carregados (Whitelisted) =============

2016-07-19 20:59 - 2009-04-20 12:29 - 000136704 _____ (Hewlett-Packard Company) [Arquivo não assinado] C:\WINDOWS\System32\hpf3l70w.dll
2016-07-19 21:03 - 2009-04-20 11:29 - 000249856 _____ (Hewlett-Packard Corporation) [Arquivo não assinado] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp70w.dll
2015-08-23 23:42 - 2022-07-15 11:00 - 000094720 _____ (Igor Pavlov) [Arquivo não assinado] C:\Program Files\7-Zip\7-zip.dll
2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [Arquivo não assinado] C:\WINDOWS\System32\mvtcpmon.dll
2024-03-09 11:29 - 2016-11-14 06:45 - 001220424 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2024-03-09 11:29 - 2016-11-14 06:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [Arquivo não assinado] C:\WINDOWS\System32\slp64.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:r0d3jo5 [20]

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSVC => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-03-07] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\sharepoint.com -> hxxps://vdgzy-files.sharepoint.com

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-07-10 08:04 - 2024-02-14 09:55 - 000000049 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 assinador-desktop.serpro.gov.br

2021-10-01 16:12 - 2021-10-01 16:13 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\;C:\Users\Angelo Braz\AppData\Local\Programs\Python\Python311
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-467048075-196725563-1868618205-1001\Control Panel\Desktop\\Wallpaper -> D:\Área de Trabalho\838293.jpg
DNS Servers: 1.0.0.1 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AutoRun_MBIM => 2
MSCONFIG\Services: Change Modem Device Service => 2
MSCONFIG\Services: DevMgmtService => 2
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPSIService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: ProductAgentService => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "VIVO INTERNET 4G"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ISUSScheduler"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VIVO INTERNET 4G"
HKLM\...\StartupApproved\Run32: => "Genshin Impact_Launcher"
HKLM\...\StartupApproved\Run32: => "Genshin Impact Beta_Launcher"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{9704DFD4-4832-4BA2-AD86-B1FA9825F1F5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B8524ED1-C8B3-42D3-8377-9007CD2EAA50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2FA0FB6A-3668-45DF-BB38-CA9816E4F7CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{60982F0A-8A31-47A3-B257-549FBC515CA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9DE48766-BD8F-4E57-9A48-50B2D7A9F735}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{0EAAE5A9-8970-47BB-A4F2-6A1742F28E41}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{7F4F876F-6B2E-463B-B1C0-4F8D31B6DE0E}] => (Allow) LPort=57209
FirewallRules: [{B6E1770B-8CAD-4D20-A5EF-AA5E16123919}] => (Allow) LPort=57209
FirewallRules: [{ECF732B5-EE5C-4091-9D65-5E8D0926D921}] => (Allow) LPort=9100
FirewallRules: [{21270FD4-3BF9-4EAC-9CFE-E71669980D50}] => (Allow) LPort=427
FirewallRules: [{04EB6426-E32A-44E6-AF67-70FFED25D5F8}] => (Allow) LPort=161
FirewallRules: [TCP Query User{9DB0A4D1-CBE4-464B-94F0-F3C42A376D1D}C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe] => (Allow) C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe (ITAU UNIBANCO S.A. -> Banco Itaú)
FirewallRules: [UDP Query User{04E3C43F-4BF3-485C-9E90-F35D803C4123}C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe] => (Allow) C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe (ITAU UNIBANCO S.A. -> Banco Itaú)
FirewallRules: [{112F261F-4506-4B4E-BC4F-A32D6499DFDB}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{29EB09DF-8EE5-4FE0-B8F2-7713B4BA3E85}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{756953E8-A221-4F00-AEEB-038FDAECCBFB}] => (Allow) LPort=9100
FirewallRules: [{79FFF101-D1B6-4085-97B3-E76F504E1D4D}] => (Allow) LPort=427
FirewallRules: [{A0BB0B35-3961-4770-985C-F673DACB5911}] => (Allow) LPort=161
FirewallRules: [{0C508160-3801-4AB0-940C-D97A9E5C9820}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{955D43DB-DDAA-41E9-8C4A-B581CCCC7559}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{1AA059A1-5AB1-4335-B21F-CA0DD4C3CC27}] => (Allow) LPort=57209
FirewallRules: [{D7659CAC-C449-438C-9994-F84DD097CE69}] => (Allow) LPort=57210
FirewallRules: [{AF1355A8-C405-4208-AB10-33ED0A67F073}] => (Allow) LPort=57211
FirewallRules: [{45962D66-4A6B-45DD-BF35-E761F56AD9B2}] => (Allow) LPort=57212
FirewallRules: [{B5CCDEE1-DC04-41A0-9361-45381456A761}] => (Allow) LPort=57213
FirewallRules: [{61ACAA29-9085-4F20-B5E8-57AC45E3870A}] => (Allow) LPort=57214
FirewallRules: [{F9770054-8423-418C-B688-C5C9B3963DFE}] => (Allow) LPort=57215
FirewallRules: [{8C2914B5-15B3-4C48-AA82-78DEA6F2D379}] => (Allow) LPort=57216
FirewallRules: [{810BAA4E-1B8B-4FDA-8B72-CD45A01BE72F}] => (Allow) LPort=57217
FirewallRules: [{58F42371-9689-4D51-89AB-606D1A001BAD}] => (Allow) LPort=57218
FirewallRules: [{527DD172-FEEF-4424-84CB-9E49472E4D7F}] => (Allow) LPort=57209
FirewallRules: [{7234C66E-E760-47B9-9218-588B0194ACEE}] => (Allow) LPort=57210
FirewallRules: [{89C4D8BE-B71A-4BF3-B61E-B8169AD76902}] => (Allow) LPort=57211
FirewallRules: [{7B303FB5-0AF9-4AD1-9423-FECC397BD8A4}] => (Allow) LPort=57212
FirewallRules: [{FD6CE65C-1A77-4D7A-B1BE-3CA958B6704F}] => (Allow) LPort=57213
FirewallRules: [{CB0FB2C6-32D5-4167-A20B-63975E68D2D5}] => (Allow) LPort=57214
FirewallRules: [{00FA6BF7-B5A6-4804-B943-117AB3F24EC2}] => (Allow) LPort=57215
FirewallRules: [{9A46CF73-52B0-4155-8D32-3AC1D3DBDDD9}] => (Allow) LPort=57216
FirewallRules: [{1BFD7944-E93E-4D03-8342-7397C837FC1D}] => (Allow) LPort=57217
FirewallRules: [{07D1F187-4D33-4E9F-AABF-D958A367E8F2}] => (Allow) LPort=57218
FirewallRules: [{115E9E6E-EEEC-4B8E-877C-85F97D65B924}] => (Allow) LPort=23007
FirewallRules: [{5D10575B-15A2-47EB-A5E3-52C0030B676D}] => (Allow) LPort=23008
FirewallRules: [{88908B64-7FB1-4D51-B4FF-E7374FF75DB2}] => (Allow) LPort=33009
FirewallRules: [{0D97A74D-EF16-44D3-B3C9-A3F9AE2E9F1C}] => (Allow) LPort=33010
FirewallRules: [{51FB394C-330C-4FFB-BE85-B266C3868486}] => (Allow) LPort=33011
FirewallRules: [{50E3A043-B0B1-49D2-AABF-83F624CE67D4}] => (Allow) LPort=43012
FirewallRules: [{2AFF7942-479D-436D-B639-6E13C1F82ACC}] => (Allow) LPort=43013
FirewallRules: [{2D9EE3AE-5FEF-465D-A998-D55D06D59387}] => (Allow) LPort=53014
FirewallRules: [{FBCDA599-CAA8-4C13-A217-5A0E8D854BA9}] => (Allow) LPort=53015
FirewallRules: [{8D5B5EA6-E8AA-484A-BBA0-5D24BB080E72}] => (Allow) LPort=53016
FirewallRules: [{BFE86399-281C-4061-B880-5DC1EDB87DF1}] => (Allow) LPort=23007
FirewallRules: [{9A4B665D-B1F9-4C2F-B541-8517A8E16C98}] => (Allow) LPort=23008
FirewallRules: [{073E55E9-3949-42EB-8F95-DFF6B37A8945}] => (Allow) LPort=33009
FirewallRules: [{D631D813-84EE-4E2D-868E-F080A7DBE7AC}] => (Allow) LPort=33010
FirewallRules: [{759E29DB-3902-4EBF-B109-32E4341B5907}] => (Allow) LPort=33011
FirewallRules: [{116E6146-CB2E-4BDC-90A4-F00EA1AD4377}] => (Allow) LPort=43012
FirewallRules: [{32C1D800-6BDE-42C1-8E03-04A7ED274A83}] => (Allow) LPort=43013
FirewallRules: [{7838B0FE-A664-40F5-BF45-AC25607BD7F0}] => (Allow) LPort=53014
FirewallRules: [{29E4851B-E360-4337-93E3-EFE1331587FB}] => (Allow) LPort=53015
FirewallRules: [{36B1C54D-C58D-4F1A-AB42-333D338B7A00}] => (Allow) LPort=53016
FirewallRules: [{E4F0A1DA-EF72-4E1C-A87E-1B71F971477F}] => (Allow) LPort=50053
FirewallRules: [{02A83C19-C6C1-45F4-9B50-1C73B1EDC322}] => (Allow) LPort=50053
FirewallRules: [{322A0D8E-AA8D-4A50-B4A3-A8E3EA7B838A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D0E2360-084D-47AC-BC5B-0F52F486118E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59F3EB46-7110-4BD6-A6A0-32841E67EE07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D26BDEAB-488A-4ABA-A3E1-782D4249B379}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E797C231-379C-4588-A66A-E8C48FAF680D}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{2C17A881-B1FF-47EE-BD1F-957AE7B9C3A2}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [TCP Query User{AE1F08BC-BA00-4214-B1D0-4E1098B05D36}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{19694063-9D68-4774-8786-24271BA34A28}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{02FA6EC5-5843-47B0-9579-517E8C1D7A59}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Nenhum Arquivo
FirewallRules: [{47A1D1A1-4C71-4545-A814-F6B7F7314D44}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Nenhum Arquivo
FirewallRules: [{7358EF98-6923-4B19-9B09-B130DEC8182F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{852E6C35-B170-4B8F-BAFC-E13D5B99FD05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5FF0744B-F6A3-4A15-9DB2-35B5172CA3B6}C:\arquivos de programas rfb\irpf2023\jre\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2023\jre\bin\javaw.exe
FirewallRules: [UDP Query User{4194E36A-4781-4703-B931-0C6C88A74543}C:\arquivos de programas rfb\irpf2023\jre\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2023\jre\bin\javaw.exe
FirewallRules: [{0D3BE836-E2B7-4D28-ABCB-218B855ADD68}] => (Allow) C:\Users\Angelo Braz\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Vídeo Communications, Inc. -> Zoom Vídeo Communications, Inc.)
FirewallRules: [{E974D799-B933-49F5-B97C-40A5BB74CE2F}] => (Allow) C:\Users\Angelo Braz\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [{538884B9-D9BF-43A6-8152-3168F6FCEB98}] => (Allow) C:\Users\Angelo Braz\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo
FirewallRules: [{F8D3D673-DE73-4E93-9D49-093701BF5757}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EF2E9BE0-0E8C-4DCE-9F71-77A6B6A62513}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F1574DCF-5B76-4E75-9DA5-562B88C908ED}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{882C18BD-D655-470B-A749-8444A7A51A2F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9757386-85FA-4932-B0E1-5DD8D8825468}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F28E40A4-EF6E-45DA-AC39-A0D8E1D27B50}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2A3271AE-E5A7-4002-90B4-5B93223DD9A4}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1AA570C8-195C-4EC1-95D6-26C5E47BCF3F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3ED804B1-6138-4CB0-9C08-47DAED988519}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Pontos de Restauração =========================

15-03-2024 11:27:08 ZHPcleaner

==================== Dispositivos Apresentando Falhas No Gerenciador ============

==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (03/15/2024 12:26:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000035cd6
ID do processo com falha: 0x2bac
Hora de início do aplicativo com falha: 0x01da764ed2e86e43
Caminho do aplicativo com falha: C:\WINDOWS\system32\atieclxx.exe
Caminho do módulo com falha: C:\WINDOWS\system32\atieclxx.exe
ID do Relatório: 0c7e5990-4eb7-4fb5-8a94-e311e571e873
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (03/14/2024 05:33:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Código de exceção: 0xc000041d
Deslocamento da falha: 0x0000000000035cd6
ID do processo com falha: 0xf28
Hora de início do aplicativo com falha: 0x01da7615a377c045
Caminho do aplicativo com falha: C:\WINDOWS\system32\atieclxx.exe
Caminho do módulo com falha: C:\WINDOWS\system32\atieclxx.exe
ID do Relatório: cf643904-3394-426d-9e69-1e635151b6e3
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (03/14/2024 05:33:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000035cd6
ID do processo com falha: 0xf28
Hora de início do aplicativo com falha: 0x01da7615a377c045
Caminho do aplicativo com falha: C:\WINDOWS\system32\atieclxx.exe
Caminho do módulo com falha: C:\WINDOWS\system32\atieclxx.exe
ID do Relatório: 0763698c-0413-4bc5-9601-55b06c84d461
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (03/14/2024 10:41:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Código de exceção: 0xc000041d
Deslocamento da falha: 0x0000000000035cd6
ID do processo com falha: 0x8a4
Hora de início do aplicativo com falha: 0x01da7604997f54ca
Caminho do aplicativo com falha: C:\WINDOWS\system32\atieclxx.exe
Caminho do módulo com falha: C:\WINDOWS\system32\atieclxx.exe
ID do Relatório: 34ab7819-766d-45ed-bcdc-b05d603484bd
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (03/14/2024 10:41:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000035cd6
ID do processo com falha: 0x8a4
Hora de início do aplicativo com falha: 0x01da7604997f54ca
Caminho do aplicativo com falha: C:\WINDOWS\system32\atieclxx.exe
Caminho do módulo com falha: C:\WINDOWS\system32\atieclxx.exe
ID do Relatório: 3bbdb091-e548-4c69-8993-23ee86f29a81
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (03/13/2024 11:35:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Código de exceção: 0xc000041d
Deslocamento da falha: 0x0000000000035cd6
ID do processo com falha: 0x898
Hora de início do aplicativo com falha: 0x01da757366b8cb28
Caminho do aplicativo com falha: C:\WINDOWS\system32\atieclxx.exe
Caminho do módulo com falha: C:\WINDOWS\system32\atieclxx.exe
ID do Relatório: ee318aa6-7d12-4bea-87bc-43ea42b80617
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (03/13/2024 11:35:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000035cd6
ID do processo com falha: 0x898
Hora de início do aplicativo com falha: 0x01da757366b8cb28
Caminho do aplicativo com falha: C:\WINDOWS\system32\atieclxx.exe
Caminho do módulo com falha: C:\WINDOWS\system32\atieclxx.exe
ID do Relatório: 65685580-b675-46c1-b498-60b4497834d9
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (03/13/2024 01:45:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Nome do módulo com falha: atieclxx.exe, versão: 6.14.11.1209, carimbo de data/hora: 0x56d0afaa
Código de exceção: 0xc000041d
Deslocamento da falha: 0x0000000000035cd6
ID do processo com falha: 0x8a8
Hora de início do aplicativo com falha: 0x01da753a01997734
Caminho do aplicativo com falha: C:\WINDOWS\system32\atieclxx.exe
Caminho do módulo com falha: C:\WINDOWS\system32\atieclxx.exe
ID do Relatório: 1f09c632-22b4-4d28-84bf-9cb56787b590
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Erros de Sistema:
=============
Error: (03/15/2024 11:12:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x8024200b: Atualização de inteligência de segurança para Microsoft Defender Antivirus - KB2267602 (versão 1.407.442.0) - Canal atual (amplo).

Error: (03/15/2024 11:12:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço Serviço Microsoft Defender Antivírus terminou com o erro:
Erro geral de acesso negado

Error: (03/15/2024 11:07:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Serviço do Kaspersky VPN Secure Connection 5.16 foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.

Error: (03/15/2024 11:07:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço HP Print Scan Doctor Service foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 5000 milissegundos: Reiniciar o serviço.

Error: (03/15/2024 11:07:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço NVIDIA Display Driver Service foi encerrado inesperadamente. Isso aconteceu 2 vez(es).

Error: (03/15/2024 11:07:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Microsoft Office Click-to-Run Service foi finalizado inesperadamente. Isto aconteceu 2 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (03/15/2024 11:07:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço HP SI Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 1000 milissegundos: Reiniciar o serviço.

Error: (03/15/2024 11:06:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Microsoft Office Click-to-Run Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Windows Defender:
================
Date: 2023-10-24 10:47:55
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {92063252-9371-4D42-9F84-BC0D29544E2F}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-10-23 11:08:19
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {08FFB3EA-DC1F-4FC3-93E9-8AC134ADDF52}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-10-22 10:45:12
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {9095677B-9DF2-4AE4-99F4-212D6E5A40BD}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-10-21 13:43:23
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {9C62942F-D0DA-4343-97E3-AD1FC6F119D5}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-10-20 10:44:45
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {83306930-8290-4E33-AC17-ED9D2B44F913}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Event[0]:

Date: 2022-05-22 23:54:51
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança:
Versão da Inteligência de Segurança anterior: 1.283.1164.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo:
Versão Anterior do Mecanismo: 1.1.15500.2
Código de Erro: 0x8024001e
Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte.

CodeIntegrity:
===============
Date: 2024-03-15 11:36:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky 21.16\avp.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Informações da Memória ===========================

BIOS: American Megatrends Inc. 2105 07/23/2010
placa-mãe: ASUSTeK Computer INC. M4A785TD-V EVO
Processador: AMD Phenom(tm) II X6 1055T Processor
Percentagem de memória em uso: 35%
RAM física total: 10238.18 MB
RAM física disponível: 6576.18 MB
Virtual Total: 10878.18 MB
Virtual disponível: 6655.88 MB

==================== Drives ================================

Drive () (Fixed) (Total:110.78 GB) (Free:21.57 GB) (Model: KINGSTON SV300S37A120G ATA Device) NTFS
Drive d: (Anjo) (Fixed) (Total:931.51 GB) (Free:348.63 GB) (Model: SAMSUNG HD103SI ATA Device) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]

\\?\Volume{70b2a5bd-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{70b2a5bd-0000-0000-0000-90d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 70B2A5BD)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=526 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6BF97209)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt =======================

19 de agosto de 2023

Parou, sim, Elias. Nossa! Sumiu até uma travadinha logo ao iniciar o PC, que achei ser normal.

Muito obrigado, meu amigo.

19 de agosto de 2023

Como requerido, Elias.

Fixlog.txt

19 de agosto de 2023

Em 12/08/2023 às 09:46, Elias Pereira disse:
Não precisa se desculpar. Falei da questão que ficou enorme, pois achei que com o filtro não iria pegar tantas entradas.

Execute novamente o FRST em modo administrador.

Na caixa de texto da tela inicial, coloque:
searchAll: nox
Ápos isso, clique em Search Files.

Abra o logs gerados, copie e cole em sua proxima resposta.

Ah, sim, a culpa foi minha. Acabei interpretando errado sua mensagem.

Tive uma semana difícil. Peço desculpas pelas demora, Elias. Segue o log.

Searchh.txt

11 de agosto de 2023

Entendi. Desculpe-me.

Segue os logs pedidos. Elias.

Citação

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 06-08-2023
Executado por Angelo (administrador) em DESKTOP-T0H8SRB (11-08-2023 16:04:38)
Executando a partir de D:\Área de Trabalho\FRST64.exe
Perfis Carregados: Angelo
Plataforma: Microsoft Windows 10 Pro Versão 22H2 19045.3324 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.14\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.14\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksdeui.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(C:\Users\Angelo Braz\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Angelo Braz\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (A.E.T. Europe B.V.) [Arquivo não assinado] C:\Windows\System32\aetcrss1.exe
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Angelo Braz\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(services.exe ->) () [Arquivo não assinado] C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe
(services.exe ->) () [Arquivo não assinado] C:\Windows\SysWOW64\WIN8_MBIM.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Banco Bradesco SA -> Banco Bradesco S.A.) C:\Program Files (x86)\scpbrad\scpbradserv.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP) [Arquivo não assinado] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.14\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [CertificateRegistration] => C:\WINDOWS\system32\aetcrss1.exe [25088 2017-05-09] (A.E.T. Europe B.V.) [Arquivo não assinado]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1767712 2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation) [Arquivo não assinado]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\" [0 0000-00-00] () <==== ATENÇÃO [zero byte Arquivo/Pasta]
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation) [Arquivo não assinado]
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41572768 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Angelo Braz\AppData\Local\WebEx\WebexHost.exe [8080480 2023-07-13] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [CiscoSpark] => C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1523 2023-06-27] () [Arquivo não assinado]
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpfpp70w: C:\Windows\System32\spool\prtprocs\x64\hpfpp70w.dll [249856 2009-04-20] (Hewlett-Packard Corporation) [Arquivo não assinado]
HKLM\...\Print\Monitors\Advanced TCP/IP Port Monitor: C:\WINDOWS\system32\mvtcpmon.dll [541184 2009-06-25] (Marvell Semiconductor, Inc.) [Arquivo não assinado]
HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\WINDOWS\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP1006LM: C:\WINDOWS\system32\HP1006LM.DLL [198144 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1100LM: C:\WINDOWS\system32\HP1100LM.DLL [288768 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\novaPDF 7 Monitor: C:\WINDOWS\system32\novamnk7.dll [29008 2011-02-15] (Softland -> Softland)
HKLM\...\Print\Monitors\PCL hpf3l70w.dll: C:\WINDOWS\system32\hpf3l70w.dll [136704 2009-04-20] (Hewlett-Packard Company) [Arquivo não assinado]
HKLM\...\Print\Monitors\Wondershare PDF Converter Monitor: C:\WINDOWS\system32\WSMonitorX64.dll [98152 2016-04-15] (Wondershare Software Co., Ltd. -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\115.0.5790.171\Installer\chrmstp.exe [2023-08-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {139C4758-67F3-4329-A974-4794BFC59D65} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {E1FB5B62-6B72-4BB6-85FB-3264951AC391} - System32\Tasks\Apple Diagnostics => C:\Users\Angelo Braz\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2023-08-05] () [simlink -> ]
Task: {B66060EA-A021-458D-9DEE-E15858150EEC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5EB4695D-60B3-41A5-B1DF-3A70B5AE000D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "7bde81e5-df76-4cdb-b6c4-cb680b94b0fd" --version "6.14.10584" --silent
Task: {C3C69662-F7DA-4E2E-888B-7422EB16FEF7} - System32\Tasks\CCleanerSkipUAC - Angelo => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {EADD7685-93F8-4058-B6CE-ACDA2C31816F} - System32\Tasks\GoogleUpdateTaskMachineCore{02CBA588-79F0-470C-86D2-F97C38EF9BDC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-11] (Google Inc -> Google Inc.)
Task: {64E75D80-D58E-4E89-B64A-8392C3778955} - System32\Tasks\GoogleUpdateTaskMachineUA{CC4F3893-5487-44F3-8EF1-EBF935399E40} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-11] (Google Inc -> Google Inc.)
Task: {04A14E1D-D46A-4360-A088-07DD5CBA9A5B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656184 2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7803E048-6719-4971-B790-109174D4D4D8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656184 2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {191073D9-54C5-4CB7-A7F3-B6E98BAFD0AB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124312 2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C6840B6-ACB1-4347-9849-55D29D05343A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124312 2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9AC27F52-F74A-4BB7-98AE-F87D4FEB097D} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {9AC27F52-F74A-4BB7-98AE-F87D4FEB097D} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {9AC27F52-F74A-4BB7-98AE-F87D4FEB097D} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {7FB1B722-D6A3-452B-AEAC-7C3108F0DC43} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-08-07] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {5719D563-8B12-4D40-82D2-A8CFA8C5A422} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-07] (Mozilla Corporation -> Mozilla Foundation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{81d19a1e-6325-4e6f-b780-655a8085b934}: [NameServer] 198.51.100.1,198.51.100.2
Tcpip\..\Interfaces\{f91de001-c0b5-48b3-94ee-3ccec5151877}: [NameServer] 1.0.0.1,1.1.1.1
Tcpip\..\Interfaces\{f91de001-c0b5-48b3-94ee-3ccec5151877}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: D:\Área de Trabalho
Edge DefaultProfile: Default
Edge Profile: C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-11]
Edge DownloadDir: Default -> D:\Downloads
Edge Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-07-22]
Edge Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2023-07-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-08]
Edge Extension: (TWP - Translate Web Pages) - C:\Tradutor EDGE [2023-06-02] [UpdateUrl:hxxps://raw.githubusercontent.com/FilipePS/Traduzir-paginas-web/master/dist/chromium/updates.xml] <==== ATENÇÃO
Edge HKU\S-1-5-21-467048075-196725563-1868618205-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: ncjbv9eo.default
FF ProfilePath: C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\ncjbv9eo.default [2023-08-09]
FF ProfilePath: C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\tczzhnvm.default-release-1691629413015 [2023-08-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [Nenhum Arquivo]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-01] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-08-09] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-08-09] <==== ATENÇÃO

