Gustavo Ceron Lombardi

@GabrielLV A solução 9 do link, amenizou, porém ao meu ver o sistema não esta liso, o disco oscila muito(imagem) e ele da umas "congeladas" as vezes. Não sei se isso pode ser considerado normal, pois esse notebook é do meu pai, e eu no meu dia a dia uso o meu com SSD, ou seja, não tenho parâmetros de comparação de como é o uso com HD. Estou considerando o downgrade de sistema operacional. https://www.baboo.com.br/Windows-10/conteudo-essencial-Windows/27-solucoes-problema-HD-disco-100-porcento-hd100/2/#split_content

Aparentemente o problema voltou após fazer as atualizações necessárias do Windows. Disco esta em 100% e não consigo concluir a instalação KB5004237, apresenta o erro 0x800706be.

@Rio McCloud @Rio McCloud

@Rio McCloud

@Rio McCloud 8% de fragmentação

@Rio McCloud Só uma pergunta. O drefraggler identifica a mídia como sendo SSD, mais na verdade é um HD. Isso é bug do programa ?

@Rio McCloud

@Rio McCloud Fiz de tudo e não adiantou. Reinstalei o Windows e agora ele tava intercalando 100% de CPU e 100% de Disco. Desativei notificações e ações e aparentemente resolveu. Não entendo mais nada, nem consigo confiar que está resolvido o problema.

Bom dia pessoal. Troquei o HD do meu notebook. Instalei o Windows 10 configurei tudo e estou com problema de disco em 100%. Existe alguma coisa pra ser feita e corrigir esse problema ?

@Elias Pereira Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 19-07-2021 01 Executado por Usuario (26-07-2021 17:48:27) Run:2 Executando a partir de C:\Users\Usuario\Desktop Perfis Carregados: Usuario Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** File: C:\Program Files (x86)\scpbrad\scpbradguard.exe;C:\Program Files (x86)\scpbrad\scpbradserv.exe;C:\Windows\system32\pdfcmon.dll;C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe;C:\Windows\system32\svchost.exe;C:\Windows\SysWOW64\svchost.exe ***************** ========================= File: C:\Program Files (x86)\scpbrad\scpbradguard.exe;C:\Program Files (x86)\scpbrad\scpbradserv.exe;C:\Windows\system32\pdfcmon.dll;C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe;C:\Windows\system32\svchost.exe;C:\Windows\SysWOW64\svchost.exe ======================== C:\Program Files (x86)\scpbrad\scpbradguard.exe O arquivo é assinado digitalmente MD5: 1E86F0E497B83F19A0AF901D0AF4CDA6 Data de criação e modificação: 2019-12-13 11:05 - 2019-12-13 11:05 Tamanho: 003100032 Atributos: ----N Nome Da Empresa: Banco Bradesco S.A. -> Scopus Soluções em TI Ltda Interno Nome: scpsecguard.exe Original Nome: scpsecguard.exe Produto: scpsecguard Descrição: Módulo de Interação do Serviço de Segurança Scopus Arquivo Versão: 1.0.0.49 Produto Versão: 1.0.0.49 Copyright: Copyright (C) 2018 VirusTotal: https://www.virustotal.com/gui/file/e5fe00e8d9da012e9b396edfb229b5e2f9c23e745374531d48c5a2157df420ba/detection/f-e5fe00e8d9da012e9b396edfb229b5e2f9c23e745374531d48c5a2157df420ba-1625242576 C:\Program Files (x86)\scpbrad\scpbradserv.exe O arquivo é assinado digitalmente MD5: C1B59FB4C0D99A0A74548C1E77B08CCA Data de criação e modificação: 2019-12-13 11:05 - 2021-03-02 11:11 Tamanho: 002269056 Atributos: ----N Nome Da Empresa: Banco Bradesco S.A. -> Scopus Soluções em TI Ltda Interno Nome: ScpSecurityService.exe Original Nome: ScpSecurityService.exe Produto: ScpSecurityService Descrição: Componente de Segurança Bradesco Arquivo Versão: 1.0.0.51 Produto Versão: 1.0.0.51 Copyright: Copyright (C) 2020 VirusTotal: https://www.virustotal.com/gui/file/fcaea2d5c61b3c174a300135e241f8d6f48d9a046e822c7292be523ed3463d7a/detection/f-fcaea2d5c61b3c174a300135e241f8d6f48d9a046e822c7292be523ed3463d7a-1626464920 C:\Windows\system32\pdfcmon.dll Arquivo não assinado MD5: C3938F5570991DC59774FA2BD0C53705 Data de criação e modificação: 2019-11-13 15:13 - 2019-11-13 15:13 Tamanho: 000116736 Atributos: ----A Nome Da Empresa: pdfforge GmbH Interno Nome: pdfcmon Original Nome: pdfcmon Produto: pdfcmon Descrição: pdfcmon Arquivo Versão: 0.9.8.1 Produto Versão: 0.9.8.1 Copyright: Copyright (c) by pdfforge VirusTotal: https://www.virustotal.com/gui/file/a9354a30c9176913198b356ad0f346c86d2c1666f5174bf7f5f915fae40d33bf/detection/f-a9354a30c9176913198b356ad0f346c86d2c1666f5174bf7f5f915fae40d33bf-1623312884 C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe Arquivo não assinado MD5: 711E5C829211E28CA596416FD22388B3 Data de criação e modificação: 2021-01-02 20:36 - 2014-04-02 22:08 Tamanho: 000381952 Atributos: ----A Nome Da Empresa: Scarlet.Crush Productions Interno Nome: ScpService.exe Original Nome: ScpService.exe Produto: ScpService Descrição: ScpService Arquivo Versão: 1.2.2.175 Produto Versão: 1.2.2.175 Copyright: Copyright © Scarlet.Crush Productions 2012, 2013, 2014 VirusTotal: https://www.virustotal.com/gui/file/82428854423d2cf399661e937a66ffacdf57a0a2d7d2e79ead7a587202eb5134/detection/f-82428854423d2cf399661e937a66ffacdf57a0a2d7d2e79ead7a587202eb5134-1618152104 C:\Windows\system32\svchost.exe Catalog: C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.1556.cat O arquivo é assinado digitalmente MD5: 9520A99E77D6196D0D09833146424113 Data de criação e modificação: 2019-03-19 01:44 - 2019-03-19 01:44 Tamanho: 000053744 Atributos: ----A Nome Da Empresa: Microsoft Windows Publisher -> Microsoft Corporation Interno Nome: svchost.exe Original Nome: svchost.exe Produto: Microsoft® Windows® Operating System Descrição: Host Process for Windows Services Arquivo Versão: 10.0.18362.1 (WinBuild.160101.0800) Produto Versão: 10.0.18362.1 Copyright: © Microsoft Corporation. All rights reserved. VirusTotal: https://www.virustotal.com/gui/file/dd191a5b23df92e12a8852291f9fb5ed594b76a28a5a464418442584afd1e048/detection/f-dd191a5b23df92e12a8852291f9fb5ed594b76a28a5a464418442584afd1e048-1627319032 C:\Windows\SysWOW64\svchost.exe Catalog: C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0012~31bf3856ad364e35~amd64~~10.0.18362.1556.cat O arquivo é assinado digitalmente MD5: A7296C1245EE76768D581C6330DADE06 Data de criação e modificação: 2019-03-19 01:45 - 2019-03-19 01:45 Tamanho: 000045448 Atributos: ----A Nome Da Empresa: Microsoft Windows Publisher -> Microsoft Corporation Interno Nome: svchost.exe Original Nome: svchost.exe Produto: Microsoft® Windows® Operating System Descrição: Host Process for Windows Services Arquivo Versão: 10.0.18362.1 (WinBuild.160101.0800) Produto Versão: 10.0.18362.1 Copyright: © Microsoft Corporation. All rights reserved. VirusTotal: https://www.virustotal.com/gui/file/5be0de7f915ba819d4ba048db7a2a87f6f3253fdd4865dc418181a0d6a031caa/detection/f-5be0de7f915ba819d4ba048db7a2a87f6f3253fdd4865dc418181a0d6a031caa-1627279700 ====== Fim de File: ====== ==== Fim de Fixlog 17:49:30 ====