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default [2023-08-09]
CHR Extension: (Reduza: Testador de cupons para suas compras) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\adblhjgamdlpmikabkcdleflikihalej [2022-07-03]
CHR Extension: (Kaspersky Protection) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-06-11]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-07-03]
CHR Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-08-07]
CHR Extension: (Gerar DANFe/DACTe) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnalonmlenogoaknbeikifdbaokkhmjj [2022-02-02]
CHR Extension: (Documentos Google off-line) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20]
CHR Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2023-08-07]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AutoRun_MBIM; C:\WINDOWS\SysWOW64\WIN8_MBIM.exe [163840 2014-03-06] () [Arquivo não assinado]
R2 AVP21.14; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.14\avp.exe [32008 2023-07-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 Change Modem Device Service; C:\WINDOWS\SysWOW64\ChgService.exe [135168 2014-02-20] () [Arquivo não assinado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11867104 2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
R2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe [913408 2021-10-26] () [Arquivo não assinado]
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-12-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348512 2023-03-29] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-03-29] (GOG sp. z o.o -> GOG.com)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Arquivo não assinado]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-08-09] (HP Inc. -> HP Inc.)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-04-07] (Hewlett-Packard Company -> HP)
S3 klvssbridge64_21.14; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.14\x64\vssbridge64.exe [503544 2023-07-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7770888 2017-05-09] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2703192 2022-12-22] (Rockstar Games, Inc. -> Rockstar Games)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [2284400 2023-06-07] (Banco Bradesco SA -> Banco Bradesco S.A.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2022-01-05] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-28] (Bitdefender SRL -> BitDefender)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243336 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2023-08-08] (GAS INFORMATICA LTDA -> GAS Tecnologia)
R1 klbackupdisk.Kaspersky4Win-21-14; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-14\klbackupdisk.sys [110312 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt.Kaspersky4Win-21-14; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-14\klbackupflt.sys [245024 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk.Kaspersky4Win-21-14; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-14\kldisk.sys [128288 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [53576 2023-07-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 KLFLT.Kaspersky4Win-21-14; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-14\klflt.sys [550664 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse.Kaspersky4Win-21-14; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-14\klgse.sys [738824 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLHK.Kaspersky4Win-21-14; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-14\klhk.sys [1822752 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF.Kaspersky4Win-21-14; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-14\klif.sys [1187592 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [99624 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klkbdflt.Kaspersky4Win-21-14; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-14\klkbdflt.sys [121584 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt.Kaspersky4Win-21-14; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-14\klmouflt.sys [117992 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd.Kaspersky4Win-21-14; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-14\klpd.sys [81176 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt.Kaspersky4Win-21-14; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-14\klpnpflt.sys [107240 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [86776 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_Kaspersky4Win-21-14_arkmon; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-14_arkmon.sys [369432 2023-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_Kaspersky4Win-21-14_klark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-14_klark.sys [351912 2023-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_Kaspersky4Win-21-14_klbg; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-14_klbg.sys [179816 2023-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_Kaspersky4Win-21-14_mark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-14_mark.sys [260512 2023-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp.Kaspersky4Win-21-14; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-14\klwfp.sys [182008 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp.Kaspersky4Win-21-14; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-14\klwtp.sys [428784 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps.Kaspersky4Win-21-14; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-14\kneps.sys [352504 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49608 2023-03-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [495896 2023-03-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-27] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-08-10 17:05 - 2023-08-10 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foto3x4
2023-08-10 17:05 - 2023-08-10 17:05 - 000000000 ____D C:\Program Files (x86)\Qualiom freewares
2023-08-09 22:02 - 2023-08-09 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-08-09 22:02 - 2023-08-09 22:03 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Mozilla
2023-08-09 22:02 - 2023-08-09 22:03 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-08-09 22:02 - 2023-08-09 22:02 - 000002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegação privativa do Firefox.lnk
2023-08-09 22:02 - 2023-08-09 22:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-09 09:30 - 2023-08-09 09:30 - 000000000 ___HD C:\$WinREAgent
2023-08-08 21:07 - 2023-08-08 21:07 - 000000000 ____D C:\WINDOWS\Panther
2023-08-07 18:38 - 2023-08-07 18:38 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\com.adobe.dunamis
2023-08-07 18:38 - 2023-08-07 18:38 - 000000000 ____D C:\Users\Angelo Braz\.ms-ad
2023-08-07 18:20 - 2023-08-10 22:28 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-07 18:19 - 2023-08-10 22:28 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-05 20:20 - 2023-08-05 20:20 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-08-05 17:04 - 2023-08-11 09:56 - 000000000 ___RD C:\Users\Angelo Braz\iCloudDrive
2023-08-05 17:04 - 2023-08-05 17:04 - 000003598 _____ C:\WINDOWS\system32\Tasks\Apple Diagnostics
2023-08-04 08:26 - 2023-08-09 10:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\Kaspersky4Win-21-14
2023-08-02 13:23 - 2023-08-02 13:49 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-07-31 21:51 - 2023-07-31 21:56 - 000003960 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{CC4F3893-5487-44F3-8EF1-EBF935399E40}
2023-07-31 21:51 - 2023-07-31 21:56 - 000003836 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{02CBA588-79F0-470C-86D2-F97C38EF9BDC}
2023-07-30 10:16 - 2023-08-08 21:08 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-07-30 10:16 - 2023-08-05 20:20 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-07-30 10:16 - 2023-07-30 10:16 - 000002908 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Angelo
2023-07-18 14:32 - 2023-07-18 14:32 - 000000008 _____ C:\ProgramData\ntuser.pol
2023-07-13 16:09 - 2023-07-13 17:10 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\ZHP

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-08-11 16:05 - 2023-07-10 14:55 - 000000000 ____D C:\FRST
2023-08-11 16:02 - 2021-12-16 21:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-11 16:02 - 2015-08-11 22:55 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-11 15:55 - 2016-11-18 06:31 - 000000000 ____D C:\Users\Angelo Braz\AppData\LocalLow\Mozilla
2023-08-11 15:51 - 2022-02-09 20:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-11 12:00 - 2020-08-17 17:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-11 10:04 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-11 08:27 - 2023-06-27 18:25 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\WebEx
2023-08-10 21:03 - 2020-08-17 17:43 - 001749624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-10 21:03 - 2019-12-07 11:53 - 000755378 _____ C:\WINDOWS\system32\prfh0416.dat
2023-08-10 21:03 - 2019-12-07 11:53 - 000149432 _____ C:\WINDOWS\system32\prfc0416.dat
2023-08-10 21:03 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-10 20:00 - 2020-08-17 17:46 - 000004182 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D560E2BD-2729-4B68-9016-45F841C9ACEA}
2023-08-10 18:10 - 2015-07-31 15:53 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Word
2023-08-10 16:10 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-08-10 16:10 - 2019-10-13 14:30 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Apple Computer
2023-08-10 09:50 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-10 09:50 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-09 22:02 - 2015-07-30 14:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-09 21:59 - 2020-08-17 15:16 - 000000000 ____D C:\Users\Angelo Braz
2023-08-09 18:30 - 2023-06-01 12:54 - 000000000 ____D C:\ProgramData\NVIDIA
2023-08-09 18:30 - 2020-08-17 17:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-09 18:30 - 2020-08-17 17:33 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-09 18:29 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-09 10:10 - 2020-08-17 17:33 - 000462752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-09 10:09 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-09 10:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-09 10:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-09 10:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-09 10:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-09 10:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-09 10:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-09 10:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-09 10:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-09 10:07 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-09 09:58 - 2020-08-17 17:36 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-09 09:30 - 2022-03-22 08:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-08-09 09:30 - 2021-07-27 22:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-08-09 08:27 - 2020-04-06 13:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-08 21:08 - 2015-08-04 17:13 - 000028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2023-08-08 20:53 - 2019-11-15 21:44 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\MPC-HC
2023-08-08 19:55 - 2015-08-12 12:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-08 19:45 - 2015-08-12 12:56 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-08 19:21 - 2022-09-23 18:37 - 000000000 ____D C:\Program Files (x86)\dotnet
2023-08-08 19:21 - 2017-08-30 09:34 - 000000000 ____D C:\ProgramData\Package Cache
2023-08-07 20:25 - 2019-12-07 06:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2023-08-07 18:38 - 2015-07-31 22:27 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\Adobe
2023-08-07 18:18 - 2022-01-31 22:33 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-08-07 18:03 - 2015-08-11 22:57 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-05 22:01 - 2018-04-30 19:56 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\D3DSCache
2023-08-05 21:09 - 2018-11-29 23:01 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\CrashDumps
2023-08-05 20:20 - 2015-07-30 13:48 - 000000000 ____D C:\Program Files\CCleaner
2023-08-05 17:22 - 2019-10-13 15:02 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\Apple Inc
2023-08-05 17:04 - 2019-10-13 14:30 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\Apple Computer
2023-08-05 16:51 - 2022-08-14 18:22 - 000000000 ____D C:\ProgramData\Apple Inc
2023-08-05 16:51 - 2018-07-18 21:29 - 000000000 ____D C:\ProgramData\Packages
2023-08-05 16:51 - 2017-10-18 01:12 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\Packages
2023-08-05 15:13 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-08-05 12:26 - 2015-07-31 15:54 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Excel
2023-08-05 09:33 - 2022-12-18 19:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-467048075-196725563-1868618205-1001
2023-08-05 09:33 - 2020-08-17 17:46 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-467048075-196725563-1868618205-1001
2023-08-05 09:33 - 2020-08-17 15:16 - 000002448 _____ C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-05 09:32 - 2022-08-28 15:03 - 000000000 ____D C:\Program Files\Common Files\AV
2023-08-04 08:28 - 2022-08-28 15:02 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2023-08-04 08:28 - 2022-08-28 15:02 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2023-08-04 08:26 - 2023-05-02 15:23 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky.lnk
2023-08-02 13:49 - 2021-03-09 16:52 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-07-31 14:52 - 2020-04-19 23:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-07-20 10:47 - 2023-05-02 15:25 - 000012288 _____ C:\WINDOWS\SysWOW64\AppRulesStorage
2023-07-18 14:30 - 2015-07-31 16:02 - 000000000 ____D C:\Users\Angelo Braz\AppData\LocalLow\Temp
2023-07-18 14:28 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-07-18 14:28 - 2017-09-29 10:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-07-13 19:27 - 2021-02-19 21:08 - 000099624 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2023-07-13 16:06 - 2020-07-22 20:42 - 000000000 ____D C:\AdwCleaner
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe

==================== Arquivos na raiz de alguns diretórios ========

2016-03-26 12:02 - 2016-03-26 12:02 - 000000001 _____ () C:\Users\Angelo Braz\AppData\Local\llftool.4.40.agreement
2016-03-26 12:03 - 2016-03-26 12:03 - 000000019 _____ () C:\Users\Angelo Braz\AppData\Local\llftool.license
2017-09-04 22:53 - 2017-09-04 22:53 - 000003379 _____ () C:\Users\Angelo Braz\AppData\Local\recently-used.xbel
2015-11-02 21:17 - 2022-11-30 14:48 - 000007610 _____ () C:\Users\Angelo Braz\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Citação

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 06-08-2023
Executado por Angelo (11-08-2023 16:20:35)
Executando a partir de D:\Área de Trabalho
Microsoft Windows 10 Pro Versão 22H2 19045.3324 (X64) (2020-08-17 20:46:23)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-467048075-196725563-1868618205-500 - Administrator - Disabled)
Angelo (S-1-5-21-467048075-196725563-1868618205-1001 - Administrator - Enabled) => C:\Users\Angelo Braz
Convidado (S-1-5-21-467048075-196725563-1868618205-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-467048075-196725563-1868618205-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-467048075-196725563-1868618205-1006 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-467048075-196725563-1868618205-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1046-1033-7760-BC15014EA700}) (Version: 23.003.20269 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden
Anki (HKLM-x32\...\Anki) (Version: 2.1.43 - )
Aplicativo Itaú (HKLM-x32\...\{D0A058D6-4688-4E33-8894-8951D057990E}) (Version: 1.0.182 - Banco Itaú)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.14 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\ActiveTouchMeetingClient) (Version: 43.6.4 - Cisco Webex LLC)
Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Banco Bradesco S.A.)
Configurações da câmera Logitech (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.)
digiCamControl (HKLM-x32\...\{051b8fc1-d433-4428-bcd1-f90aa50afa23}) (Version: 2.1.4.0 - ) Hidden
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{59C0032B-88B5-41F3-B8FD-5B3356670B4F}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4B31654B-80C2-405C-91C9-49B14AEB0F42}) (Version: 2.0.32.0 - Epic Games, Inc.)
Foto3x4 1.0 (HKLM-x32\...\{149B2FDC-AC01-4A38-A2F8-0AD40B2AEFAA}_is1) (Version: - Qualiom Sistemas Computacionais)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.1.2.15332 - Foxit Software Inc.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.61.63 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.171 - Google LLC)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iCloud Outlook (HKLM\...\{AC76D136-36CC-4606-8361-4939FE5D2381}) (Version: 14.2.0.108 - Apple Inc.)
Identiv uTrust Smart Card Reader (HKLM-x32\...\{307F1256-AB13-4987-BAED-104752D425C8}) (Version: 1.17.0 - Identiv)
IRPF 2023 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\6908-8355-8468-2086) (Version: 1.3 - Receita Federal do Brasil)
IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
IRPF2018 (HKLM-x32\...\IRPF2018) (Version: 1.4 - Receita Federal do Brasil)
IRPF2019 (HKLM-x32\...\IRPF2019) (Version: 1.5 - Receita Federal do Brasil)
IRPF2020 (HKLM-x32\...\IRPF2020) (Version: 1.9 - Receita Federal do Brasil)
IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.2 - Receita Federal do Brasil)
IRPF2022 (HKLM-x32\...\IRPF2022) (Version: 1.3 - Receita Federal do Brasil)
Kaspersky (HKLM-x32\...\{3CC8CD12-5F5C-38C0-9557-8D379777C4AF}) (Version: 21.14.5.462 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{3CC8CD12-5F5C-38C0-9557-8D379777C4AF}) (Version: 21.14.5.462 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky)
K-Lite Codec Pack 17.1.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.1.5 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.21 (x86) (HKLM-x32\...\{A9F8F2E3-D3A4-4D90-9800-F689932ECE89}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.21 (x86) (HKLM-x32\...\{EF4A37DD-21FE-43E9-89D1-1C699CC197AC}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.21 (x86) (HKLM-x32\...\{B8ED272B-5F2D-4FF5-A7CA-C73552D7FB0F}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.16626.20134 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.200 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.200 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x86) (HKLM-x32\...\{33e692e6-1f06-4c3d-8981-738c129e0b2c}) (Version: 6.0.21.32717 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.21 (x86) (HKLM-x32\...\{F25834D2-0460-4995-8585-8E41BD074159}) (Version: 48.87.64723 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 116.0.2 (x64 pt-BR)) (Version: 116.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 116.0.2 - Mozilla)
Mozilla Thunderbird (x64 pt-BR) (HKLM\...\Mozilla Thunderbird 102.14.0 (x64 pt-BR)) (Version: 102.14.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Driver de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA Software do sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.16626.20118 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PDFsam Basic (HKLM\...\{24493C22-01EA-4E07-AB21-84910EB826B0}) (Version: 4.3.3.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.64.316.2023 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5880 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
SafeSign 64-bits (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.124 - A.E.T. Europe B.V.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte do iPod (HKLM\...\{713ABB2F-9ACB-4A4A-945A-CEA53C08644C}) (Version: 12.11.3.7 - Apple Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 82.0 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Verificação de integridade do PC Windows (HKLM\...\{2403B2D2-1FDC-497D-B181-F53D079FEAAA}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Webex (HKLM\...\{03482546-35AA-4BEC-A702-8B95FE6F4E02}) (Version: 43.6.0.26407 - Cisco Systems, Inc)

Packages:
=========
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-14] (Microsoft Corporation)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2020-05-08] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_148.2.1069.0_x64__v10z8vjag6ke6 [2023-08-09] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa [2023-08-05] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-06-13] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2307.24001.0_x64__8wekyb3d8bbwe [2023-08-04] (Microsoft Corporation) [Startup Task]
RecForth -> C:\Program Files\WindowsApps\IOForth.Screenrecord-screenrecorder_1.1.11.0_x64__pxs7cjhtcq1xt [2023-06-21] (IOForth)

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-467048075-196725563-1868618205-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-467048075-196725563-1868618205-1001_Classes\CLSID\{944E6FDE-D5C9-4B75-90DB-DE2E0FF9D2C1} -> [iCloud Drive] => C:\Users\Angelo Braz\iCloudDrive [2023-08-05 17:04]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.14] -> {0D304B31-5702-4EEE-A8C7-3723E260D0AB} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.14\x64\shellex.dll [2023-08-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.14] -> {0D304B31-5702-4EEE-A8C7-3723E260D0AB} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.14\x64\shellex.dll [2023-08-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.14] -> {0D304B31-5702-4EEE-A8C7-3723E260D0AB} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.14\x64\shellex.dll [2023-08-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-04-19] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.14] -> {0D304B31-5702-4EEE-A8C7-3723E260D0AB} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.14\x64\shellex.dll [2023-08-04] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-04-19] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)

==================== Codecs (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Arquivo não assinado]

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos Carregados (Whitelisted) =============

2017-05-09 09:27 - 2017-05-09 09:27 - 003067904 _____ (A.E.T. Europe B.V.) [Arquivo não assinado] C:\Windows\System32\aetpkss1.dll
2017-05-09 09:27 - 2017-05-09 09:27 - 000040960 _____ (A.E.T. Europe B.V.) [Arquivo não assinado] C:\Windows\System32\aettask.dll
2016-07-19 20:59 - 2009-04-20 12:29 - 000136704 _____ (Hewlett-Packard Company) [Arquivo não assinado] C:\WINDOWS\System32\hpf3l70w.dll
2016-07-19 21:03 - 2009-04-20 11:29 - 000249856 _____ (Hewlett-Packard Corporation) [Arquivo não assinado] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp70w.dll
2009-06-24 10:57 - 2009-06-24 10:57 - 000029696 _____ (HP) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\HP\HPLaserJetService\DebugLogger.dll
2009-06-24 10:57 - 2009-06-24 10:57 - 000032768 _____ (HP) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-06-24 10:57 - 2009-06-24 10:57 - 000031744 _____ (HP) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2015-08-23 23:42 - 2022-07-15 11:00 - 000094720 _____ (Igor Pavlov) [Arquivo não assinado] C:\Program Files\7-Zip\7-zip.dll
2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [Arquivo não assinado] C:\WINDOWS\System32\mvtcpmon.dll
2023-06-01 14:01 - 2016-11-14 09:30 - 001300688 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [Arquivo não assinado] C:\WINDOWS\System32\slp64.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:r0d3jo5 [20]

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-31] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-07-10 08:04 - 2022-06-10 19:36 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-10-01 16:12 - 2021-10-01 16:13 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-467048075-196725563-1868618205-1001\Control Panel\Desktop\\Wallpaper -> D:\Área de Trabalho\838293.jpg
DNS Servers: 1.0.0.1 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AutoRun_MBIM => 2
MSCONFIG\Services: Change Modem Device Service => 2
MSCONFIG\Services: DevMgmtService => 2
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPSIService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: ProductAgentService => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "VIVO INTERNET 4G"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ISUSScheduler"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VIVO INTERNET 4G"
HKLM\...\StartupApproved\Run32: => "Genshin Impact_Launcher"
HKLM\...\StartupApproved\Run32: => "Genshin Impact Beta_Launcher"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{9704DFD4-4832-4BA2-AD86-B1FA9825F1F5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B8524ED1-C8B3-42D3-8377-9007CD2EAA50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2FA0FB6A-3668-45DF-BB38-CA9816E4F7CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{60982F0A-8A31-47A3-B257-549FBC515CA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9DE48766-BD8F-4E57-9A48-50B2D7A9F735}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{0EAAE5A9-8970-47BB-A4F2-6A1742F28E41}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C69FB424-B5AD-4AD0-BD4C-43D5DE3B800A}] => (Allow) D:\Games Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe () [Arquivo não assinado]
FirewallRules: [{D9B48F0D-AE4E-4B45-80AD-9881E874D23B}] => (Allow) D:\Games Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe () [Arquivo não assinado]
FirewallRules: [{7F4F876F-6B2E-463B-B1C0-4F8D31B6DE0E}] => (Allow) LPort=57209
FirewallRules: [{B6E1770B-8CAD-4D20-A5EF-AA5E16123919}] => (Allow) LPort=57209
FirewallRules: [{ECF732B5-EE5C-4091-9D65-5E8D0926D921}] => (Allow) LPort=9100
FirewallRules: [{21270FD4-3BF9-4EAC-9CFE-E71669980D50}] => (Allow) LPort=427
FirewallRules: [{04EB6426-E32A-44E6-AF67-70FFED25D5F8}] => (Allow) LPort=161
FirewallRules: [TCP Query User{9DB0A4D1-CBE4-464B-94F0-F3C42A376D1D}C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe] => (Allow) C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe (ITAU UNIBANCO S.A. -> Banco Itaú)
FirewallRules: [UDP Query User{04E3C43F-4BF3-485C-9E90-F35D803C4123}C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe] => (Allow) C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe (ITAU UNIBANCO S.A. -> Banco Itaú)
FirewallRules: [{112F261F-4506-4B4E-BC4F-A32D6499DFDB}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{29EB09DF-8EE5-4FE0-B8F2-7713B4BA3E85}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{756953E8-A221-4F00-AEEB-038FDAECCBFB}] => (Allow) LPort=9100
FirewallRules: [{79FFF101-D1B6-4085-97B3-E76F504E1D4D}] => (Allow) LPort=427
FirewallRules: [{A0BB0B35-3961-4770-985C-F673DACB5911}] => (Allow) LPort=161
FirewallRules: [{0C508160-3801-4AB0-940C-D97A9E5C9820}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{955D43DB-DDAA-41E9-8C4A-B581CCCC7559}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{1AA059A1-5AB1-4335-B21F-CA0DD4C3CC27}] => (Allow) LPort=57209
FirewallRules: [{D7659CAC-C449-438C-9994-F84DD097CE69}] => (Allow) LPort=57210
FirewallRules: [{AF1355A8-C405-4208-AB10-33ED0A67F073}] => (Allow) LPort=57211
FirewallRules: [{45962D66-4A6B-45DD-BF35-E761F56AD9B2}] => (Allow) LPort=57212
FirewallRules: [{B5CCDEE1-DC04-41A0-9361-45381456A761}] => (Allow) LPort=57213
FirewallRules: [{61ACAA29-9085-4F20-B5E8-57AC45E3870A}] => (Allow) LPort=57214
FirewallRules: [{F9770054-8423-418C-B688-C5C9B3963DFE}] => (Allow) LPort=57215
FirewallRules: [{8C2914B5-15B3-4C48-AA82-78DEA6F2D379}] => (Allow) LPort=57216
FirewallRules: [{810BAA4E-1B8B-4FDA-8B72-CD45A01BE72F}] => (Allow) LPort=57217
FirewallRules: [{58F42371-9689-4D51-89AB-606D1A001BAD}] => (Allow) LPort=57218
FirewallRules: [{527DD172-FEEF-4424-84CB-9E49472E4D7F}] => (Allow) LPort=57209
FirewallRules: [{7234C66E-E760-47B9-9218-588B0194ACEE}] => (Allow) LPort=57210
FirewallRules: [{89C4D8BE-B71A-4BF3-B61E-B8169AD76902}] => (Allow) LPort=57211
FirewallRules: [{7B303FB5-0AF9-4AD1-9423-FECC397BD8A4}] => (Allow) LPort=57212
FirewallRules: [{FD6CE65C-1A77-4D7A-B1BE-3CA958B6704F}] => (Allow) LPort=57213
FirewallRules: [{CB0FB2C6-32D5-4167-A20B-63975E68D2D5}] => (Allow) LPort=57214
FirewallRules: [{00FA6BF7-B5A6-4804-B943-117AB3F24EC2}] => (Allow) LPort=57215
FirewallRules: [{9A46CF73-52B0-4155-8D32-3AC1D3DBDDD9}] => (Allow) LPort=57216
FirewallRules: [{1BFD7944-E93E-4D03-8342-7397C837FC1D}] => (Allow) LPort=57217
FirewallRules: [{07D1F187-4D33-4E9F-AABF-D958A367E8F2}] => (Allow) LPort=57218
FirewallRules: [{115E9E6E-EEEC-4B8E-877C-85F97D65B924}] => (Allow) LPort=23007
FirewallRules: [{5D10575B-15A2-47EB-A5E3-52C0030B676D}] => (Allow) LPort=23008
FirewallRules: [{88908B64-7FB1-4D51-B4FF-E7374FF75DB2}] => (Allow) LPort=33009
FirewallRules: [{0D97A74D-EF16-44D3-B3C9-A3F9AE2E9F1C}] => (Allow) LPort=33010
FirewallRules: [{51FB394C-330C-4FFB-BE85-B266C3868486}] => (Allow) LPort=33011
FirewallRules: [{50E3A043-B0B1-49D2-AABF-83F624CE67D4}] => (Allow) LPort=43012
FirewallRules: [{2AFF7942-479D-436D-B639-6E13C1F82ACC}] => (Allow) LPort=43013
FirewallRules: [{2D9EE3AE-5FEF-465D-A998-D55D06D59387}] => (Allow) LPort=53014
FirewallRules: [{FBCDA599-CAA8-4C13-A217-5A0E8D854BA9}] => (Allow) LPort=53015
FirewallRules: [{8D5B5EA6-E8AA-484A-BBA0-5D24BB080E72}] => (Allow) LPort=53016
FirewallRules: [{BFE86399-281C-4061-B880-5DC1EDB87DF1}] => (Allow) LPort=23007
FirewallRules: [{9A4B665D-B1F9-4C2F-B541-8517A8E16C98}] => (Allow) LPort=23008
FirewallRules: [{073E55E9-3949-42EB-8F95-DFF6B37A8945}] => (Allow) LPort=33009
FirewallRules: [{D631D813-84EE-4E2D-868E-F080A7DBE7AC}] => (Allow) LPort=33010
FirewallRules: [{759E29DB-3902-4EBF-B109-32E4341B5907}] => (Allow) LPort=33011
FirewallRules: [{116E6146-CB2E-4BDC-90A4-F00EA1AD4377}] => (Allow) LPort=43012
FirewallRules: [{32C1D800-6BDE-42C1-8E03-04A7ED274A83}] => (Allow) LPort=43013
FirewallRules: [{7838B0FE-A664-40F5-BF45-AC25607BD7F0}] => (Allow) LPort=53014
FirewallRules: [{29E4851B-E360-4337-93E3-EFE1331587FB}] => (Allow) LPort=53015
FirewallRules: [{36B1C54D-C58D-4F1A-AB42-333D338B7A00}] => (Allow) LPort=53016
FirewallRules: [{E4F0A1DA-EF72-4E1C-A87E-1B71F971477F}] => (Allow) LPort=50053
FirewallRules: [{02A83C19-C6C1-45F4-9B50-1C73B1EDC322}] => (Allow) LPort=50053
FirewallRules: [{322A0D8E-AA8D-4A50-B4A3-A8E3EA7B838A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D0E2360-084D-47AC-BC5B-0F52F486118E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59F3EB46-7110-4BD6-A6A0-32841E67EE07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D26BDEAB-488A-4ABA-A3E1-782D4249B379}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E797C231-379C-4588-A66A-E8C48FAF680D}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{2C17A881-B1FF-47EE-BD1F-957AE7B9C3A2}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [TCP Query User{AE1F08BC-BA00-4214-B1D0-4E1098B05D36}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{19694063-9D68-4774-8786-24271BA34A28}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{02FA6EC5-5843-47B0-9579-517E8C1D7A59}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Nenhum Arquivo
FirewallRules: [{47A1D1A1-4C71-4545-A814-F6B7F7314D44}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Nenhum Arquivo
FirewallRules: [{A96CFB8E-99A5-4DD9-B7C5-67B3FA7A102D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D08F0EB9-1FCA-4F89-BF4D-822CA7622AD1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{ADD6CED8-054F-4731-ADAE-BD0240723ACB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{57B7D3F7-0D1B-421D-AAEF-29AA187E39F6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1F9E6F74-E687-4100-842D-5AEF0E6E932E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{EA0740D0-B82D-479B-9FAA-62CAE172F128}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8AC3F5F4-018A-4A03-A891-31F876C6444C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2E719CE5-4254-457E-9649-F342B9BB05DE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E0BD1869-4663-4D21-8ABA-877D1E0158D9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{FDE32108-AAE0-4713-855D-4569FCDD32BB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7358EF98-6923-4B19-9B09-B130DEC8182F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{852E6C35-B170-4B8F-BAFC-E13D5B99FD05}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9CE512BC-2EAE-40EC-AE3B-DE28BDDDB398}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.200\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Pontos de Restauração =========================

==================== Dispositivos Apresentando Falhas No Gerenciador ============

==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (08/11/2023 12:35:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15609

Error: (08/11/2023 12:35:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15609

Error: (08/11/2023 12:35:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/08/2023 07:55:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary klupd_Kaspersky4Win-21-13_mark.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (08/08/2023 07:55:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary klupd_Kaspersky4Win-21-13_klbg.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (08/08/2023 07:55:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary klupd_Kaspersky4Win-21-13_klark.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (08/08/2023 07:55:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..

Details:
AddLegacyDriverFiles: Unable to back up image of binary klupd_Kaspersky4Win-21-13_arkmon.

System Error:
O sistema não pode encontrar o arquivo especificado.
.

Error: (08/08/2023 03:54:02 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Erros de Sistema:
=============
Error: (08/11/2023 09:37:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T0H8SRB)
Description: O servidor {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} não se registrou no DCOM dentro do tempo limite necessário.

Error: (08/11/2023 12:35:13 AM) (Source: volsnap) (EventID: 25) (User: )
Description: As cópias de sombra do volume foram excluídas porque o armazenamento de cópia de sombra não pôde ser expandido. Reduza a carga de E/S do sistema ou escolha um volume de armazenamento de cópia de sombra do qual não esteja sendo feita uma cópia de sombra.

Error: (08/11/2023 12:34:55 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T0H8SRB)
Description: O servidor {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} não se registrou no DCOM dentro do tempo limite necessário.

Error: (08/09/2023 10:59:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T0H8SRB)
Description: O servidor {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} não se registrou no DCOM dentro do tempo limite necessário.

Error: (08/09/2023 06:30:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (45000 milissegundos) ao aguardar a conexão do serviço NvStreamNetworkSvc.

Error: (08/09/2023 06:29:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T0H8SRB)
Description: O servidor {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} não se registrou no DCOM dentro do tempo limite necessário.

Error: (08/09/2023 04:52:31 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T0H8SRB)
Description: O servidor {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} não se registrou no DCOM dentro do tempo limite necessário.

Error: (08/09/2023 10:27:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (45000 milissegundos) ao aguardar a conexão do serviço NvStreamNetworkSvc.

Windows Defender:
================
Date: 2023-03-28 10:27:25
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {33B9A05B-B9F9-466D-ACB9-3B59DDE6C71B}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 10:22:34
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {C889AA89-6F2A-43ED-981E-7AE295922696}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 09:56:14
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {5EDCBF41-C554-420E-AFB2-B5AB38A29F92}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 09:21:13
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {2E00FDA6-61BE-4E36-A497-DC9117BECA80}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 09:10:33
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {349F2248-1234-4A31-950F-AC518C2008D8}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Event[0]:

Date: 2022-05-22 23:54:51
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança:
Versão da Inteligência de Segurança anterior: 1.283.1164.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo:
Versão Anterior do Mecanismo: 1.1.15500.2
Código de Erro: 0x8024001e
Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte.

CodeIntegrity:
===============
Date: 2023-08-11 16:17:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky 21.14\avp.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-08-11 16:14:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Informações da Memória ===========================

BIOS: American Megatrends Inc. 2105 07/23/2010
placa-mãe: ASUSTeK Computer INC. M4A785TD-V EVO
Processador: AMD Phenom(tm) II X6 1055T Processor
Percentagem de memória em uso: 35%
RAM física total: 9982.18 MB
RAM física disponível: 6440.6 MB
Virtual Total: 10622.18 MB
Virtual disponível: 6756.58 MB

==================== Drives ================================

Drive () (Fixed) (Total:110.78 GB) (Free:4.35 GB) (Model: KINGSTON SV300S37A120G ATA Device) NTFS
Drive d: (Anjo) (Fixed) (Total:931.51 GB) (Free:334.54 GB) (Model: SAMSUNG HD103SI ATA Device) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]

\\?\Volume{70b2a5bd-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{70b2a5bd-0000-0000-0000-90d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 70B2A5BD)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=526 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6BF97209)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt =======================

9 de agosto de 2023

Certo, Elias.

Ao abrir o programa após o reiniciar da máquina ele gerou um "Bootlog.pml" com 2Gb de tamanho. Dentro da interface do programa utilizei a função "Salvar" e ela gerou um arquivo chamado "Logfile.pml" com 4Mb, o qual anexo em minha resposta. Caso não seja esse último, me avise para que eu possa subir o Bootlog na nuvem.

Obs.: Por o arquivo ultrapassar o limite de 4mb do fórum, o comprimi com a ferramenta 7zip.

Logfile.7z

9 de agosto de 2023

Elias, tive dificuldades no salvamento do log, ao utilizar a opção "Salvar como" o log não estava sendo gerado em ".txt", então selecionei todos os itens e copiei e colei no bloco de notas. Caso tenha realizado o procedimento errado, peço desculpas e o realizarei novamente.

Obs.: Anexarei o log, pois não estou conseguido cola-lo na resposta por este ser muito grande.

output.txt

31 de julho de 2023

Elias, segue como pedido.

Jurava ter enviado a mensagem aqui no fórum antes, mas ao que parece não foi e ficou salva no rascunho.

Citação

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 27-07-2023
Executado por Angelo (29-07-2023 21:13:17) Run:2
Executando a partir de D:\Área de Trabalho
Perfis Carregados: Angelo
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)]
Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)]
Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)]
Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:r0d3jo5 [20]
File: C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe
File: C:\Windows\SysWOW64\WIN8_MBIM.exe
File: C:\WINDOWS\system32\mvtcpmon.dll

CMD: ipconfig /flushdns
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow

RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removido (a) com sucesso.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removido (a) com sucesso.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removido (a) com sucesso.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removido (a) com sucesso.
C:\WINDOWS\system32\Drivers\gbpddfac64.sys => ":r0d3jo5" ADS removido (a) com sucesso.

========================= File: C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe ========================

C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe
Arquivo não assinado
MD5: 76274EDD3E086F86E41732C1AC135301
Data de criação e modificação: 2022-02-16 18:27 - 2021-10-26 14:50
Tamanho: 000913408
Atributos: ----A
Nome Da Empresa:
Interno Nome:
Original Nome:
Produto:
Descrição:
Arquivo Versão:
Produto Versão:
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/8624ba6782c3884bf2e5041a6cef4fa94ca43dc4ac29ef593563327ee173adb3/detection/f-8624ba6782c3884bf2e5041a6cef4fa94ca43dc4ac29ef593563327ee173adb3-1690558100

====== Fim de File: ======

========================= File: C:\Windows\SysWOW64\WIN8_MBIM.exe ========================

C:\Windows\SysWOW64\WIN8_MBIM.exe
Arquivo não assinado
MD5: 3FB8DBD32821E6D6E218EB375B8DD442
Data de criação e modificação: 2016-12-13 21:44 - 2014-03-06 23:23
Tamanho: 000163840
Atributos: ----A
Nome Da Empresa:
Interno Nome:
Original Nome:
Produto:
Descrição:
Arquivo Versão:
Produto Versão:
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/9110d0c72033efed88d7a4a116c8b8f2642b561f895077bfbcfb80221a4720e1/detection/f-9110d0c72033efed88d7a4a116c8b8f2642b561f895077bfbcfb80221a4720e1-1676642347

====== Fim de File: ======

========================= File: C:\WINDOWS\system32\mvtcpmon.dll ========================

C:\WINDOWS\system32\mvtcpmon.dll
Arquivo não assinado
MD5: 29C30E1850AEB2E8D859113BDC421528
Data de criação e modificação: 2009-06-25 09:27 - 2009-06-25 09:27
Tamanho: 000541184
Atributos: ----A
Nome Da Empresa: Marvell Semiconductor, Inc.
Interno Nome: mvtcpmon.dll
Original Nome: mvtcpmon.dll
Produto: Advanced TCP/IP Port Monitor DLL
Descrição: Advanced TCP/IP Port Monitor DLL
Arquivo Versão: 2009.0625.1.7742
Produto Versão: 2009.0625.1.7742
Copyright: Copyright © 2007-2008 Marvell Semiconductor, Inc.
VirusTotal: https://www.virustotal.com/gui/file/e5626c6e87e75060815280e3006d5dce91c82c4e7e38541a8892f2d3c56b9922/detection/f-e5626c6e87e75060815280e3006d5dce91c82c4e7e38541a8892f2d3c56b9922-1690461688

====== Fim de File: ======

========= ipconfig /flushdns =========

Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

========= DISM /Online /Cleanup-Image /RestoreHealth =========

Ferramenta de Gerenciamento e Manuten‡Æo de Imagens de Implanta‡Æo
VersÆo: 10.0.19041.844

VersÆo da Imagem: 10.0.19045.3208

[== 3.8% ]
[== 3.8% ]
[== 4.0% ]
[== 4.2% ]
[== 4.3% ]
[== 4.4% ]
[== 4.5% ]
[== 4.5% ]
[== 4.7% ]
[== 4.9% ]
[=== 5.2% ]
[=== 5.5% ]
[=== 5.6% ]
[=== 5.7% ]
[=== 5.9% ]
[=== 6.0% ]
[=== 6.2% ]
[=== 6.3% ]
[=== 6.3% ]
[=== 6.6% ]
[=== 6.8% ]
[=== 6.8% ]
[=== 6.9% ]
[==== 7.1% ]
[==== 7.2% ]
[==== 7.3% ]
[==== 7.4% ]
[==== 7.5% ]
[==== 7.7% ]
[==== 7.8% ]
[==== 8.0% ]
[==== 8.1% ]
[==== 8.3% ]
[==== 8.5% ]
[===== 8.7% ]
[===== 8.8% ]
[===== 9.0% ]
[===== 9.1% ]
[===== 9.4% ]
[===== 9.7% ]
[===== 10.0% ]
[===== 10.2% ]
[====== 10.4% ]
[====== 10.6% ]
[====== 10.6% ]
[====== 10.9% ]
[====== 11.0% ]
[====== 11.2% ]
[====== 11.2% ]
[====== 11.3% ]
[====== 11.5% ]
[====== 11.8% ]
[====== 11.8% ]
[====== 11.9% ]
[======= 12.1% ]
[======= 12.2% ]
[======= 12.4% ]
[======= 12.5% ]
[======= 12.8% ]
[======= 12.9% ]
[======= 13.1% ]
[======= 13.1% ]
[======= 13.3% ]
[======= 13.6% ]
[======== 13.8% ]
[======== 14.0% ]
[======== 14.2% ]
[======== 14.2% ]
[======== 14.3% ]
[======== 14.5% ]
[======== 14.8% ]
[======== 15.0% ]
[======== 15.0% ]
[======== 15.2% ]
[======== 15.3% ]
[======== 15.5% ]
[========= 15.6% ]
[========= 15.7% ]
[========= 15.8% ]
[========= 16.0% ]
[========= 16.2% ]
[========= 16.4% ]
[========= 16.5% ]
[========= 16.8% ]
[========= 16.9% ]
[========= 17.1% ]
[========= 17.2% ]
[========== 17.4% ]
[========== 17.5% ]
[========== 17.7% ]
[========== 17.8% ]
[========== 18.0% ]
[========== 18.2% ]
[========== 18.5% ]
[========== 18.6% ]
[========== 18.7% ]
[========== 18.8% ]
[=========== 19.2% ]
[=========== 19.3% ]
[=========== 19.4% ]
[=========== 19.5% ]
[=========== 19.6% ]
[=========== 19.8% ]
[=========== 20.0% ]
[=========== 20.2% ]
[=========== 20.4% ]
[=========== 20.7% ]
[=========== 20.7% ]
[============ 20.9% ]
[============ 21.1% ]
[============ 21.1% ]
[============ 21.3% ]
[============ 21.3% ]
[============ 21.4% ]
[============ 21.5% ]
[============ 21.7% ]
[============ 21.7% ]
[============ 21.8% ]
[============ 22.0% ]
[============ 22.3% ]
[============= 22.5% ]
[============= 22.5% ]
[============= 22.8% ]
[============= 22.9% ]
[============= 23.1% ]
[============= 23.2% ]
[============= 23.3% ]
[============= 23.5% ]
[============= 23.6% ]
[============= 23.8% ]
[============= 23.8% ]
[============= 24.0% ]
[============== 24.3% ]
[============== 24.5% ]
[============== 24.6% ]
[============== 24.9% ]
[============== 25.1% ]
[============== 25.4% ]
[============== 25.6% ]
[============== 25.7% ]
[============== 25.7% ]
[=============== 25.9% ]
[=============== 26.1% ]
[=============== 26.3% ]
[=============== 26.3% ]
[=============== 26.4% ]
[=============== 26.4% ]
[=============== 26.4% ]
[=============== 26.6% ]
[=============== 26.8% ]
[=============== 26.9% ]
[=============== 27.1% ]
[=============== 27.5% ]
[================ 28.5% ]
[================ 29.2% ]
[================= 29.4% ]
[================= 29.9% ]
[================= 30.1% ]
[================= 30.3% ]
[================= 30.4% ]
[================= 30.8% ]
[================= 30.9% ]
[================== 31.1% ]
[================== 31.5% ]
[================== 31.7% ]
[================== 32.1% ]
[================== 32.4% ]
[================== 32.7% ]
[=================== 32.8% ]
[=================== 32.9% ]
[=================== 33.0% ]
[=================== 33.3% ]
[=================== 33.4% ]
[=================== 33.6% ]
[=================== 33.7% ]
[=================== 33.7% ]
[=================== 33.8% ]
[=================== 34.0% ]
[=================== 34.1% ]
[=================== 34.2% ]
[=================== 34.3% ]
[=================== 34.4% ]
[==================== 34.6% ]
[==================== 34.6% ]
[==================== 34.7% ]
[==================== 34.7% ]
[==================== 34.7% ]
[==================== 34.8% ]
[==================== 34.8% ]
[==================== 34.8% ]
[==================== 34.9% ]
[==================== 34.9% ]
[==================== 34.9% ]
[==================== 35.2% ]
[==================== 35.2% ]
[==================== 35.5% ]
[==================== 35.6% ]
[==================== 35.9% ]
[==================== 36.1% ]
[===================== 36.3% ]
[===================== 36.7% ]
[===================== 37.1% ]
[===================== 37.2% ]
[===================== 37.4% ]
[===================== 37.7% ]
[====================== 38.0% ]
[====================== 38.2% ]
[====================== 38.4% ]
[====================== 38.6% ]
[====================== 38.8% ]
[====================== 38.9% ]
[====================== 39.0% ]
[====================== 39.2% ]
[====================== 39.4% ]
[====================== 39.5% ]
[======================= 39.9% ]
[======================= 40.1% ]
[======================= 40.2% ]
[======================= 40.5% ]
[======================= 40.6% ]
[======================= 40.9% ]
[======================= 40.9% ]
[======================= 41.0% ]
[======================= 41.1% ]
[======================= 41.3% ]
[======================== 41.4% ]
[======================== 41.7% ]
[======================== 41.7% ]
[======================== 41.8% ]
[======================== 42.0% ]
[======================== 42.2% ]
[======================== 42.3% ]
[======================== 42.3% ]
[======================== 42.3% ]
[======================== 42.6% ]
[======================== 42.6% ]
[======================== 42.6% ]
[======================== 42.9% ]
[======================== 43.0% ]
[======================== 43.0% ]
[========================= 43.2% ]
[========================= 43.4% ]
[========================= 43.5% ]
[========================= 43.5% ]
[========================= 43.5% ]
[========================= 43.6% ]
[========================= 43.7% ]
[========================= 43.8% ]
[========================= 43.8% ]
[========================= 44.1% ]
[========================= 44.4% ]
[========================= 44.5% ]
[========================= 44.5% ]
[========================= 44.6% ]
[========================= 44.7% ]
[========================= 44.8% ]
[========================== 44.8% ]
[========================== 45.1% ]
[========================== 45.2% ]
[========================== 45.2% ]
[========================== 45.3% ]
[========================== 45.4% ]
[========================== 45.5% ]
[========================== 45.7% ]
[========================== 45.8% ]
[========================== 46.1% ]
[========================== 46.1% ]
[========================== 46.1% ]
[========================== 46.3% ]
[========================== 46.5% ]
[===========================46.6% ]
[===========================46.7% ]
[===========================46.8% ]
[===========================46.9% ]
[===========================47.0% ]
[===========================47.0% ]
[===========================47.1% ]
[===========================47.1% ]
[===========================47.1% ]
[===========================47.2% ]
[===========================47.2% ]
[===========================47.2% ]
[===========================47.2% ]
[===========================47.3% ]
[===========================47.3% ]
[===========================47.4% ]
[===========================47.4% ]
[===========================47.5% ]
[===========================47.5% ]
[===========================47.6% ]
[===========================47.7% ]
[===========================47.8% ]
[===========================47.8% ]
[===========================47.9% ]
[===========================47.9% ]
[===========================48.0% ]
[===========================48.0% ]
[===========================48.1% ]
[===========================48.2% ]
[===========================48.3% ]
[===========================48.5% ]
[===========================48.6% ]
[===========================48.6% ]
[===========================48.7% ]
[===========================48.7% ]
[===========================48.7% ]
[===========================48.8% ]
[===========================48.8% ]
[===========================48.8% ]
[===========================48.8% ]
[===========================48.9% ]
[===========================48.9% ]
[===========================48.9% ]
[===========================48.9% ]
[===========================49.0% ]
[===========================49.0% ]
[===========================49.1% ]
[===========================49.1% ]
[===========================49.1% ]
[===========================49.2% ]
[===========================49.4% ]
[===========================49.4% ]
[===========================49.4% ]
[===========================49.5% ]
[===========================49.7% ]
[===========================49.8% ]
[===========================50.0% ]
[===========================50.1% ]
[===========================50.1% ]
[===========================50.3% ]
[===========================50.3% ]
[===========================50.3% ]
[===========================50.6% ]
[===========================50.8% ]
[===========================50.9% ]
[===========================51.2% ]
[===========================51.5% ]
[===========================51.6% ]
[===========================51.8% ]
[===========================51.9% ]
[===========================52.2% ]
[===========================52.3% ]
[===========================52.8% ]
[===========================53.0% ]
[===========================53.4% ]
[===========================53.4% ]
[===========================53.9% ]
[===========================54.3% ]
[===========================54.6% ]
[===========================54.7% ]
[===========================54.7% ]
[===========================54.8% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.2% ]
[===========================55.3% ]
[===========================55.3% ]
[===========================55.3% ]
[===========================55.3% ]
[===========================55.4% ]
[===========================55.4% ]
[===========================55.4% ]
[===========================55.4% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.5% ]
[===========================55.6% ]
[===========================55.6% ]
[===========================55.6% ]
[===========================55.7% ]
[===========================55.7% ]
[===========================55.7% ]
[===========================55.8% ]
[===========================55.8% ]
[===========================55.8% ]
[===========================55.8% ]
[===========================55.8% ]
[===========================55.9% ]
[===========================55.9% ]
[===========================55.9% ]
[===========================56.0% ]
[===========================56.0% ]
[===========================56.0% ]
[===========================56.0% ]
[===========================56.1% ]
[===========================56.1% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.2% ]
[===========================56.3% ]
[===========================56.3% ]
[===========================56.3% ]
[===========================56.3% ]
[===========================56.4% ]
[===========================56.4% ]
[===========================56.4% ]
[===========================56.4% ]
[===========================56.4% ]
[===========================56.5% ]
[===========================56.5% ]
[===========================56.5% ]
[===========================56.5% ]
[===========================56.5% ]
[===========================56.5% ]
[===========================56.5% ]
[===========================56.6% ]
[===========================56.6% ]
[===========================56.6% ]
[===========================56.6% ]
[===========================56.7% ]
[===========================56.7% ]
[===========================56.8% ]
[===========================56.8% ]
[===========================56.8% ]
[===========================56.8% ]
[===========================56.8% ]
[===========================56.9%= ]
[===========================56.9%= ]
[===========================56.9%= ]
[===========================57.0%= ]
[===========================57.0%= ]
[===========================57.0%= ]
[===========================57.0%= ]
[===========================57.1%= ]
[===========================57.1%= ]
[===========================57.1%= ]
[===========================57.1%= ]
[===========================57.2%= ]
[===========================57.2%= ]
[===========================57.2%= ]
[===========================57.3%= ]
[===========================57.3%= ]
[===========================57.3%= ]
[===========================57.3%= ]
[===========================57.4%= ]
[===========================57.5%= ]
[===========================57.5%= ]
[===========================57.7%= ]
[===========================57.7%= ]
[===========================57.8%= ]
[===========================58.0%= ]
[===========================58.0%= ]
[===========================58.1%= ]
[===========================58.1%= ]
[===========================58.2%= ]
[===========================58.3%= ]
[===========================58.6%== ]
[===========================58.6%== ]
[===========================58.6%== ]
[===========================59.5%== ]
[===========================59.7%== ]
[===========================60.2%== ]
[===========================60.2%== ]
[===========================62.3%==== ]
[===========================84.9%================= ]
[==========================100.0%==========================]
Opera‡Æo de restaura‡Æo conclu¡da com ˆxito.
A opera‡Æo foi conclu¡da com ˆxito.

========= Fim de CMD: =========

========= SFC /scannow =========

Iniciando verificação de arquivos. O processo levará alguns minutos para ser concluído.

Iniciando fase de verificação de verificação do sistema.
Verificação 0% concluída. Verificação 1% concluída. Verificação 1% concluída. Verificação 2% concluída. Verificação 2% concluída. Verificação 3% concluída. Verificação 3% concluída. Verificação 4% concluída. Verificação 5% concluída. Verificação 5% concluída. Verificação 6% concluída. Verificação 6% concluída. Verificação 7% concluída. Verificação 7% concluída. Verificação 8% concluída. Verificação 9% concluída. Verificação 9% concluída. Verificação 10% concluída. Verificação 10% concluída. Verificação 11% concluída. Verificação 11% concluída. Verificação 12% concluída. Verificação 13% concluída. Verificação 13% concluída. Verificação 14% concluída. Verificação 14% concluída. Verificação 15% concluída. Verificação 15% concluída. Verificação 16% concluída. Verificação 16% concluída. Verificação 17% concluída. Verificação 18% concluída. Verificação 18% concluída. Verificação 19% concluída. Verificação 19% concluída. Verificação 20% concluída. Verificação 20% concluída. Verificação 21% concluída. Verificação 22% concluída. Verificação 22% concluída. Verificação 23% concluída. Verificação 23% concluída. Verificação 24% concluída. Verificação 24% concluída. Verificação 25% concluída. Verificação 26% concluída. Verificação 26% concluída. Verificação 27% concluída. Verificação 27% concluída. Verificação 28% concluída. Verificação 28% concluída. Verificação 29% concluída. Verificação 30% concluída. Verificação 30% concluída. Verificação 31% concluída. Verificação 31% concluída. Verificação 32% concluída. Verificação 32% concluída. Verificação 33% concluída. Verificação 33% concluída. Verificação 34% concluída. Verificação 35% concluída. Verificação 35% concluída. Verificação 36% concluída. Verificação 36% concluída. Verificação 37% concluída. Verificação 37% concluída. Verificação 38% concluída. Verificação 39% concluída. Verificação 39% concluída. Verificação 40% concluída. Verificação 40% concluída. Verificação 41% concluída. Verificação 41% concluída. Verificação 42% concluída. Verificação 43% concluída. Verificação 43% concluída. Verificação 44% concluída. Verificação 44% concluída. Verificação 45% concluída. Verificação 45% concluída. Verificação 46% concluída. Verificação 47% concluída. Verificação 47% concluída. Verificação 48% concluída. Verificação 48% concluída. Verificação 49% concluída. Verificação 49% concluída. Verificação 50% concluída. Verificação 50% concluída. Verificação 51% concluída. Verificação 52% concluída. Verificação 52% concluída. Verificação 53% concluída. Verificação 53% concluída. Verificação 54% concluída. Verificação 54% concluída. Verificação 55% concluída. Verificação 56% concluída. Verificação 56% concluída. Verificação 57% concluída. Verificação 57% concluída. Verificação 58% concluída. Verificação 58% concluída. Verificação 59% concluída. Verificação 60% concluída. Verificação 60% concluída. Verificação 61% concluída. Verificação 61% concluída. Verificação 62% concluída. Verificação 62% concluída. Verificação 63% concluída. Verificação 64% concluída. Verificação 64% concluída. Verificação 65% concluída. Verificação 65% concluída. Verificação 66% concluída. Verificação 66% concluída. Verificação 67% concluída. Verificação 67% concluída. Verificação 68% concluída. Verificação 69% concluída. Verificação 69% concluída. Verificação 70% concluída. Verificação 70% concluída. Verificação 71% concluída. Verificação 71% concluída. Verificação 72% concluída. Verificação 73% concluída. Verificação 73% concluída. Verificação 74% concluída. Verificação 74% concluída. Verificação 75% concluída. Verificação 75% concluída. Verificação 76% concluída. Verificação 77% concluída. Verificação 77% concluída. Verificação 78% concluída. Verificação 78% concluída. Verificação 79% concluída. Verificação 79% concluída. Verificação 80% concluída. Verificação 81% concluída. Verificação 81% concluída. Verificação 82% concluída. Verificação 82% concluída. Verificação 83% concluída. Verificação 83% concluída. Verificação 84% concluída. Verificação 84% concluída. Verificação 85% concluída. Verificação 86% concluída. Verificação 86% concluída. Verificação 87% concluída. Verificação 87% concluída. Verificação 88% concluída. Verificação 88% concluída. Verificação 89% concluída. Verificação 90% concluída. Verificação 90% concluída. Verificação 91% concluída. Verificação 91% concluída. Verificação 92% concluída. Verificação 92% concluída. Verificação 93% concluída. Verificação 94% concluída. Verificação 94% concluída. Verificação 95% concluída. Verificação 95% concluída. Verificação 96% concluída. Verificação 96% concluída. Verificação 97% concluída. Verificação 97% concluída. Verificação 98% concluída. Verificação 99% concluída. Verificação 99% concluída. Verificação 100% concluída.

A Proteção de Recursos do Windows encontrou arquivos corrompidos e os reparou com êxito.
Para reparos online, os detalhes são incluídos no arquivo de log CBS localizado em
windir\Logs\CBS\CBS.log. Por exemplo, C:\Windows\Logs\CBS\CBS.log. Para reparos
offline, os detalhes são incluídos no arquivo de log fornecido pelo sinalizador /OFFLOGFILE.

========= Fim de CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-467048075-196725563-1868618205-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-467048075-196725563-1868618205-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.

========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

FlushDNS => completado
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 941265814 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => -4268451 B
Edge => 0 B
Chrome => 226146442 B
Firefox => 308303401 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 21184 B
NetworkService => 21184 B
Angelo Braz => 1463858987 B

RecycleBin => 0 B
EmptyTemp: => 2.7 GB de dados temporários Removidos.

================================

O sistema precisou ser reiniciado.

==== Fim de Fixlog 21:50:30 ====

Citação

Quando surge o bloco de notas com o conteudo, aparece o local onde esse arquivo é salvo?

Não aparece, não, Elias.

29 de julho de 2023

Como pedido, Elias.

Citação

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 27-07-2023
Executado por Angelo (administrador) em DESKTOP-T0H8SRB (29-07-2023 12:29:19)
Executando a partir de D:\Área de Trabalho\FRST64.exe
Perfis Carregados: Angelo
Plataforma: Microsoft Windows 10 Pro Versão 22H2 19045.3208 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksdeui.exe
(C:\Users\Angelo Braz\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Angelo Braz\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (A.E.T. Europe B.V.) [Arquivo não assinado] C:\Windows\System32\aetcrss1.exe
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Angelo Braz\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(services.exe ->) () [Arquivo não assinado] C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe
(services.exe ->) () [Arquivo não assinado] C:\Windows\SysWOW64\WIN8_MBIM.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Banco Bradesco SA -> Banco Bradesco S.A.) C:\Program Files (x86)\scpbrad\scpbradserv.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP) [Arquivo não assinado] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [CertificateRegistration] => C:\WINDOWS\system32\aetcrss1.exe [25088 2017-05-09] (A.E.T. Europe B.V.) [Arquivo não assinado]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767712 2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation) [Arquivo não assinado]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation) [Arquivo não assinado]
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Angelo Braz\AppData\Local\WebEx\WebexHost.exe [8080480 2023-07-13] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [CiscoSpark] => C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1523 2023-06-27] () [Arquivo não assinado]
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpfpp70w: C:\Windows\System32\spool\prtprocs\x64\hpfpp70w.dll [249856 2009-04-20] (Hewlett-Packard Corporation) [Arquivo não assinado]
HKLM\...\Print\Monitors\Advanced TCP/IP Port Monitor: C:\WINDOWS\system32\mvtcpmon.dll [541184 2009-06-25] (Marvell Semiconductor, Inc.) [Arquivo não assinado]
HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\WINDOWS\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP1006LM: C:\WINDOWS\system32\HP1006LM.DLL [198144 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1100LM: C:\WINDOWS\system32\HP1100LM.DLL [288768 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\novaPDF 7 Monitor: C:\WINDOWS\system32\novamnk7.dll [29008 2011-02-15] (Softland -> Softland)
HKLM\...\Print\Monitors\PCL hpf3l70w.dll: C:\WINDOWS\system32\hpf3l70w.dll [136704 2009-04-20] (Hewlett-Packard Company) [Arquivo não assinado]
HKLM\...\Print\Monitors\Wondershare PDF Converter Monitor: C:\WINDOWS\system32\WSMonitorX64.dll [98152 2016-04-15] (Wondershare Software Co., Ltd. -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\115.0.5790.110\Installer\chrmstp.exe [2023-07-27] (Google LLC -> Google LLC)

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {E537C65A-46DD-4592-93F6-72299E410F52} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [685984 2023-07-05] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{81d19a1e-6325-4e6f-b780-655a8085b934}: [NameServer] 198.51.100.1,198.51.100.2
Tcpip\..\Interfaces\{f91de001-c0b5-48b3-94ee-3ccec5151877}: [NameServer] 1.0.0.1,1.1.1.1
Tcpip\..\Interfaces\{f91de001-c0b5-48b3-94ee-3ccec5151877}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: D:\Área de Trabalho
Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)]
Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)]
Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)]
Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-29]
Edge DownloadDir: Default -> D:\Downloads
Edge Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-07-22]
Edge Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2023-07-14]
Edge Extension: (Edge relevant text changes) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-25]
Edge Extension: (TWP - Translate Web Pages) - C:\Tradutor EDGE [2023-06-02] [UpdateUrl:hxxps://raw.githubusercontent.com/FilipePS/Traduzir-paginas-web/master/dist/chromium/updates.xml] <==== ATENÇÃO
Edge HKU\S-1-5-21-467048075-196725563-1868618205-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: jupdg3yp.default
FF ProfilePath: C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\jupdg3yp.default [2023-07-18]
FF ProfilePath: C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\2ezh1bjm.default-release-1684703975582 [2023-07-28]
FF Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\2ezh1bjm.default-release-1684703975582\Extensions\[email protected] [2023-06-04]
FF Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\2ezh1bjm.default-release-1684703975582\Extensions\[email protected] [2023-06-21]
FF Extension: (TWP - Translate Web Pages) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\2ezh1bjm.default-release-1684703975582\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2023-06-22]
FF Extension: (Gerar DANFe/DACTe) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\2ezh1bjm.default-release-1684703975582\Extensions\{c3e17213-5cba-412d-8e93-a2a83e6640e1}.xpi [2023-06-07]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [Nenhum Arquivo]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-05-21] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-05-21] <==== ATENÇÃO

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default [2023-07-28]
CHR Extension: (Reduza: Testador de cupons para suas compras) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\adblhjgamdlpmikabkcdleflikihalej [2022-07-03]
CHR Extension: (Kaspersky Protection) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-06-11]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-07-03]
CHR Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-07-28]
CHR Extension: (Gerar DANFe/DACTe) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnalonmlenogoaknbeikifdbaokkhmjj [2022-02-02]
CHR Extension: (Documentos Google off-line) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20]
CHR Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2023-07-15]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AutoRun_MBIM; C:\WINDOWS\SysWOW64\WIN8_MBIM.exe [163840 2014-03-06] () [Arquivo não assinado]
R2 AVP21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 Change Modem Device Service; C:\WINDOWS\SysWOW64\ChgService.exe [135168 2014-02-20] () [Arquivo não assinado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11851240 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe [913408 2021-10-26] () [Arquivo não assinado]
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-12-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348512 2023-03-29] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-03-29] (GOG sp. z o.o -> GOG.com)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Arquivo não assinado]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-07-13] (HP Inc. -> HP Inc.)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-04-07] (Hewlett-Packard Company -> HP)
S3 klvssbridge64_21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\vssbridge64.exe [501008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7770888 2017-05-09] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2703192 2022-12-22] (Rockstar Games, Inc. -> Rockstar Games)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [2284400 2023-06-07] (Banco Bradesco SA -> Banco Bradesco S.A.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402216 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2022-01-05] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-28] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [240264 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2023-07-27] (GAS INFORMATICA LTDA -> GAS Tecnologia)
R1 klbackupdisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klbackupdisk.sys [112936 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klbackupflt.sys [234216 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kldisk.sys [125736 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [53576 2023-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 KLFLT.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klflt.sys [548072 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klgse.sys [729136 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLHK.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klhk.sys [1822784 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids.Kaspersky4Win-21-13; C:\ProgramData\Kaspersky Lab\AVP21.13\Bases\klids.sys [235704 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klif.sys [1163544 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98552 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klkbdflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klkbdflt.sys [115960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klmouflt.sys [113448 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klpd.sys [80672 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klpnpflt.sys [98040 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [86776 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_Kaspersky4Win-21-13_arkmon; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_arkmon.sys [369432 2023-07-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_Kaspersky4Win-21-13_klark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klark.sys [351912 2023-07-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_Kaspersky4Win-21-13_klbg; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klbg.sys [179816 2023-07-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_Kaspersky4Win-21-13_mark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_mark.sys [260512 2023-07-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwfp.sys [179960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwtp.sys [415480 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kneps.sys [340208 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49608 2023-03-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [495896 2023-03-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-27] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-07-18 14:32 - 2023-07-18 14:32 - 000000008 _____ C:\ProgramData\ntuser.pol
2023-07-13 16:09 - 2023-07-13 17:10 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\ZHP
2023-07-13 09:13 - 2023-07-13 09:13 - 000000000 ___HD C:\$WinREAgent
2023-07-10 14:55 - 2023-07-29 12:30 - 000000000 ____D C:\FRST
2023-07-07 20:29 - 2023-07-08 11:48 - 000000000 ____D C:\Program Files\Mozilla Thunderbird

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-07-29 12:27 - 2020-08-17 17:46 - 000004182 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D560E2BD-2729-4B68-9016-45F841C9ACEA}
2023-07-29 12:26 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-29 12:26 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-29 12:26 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-29 12:25 - 2016-11-18 06:31 - 000000000 ____D C:\Users\Angelo Braz\AppData\LocalLow\Mozilla
2023-07-29 12:17 - 2022-02-09 20:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-29 12:02 - 2021-12-16 21:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-29 12:02 - 2015-08-11 22:55 - 000000000 ____D C:\Program Files (x86)\Google
2023-07-29 11:41 - 2017-10-18 01:12 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\Packages
2023-07-29 11:41 - 2015-07-31 15:53 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Word
2023-07-29 11:12 - 2020-08-17 17:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-29 09:34 - 2020-04-06 13:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-29 09:32 - 2023-06-27 18:25 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\WebEx
2023-07-28 23:09 - 2022-12-18 19:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-467048075-196725563-1868618205-1001
2023-07-28 23:09 - 2020-08-17 17:46 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-467048075-196725563-1868618205-1001
2023-07-28 23:09 - 2020-08-17 15:16 - 000002448 _____ C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-28 21:41 - 2019-12-07 06:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2023-07-28 21:33 - 2020-08-17 17:43 - 001749624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-28 21:33 - 2019-12-07 11:53 - 000755378 _____ C:\WINDOWS\system32\prfh0416.dat
2023-07-28 21:33 - 2019-12-07 11:53 - 000149432 _____ C:\WINDOWS\system32\prfc0416.dat
2023-07-28 21:33 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2023-07-28 21:26 - 2023-06-01 12:54 - 000000000 ____D C:\ProgramData\NVIDIA
2023-07-28 21:26 - 2020-08-17 17:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-28 21:26 - 2020-08-17 17:33 - 000008192 ___SH C:\DumpStack.log.tmp
2023-07-28 20:43 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-07-28 20:35 - 2018-11-29 23:01 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\CrashDumps
2023-07-27 21:22 - 2015-08-04 17:13 - 000028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2023-07-27 18:44 - 2015-08-11 22:57 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-07-27 14:12 - 2015-07-31 15:54 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Excel
2023-07-20 10:47 - 2023-05-02 15:25 - 000012288 _____ C:\WINDOWS\SysWOW64\AppRulesStorage
2023-07-18 14:33 - 2023-05-21 18:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-07-18 14:30 - 2015-07-31 16:02 - 000000000 ____D C:\Users\Angelo Braz\AppData\LocalLow\Temp
2023-07-18 14:28 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-07-18 14:28 - 2017-09-29 10:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-07-14 20:54 - 2020-04-19 23:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-07-13 21:22 - 2022-03-22 08:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-07-13 21:22 - 2021-07-27 22:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-07-13 16:06 - 2020-07-22 20:42 - 000000000 ____D C:\AdwCleaner
2023-07-13 09:59 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-13 09:55 - 2020-08-17 17:33 - 000462752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-13 09:54 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-13 09:41 - 2020-08-17 17:36 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-07-13 09:10 - 2017-08-30 09:34 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-13 09:09 - 2022-09-23 18:37 - 000000000 ____D C:\Program Files (x86)\dotnet
2023-07-13 09:03 - 2015-08-12 12:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-13 08:50 - 2015-08-12 12:56 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-12 23:13 - 2020-08-17 15:16 - 000000000 ____D C:\Users\Angelo Braz
2023-07-11 22:28 - 2023-06-27 21:14 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\CiscoSparkLauncher
2023-07-11 22:28 - 2023-06-27 21:14 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\CiscoSpark
2023-07-11 17:57 - 2020-08-17 17:46 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-11 17:57 - 2020-08-17 17:46 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-08 11:48 - 2023-05-21 18:18 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-08 11:48 - 2015-07-30 14:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-08 11:46 - 2023-06-01 14:05 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\ElevatedDiagnostics
2023-07-07 20:31 - 2021-03-09 16:52 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-07-05 12:34 - 2023-05-21 18:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-07-02 15:13 - 2023-05-02 14:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\Kaspersky4Win-21-13
2023-06-29 18:56 - 2023-06-27 18:25 - 000000000 ____D C:\Users\Angelo Braz\AppData\LocalLow\WebEx

==================== Arquivos na raiz de alguns diretórios ========

2016-03-26 12:02 - 2016-03-26 12:02 - 000000001 _____ () C:\Users\Angelo Braz\AppData\Local\llftool.4.40.agreement
2016-03-26 12:03 - 2016-03-26 12:03 - 000000019 _____ () C:\Users\Angelo Braz\AppData\Local\llftool.license
2017-09-04 22:53 - 2017-09-04 22:53 - 000003379 _____ () C:\Users\Angelo Braz\AppData\Local\recently-used.xbel
2015-11-02 21:17 - 2022-11-30 14:48 - 000007610 _____ () C:\Users\Angelo Braz\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Citação

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 27-07-2023
Executado por Angelo (29-07-2023 12:38:27)
Executando a partir de D:\Área de Trabalho
Microsoft Windows 10 Pro Versão 22H2 19045.3208 (X64) (2020-08-17 20:46:23)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-467048075-196725563-1868618205-500 - Administrator - Disabled)
Angelo (S-1-5-21-467048075-196725563-1868618205-1001 - Administrator - Enabled) => C:\Users\Angelo Braz
Convidado (S-1-5-21-467048075-196725563-1868618205-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-467048075-196725563-1868618205-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-467048075-196725563-1868618205-1006 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-467048075-196725563-1868618205-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden
Anki (HKLM-x32\...\Anki) (Version: 2.1.43 - )
Aplicativo Itaú (HKLM-x32\...\{D0A058D6-4688-4E33-8894-8951D057990E}) (Version: 1.0.182 - Banco Itaú)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.13 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\ActiveTouchMeetingClient) (Version: 43.6.4 - Cisco Webex LLC)
Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Banco Bradesco S.A.)
Configurações da câmera Logitech (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.)
digiCamControl (HKLM-x32\...\{051b8fc1-d433-4428-bcd1-f90aa50afa23}) (Version: 2.1.4.0 - ) Hidden
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{59C0032B-88B5-41F3-B8FD-5B3356670B4F}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4B31654B-80C2-405C-91C9-49B14AEB0F42}) (Version: 2.0.32.0 - Epic Games, Inc.)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.1.2.15332 - Foxit Software Inc.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.61.63 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.110 - Google LLC)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Identiv uTrust Smart Card Reader (HKLM-x32\...\{307F1256-AB13-4987-BAED-104752D425C8}) (Version: 1.17.0 - Identiv)
IRPF 2023 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\6908-8355-8468-2086) (Version: 1.3 - Receita Federal do Brasil)
IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
IRPF2018 (HKLM-x32\...\IRPF2018) (Version: 1.4 - Receita Federal do Brasil)
IRPF2019 (HKLM-x32\...\IRPF2019) (Version: 1.5 - Receita Federal do Brasil)
IRPF2020 (HKLM-x32\...\IRPF2020) (Version: 1.9 - Receita Federal do Brasil)
IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.2 - Receita Federal do Brasil)
IRPF2022 (HKLM-x32\...\IRPF2022) (Version: 1.3 - Receita Federal do Brasil)
Kaspersky (HKLM-x32\...\{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky)
K-Lite Codec Pack 17.1.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.1.5 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.20 (x86) (HKLM-x32\...\{82F89EDB-1DF1-402B-BED6-01C736967B6F}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x86) (HKLM-x32\...\{561137EF-2ECE-48F0-A6D6-6260AC7112A5}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x86) (HKLM-x32\...\{6E4984A9-4321-4D96-861F-D03578E68C8B}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.16529.20182 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.183 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\OneDriveSetup.exe) (Version: 23.142.0709.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.20 (x86) (HKLM-x32\...\{39139702-799e-4843-8d90-cfe9330b285a}) (Version: 6.0.20.32621 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.20 (x86) (HKLM-x32\...\{FC641ACB-FE5E-4F88-B392-9421BDCA1143}) (Version: 48.83.63194 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 115.0 (x64 pt-BR)) (Version: 115.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 113.0.1 - Mozilla)
Mozilla Thunderbird (x64 pt-BR) (HKLM\...\Mozilla Thunderbird 102.13.0 (x64 pt-BR)) (Version: 102.13.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Driver de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA Software do sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16529.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.16529.20182 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PDFsam Basic (HKLM\...\{24493C22-01EA-4E07-AB21-84910EB826B0}) (Version: 4.3.3.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.64.316.2023 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5880 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
SafeSign 64-bits (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.124 - A.E.T. Europe B.V.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte do iPod (HKLM\...\{713ABB2F-9ACB-4A4A-945A-CEA53C08644C}) (Version: 12.11.3.7 - Apple Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 82.0 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Verificação de integridade do PC Windows (HKLM\...\{2403B2D2-1FDC-497D-B181-F53D079FEAAA}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Webex (HKLM\...\{03482546-35AA-4BEC-A702-8B95FE6F4E02}) (Version: 43.6.0.26407 - Cisco Systems, Inc)

Packages:
=========
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-14] (Microsoft Corporation)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2020-05-08] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_147.1.1079.0_x64__v10z8vjag6ke6 [2023-07-13] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-06-13] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2305.14002.0_x64__8wekyb3d8bbwe [2023-05-31] (Microsoft Corporation) [Startup Task]
RecForth -> C:\Program Files\WindowsApps\IOForth.Screenrecord-screenrecorder_1.1.11.0_x64__pxs7cjhtcq1xt [2023-06-21] (IOForth)

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-04-19] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-04-19] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)

==================== Codecs (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Arquivo não assinado]

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos Carregados (Whitelisted) =============

2017-05-09 09:27 - 2017-05-09 09:27 - 003067904 _____ (A.E.T. Europe B.V.) [Arquivo não assinado] C:\Windows\System32\aetpkss1.dll
2017-05-09 09:27 - 2017-05-09 09:27 - 000040960 _____ (A.E.T. Europe B.V.) [Arquivo não assinado] C:\Windows\System32\aettask.dll
2016-07-19 20:59 - 2009-04-20 12:29 - 000136704 _____ (Hewlett-Packard Company) [Arquivo não assinado] C:\WINDOWS\System32\hpf3l70w.dll
2016-07-19 21:03 - 2009-04-20 11:29 - 000249856 _____ (Hewlett-Packard Corporation) [Arquivo não assinado] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp70w.dll
2009-06-24 10:57 - 2009-06-24 10:57 - 000029696 _____ (HP) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\HP\HPLaserJetService\DebugLogger.dll
2009-06-24 10:57 - 2009-06-24 10:57 - 000032768 _____ (HP) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-06-24 10:57 - 2009-06-24 10:57 - 000031744 _____ (HP) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2015-08-23 23:42 - 2022-07-15 11:00 - 000094720 _____ (Igor Pavlov) [Arquivo não assinado] C:\Program Files\7-Zip\7-zip.dll
2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [Arquivo não assinado] C:\WINDOWS\System32\mvtcpmon.dll
2023-06-01 14:01 - 2016-11-14 09:30 - 001300688 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [Arquivo não assinado] C:\WINDOWS\System32\slp64.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:r0d3jo5 [20]

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-07-10 08:04 - 2022-06-10 19:36 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-10-01 16:12 - 2021-10-01 16:13 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-467048075-196725563-1868618205-1001\Control Panel\Desktop\\Wallpaper -> D:\Área de Trabalho\838293.jpg
DNS Servers: 1.0.0.1 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AutoRun_MBIM => 2
MSCONFIG\Services: Change Modem Device Service => 2
MSCONFIG\Services: DevMgmtService => 2
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPSIService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: ProductAgentService => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "VIVO INTERNET 4G"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ISUSScheduler"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VIVO INTERNET 4G"
HKLM\...\StartupApproved\Run32: => "Genshin Impact_Launcher"
HKLM\...\StartupApproved\Run32: => "Genshin Impact Beta_Launcher"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{9704DFD4-4832-4BA2-AD86-B1FA9825F1F5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B8524ED1-C8B3-42D3-8377-9007CD2EAA50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2FA0FB6A-3668-45DF-BB38-CA9816E4F7CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{60982F0A-8A31-47A3-B257-549FBC515CA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9DE48766-BD8F-4E57-9A48-50B2D7A9F735}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{0EAAE5A9-8970-47BB-A4F2-6A1742F28E41}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C69FB424-B5AD-4AD0-BD4C-43D5DE3B800A}] => (Allow) D:\Games Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe () [Arquivo não assinado]
FirewallRules: [{D9B48F0D-AE4E-4B45-80AD-9881E874D23B}] => (Allow) D:\Games Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe () [Arquivo não assinado]
FirewallRules: [{7F4F876F-6B2E-463B-B1C0-4F8D31B6DE0E}] => (Allow) LPort=57209
FirewallRules: [{B6E1770B-8CAD-4D20-A5EF-AA5E16123919}] => (Allow) LPort=57209
FirewallRules: [{ECF732B5-EE5C-4091-9D65-5E8D0926D921}] => (Allow) LPort=9100
FirewallRules: [{21270FD4-3BF9-4EAC-9CFE-E71669980D50}] => (Allow) LPort=427
FirewallRules: [{04EB6426-E32A-44E6-AF67-70FFED25D5F8}] => (Allow) LPort=161
FirewallRules: [TCP Query User{9DB0A4D1-CBE4-464B-94F0-F3C42A376D1D}C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe] => (Allow) C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe (ITAU UNIBANCO S.A. -> Banco Itaú)
FirewallRules: [UDP Query User{04E3C43F-4BF3-485C-9E90-F35D803C4123}C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe] => (Allow) C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe (ITAU UNIBANCO S.A. -> Banco Itaú)
FirewallRules: [{112F261F-4506-4B4E-BC4F-A32D6499DFDB}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{29EB09DF-8EE5-4FE0-B8F2-7713B4BA3E85}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{756953E8-A221-4F00-AEEB-038FDAECCBFB}] => (Allow) LPort=9100
FirewallRules: [{79FFF101-D1B6-4085-97B3-E76F504E1D4D}] => (Allow) LPort=427
FirewallRules: [{A0BB0B35-3961-4770-985C-F673DACB5911}] => (Allow) LPort=161
FirewallRules: [{0C508160-3801-4AB0-940C-D97A9E5C9820}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{955D43DB-DDAA-41E9-8C4A-B581CCCC7559}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{1AA059A1-5AB1-4335-B21F-CA0DD4C3CC27}] => (Allow) LPort=57209
FirewallRules: [{D7659CAC-C449-438C-9994-F84DD097CE69}] => (Allow) LPort=57210
FirewallRules: [{AF1355A8-C405-4208-AB10-33ED0A67F073}] => (Allow) LPort=57211
FirewallRules: [{45962D66-4A6B-45DD-BF35-E761F56AD9B2}] => (Allow) LPort=57212
FirewallRules: [{B5CCDEE1-DC04-41A0-9361-45381456A761}] => (Allow) LPort=57213
FirewallRules: [{61ACAA29-9085-4F20-B5E8-57AC45E3870A}] => (Allow) LPort=57214
FirewallRules: [{F9770054-8423-418C-B688-C5C9B3963DFE}] => (Allow) LPort=57215
FirewallRules: [{8C2914B5-15B3-4C48-AA82-78DEA6F2D379}] => (Allow) LPort=57216
FirewallRules: [{810BAA4E-1B8B-4FDA-8B72-CD45A01BE72F}] => (Allow) LPort=57217
FirewallRules: [{58F42371-9689-4D51-89AB-606D1A001BAD}] => (Allow) LPort=57218
FirewallRules: [{527DD172-FEEF-4424-84CB-9E49472E4D7F}] => (Allow) LPort=57209
FirewallRules: [{7234C66E-E760-47B9-9218-588B0194ACEE}] => (Allow) LPort=57210
FirewallRules: [{89C4D8BE-B71A-4BF3-B61E-B8169AD76902}] => (Allow) LPort=57211
FirewallRules: [{7B303FB5-0AF9-4AD1-9423-FECC397BD8A4}] => (Allow) LPort=57212
FirewallRules: [{FD6CE65C-1A77-4D7A-B1BE-3CA958B6704F}] => (Allow) LPort=57213
FirewallRules: [{CB0FB2C6-32D5-4167-A20B-63975E68D2D5}] => (Allow) LPort=57214
FirewallRules: [{00FA6BF7-B5A6-4804-B943-117AB3F24EC2}] => (Allow) LPort=57215
FirewallRules: [{9A46CF73-52B0-4155-8D32-3AC1D3DBDDD9}] => (Allow) LPort=57216
FirewallRules: [{1BFD7944-E93E-4D03-8342-7397C837FC1D}] => (Allow) LPort=57217
FirewallRules: [{07D1F187-4D33-4E9F-AABF-D958A367E8F2}] => (Allow) LPort=57218
FirewallRules: [{115E9E6E-EEEC-4B8E-877C-85F97D65B924}] => (Allow) LPort=23007
FirewallRules: [{5D10575B-15A2-47EB-A5E3-52C0030B676D}] => (Allow) LPort=23008
FirewallRules: [{88908B64-7FB1-4D51-B4FF-E7374FF75DB2}] => (Allow) LPort=33009
FirewallRules: [{0D97A74D-EF16-44D3-B3C9-A3F9AE2E9F1C}] => (Allow) LPort=33010
FirewallRules: [{51FB394C-330C-4FFB-BE85-B266C3868486}] => (Allow) LPort=33011
FirewallRules: [{50E3A043-B0B1-49D2-AABF-83F624CE67D4}] => (Allow) LPort=43012
FirewallRules: [{2AFF7942-479D-436D-B639-6E13C1F82ACC}] => (Allow) LPort=43013
FirewallRules: [{2D9EE3AE-5FEF-465D-A998-D55D06D59387}] => (Allow) LPort=53014
FirewallRules: [{FBCDA599-CAA8-4C13-A217-5A0E8D854BA9}] => (Allow) LPort=53015
FirewallRules: [{8D5B5EA6-E8AA-484A-BBA0-5D24BB080E72}] => (Allow) LPort=53016
FirewallRules: [{BFE86399-281C-4061-B880-5DC1EDB87DF1}] => (Allow) LPort=23007
FirewallRules: [{9A4B665D-B1F9-4C2F-B541-8517A8E16C98}] => (Allow) LPort=23008
FirewallRules: [{073E55E9-3949-42EB-8F95-DFF6B37A8945}] => (Allow) LPort=33009
FirewallRules: [{D631D813-84EE-4E2D-868E-F080A7DBE7AC}] => (Allow) LPort=33010
FirewallRules: [{759E29DB-3902-4EBF-B109-32E4341B5907}] => (Allow) LPort=33011
FirewallRules: [{116E6146-CB2E-4BDC-90A4-F00EA1AD4377}] => (Allow) LPort=43012
FirewallRules: [{32C1D800-6BDE-42C1-8E03-04A7ED274A83}] => (Allow) LPort=43013
FirewallRules: [{7838B0FE-A664-40F5-BF45-AC25607BD7F0}] => (Allow) LPort=53014
FirewallRules: [{29E4851B-E360-4337-93E3-EFE1331587FB}] => (Allow) LPort=53015
FirewallRules: [{36B1C54D-C58D-4F1A-AB42-333D338B7A00}] => (Allow) LPort=53016
FirewallRules: [{E4F0A1DA-EF72-4E1C-A87E-1B71F971477F}] => (Allow) LPort=50053
FirewallRules: [{02A83C19-C6C1-45F4-9B50-1C73B1EDC322}] => (Allow) LPort=50053
FirewallRules: [{322A0D8E-AA8D-4A50-B4A3-A8E3EA7B838A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D0E2360-084D-47AC-BC5B-0F52F486118E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59F3EB46-7110-4BD6-A6A0-32841E67EE07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D26BDEAB-488A-4ABA-A3E1-782D4249B379}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E797C231-379C-4588-A66A-E8C48FAF680D}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{2C17A881-B1FF-47EE-BD1F-957AE7B9C3A2}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [TCP Query User{AE1F08BC-BA00-4214-B1D0-4E1098B05D36}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{19694063-9D68-4774-8786-24271BA34A28}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{02FA6EC5-5843-47B0-9579-517E8C1D7A59}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Nenhum Arquivo
FirewallRules: [{47A1D1A1-4C71-4545-A814-F6B7F7314D44}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Nenhum Arquivo
FirewallRules: [{A96CFB8E-99A5-4DD9-B7C5-67B3FA7A102D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6BB2E303-7F11-4581-B66F-2D32FDD47735}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A86D96F-8823-48BD-8969-184FE89706BD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D08F0EB9-1FCA-4F89-BF4D-822CA7622AD1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{ADD6CED8-054F-4731-ADAE-BD0240723ACB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{57B7D3F7-0D1B-421D-AAEF-29AA187E39F6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1F9E6F74-E687-4100-842D-5AEF0E6E932E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{EA0740D0-B82D-479B-9FAA-62CAE172F128}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8AC3F5F4-018A-4A03-A891-31F876C6444C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2E719CE5-4254-457E-9649-F342B9BB05DE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E0BD1869-4663-4D21-8ABA-877D1E0158D9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{D26C168A-7BF2-4534-9642-4A1C1936CE48}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.183\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1A45673F-B673-4273-A441-BCC143FE2FFB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Pontos de Restauração =========================

20-07-2023 19:13:25 Ponto de Verificação Agendado

==================== Dispositivos Apresentando Falhas No Gerenciador ============

==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (07/28/2023 08:35:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SearchApp.exe, versão: 10.0.19041.3155, carimbo de data/hora: 0x5cb9ff30
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.19041.3155, carimbo de data/hora: 0xbf300201
Código de exceção: 0xc0000409
Deslocamento da falha: 0x000000000012d8b2
ID do processo com falha: 0x2e14
Hora de início do aplicativo com falha: 0x01d9c19d2cd38ec6
Caminho do aplicativo com falha: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: 898b69cf-5303-4ce4-be61-fca0fbae4119
Nome completo do pacote com falha: Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy
ID do aplicativo relativo ao pacote com falha: CortanaUI

Error: (07/28/2023 08:35:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: Explorer.EXE, versão: 10.0.19041.3155, carimbo de data/hora: 0x5772a955
Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.3155, carimbo de data/hora: 0x5212ece5
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000001ed51
ID do processo com falha: 0x2cb8
Hora de início do aplicativo com falha: 0x01d9c148be530a91
Caminho do aplicativo com falha: C:\WINDOWS\Explorer.EXE
Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll
ID do Relatório: 74cebba7-d802-416e-8b34-f8bf0418a2a0
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (07/27/2023 08:26:48 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]

Error: (07/27/2023 05:23:41 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (07/27/2023 04:27:46 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (07/27/2023 03:56:06 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (07/27/2023 03:56:06 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (07/27/2023 03:56:06 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Erros de Sistema:
=============
Error: (07/28/2023 09:26:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (45000 milissegundos) ao aguardar a conexão do serviço NvStreamNetworkSvc.

Error: (07/28/2023 08:33:27 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: AUTORIDADE NT)
Description: E:\Device\HarddiskVolume203

Error: (07/28/2023 08:22:32 PM) (Source: Ntfs) (EventID: 55) (User: AUTORIDADE NT)
Description: Corrupção detectada na estrutura do sistema de arquivos, no volume E:.

A natureza exata da corrupção é desconhecida. As estruturas do sistema de arquivos precisam ser verificadas e corrigidas offline.

Error: (07/28/2023 08:22:32 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: AUTORIDADE NT)
Description: E:\Device\HarddiskVolume173

Error: (07/28/2023 08:04:26 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk2\DR6, possui um setor defeituoso.

Error: (07/28/2023 07:52:29 PM) (Source: disk) (EventID: 7) (User: )
Description: O dispositivo, \Device\Harddisk2\DR6, possui um setor defeituoso.

Error: (07/28/2023 06:46:45 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: O gerenciador de recursos de transações no volume E: encontrou um erro sem nova tentativa e não pôde ser iniciado. Os dados contêm o código de erro.

Error: (07/28/2023 06:46:43 PM) (Source: volsnap) (EventID: 14) (User: )
Description: As cópias de sombra do volume F: foram anuladas devido a uma falha de E/S no volume F:.

Windows Defender:
================
Date: 2023-03-28 10:27:25
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {33B9A05B-B9F9-466D-ACB9-3B59DDE6C71B}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 10:22:34
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {C889AA89-6F2A-43ED-981E-7AE295922696}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 09:56:14
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {5EDCBF41-C554-420E-AFB2-B5AB38A29F92}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 09:21:13
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {2E00FDA6-61BE-4E36-A497-DC9117BECA80}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 09:10:33
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {349F2248-1234-4A31-950F-AC518C2008D8}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Event[0]:

Date: 2022-05-22 23:54:51
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança:
Versão da Inteligência de Segurança anterior: 1.283.1164.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo:
Versão Anterior do Mecanismo: 1.1.15500.2
Código de Erro: 0x8024001e
Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte.

CodeIntegrity:
===============
Date: 2023-07-29 12:37:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-07-29 12:33:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Informações da Memória ===========================

BIOS: American Megatrends Inc. 2105 07/23/2010
placa-mãe: ASUSTeK Computer INC. M4A785TD-V EVO
Processador: AMD Phenom(tm) II X6 1055T Processor
Percentagem de memória em uso: 35%
RAM física total: 9982.18 MB
RAM física disponível: 6398.27 MB
Virtual Total: 10622.18 MB
Virtual disponível: 7208.31 MB

==================== Drives ================================

Drive () (Fixed) (Total:110.78 GB) (Free:32.86 GB) (Model: KINGSTON SV300S37A120G ATA Device) NTFS
Drive d: (Anjo) (Fixed) (Total:931.51 GB) (Free:367.58 GB) (Model: SAMSUNG HD103SI ATA Device) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]

\\?\Volume{70b2a5bd-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{70b2a5bd-0000-0000-0000-90d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 70B2A5BD)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=526 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6BF97209)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt =======================

27 de julho de 2023

Elias, peço desculpas pela demora.

Apaguei a pasta, mas após o boot ela não é criada novamente. Contudo, o log ainda continua aparecendo.

Fora isso o PC está ótimo!

21 de julho de 2023

1 minuto atrás, Elias Pereira disse:

A principio são pings para o localhost.

O que tem dentro da pasta D:\Program Files\Nox?

Não há nada, está em branco.

20 de julho de 2023

Em 19/07/2023 às 11:17, Elias Pereira disse:

Em relação aos problemas iniciais, como está o computador?

Elias, notei uma melhora na utilização do PC e na navegação; quanto as telas do prompt pipocando, até agora, não surgiram mais. O único problema restante é que ao ligar o PC surge o bloco de nota com o seguinte log :

Citação

------------------------------------start------------------------------------

Disparando 127.0.0.1 com 32 bytes de dados:
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128

Estat¡sticas do Ping para 127.0.0.1:
Pacotes: Enviados = 4, Recebidos = 4, Perdidos = 0 (0% de
perda),
Aproximar um n£mero redondo de vezes em milissegundos:
M¡nimo = 0ms, M ximo = 0ms, M‚dia = 0ms
"D:\Program Files\Nox\"
-------------------------------------end-------------------------------------

18 de julho de 2023

Elias, conforme pedido:

Citação

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 18-07-2023
Executado por Angelo (18-07-2023 14:27:17) Run:1
Executando a partir de D:\Área de Trabalho
Perfis Carregados: Angelo
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X]
HKLM-x32\...\Run: [Genshin Impact_Launcher] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Nenhum Arquivo)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [GalaxyClient] => [X]
GroupPolicy: Restrição ? <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
Task: {E28E667D-AF63-4A37-B5C6-18E7C360FAB2} - System32\Tasks\AdwCleaner_onReboot => D:\Área de Trabalho\adwcleaner_8.0.6.exe /r (Nenhum Arquivo)
Task: {5CE1A06E-9F59-4F0F-83C4-319A08AF1D73} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe (Nenhum Arquivo)
Task: {956E5536-0A5D-42FA-BA4B-CDFFE94CF485} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7BAC3216-7F61-4128-8067-52911C3E37DC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "7bde81e5-df76-4cdb-b6c4-cb680b94b0fd" --version "6.13.10517" --silent
Task: {AA6F2483-CAE8-44A2-BAE9-D819EBAE96B2} - System32\Tasks\CCleanerSkipUAC - Angelo => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3BCB82F7-0CA9-4FCA-A130-711B029C3A66} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5308592 2023-07-13] (Microsoft Windows -> Microsoft Corporation)
Task: {7200E7FC-D66A-4C02-8C2E-7491139B5936} - System32\Tasks\Desligar Automático => C:\WINDOWS\system32\shutdown.exe [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> -s -f
Task: {10E8EF05-223F-4D96-85EF-5E789C193EAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-11] (Google Inc -> Google Inc.)
Task: {6A0CC6F3-0E12-4400-AE44-42B46EE9CDFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-11] (Google Inc -> Google Inc.)
Task: {BD80A129-4879-4750-8D5C-40C62FDFF034} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-08-08] () [Arquivo não assinado]
Task: {6265A9AA-8097-4539-9FE6-039764D3FF07} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616832 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {345B8195-A8C4-49D3-99DF-F598148E1878} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616832 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {0AE8D982-82DE-49CA-AC35-953764121BC1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124296 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {40D3AB04-C119-4C03-9DD4-5FF4BDD5FEE9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124296 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {18F0E1B5-30C5-4FC0-B765-10DCB0FCAE08} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [685984 2023-07-05] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {924E4F75-2F71-411D-B9E4-3B63B911C67B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-05] (Mozilla Corporation -> Mozilla Foundation)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
CustomCLSID: HKU\S-1-5-21-467048075-196725563-1868618205-1001_Classes\CLSID\{DDC34D5E-7D6D-E686-AB5A-C82D0DE991A3}\InprocServer32 -> não caminho do arquivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Nenhum Arquivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Nenhum Arquivo
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll -> Nenhum Arquivo
ContextMenuHandlers1_S-1-5-21-467048075-196725563-1868618205-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> Nenhum Arquivo
ContextMenuHandlers1_S-1-5-21-467048075-196725563-1868618205-1001: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => -> Nenhum Arquivo
ContextMenuHandlers4_S-1-5-21-467048075-196725563-1868618205-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> Nenhum Arquivo
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:r0d3jo5 [20]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [254]
AlternateDataStreams: C:\ProgramData\TEMP:D061F04D [184]

StartBatch:
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /s
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce" /s
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig" /s
reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run" /s
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /s
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /s
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" /s
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" /s
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run" /s
EndBatch:

File: C:\Windows\SysWOW64\frapsvid.dll
File: C:\WINDOWS\SysWOW64\WIN8_MBIM.exe
File: C:\Windows\System32\aetcrss1.exe
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Genshin Impact Beta_Launcher" => removido (a) com sucesso.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Genshin Impact_Launcher" => removido (a) com sucesso.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removido (a) com sucesso.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\StartCCC" => removido (a) com sucesso.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => valor restaurado com sucesso
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => valor restaurado com sucesso
"HKU\S-1-5-21-467048075-196725563-1868618205-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removido (a) com sucesso.
C:\WINDOWS\system32\GroupPolicy\Machine => movido com sucesso
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido com sucesso
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido com sucesso
C:\ProgramData\NTUSER.pol => movido com sucesso
HKLM\SOFTWARE\Policies\Google => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E28E667D-AF63-4A37-B5C6-18E7C360FAB2}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E28E667D-AF63-4A37-B5C6-18E7C360FAB2}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdwCleaner_onReboot" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CE1A06E-9F59-4F0F-83C4-319A08AF1D73}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CE1A06E-9F59-4F0F-83C4-319A08AF1D73}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Apple Diagnostics => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple Diagnostics" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{956E5536-0A5D-42FA-BA4B-CDFFE94CF485}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{956E5536-0A5D-42FA-BA4B-CDFFE94CF485}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CCleaner Update => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BAC3216-7F61-4128-8067-52911C3E37DC}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BAC3216-7F61-4128-8067-52911C3E37DC}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CCleanerCrashReporting => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerCrashReporting" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA6F2483-CAE8-44A2-BAE9-D819EBAE96B2}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA6F2483-CAE8-44A2-BAE9-D819EBAE96B2}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC - Angelo => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC - Angelo" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BCB82F7-0CA9-4FCA-A130-711B029C3A66}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BCB82F7-0CA9-4FCA-A130-711B029C3A66}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7200E7FC-D66A-4C02-8C2E-7491139B5936}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7200E7FC-D66A-4C02-8C2E-7491139B5936}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Desligar Automático => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desligar Automático" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10E8EF05-223F-4D96-85EF-5E789C193EAA}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10E8EF05-223F-4D96-85EF-5E789C193EAA}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A0CC6F3-0E12-4400-AE44-42B46EE9CDFC}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A0CC6F3-0E12-4400-AE44-42B46EE9CDFC}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD80A129-4879-4750-8D5C-40C62FDFF034}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD80A129-4879-4750-8D5C-40C62FDFF034}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\klcp_update => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6265A9AA-8097-4539-9FE6-039764D3FF07}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6265A9AA-8097-4539-9FE6-039764D3FF07}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates 2.0" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{345B8195-A8C4-49D3-99DF-F598148E1878}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{345B8195-A8C4-49D3-99DF-F598148E1878}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AE8D982-82DE-49CA-AC35-953764121BC1}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AE8D982-82DE-49CA-AC35-953764121BC1}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40D3AB04-C119-4C03-9DD4-5FF4BDD5FEE9}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D3AB04-C119-4C03-9DD4-5FF4BDD5FEE9}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates Logon => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates Logon" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18F0E1B5-30C5-4FC0-B765-10DCB0FCAE08}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18F0E1B5-30C5-4FC0-B765-10DCB0FCAE08}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Background Update 308046B0AF4A39CB" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{924E4F75-2F71-411D-B9E4-3B63B911C67B}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{924E4F75-2F71-411D-B9E4-3B63B911C67B}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" => removido (a) com sucesso.
C:\WINDOWS\Tasks\CCleanerCrashReporting.job => movido com sucesso
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => movido com sucesso
HKU\S-1-5-21-467048075-196725563-1868618205-1001_Classes\CLSID\{DDC34D5E-7D6D-E686-AB5A-C82D0DE991A3} => removido (a) com sucesso.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removido (a) com sucesso.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removido (a) com sucesso.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removido (a) com sucesso.
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} => removido (a) com sucesso.
HKU\S-1-5-21-467048075-196725563-1868618205-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\ kwpsshellext => removido (a) com sucesso.
HKU\S-1-5-21-467048075-196725563-1868618205-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\kpdf2wordshellext => removido (a) com sucesso.
HKU\S-1-5-21-467048075-196725563-1868618205-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ kwpsshellext => removido (a) com sucesso.
C:\WINDOWS\system32\Drivers\gbpddfac64.sys => ":r0d3jo5" ADS removido (a) com sucesso.
C:\WINDOWS\system32\Drivers\gbpddfac64.sys => ":X5ZN8aGvT4" ADS removido (a) com sucesso.
C:\ProgramData\TEMP => ":D061F04D" ADS removido (a) com sucesso.

========= Batch: =========

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
ISUSPM Startup REG_SZ C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -startup
CCleaner Smart Cleaning REG_SZ "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
OneDrive REG_SZ "C:\Users\Angelo Braz\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
CiscoMeetingDaemon REG_SZ "C:\Users\Angelo Braz\AppData\Local\WebEx\WebexHost.exe" /daemon /runFrom=autorun
CiscoSpark REG_SZ C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk /minimized /autostartedWithWindows=true

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\AdobeARMservice
AdobeARMservice REG_DWORD 0x2
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\AMD External Events Utility
AMD External Events Utility REG_DWORD 0x2
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\AutoRun_MBIM
AutoRun_MBIM REG_DWORD 0x2
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\Change Modem Device Service
Change Modem Device Service REG_DWORD 0x2
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\DevMgmtService
DevMgmtService REG_DWORD 0x2
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\GalaxyClientService
GalaxyClientService REG_DWORD 0x3
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\GalaxyCommunication
GalaxyCommunication REG_DWORD 0x3
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\gupdate
gupdate REG_DWORD 0x2
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\gupdatem
gupdatem REG_DWORD 0x3
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\HPSIService
HPSIService REG_DWORD 0x2
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\MozillaMaintenance
MozillaMaintenance REG_DWORD 0x3
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\Origin Client Service
Origin Client Service REG_DWORD 0x3
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\Origin Web Helper Service
Origin Web Helper Service REG_DWORD 0x2
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\ProductAgentService
ProductAgentService REG_DWORD 0x2
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\services\Steam Client Service
Steam Client Service REG_DWORD 0x3
YEAR REG_DWORD 0x7e2
MONTH REG_DWORD 0xc
DAY REG_DWORD 0x1
HOUR REG_DWORD 0x11
MINUTE REG_DWORD 0x2c
SECOND REG_DWORD 0x39

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\msconfig\state
services REG_DWORD 0x2
bootini REG_DWORD 0x2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
CertificateRegistration REG_SZ aetcrss1.exe
NvBackend REG_SZ "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
ShadowPlay REG_SZ "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
ISUSScheduler REG_SZ "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
HPUsageTrackingLEDM REG_SZ "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"

ERRO: O sistema nÆo p“de localizar a chave do Registro ou valor especificado.

========= Fim de Batch: =========

========================= File: C:\Windows\SysWOW64\frapsvid.dll ========================

C:\Windows\SysWOW64\frapsvid.dll
Arquivo não assinado
MD5: E3E8F33F23C9847148DC6B7DA12D9240
Data de criação e modificação: 2015-09-05 05:09 - 2015-09-05 05:09
Tamanho: 000094208
Atributos: ----A
Nome Da Empresa: Beepa P/L
Interno Nome: Fraps
Original Nome:
Produto: FRAPS
Descrição: Fraps
Arquivo Versão: 3, 5, 99, 15623
Produto Versão: 3, 5, 99, 15623
Copyright: Copyright © Beepa P/L 2013
VirusTotal: https://www.virustotal.com/gui/file/058c0332b47e92859e43714d59576420458b447474f35eeacb7fa467b4fb0ac2/detection/f-058c0332b47e92859e43714d59576420458b447474f35eeacb7fa467b4fb0ac2-1676101807

====== Fim de File: ======

========================= File: C:\WINDOWS\SysWOW64\WIN8_MBIM.exe ========================

C:\WINDOWS\SysWOW64\WIN8_MBIM.exe
Arquivo não assinado
MD5: 3FB8DBD32821E6D6E218EB375B8DD442
Data de criação e modificação: 2016-12-13 21:44 - 2014-03-06 23:23
Tamanho: 000163840
Atributos: ----A
Nome Da Empresa:
Interno Nome:
Original Nome:
Produto:
Descrição:
Arquivo Versão:
Produto Versão:
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/9110d0c72033efed88d7a4a116c8b8f2642b561f895077bfbcfb80221a4720e1/detection/f-9110d0c72033efed88d7a4a116c8b8f2642b561f895077bfbcfb80221a4720e1-1676642347

====== Fim de File: ======

========================= File: C:\Windows\System32\aetcrss1.exe ========================

C:\Windows\System32\aetcrss1.exe
Arquivo não assinado
MD5: 7FECD1948D727C7B7A4A5F7D2A8037BE
Data de criação e modificação: 2017-05-09 09:27 - 2017-05-09 09:27
Tamanho: 000025088
Atributos: ----A
Nome Da Empresa: A.E.T. Europe B.V.
Interno Nome: Certificate Expiration Check Utility
Original Nome: aetcrss1.exe
Produto: SafeSign, AETSign, AETeSign, StarSign Token, RaakSign
Descrição: Certificate Expiration Check Utility
Arquivo Versão: 3.0.0.3747
Produto Versão: 3.0.0.0
Copyright: Copyright © 1997-2014 A.E.T. Europe B.V.
VirusTotal: https://www.virustotal.com/gui/file/c686852199c8ac3f8d2715334e7eb4fc3a0fada8a99a08c3147dd31a3f79719d/detection/f-c686852199c8ac3f8d2715334e7eb4fc3a0fada8a99a08c3147dd31a3f79719d-1689252635

====== Fim de File: ======

========= ipconfig /flushdns =========

Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-467048075-196725563-1868618205-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-467048075-196725563-1868618205-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.

========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

FlushDNS => completado
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 92351555 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 515731436 B
Windows/system/drivers => 8245517 B
Edge => 68096 B
Chrome => 542072092 B
Firefox => 363243356 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 7168 B
ProgramData => 7168 B
Public => 7168 B
systemprofile => 7168 B
systemprofile32 => 7210 B
LocalService => 242542 B
NetworkService => 256060 B
Angelo Braz => 4349162136 B

RecycleBin => 442212 B
EmptyTemp: => 5.5 GB de dados temporários Removidos.

================================

O sistema precisou ser reiniciado.

==== Fim de Fixlog 14:31:37 ====

16 de julho de 2023

Elias, como pedido:

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-07-2023
Executado por Angelo (administrador) em DESKTOP-T0H8SRB (15-07-2023 20:35:21)
Executando a partir de D:\Área de Trabalho\FRST64.exe
Perfis Carregados: Angelo
Plataforma: Microsoft Windows 10 Pro Versão 22H2 19045.3208 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksdeui.exe
(C:\Users\Angelo Braz\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Angelo Braz\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (A.E.T. Europe B.V.) [Arquivo não assinado] C:\Windows\System32\aetcrss1.exe
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\Angelo Braz\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(services.exe ->) () [Arquivo não assinado] C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe
(services.exe ->) () [Arquivo não assinado] C:\Windows\SysWOW64\WIN8_MBIM.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Banco Bradesco SA -> Banco Bradesco S.A.) C:\Program Files (x86)\scpbrad\scpbradserv.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\FOXIT SOFTWARE\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP) [Arquivo não assinado] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe <2>
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [CertificateRegistration] => C:\WINDOWS\system32\aetcrss1.exe [25088 2017-05-09] (A.E.T. Europe B.V.) [Arquivo não assinado]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767712 2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation) [Arquivo não assinado]
HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X]
HKLM-x32\...\Run: [Genshin Impact_Launcher] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM-x32\...\Run: [StartCCC] => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (Nenhum Arquivo)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation) [Arquivo não assinado]
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40496032 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Angelo Braz\AppData\Local\WebEx\WebexHost.exe [8080480 2023-07-03] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\Run: [CiscoSpark] => C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1523 2023-06-27] () [Arquivo não assinado]
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpfpp70w: C:\Windows\System32\spool\prtprocs\x64\hpfpp70w.dll [249856 2009-04-20] (Hewlett-Packard Corporation) [Arquivo não assinado]
HKLM\...\Print\Monitors\Advanced TCP/IP Port Monitor: C:\WINDOWS\system32\mvtcpmon.dll [541184 2009-06-25] (Marvell Semiconductor, Inc.) [Arquivo não assinado]
HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\WINDOWS\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP1006LM: C:\WINDOWS\system32\HP1006LM.DLL [198144 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HP1100LM: C:\WINDOWS\system32\HP1100LM.DLL [288768 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\novaPDF 7 Monitor: C:\WINDOWS\system32\novamnk7.dll [29008 2011-02-15] (Softland -> Softland)
HKLM\...\Print\Monitors\PCL hpf3l70w.dll: C:\WINDOWS\system32\hpf3l70w.dll [136704 2009-04-20] (Hewlett-Packard Company) [Arquivo não assinado]
HKLM\...\Print\Monitors\Wondershare PDF Converter Monitor: C:\WINDOWS\system32\WSMonitorX64.dll [98152 2016-04-15] (Wondershare Software Co., Ltd. -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.199\Installer\chrmstp.exe [2023-06-28] (Google LLC -> Google LLC)
GroupPolicy: Restrição ? <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {E28E667D-AF63-4A37-B5C6-18E7C360FAB2} - System32\Tasks\AdwCleaner_onReboot => D:\Área de Trabalho\adwcleaner_8.0.6.exe /r (Nenhum Arquivo)
Task: {5CE1A06E-9F59-4F0F-83C4-319A08AF1D73} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe (Nenhum Arquivo)
Task: {956E5536-0A5D-42FA-BA4B-CDFFE94CF485} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7BAC3216-7F61-4128-8067-52911C3E37DC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "7bde81e5-df76-4cdb-b6c4-cb680b94b0fd" --version "6.13.10517" --silent
Task: {AA6F2483-CAE8-44A2-BAE9-D819EBAE96B2} - System32\Tasks\CCleanerSkipUAC - Angelo => C:\Program Files\CCleaner\CCleaner.exe [34304928 2023-06-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3BCB82F7-0CA9-4FCA-A130-711B029C3A66} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5308592 2023-07-13] (Microsoft Windows -> Microsoft Corporation)
Task: {7200E7FC-D66A-4C02-8C2E-7491139B5936} - System32\Tasks\Desligar Automático => C:\WINDOWS\system32\shutdown.exe [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> -s -f
Task: {10E8EF05-223F-4D96-85EF-5E789C193EAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-11] (Google Inc -> Google Inc.)
Task: {6A0CC6F3-0E12-4400-AE44-42B46EE9CDFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-11] (Google Inc -> Google Inc.)
Task: {BD80A129-4879-4750-8D5C-40C62FDFF034} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-08-08] () [Arquivo não assinado]
Task: {6265A9AA-8097-4539-9FE6-039764D3FF07} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616832 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {345B8195-A8C4-49D3-99DF-F598148E1878} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616832 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {0AE8D982-82DE-49CA-AC35-953764121BC1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124296 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {40D3AB04-C119-4C03-9DD4-5FF4BDD5FEE9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124296 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {18F0E1B5-30C5-4FC0-B765-10DCB0FCAE08} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [685984 2023-07-05] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {924E4F75-2F71-411D-B9E4-3B63B911C67B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-05] (Mozilla Corporation -> Mozilla Foundation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{81d19a1e-6325-4e6f-b780-655a8085b934}: [NameServer] 198.51.100.1,198.51.100.2
Tcpip\..\Interfaces\{f91de001-c0b5-48b3-94ee-3ccec5151877}: [NameServer] 1.0.0.1,1.1.1.1
Tcpip\..\Interfaces\{f91de001-c0b5-48b3-94ee-3ccec5151877}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: D:\Área de Trabalho
Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)]
Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)]
Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)]
Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-15]
Edge DownloadDir: Default -> D:\Downloads
Edge Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-06-12]
Edge Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2023-07-14]
Edge Extension: (Edge relevant text changes) - C:\Users\Angelo Braz\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-18]
Edge Extension: (TWP - Translate Web Pages) - C:\Tradutor EDGE [2023-06-02] [UpdateUrl:hxxps://raw.githubusercontent.com/FilipePS/Traduzir-paginas-web/master/dist/chromium/updates.xml] <==== ATENÇÃO
Edge HKU\S-1-5-21-467048075-196725563-1868618205-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: jupdg3yp.default
FF ProfilePath: C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\jupdg3yp.default [2023-05-21]
FF ProfilePath: C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\2ezh1bjm.default-release-1684703975582 [2023-07-13]
FF Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\2ezh1bjm.default-release-1684703975582\Extensions\[email protected] [2023-06-04]
FF Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\2ezh1bjm.default-release-1684703975582\Extensions\[email protected] [2023-06-21]
FF Extension: (TWP - Translate Web Pages) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\2ezh1bjm.default-release-1684703975582\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2023-06-22]
FF Extension: (Gerar DANFe/DACTe) - C:\Users\Angelo Braz\AppData\Roaming\Mozilla\Firefox\Profiles\2ezh1bjm.default-release-1684703975582\Extensions\{c3e17213-5cba-412d-8e93-a2a83e6640e1}.xpi [2023-06-07]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [Nenhum Arquivo]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitPDFReaderPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Arquivo não assinado]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-05-21] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-05-21] <==== ATENÇÃO

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default [2023-07-14]
CHR Extension: (Reduza: Testador de cupons para suas compras) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\adblhjgamdlpmikabkcdleflikihalej [2022-07-03]
CHR Extension: (Kaspersky Protection) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-06-11]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-07-03]
CHR Extension: (uBlock Origin) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-06-12]
CHR Extension: (Gerar DANFe/DACTe) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnalonmlenogoaknbeikifdbaokkhmjj [2022-02-02]
CHR Extension: (Documentos Google off-line) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-18]
CHR Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2023-07-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AutoRun_MBIM; C:\WINDOWS\SysWOW64\WIN8_MBIM.exe [163840 2014-03-06] () [Arquivo não assinado]
R2 AVP21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S4 Change Modem Device Service; C:\WINDOWS\SysWOW64\ChgService.exe [135168 2014-02-20] () [Arquivo não assinado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11851240 2023-07-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe [913408 2021-10-26] () [Arquivo não assinado]
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-12-01] (Epic Games Inc. -> Epic Games, Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2348512 2023-03-29] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7178720 2023-03-29] (GOG sp. z o.o -> GOG.com)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Arquivo não assinado]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-07-13] (HP Inc. -> HP Inc.)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-04-07] (Hewlett-Packard Company -> HP)
S3 klvssbridge64_21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\vssbridge64.exe [501008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [7770888 2017-05-09] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2703192 2022-12-22] (Rockstar Games, Inc. -> Rockstar Games)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [2284400 2023-06-07] (Banco Bradesco SA -> Banco Bradesco S.A.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402216 2023-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2022-01-05] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 athur; C:\WINDOWS\System32\drivers\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-05-28] (Bitdefender SRL -> BitDefender)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [240264 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S1 gbpddfac; C:\WINDOWS\System32\drivers\gbpddfac64.sys [28888 2015-11-18] (GAS INFORMATICA LTDA -> GAS Tecnologia)
R1 klbackupdisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klbackupdisk.sys [112936 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klbackupflt.sys [234216 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kldisk.sys [125736 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [53576 2023-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 KLFLT.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klflt.sys [548072 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klgse.sys [729136 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLHK.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klhk.sys [1822784 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids.Kaspersky4Win-21-13; C:\ProgramData\Kaspersky Lab\AVP21.13\Bases\klids.sys [235704 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klif.sys [1163544 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98552 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klkbdflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klkbdflt.sys [115960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klmouflt.sys [113448 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klpd.sys [80672 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klpnpflt.sys [98040 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [86776 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_Kaspersky4Win-21-13_arkmon; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_arkmon.sys [368416 2023-06-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_Kaspersky4Win-21-13_klark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klark.sys [350848 2023-05-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_Kaspersky4Win-21-13_klbg; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klbg.sys [179864 2023-05-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_Kaspersky4Win-21-13_mark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_mark.sys [259440 2023-05-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwfp.sys [179960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwtp.sys [415480 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kneps.sys [340208 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49608 2023-03-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [495896 2023-03-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-27] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-07-14 08:12 - 2023-07-15 20:00 - 000873472 _____ C:\WINDOWS\SysWOW64\AppRulesStorage-wal
2023-07-14 08:12 - 2023-07-14 08:12 - 000032768 _____ C:\WINDOWS\SysWOW64\DnsStorage-shm
2023-07-14 08:12 - 2023-07-14 08:12 - 000032768 _____ C:\WINDOWS\SysWOW64\AppRulesStorage-shm
2023-07-14 08:12 - 2023-07-14 08:12 - 000000000 _____ C:\WINDOWS\SysWOW64\DnsStorage-wal
2023-07-13 16:09 - 2023-07-13 17:10 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\ZHP
2023-07-13 09:13 - 2023-07-13 09:13 - 000000000 ___HD C:\$WinREAgent
2023-07-10 14:55 - 2023-07-15 20:36 - 000000000 ____D C:\FRST
2023-07-07 20:29 - 2023-07-08 11:48 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-06-27 21:14 - 2023-07-11 22:28 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\CiscoSparkLauncher
2023-06-27 21:14 - 2023-07-11 22:28 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\CiscoSpark
2023-06-27 19:23 - 2023-06-27 19:23 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex
2023-06-27 18:28 - 2023-06-27 19:21 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\webex
2023-06-27 18:25 - 2023-07-15 13:18 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\WebEx
2023-06-27 18:25 - 2023-06-29 18:56 - 000000000 ____D C:\Users\Angelo Braz\AppData\LocalLow\WebEx

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-07-15 20:39 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-15 20:35 - 2020-08-17 17:46 - 000004182 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D560E2BD-2729-4B68-9016-45F841C9ACEA}
2023-07-15 20:04 - 2021-12-16 21:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-15 20:04 - 2015-08-11 22:55 - 000000000 ____D C:\Program Files (x86)\Google
2023-07-15 16:02 - 2022-02-09 20:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-07-15 16:01 - 2016-11-18 06:31 - 000000000 ____D C:\Users\Angelo Braz\AppData\LocalLow\Mozilla
2023-07-15 13:37 - 2020-08-17 17:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-15 09:53 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-15 09:53 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-15 09:38 - 2020-04-06 13:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-14 20:54 - 2020-04-19 23:00 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-07-14 19:25 - 2022-12-18 19:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-467048075-196725563-1868618205-1001
2023-07-14 19:25 - 2020-08-17 17:46 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-467048075-196725563-1868618205-1001
2023-07-14 19:25 - 2020-08-17 15:16 - 000002448 _____ C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-14 11:09 - 2019-12-07 06:03 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
2023-07-13 21:22 - 2022-03-22 08:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-07-13 21:22 - 2021-07-27 22:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-07-13 16:40 - 2020-08-17 17:43 - 001749624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-13 16:40 - 2019-12-07 11:53 - 000755378 _____ C:\WINDOWS\system32\prfh0416.dat
2023-07-13 16:40 - 2019-12-07 11:53 - 000149432 _____ C:\WINDOWS\system32\prfc0416.dat
2023-07-13 16:40 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2023-07-13 16:06 - 2020-07-22 20:42 - 000000000 ____D C:\AdwCleaner
2023-07-13 15:57 - 2023-05-02 15:25 - 000012288 _____ C:\WINDOWS\SysWOW64\AppRulesStorage
2023-07-13 12:15 - 2023-06-01 12:54 - 000000000 ____D C:\ProgramData\NVIDIA
2023-07-13 12:15 - 2020-08-17 17:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-13 12:15 - 2020-08-17 17:33 - 000008192 ___SH C:\DumpStack.log.tmp
2023-07-13 09:59 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-07-13 09:59 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-13 09:55 - 2020-08-17 17:33 - 000462752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-13 09:54 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-13 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-13 09:41 - 2020-08-17 17:36 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-07-13 09:10 - 2017-08-30 09:34 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-13 09:09 - 2022-09-23 18:37 - 000000000 ____D C:\Program Files (x86)\dotnet
2023-07-13 09:03 - 2015-08-12 12:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-13 08:50 - 2015-08-12 12:56 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-12 23:13 - 2020-08-17 15:16 - 000000000 ____D C:\Users\Angelo Braz
2023-07-12 09:52 - 2015-07-31 15:54 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Excel
2023-07-12 09:49 - 2015-07-31 15:53 - 000000000 ____D C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Word
2023-07-11 17:57 - 2020-08-17 17:46 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-11 17:57 - 2020-08-17 17:46 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-08 11:48 - 2023-05-21 18:18 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-08 11:48 - 2015-07-30 14:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-08 11:46 - 2023-06-01 14:05 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\ElevatedDiagnostics
2023-07-07 20:31 - 2021-03-09 16:52 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-07-05 12:34 - 2023-05-21 18:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-07-03 10:58 - 2017-10-18 01:12 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\Packages
2023-07-02 15:13 - 2023-05-02 14:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\Kaspersky4Win-21-13
2023-06-28 18:51 - 2015-08-11 22:57 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-27 19:16 - 2022-10-13 11:25 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-06-27 19:16 - 2015-07-30 13:48 - 000000000 ____D C:\Program Files\CCleaner
2023-06-22 08:09 - 2018-11-29 23:01 - 000000000 ____D C:\Users\Angelo Braz\AppData\Local\CrashDumps
2023-06-22 08:08 - 2022-10-13 11:25 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-06-22 08:08 - 2020-08-17 17:46 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-06-15 13:44 - 2020-08-17 17:46 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-06-15 13:44 - 2020-08-17 17:46 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Arquivos na raiz de alguns diretórios ========

2016-03-26 12:02 - 2016-03-26 12:02 - 000000001 _____ () C:\Users\Angelo Braz\AppData\Local\llftool.4.40.agreement
2016-03-26 12:03 - 2016-03-26 12:03 - 000000019 _____ () C:\Users\Angelo Braz\AppData\Local\llftool.license
2017-09-04 22:53 - 2017-09-04 22:53 - 000003379 _____ () C:\Users\Angelo Braz\AppData\Local\recently-used.xbel
2015-11-02 21:17 - 2022-11-30 14:48 - 000007610 _____ () C:\Users\Angelo Braz\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 15-07-2023
Executado por Angelo (15-07-2023 20:43:46)
Executando a partir de D:\Área de Trabalho
Microsoft Windows 10 Pro Versão 22H2 19045.3208 (X64) (2020-08-17 20:46:23)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-467048075-196725563-1868618205-500 - Administrator - Disabled)
Angelo (S-1-5-21-467048075-196725563-1868618205-1001 - Administrator - Enabled) => C:\Users\Angelo Braz
Convidado (S-1-5-21-467048075-196725563-1868618205-501 - Limited - Enabled)
DefaultAccount (S-1-5-21-467048075-196725563-1868618205-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-467048075-196725563-1868618205-1006 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-467048075-196725563-1868618205-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{fa489a41-09bb-480e-95ff-0856f05112eb}) (Version: 5.05.16.529 - Advanced Micro Devices, Inc.) Hidden
Anki (HKLM-x32\...\Anki) (Version: 2.1.43 - )
Aplicativo Itaú (HKLM-x32\...\{D0A058D6-4688-4E33-8894-8951D057990E}) (Version: 1.0.182 - Banco Itaú)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.13 - Piriform)
Cisco Webex Meetings (HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\ActiveTouchMeetingClient) (Version: 43.6.4 - Cisco Webex LLC)
Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Banco Bradesco S.A.)
Configurações da câmera Logitech (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.)
digiCamControl (HKLM-x32\...\{051b8fc1-d433-4428-bcd1-f90aa50afa23}) (Version: 2.1.4.0 - ) Hidden
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{59C0032B-88B5-41F3-B8FD-5B3356670B4F}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{4B31654B-80C2-405C-91C9-49B14AEB0F42}) (Version: 2.0.32.0 - Epic Games, Inc.)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.1.2.15332 - Foxit Software Inc.)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.61.63 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.199 - Google LLC)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Identiv uTrust Smart Card Reader (HKLM-x32\...\{307F1256-AB13-4987-BAED-104752D425C8}) (Version: 1.17.0 - Identiv)
IRPF 2023 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\6908-8355-8468-2086) (Version: 1.3 - Receita Federal do Brasil)
IRPF2017 (HKLM-x32\...\IRPF2017) (Version: 1.1 - Receita Federal do Brasil)
IRPF2018 (HKLM-x32\...\IRPF2018) (Version: 1.4 - Receita Federal do Brasil)
IRPF2019 (HKLM-x32\...\IRPF2019) (Version: 1.5 - Receita Federal do Brasil)
IRPF2020 (HKLM-x32\...\IRPF2020) (Version: 1.9 - Receita Federal do Brasil)
IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.2 - Receita Federal do Brasil)
IRPF2022 (HKLM-x32\...\IRPF2022) (Version: 1.3 - Receita Federal do Brasil)
Kaspersky (HKLM-x32\...\{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky)
K-Lite Codec Pack 17.1.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.1.5 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.20 (x86) (HKLM-x32\...\{82F89EDB-1DF1-402B-BED6-01C736967B6F}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x86) (HKLM-x32\...\{561137EF-2ECE-48F0-A6D6-6260AC7112A5}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x86) (HKLM-x32\...\{6E4984A9-4321-4D96-861F-D03578E68C8B}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.16529.20182 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.82 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.79 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\OneDriveSetup.exe) (Version: 23.132.0625.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.20 (x86) (HKLM-x32\...\{39139702-799e-4843-8d90-cfe9330b285a}) (Version: 6.0.20.32621 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.20 (x86) (HKLM-x32\...\{FC641ACB-FE5E-4F88-B392-9421BDCA1143}) (Version: 48.83.63194 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 115.0 (x64 pt-BR)) (Version: 115.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 113.0.1 - Mozilla)
Mozilla Thunderbird (x64 pt-BR) (HKLM\...\Mozilla Thunderbird 102.13.0 (x64 pt-BR)) (Version: 102.13.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NVIDIA Driver de controle do 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Driver de gráficos 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Driver do 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA Software do sistema PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16529.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16529.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.16529.20182 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
PDFsam Basic (HKLM\...\{24493C22-01EA-4E07-AB21-84910EB826B0}) (Version: 4.3.3.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.64.316.2023 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5880 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.23.252 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games)
SafeSign 64-bits (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.124 - A.E.T. Europe B.V.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Suporte do iPod (HKLM\...\{713ABB2F-9ACB-4A4A-945A-CEA53C08644C}) (Version: 12.11.3.7 - Apple Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 82.0 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Verificação de integridade do PC Windows (HKLM\...\{2403B2D2-1FDC-497D-B181-F53D079FEAAA}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Webex (HKLM\...\{03482546-35AA-4BEC-A702-8B95FE6F4E02}) (Version: 43.6.0.26407 - Cisco Systems, Inc)

Packages:
=========
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-08-14] (Microsoft Corporation)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2020-05-08] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_147.1.1079.0_x64__v10z8vjag6ke6 [2023-07-13] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-06-13] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2305.14002.0_x64__8wekyb3d8bbwe [2023-05-31] (Microsoft Corporation) [Startup Task]
RecForth -> C:\Program Files\WindowsApps\IOForth.Screenrecord-screenrecorder_1.1.11.0_x64__pxs7cjhtcq1xt [2023-06-21] (IOForth)

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-467048075-196725563-1868618205-1001_Classes\CLSID\{DDC34D5E-7D6D-E686-AB5A-C82D0DE991A3}\InprocServer32 -> não caminho do arquivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Nenhum Arquivo
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Nenhum Arquivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-04-19] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll -> Nenhum Arquivo
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-04-19] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
ContextMenuHandlers1_S-1-5-21-467048075-196725563-1868618205-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> Nenhum Arquivo
ContextMenuHandlers1_S-1-5-21-467048075-196725563-1868618205-1001: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => -> Nenhum Arquivo
ContextMenuHandlers4_S-1-5-21-467048075-196725563-1868618205-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => -> Nenhum Arquivo

==================== Codecs (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) [Arquivo não assinado]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Arquivo não assinado]

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\Angelo Braz\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Módulos Carregados (Whitelisted) =============

2017-05-09 09:27 - 2017-05-09 09:27 - 003067904 _____ (A.E.T. Europe B.V.) [Arquivo não assinado] C:\Windows\System32\aetpkss1.dll
2017-05-09 09:27 - 2017-05-09 09:27 - 000040960 _____ (A.E.T. Europe B.V.) [Arquivo não assinado] C:\Windows\System32\aettask.dll
2016-07-19 20:59 - 2009-04-20 12:29 - 000136704 _____ (Hewlett-Packard Company) [Arquivo não assinado] C:\WINDOWS\System32\hpf3l70w.dll
2016-07-19 21:03 - 2009-04-20 11:29 - 000249856 _____ (Hewlett-Packard Corporation) [Arquivo não assinado] C:\WINDOWS\system32\spool\PRTPROCS\x64\hpfpp70w.dll
2009-06-24 10:57 - 2009-06-24 10:57 - 000029696 _____ (HP) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\HP\HPLaserJetService\DebugLogger.dll
2009-06-24 10:57 - 2009-06-24 10:57 - 000032768 _____ (HP) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-06-24 10:57 - 2009-06-24 10:57 - 000031744 _____ (HP) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2015-08-23 23:42 - 2022-07-15 11:00 - 000094720 _____ (Igor Pavlov) [Arquivo não assinado] C:\Program Files\7-Zip\7-zip.dll
2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [Arquivo não assinado] C:\WINDOWS\System32\mvtcpmon.dll
2023-06-01 14:01 - 2016-11-14 09:30 - 001300688 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [Arquivo não assinado] C:\WINDOWS\System32\slp64.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:r0d3jo5 [20]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4 [254]
AlternateDataStreams: C:\ProgramData\TEMP:D061F04D [184]

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-07-01] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\google.com -> www.google.com
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\google.com.br -> www.google.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.b.br -> www.itau.b.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.com.br -> hxxps://bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itaupersonnalite.com.br -> hxxp://www.itaupersonnalite.com.br
IE trusted site: HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\itaupersonnalite.com.br -> www.itaupersonnalite.com.br

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2015-07-10 08:04 - 2022-06-10 19:36 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-10-01 16:12 - 2021-10-01 16:13 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-467048075-196725563-1868618205-1001\Control Panel\Desktop\\Wallpaper -> D:\Área de Trabalho\838293.jpg
DNS Servers: 1.0.0.1 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AutoRun_MBIM => 2
MSCONFIG\Services: Change Modem Device Service => 2
MSCONFIG\Services: DevMgmtService => 2
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HPSIService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: ProductAgentService => 2
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "VIVO INTERNET 4G"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "ISUSScheduler"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VIVO INTERNET 4G"
HKLM\...\StartupApproved\Run32: => "Genshin Impact_Launcher"
HKLM\...\StartupApproved\Run32: => "Genshin Impact Beta_Launcher"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-467048075-196725563-1868618205-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{9704DFD4-4832-4BA2-AD86-B1FA9825F1F5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B8524ED1-C8B3-42D3-8377-9007CD2EAA50}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2FA0FB6A-3668-45DF-BB38-CA9816E4F7CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{60982F0A-8A31-47A3-B257-549FBC515CA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9DE48766-BD8F-4E57-9A48-50B2D7A9F735}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{0EAAE5A9-8970-47BB-A4F2-6A1742F28E41}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{C69FB424-B5AD-4AD0-BD4C-43D5DE3B800A}] => (Allow) D:\Games Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe () [Arquivo não assinado]
FirewallRules: [{D9B48F0D-AE4E-4B45-80AD-9881E874D23B}] => (Allow) D:\Games Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe () [Arquivo não assinado]
FirewallRules: [{7F4F876F-6B2E-463B-B1C0-4F8D31B6DE0E}] => (Allow) LPort=57209
FirewallRules: [{B6E1770B-8CAD-4D20-A5EF-AA5E16123919}] => (Allow) LPort=57209
FirewallRules: [{ECF732B5-EE5C-4091-9D65-5E8D0926D921}] => (Allow) LPort=9100
FirewallRules: [{21270FD4-3BF9-4EAC-9CFE-E71669980D50}] => (Allow) LPort=427
FirewallRules: [{04EB6426-E32A-44E6-AF67-70FFED25D5F8}] => (Allow) LPort=161
FirewallRules: [TCP Query User{9DB0A4D1-CBE4-464B-94F0-F3C42A376D1D}C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe] => (Allow) C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe (ITAU UNIBANCO S.A. -> Banco Itaú)
FirewallRules: [UDP Query User{04E3C43F-4BF3-485C-9E90-F35D803C4123}C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe] => (Allow) C:\users\angelo braz\appdata\local\aplicativo itau\itauaplicativo.exe (ITAU UNIBANCO S.A. -> Banco Itaú)
FirewallRules: [{112F261F-4506-4B4E-BC4F-A32D6499DFDB}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{29EB09DF-8EE5-4FE0-B8F2-7713B4BA3E85}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{756953E8-A221-4F00-AEEB-038FDAECCBFB}] => (Allow) LPort=9100
FirewallRules: [{79FFF101-D1B6-4085-97B3-E76F504E1D4D}] => (Allow) LPort=427
FirewallRules: [{A0BB0B35-3961-4770-985C-F673DACB5911}] => (Allow) LPort=161
FirewallRules: [{0C508160-3801-4AB0-940C-D97A9E5C9820}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{955D43DB-DDAA-41E9-8C4A-B581CCCC7559}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe (Hewlett-Packard Company -> Hewlett Packard)
FirewallRules: [{1AA059A1-5AB1-4335-B21F-CA0DD4C3CC27}] => (Allow) LPort=57209
FirewallRules: [{D7659CAC-C449-438C-9994-F84DD097CE69}] => (Allow) LPort=57210
FirewallRules: [{AF1355A8-C405-4208-AB10-33ED0A67F073}] => (Allow) LPort=57211
FirewallRules: [{45962D66-4A6B-45DD-BF35-E761F56AD9B2}] => (Allow) LPort=57212
FirewallRules: [{B5CCDEE1-DC04-41A0-9361-45381456A761}] => (Allow) LPort=57213
FirewallRules: [{61ACAA29-9085-4F20-B5E8-57AC45E3870A}] => (Allow) LPort=57214
FirewallRules: [{F9770054-8423-418C-B688-C5C9B3963DFE}] => (Allow) LPort=57215
FirewallRules: [{8C2914B5-15B3-4C48-AA82-78DEA6F2D379}] => (Allow) LPort=57216
FirewallRules: [{810BAA4E-1B8B-4FDA-8B72-CD45A01BE72F}] => (Allow) LPort=57217
FirewallRules: [{58F42371-9689-4D51-89AB-606D1A001BAD}] => (Allow) LPort=57218
FirewallRules: [{527DD172-FEEF-4424-84CB-9E49472E4D7F}] => (Allow) LPort=57209
FirewallRules: [{7234C66E-E760-47B9-9218-588B0194ACEE}] => (Allow) LPort=57210
FirewallRules: [{89C4D8BE-B71A-4BF3-B61E-B8169AD76902}] => (Allow) LPort=57211
FirewallRules: [{7B303FB5-0AF9-4AD1-9423-FECC397BD8A4}] => (Allow) LPort=57212
FirewallRules: [{FD6CE65C-1A77-4D7A-B1BE-3CA958B6704F}] => (Allow) LPort=57213
FirewallRules: [{CB0FB2C6-32D5-4167-A20B-63975E68D2D5}] => (Allow) LPort=57214
FirewallRules: [{00FA6BF7-B5A6-4804-B943-117AB3F24EC2}] => (Allow) LPort=57215
FirewallRules: [{9A46CF73-52B0-4155-8D32-3AC1D3DBDDD9}] => (Allow) LPort=57216
FirewallRules: [{1BFD7944-E93E-4D03-8342-7397C837FC1D}] => (Allow) LPort=57217
FirewallRules: [{07D1F187-4D33-4E9F-AABF-D958A367E8F2}] => (Allow) LPort=57218
FirewallRules: [{115E9E6E-EEEC-4B8E-877C-85F97D65B924}] => (Allow) LPort=23007
FirewallRules: [{5D10575B-15A2-47EB-A5E3-52C0030B676D}] => (Allow) LPort=23008
FirewallRules: [{88908B64-7FB1-4D51-B4FF-E7374FF75DB2}] => (Allow) LPort=33009
FirewallRules: [{0D97A74D-EF16-44D3-B3C9-A3F9AE2E9F1C}] => (Allow) LPort=33010
FirewallRules: [{51FB394C-330C-4FFB-BE85-B266C3868486}] => (Allow) LPort=33011
FirewallRules: [{50E3A043-B0B1-49D2-AABF-83F624CE67D4}] => (Allow) LPort=43012
FirewallRules: [{2AFF7942-479D-436D-B639-6E13C1F82ACC}] => (Allow) LPort=43013
FirewallRules: [{2D9EE3AE-5FEF-465D-A998-D55D06D59387}] => (Allow) LPort=53014
FirewallRules: [{FBCDA599-CAA8-4C13-A217-5A0E8D854BA9}] => (Allow) LPort=53015
FirewallRules: [{8D5B5EA6-E8AA-484A-BBA0-5D24BB080E72}] => (Allow) LPort=53016
FirewallRules: [{BFE86399-281C-4061-B880-5DC1EDB87DF1}] => (Allow) LPort=23007
FirewallRules: [{9A4B665D-B1F9-4C2F-B541-8517A8E16C98}] => (Allow) LPort=23008
FirewallRules: [{073E55E9-3949-42EB-8F95-DFF6B37A8945}] => (Allow) LPort=33009
FirewallRules: [{D631D813-84EE-4E2D-868E-F080A7DBE7AC}] => (Allow) LPort=33010
FirewallRules: [{759E29DB-3902-4EBF-B109-32E4341B5907}] => (Allow) LPort=33011
FirewallRules: [{116E6146-CB2E-4BDC-90A4-F00EA1AD4377}] => (Allow) LPort=43012
FirewallRules: [{32C1D800-6BDE-42C1-8E03-04A7ED274A83}] => (Allow) LPort=43013
FirewallRules: [{7838B0FE-A664-40F5-BF45-AC25607BD7F0}] => (Allow) LPort=53014
FirewallRules: [{29E4851B-E360-4337-93E3-EFE1331587FB}] => (Allow) LPort=53015
FirewallRules: [{36B1C54D-C58D-4F1A-AB42-333D338B7A00}] => (Allow) LPort=53016
FirewallRules: [{E4F0A1DA-EF72-4E1C-A87E-1B71F971477F}] => (Allow) LPort=50053
FirewallRules: [{02A83C19-C6C1-45F4-9B50-1C73B1EDC322}] => (Allow) LPort=50053
FirewallRules: [{322A0D8E-AA8D-4A50-B4A3-A8E3EA7B838A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0D0E2360-084D-47AC-BC5B-0F52F486118E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59F3EB46-7110-4BD6-A6A0-32841E67EE07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D26BDEAB-488A-4ABA-A3E1-782D4249B379}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E797C231-379C-4588-A66A-E8C48FAF680D}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [{2C17A881-B1FF-47EE-BD1F-957AE7B9C3A2}] => (Allow) C:\LJP1100_P1560_P1600_Full_Solution\ProductInst64.exe (Hewlett-Packard Company -> HP)
FirewallRules: [TCP Query User{AE1F08BC-BA00-4214-B1D0-4E1098B05D36}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{19694063-9D68-4774-8786-24271BA34A28}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{02FA6EC5-5843-47B0-9579-517E8C1D7A59}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Nenhum Arquivo
FirewallRules: [{47A1D1A1-4C71-4545-A814-F6B7F7314D44}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe => Nenhum Arquivo
FirewallRules: [{A96CFB8E-99A5-4DD9-B7C5-67B3FA7A102D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6BB2E303-7F11-4581-B66F-2D32FDD47735}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A86D96F-8823-48BD-8969-184FE89706BD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D08F0EB9-1FCA-4F89-BF4D-822CA7622AD1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{ADD6CED8-054F-4731-ADAE-BD0240723ACB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{57B7D3F7-0D1B-421D-AAEF-29AA187E39F6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1F9E6F74-E687-4100-842D-5AEF0E6E932E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{EA0740D0-B82D-479B-9FAA-62CAE172F128}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8AC3F5F4-018A-4A03-A891-31F876C6444C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2E719CE5-4254-457E-9649-F342B9BB05DE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E0BD1869-4663-4D21-8ABA-877D1E0158D9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{026D2377-C507-44E3-9A36-C54137B7F563}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{47501A06-826E-41C0-93ED-B77E57A3BE5B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Pontos de Restauração =========================

13-07-2023 17:04:45 ZHPcleaner

==================== Dispositivos Apresentando Falhas No Gerenciador ============

==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (07/13/2023 09:44:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: wuauclt.exe, versão: 10.0.19041.3031, carimbo de data/hora: 0x35946a52
Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.19041.3086, carimbo de data/hora: 0xe1ac3f79
Código de exceção: 0xc0000409
Deslocamento da falha: 0x000000000012d8b2
ID do processo com falha: 0x2a94
Hora de início do aplicativo com falha: 0x01d9b583486b4bdf
Caminho do aplicativo com falha: C:\WINDOWS\system32\wuauclt.exe
Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll
ID do Relatório: 709e54b5-ea80-49b0-b66b-86cb12a3188f
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Error: (07/01/2023 08:52:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-T0H8SRB.local already in use; will try DESKTOP-T0H8SRB-2.local instead

Error: (07/01/2023 08:52:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 DESKTOP-T0H8SRB.local. Addr 192.168.1.5

Error: (07/01/2023 08:52:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.5:5353 16 DESKTOP-T0H8SRB.local. AAAA 2804:0D41:A226:D600:B64C:22FF:8C4C:ABAA

Error: (06/30/2023 12:54:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-T0H8SRB.local already in use; will try DESKTOP-T0H8SRB-2.local instead

Error: (06/30/2023 12:54:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-T0H8SRB.local. Addr 192.168.1.5

Error: (06/30/2023 12:54:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.5:5353 16 DESKTOP-T0H8SRB.local. AAAA 2804:0D41:A226:D600:B64C:22FF:8C4C:ABAA

Error: (06/30/2023 07:43:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-T0H8SRB.local already in use; will try DESKTOP-T0H8SRB-2.local instead

Erros de Sistema:
=============
Error: (07/14/2023 08:10:16 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T0H8SRB)
Description: O servidor {94269C4E-071A-4116-90E6-52E557067E4E} não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/13/2023 10:26:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T0H8SRB)
Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário.

Error: (07/13/2023 10:26:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T0H8SRB)
Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário.

Windows Defender:
================
Date: 2023-03-28 10:27:25
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {33B9A05B-B9F9-466D-ACB9-3B59DDE6C71B}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 10:22:34
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {C889AA89-6F2A-43ED-981E-7AE295922696}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 09:56:14
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {5EDCBF41-C554-420E-AFB2-B5AB38A29F92}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 09:21:13
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {2E00FDA6-61BE-4E36-A497-DC9117BECA80}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-03-28 09:10:33
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {349F2248-1234-4A31-950F-AC518C2008D8}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Event[0]:

Date: 2022-05-22 23:54:51
Description:
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança:
Versão da Inteligência de Segurança anterior: 1.283.1164.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo:
Versão Anterior do Mecanismo: 1.1.15500.2
Código de Erro: 0x8024001e
Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte.

CodeIntegrity:
===============
Date: 2023-07-15 20:45:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2023-07-15 20:45:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-07-15 20:41:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements.

==================== Informações da Memória ===========================

BIOS: American Megatrends Inc. 2105 07/23/2010
placa-mãe: ASUSTeK Computer INC. M4A785TD-V EVO
Processador: AMD Phenom(tm) II X6 1055T Processor
Percentagem de memória em uso: 34%
RAM física total: 9982.18 MB
RAM física disponível: 6552.67 MB
Virtual Total: 10622.18 MB
Virtual disponível: 7044.58 MB

==================== Drives ================================

Drive () (Fixed) (Total:110.78 GB) (Free:28.03 GB) (Model: KINGSTON SV300S37A120G ATA Device) NTFS
Drive d: (Anjo) (Fixed) (Total:931.51 GB) (Free:385.86 GB) (Model: SAMSUNG HD103SI ATA Device) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)]

\\?\Volume{70b2a5bd-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{70b2a5bd-0000-0000-0000-90d11b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 70B2A5BD)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=526 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6BF97209)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Fim de Addition.txt =======================

13 de julho de 2023

Olá, Elias Pereira.

Como requerido segue logs, também em anexo.

# AdwCleaner 7.0.3.1 - Logfile created on Thu Jul 13 19:06:04 2023
# Updated on 2017/29/09 by Malwarebytes
# Database: 09-29-2017.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1345 B] - [2021/11/8 18:12:2]
C:/AdwCleaner/AdwCleaner[C1].txt - [1309 B] - [2022/4/21 12:27:12]
C:/AdwCleaner/AdwCleaner[S0].txt - [1200 B] - [2021/11/8 18:10:54]
C:/AdwCleaner/AdwCleaner[S1].txt - [1137 B] - [2022/4/21 12:26:40]
C:/AdwCleaner/AdwCleaner[S2].txt - [1215 B] - [2023/7/10 17:53:0]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########

-------------------------------------------------------------------------------------------------------------------------------------------------

~ ZHPCleaner v2023.7.13.32 by Nicolas Coolman (2023/07/13)
~ Run by Angelo (Administrator) (13/07/2023 17:08:14)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : D:\Área de Trabalho\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Angelo Braz\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 19045)

---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.

---\\ Services (0)
~ No malicious or unnecessary items found.

---\\ Browser internet (1)
DELETED data: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : 127.0.0.1;localhost;*.local] =>Hijacker.Proxy

---\\ Hosts file (0)
~ No malicious or unnecessary items found.

---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\ Explorer ( File, Folder) (289)
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\024eb950-bd75-4a72-ae7a-cd20a41519f7.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\0ccc7390-1e5f-42c3-b367-73c63b775cb3.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\1194d8eb-cf43-4707-9f02-476686bc5ac5.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\154ed016-8ad2-4407-8953-c917eebdcf83.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\160fbf1b-0924-4fee-aa23-21bc1f9bfa64.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\1b16a52a-57fb-4809-82eb-c399f12e94b2.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\1eb80ae1-3599-4747-a972-b20ceac7f7a2.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\22212a91-458b-4c2e-834b-9a6d30e819d1.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\31a4889b-6a53-4ca2-a346-254c915f192d.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\357573f5-db5e-48d6-91e9-20abd387d1ee.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\40a89361-e348-4d0e-8915-d8cd020f4bc0.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\4e46aca6-d883-4bb3-91b2-9ffef7d629d5.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\5d280eb0-1673-4313-921d-291c9475413b.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\631b6fcc-3fb2-42b6-a03f-e270d751fd50.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\636cafdf-7823-4800-97b2-6800e94c5f27.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\692d0ec3-7432-41de-81ac-1ec48e492e4b.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\6d4711fc-b641-4a22-aecf-eb7a6db4586e.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\7cb424ce-cb98-44b4-bf9b-94191db87d62.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\808b8323-da74-4386-a13c-b004bb095db6.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\82696429-8cbb-46c4-8ae0-41ba81450433.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\881900b9-615a-4bb7-8f1f-056c6e108a6a.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\88a4b54d-ed7b-4a14-b23e-4deb6e4ac3db.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\8e698eab-5255-4212-989d-97a9b08db854.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\8f1586b6-752b-41dc-8d37-c097e91c6c45.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\a17ca52a-07d5-41be-8111-0019fdcbf004.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\a2ef433e-dae8-4ed9-8323-2d05825bbaf9.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\ac293c95-9d5f-4bf0-bb1e-3cc3d0d4d93d.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\ad65cd63-3d57-4e42-b72e-f2bd0676866e.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\b319befe-9273-45b5-9b1e-8333d4949ffe.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\b4bb3575-272a-4959-9895-76c0c89e1d97.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\b7e306ea-91cb-4cd4-8b99-bccde0603e48.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\c01f5efd-ef24-4556-b51c-1cf9b72bcab8.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\c21f51dd-e9a4-485e-b794-9c5ef314f417.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\d5912153-650c-4975-85d7-b674ece38603.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\da5fe1be-1711-4942-8304-bb896ce6b59f.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\e22f7323-d592-455d-8588-f88e8aade361.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\e9c3b750-e1c9-4eac-9dd6-1ce89a9a510b.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wbx7ztempoutput.txt =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct114D.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct11CA.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct1274.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct1400.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct14E6.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct15F0.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct1645.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct18B1.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct18BF.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct1914.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct1A75.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct1AB3.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct1E08.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct24D5.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct24D6.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct28A5.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct2972.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct2982.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct2B5C.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct2B9D.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct2DF0.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct2F4A.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct313B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3173.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct31AA.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct31FB.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3324.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct339D.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3423.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3610.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct36FC.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3A0B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3BD5.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3BD7.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3C53.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3D56.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct3FA8.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct418C.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct41DC.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct428.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct473C.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct474B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct492.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct4935.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct4B1D.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct4C16.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct4CAC.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct4E91.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct4F1E.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct508C.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct5139.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct5276.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct533D.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct53A6.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct547B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct57BA.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct580C.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct5AAF.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct5AEB.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct5DF2.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct5E4B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct5E4D.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct5EB5.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct5FEE.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct60F3.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct61B6.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct61D5.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct6344.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct63EE.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct6978.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct6A0E.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct6A49.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct6ABC.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct6C67.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct6D0E.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct6D57.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct6D6C.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct708F.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7106.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7300.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7301.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct731B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7396.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7397.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct73F7.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7567.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct757E.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct77B2.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct78D8.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct79B0.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7AE4.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7BC1.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7C21.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7E98.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7FDB.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct7FF7.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct804A.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct80B2.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct8109.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct81CD.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct8295.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct8297.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct83B4.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct83DB.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct8475.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct84C5.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct84D0.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct855A.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct859A.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct85F4.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct872.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct87F7.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct8B89.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct8B96.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct8BE2.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct8C1D.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct8E18.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9195.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9526.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct95A4.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9676.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct96D4.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct97B8.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9893.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9974.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9A91.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9B68.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9BAE.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9BF6.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9CF0.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wct9D49.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctA0BE.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctA1AE.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctA33A.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctA41.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctA426.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctA4AC.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctA6F.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctA7A6.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctA95B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctABED.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctAD50.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctADC0.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctAE2F.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB04B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB07B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB0CE.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB210.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB368.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB38F.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB485.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB486.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB4EA.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB57F.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB687.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB6B0.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctB8EE.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctBCC2.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctBDA5.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctBE75.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctBEB9.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctBEBD.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctC091.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctC0A3.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctC155.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctC393.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctC395.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctC4C8.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctC4FD.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctC877.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctC9DC.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctCA1C.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctCAEF.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctCB17.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctCCE7.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctCFEF.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD029.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD213.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD2D5.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD36.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD58B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD5D8.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD676.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD79B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD84B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctD949.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctDA7B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctDAB6.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctDB3A.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctDB4B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctDB78.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctDB95.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctDC24.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctDC4D.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctDDE.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctDE1.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE023.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE035.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE150.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE221.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE2A8.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE41C.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE6F9.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE81A.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE877.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE8CF.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE923.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctE960.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctEB72.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctEBAB.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctEBD7.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctEBE3.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctEC49.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctED6B.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctEF30.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctF02C.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctF056.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctF097.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctF0BB.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctF2AB.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctF41.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctF5DC.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctF6DE.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctF7A6.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctF9CA.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctFA29.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctFBC1.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctFC4D.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctFD18.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\wctFDA8.tmp =>.SUP.Temporary.Office
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{0827A233-217F-45B0-816C-C9B42273B406} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{1F692887-615D-46BC-94D6-BCCD038620D3} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{2DC70F18-8D2B-44D2-A187-8FF26AF279D7} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{35E96602-72AD-4C59-8A83-E77F9B849F95} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{535C4D7C-3A80-4E66-98D7-98BCAF6EEBCF} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{579A5651-38F4-4279-A396-20971BCBD238} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{57CFDB3A-EF55-4581-9C87-36649E47A7C2} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{5EE95DF4-E485-4002-A9D4-F7BDE44E4487} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{6E5231B6-303F-41A9-A2DA-B362D2E50BBC} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{87EE91B0-B099-4D8F-8548-AA0401275EBA} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{A66BCDA3-0CFF-4B7A-A6F9-B31993058545} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{B7934BBB-88AC-41B2-9886-C306A7384DC2} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{D1FD8CFD-5527-4213-A1F5-25531B3185F3} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{EB6417AD-98E2-45E8-BFE5-D9418771AD35} - OProcSessId.dat =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\{F6B240FB-C5D1-4C42-BC45-0E4C8C6424C4}.png =>.SUP.Temporary.Picture
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\~8627.tmp =>.SUP.Temporary.Empty
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\~DF6F4354FF5D0EC2CD.TMP =>.SUP.Temporary.Other
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\~DFC5B5412829B61ADD.TMP =>.SUP.Temporary.Other
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\~DFCFA2CB0663D1E55E.TMP =>.SUP.Temporary.Other
MOVED file: C:\Users\Angelo Braz\AppData\Local\Temp\~DFF1AC9DF54B8D8558.TMP =>.SUP.Temporary.Other
MOVED folder: C:\Users\Angelo Braz\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome

---\\ Registry ( Key, Value, Data) (45)
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\qBittorrent\qbittorrent.exe.FriendlyAppName [qBittorrent - A Bittorrent Client] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files\qBittorrent\qbittorrent.exe.ApplicationCompany [The qBittorrent Project] =>.SUP.Orphan.MUICache
DELETED value: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReader.exe [Foxit PDF Reader 12.1] =>.SUP.Orphan.MUICache
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNBranding\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CIM\Config\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CIM\Bin64\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\AMD\CNext\CNext\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\AMD\Chipset_IODrivers\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\cs\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\da\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\de\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\el\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\en-US\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\es\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\fi\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\fr\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\hu\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\it\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\ja\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\ko\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\nl\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\no\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\pl\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\pt-BR\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\ru\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\sv\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\th\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\tr\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\zh_CHS\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\help\zh_CHT\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\MOM-InstallProxy\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\ATI Technologies\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\ATI Technologies\ATI.ACE\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\en-US\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Welcome\en-US\images\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\x86\ [No Folder] =>.SUP.Obsolete.NoFolder
DELETED value: HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\ProgramData\Kaspersky Lab\KSDE5.13\Bases\Cache\ [No Folder] =>.SUP.Obsolete.NoFolder

---\\ Other deletions. (11)
~ Registry Keys Tracing deleted (11)
~ Remove the old reports ZHPCleaner. (0)

---\\ Result of repair
~ Repair carried out successfully
~ Google Chrome OK
~ Microsoft Edge OK
~ Mozilla Firefox OK
~ Microsoft Internet Explorer OK
~ Thunderbird OK
~ Chromium OK

---\\ Statistics
~ Items scanned : 1716
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 503923982
~ Items options : 16/18

---\\ OPTIONS NOT ACTIVES
~ Start browsers with extensions removed
~ Clearing browser caches and histories

~ End of clean in 00h01mn54s

---\\ Reports (2)
ZHPCleaner-[S]-13072023-16_54_50.txt
ZHPCleaner-[R]-13072023-17_10_08.txt

AdwCleaner.txt ZHPCleaner (R).txt

10 de julho de 2023

Senhores,

Ultimamente tenho notado os seguintes sintomas no meu PC:

-Relativa lentidão na utilização;

-Internet lenta em algumas ocasiões;

-Tela do prompt pipocando na tela e sumindo rapidamente de vez em quando;

-Ao ligar o PC sempre me vem o seguinte bloco de notas e não sei do que se trata.

Citação

------------------------------------start------------------------------------

Disparando 127.0.0.1 com 32 bytes de dados:
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128

Estat¡sticas do Ping para 127.0.0.1:
Pacotes: Enviados = 4, Recebidos = 4, Perdidos = 0 (0% de
perda),
Aproximar um n£mero redondo de vezes em milissegundos:
M¡nimo = 0ms, M ximo = 0ms, M‚dia = 0ms
"D:\Program Files\Nox\"
-------------------------------------end-------------------------------------

Agradeço aos caros colegas que puderem me ajudar.

Addition.txt AdwCleaner[S2].txt FRST.txt

21 de abril de 2020

Estimados colegas,

Estou bolando uma planilha pra dar um UP no sagrado RPG de mesa do fim de semana.

Me surgiu o seguinte problema: preciso classificar, automaticamente e em ordem alfabética, a coluna D. Contudo, o meu macro só esta classificando cada quadro individualmente, quando deveria ser compartilhado.

A pergunta é: há alguma forma de classificar continuamente e em ordem alfabética, mas respeitado os quadros? Por exemplo, ordenar de D4 à D10, ignora D11 à D13, continua a ordem em D14 à D20, ignora D21 à D23, e assim por diante...

Grande Abraço!

5 de novembro de 2017

Prezados colegas,

Depois de bastante tempo com o monitor parado, e após orçamentos para conserto variando de R$ 250~300 reais - resolvi eu mesmo colocar a mão na massa. Ora! Não quero desvalorizar o profissional capacitado, mas entre pagar esse valor ou comprar um monitor novo, seria mais vantagem a segunda opção.

Pois bem. Obtive êxito no conserto, ao substituir os 6 capacitores estufados, com um gasto em ferramentas e peças no valor de R$ 70 reais.

Agradeço imensamente pela dica @Bcpetronzio. E aos demais colegas, fica registrado aqui minha experiência.

Grande abraço.

1 de maio de 2017

13 horas atrás, Ricardo S Ferreira disse:

Acredito que esses dois componentes você conseguirá de uma fonte de PC.

Esplêndida ideia, Ricardo! Irei chegar as carcaças de algumas fontes velhas aqui.

1 hora atrás, misterjohn disse:

Tem que checar a causa do problema para que não se repita a queima dos componentes imediatamente após a troca...

Já olhou se tem essa placa inteira no mercado livre?

Obs: Se estão cobrando tudo isso e é uma Kikos imagine se fosse uma Thonsom ou Movement então??????

Realmente. Eu sou bem leigo nesse assunto de eletrônica, mas estou tentando entender/aprender como fazer medições com multímetro para identificar esse tipo de coisa. Infelizmente não encontrei essa placa a venda =/

Então enquanto não compreendo, fiz a verificação no olhômetro. Ao que parece, o serviço porco da Kikos deixou o dissipador solto na placa, e ele encostou nos terminais dos componentes fechando curto, dando o pipoco que mencionei.

Hahahaha. E olha que é uma dos modelos mais fuleiros.

30 de abril de 2017

3 horas atrás, misterjohn disse:

Nos anos 70 havia um livro chamado "DATA BOOK" onde constava as equivalências de componentes eletrônicos ou então consulte sites como o abaixo e reze para que o seu componente não foi "remarcado" ou seja, retirada a identificação original de fábrica e colocada outra para te prender na assistência do equipamento.

http://www.eletroaquila.net/equivalenciaci

Dei uma olhada, parece que não há menção sobre. =/

3 horas atrás, Bommu Perneta disse:

Fiz uma pesquisa (dando ctr+F ) e não achei nessa lista na lista do link acima... Eu achei os dois no aliexpress, agora quanto a originalidade está complicado hehehehe, fora o tempo que isso vai demorar para chegar no Brasil.

Tem alguns tutoriais na net para tentar achar o par dele através da Vdss corrente e vários outros aspectos, mas ainda pode dar errado ^^. Aqui no forum tem vários tópicos sobre isso sem resposta...

Realmente, deve demorar um tempo absurdo. Tentarei achar um substituto.

7 minutos atrás, Mestre88 disse:

O primeiro componente é um mosfet para alta tensão, veja o datasheet:

ftp://62.16.43.145/Datasheets/JCS740.pdf

O segundo componente é uma meia ponte retificadora de 16A/60V.

Esses componentes são de fonte de PC?

Opa obrigado por esclarecer.

Na verdade é de uma placa de uma esteira Kikos - ela deu um pipoco e torrou esses dois componentes. Ai eu quero trocar esses componentes pra ver se volta a vida.

Por que não levar na assistência técnica? O preço cobrado : R$ 650 =/

Se eu conseguir é uma vitória, se não vai pro lixo.

30 de abril de 2017

Prezados,

Gostaria de auxilio para substituir os componente da imagem em anexo. Não encontro esses na internet para a compra, logo gostaria de alguns equivalentes.

Att,

21 de abril de 2017

@RS Faria

Muito obrigado pela confirmação.

Tenho ela desde nova - e funciona perfeitamente. Só que fiquei na duvida imaginando se ela aguentaria levar esse hardware que citei.

Outra dúvida se puder me esclarecer é: A GTX 1080 é alimentada por por 2X de 8 pinos, e a minha fonte só possui 1X de 6 e 1X de 8 pinos, é seguro usar aqueles adaptadores que transforma 1X de 6 em 1X de 8?

Att,

21 de abril de 2017

Caros colegas,

Penso em montar um novo PC, no entanto penso em reaproveitar minha fonte Corsair VX550. É possível?

Penso em montar, mais ou menos, a seguinte configuração :Processador R7 1800X; Placa de Vídeo GTX 1080; Memória 16Gb; SSD 250Gbs; HD 1Tb; 6 fans 1200mm.

Att,

3 de março de 2017

Prezados,

Estou em dúvida em dois itens.

Bom, o primeiro é que estou querendo montar uma formula para calcular o adicional noturno na planilha em anexo, no entanto, não estou conseguindo me entender com os tutoriais disponíveis na internet - sempre da erro. Poderiam, por gentileza, me auxiliar?

A segunda dúvida é quanto a coluna "M" da planilha. Embora as horas estejam "inteiras" a soma do excel sempre está me retornando 1 minuto a menos. Alguém saberia do por que ocorre tal coisa?

Plan.xlsx

19 de fevereiro de 2017

@Bcpetronzio,

Agradeço por sua resposta. Mas sou extremamente leigo nessa questão de eletrônica, levarei em uma oficina que é mais seguro.

É nessas horas que eu queria que a fonte deste monitor fosse externa, menos dor de cabeça. Hahahaha

Obs.: Se houver ou não conserto irei atualizar esse tópico com as informações.

Entrar

Artigos

Selos

Fabricantes

Livros

Cursos

Análises

Fórum

posts postados por Xacamaster

Sobre o Clube do Hardware

Direitos autorais

Mais