@Elias Pereira Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 19-07-2021 01 Executado por Usuario (26-07-2021 16:32:35) Run:1 Executando a partir de C:\Users\Usuario\Desktop Perfis Carregados: Usuario Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: File: C:\Program Files (x86)\scpbrad\scpbradguard.exe,C:\Program Files (x86)\scpbrad\scpbradserv.exe,C:\Windows\system32\pdfcmon.dll,C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe,C:\Windows\system32\svchost.exe,C:\Windows\SysWOW64\svchost.exe HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Policies\Explorer: [] HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\MountPoints2: {8990ba3c-4929-11eb-9811-e006e6cf8ea8} - "E:\LaunchU3.exe" -a HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO Task: {0580C1BE-0FF4-499D-AA2E-E24D6F3D5FEA} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {06600067-3001-40FE-8D94-1802B9BAFAAA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation) Task: {0938693D-6B30-4F53-AB6F-C686A95D847B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation -> Mozilla Foundation) Task: {223B46EB-0666-45BC-A983-7011C33BD9C6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {28568FCD-C388-40E2-B4C1-0B37E311FF0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {2BC10DF2-E766-4413-9894-A9916031CCA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC) Task: {49570756-6ADF-4420-BBF2-F567FBFA9F24} - System32\Tasks\Opera scheduled assistant Autoupdate 1576838203 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Usuario\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {5510920A-52BD-4CDA-A4C1-E06C28EB40FC} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC) Task: {5C34AA8A-A092-4453-8EE2-FCBA57A8094B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {621A1456-B4DA-44DB-819F-53A6620CA05F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {6C20AB84-A680-4722-A488-0D86577A60C0} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7B9A3E3D-221E-4DA0-AFAD-67432C84B8E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {813C8F90-E997-4B55-B4EC-E76941238FD0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Orchestrator => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [1662662 2018-02-24] (MS) [Arquivo não assinado] Task: {92D2D785-395B-4285-8D72-D360E4B530F7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Shutdown => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [1662662 2018-02-24] (MS) [Arquivo não assinado] Task: {951F8D96-B977-4BC8-8048-6AB7BA661B44} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-07-08] () [Arquivo não assinado] Task: {95716E15-AC07-46B8-A048-F40A58515FA2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation) Task: {98F7D800-CC7A-4A22-8195-F4F0861034D2} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4114728 2021-04-29] (McAfee, LLC -> McAfee, LLC) Task: {9F2BD1AE-9A81-45F6-8741-96428752BF9A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {C45D70A8-BE3F-4A33-B445-053521B704BF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {C4CD0060-4B29-432B-9D70-95499E155027} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {C906B71F-C0DA-47FD-B6FD-12BA1E5D01BB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {CDFEBBF5-B27A-4C4F-9F67-576B50DC5F0B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC) Task: {D87C985A-93D1-47B8-AFA3-BE8CA3967501} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC) Task: {EAC87C8F-CA18-4A27-99A6-FD162A4A6964} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC) Task: {F2E4423E-8169-468A-953A-C9AF5D239F85} - System32\Tasks\Opera scheduled Autoupdate 1573773820 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) Task: {F807E8AE-D6CE-46DD-855D-4F931C5C749F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: CreateRestorePoint: ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. ========================= File: C:\Program Files (x86)\scpbrad\scpbradguard.exe,C:\Program Files (x86)\scpbrad\scpbradserv.exe,C:\Windows\system32\pdfcmon.dll,C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe,C:\Windows\system32\svchost.exe,C:\Windows\SysWOW64\svchost.exe ======================== "C:\Program Files (x86)\scpbrad\scpbradguard.exe,C:\Program Files (x86)\scpbrad\scpbradserv.exe,C:\Windows\system32\pdfcmon.dll,C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe,C:\Windows\system32\svchost.exe,C:\Windows\SysWOW64\svchost.exe" => não encontrado (a) ====== Fim de File: ====== "HKU\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removido (a) com sucesso. HKU\S-1-5-21-2802420505-662629979-4225180187-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8990ba3c-4929-11eb-9811-e006e6cf8ea8} => removido (a) com sucesso. HKLM\SOFTWARE\Policies\Google => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0580C1BE-0FF4-499D-AA2E-E24D6F3D5FEA}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0580C1BE-0FF4-499D-AA2E-E24D6F3D5FEA}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WaaSMedic\MaintenanceWork" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06600067-3001-40FE-8D94-1802B9BAFAAA}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06600067-3001-40FE-8D94-1802B9BAFAAA}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0938693D-6B30-4F53-AB6F-C686A95D847B}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0938693D-6B30-4F53-AB6F-C686A95D847B}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{223B46EB-0666-45BC-A983-7011C33BD9C6}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{223B46EB-0666-45BC-A983-7011C33BD9C6}" => removido (a) com sucesso. C:\Windows\System32\Tasks\StartCN => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartCN" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{28568FCD-C388-40E2-B4C1-0B37E311FF0A}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28568FCD-C388-40E2-B4C1-0B37E311FF0A}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2BC10DF2-E766-4413-9894-A9916031CCA8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BC10DF2-E766-4413-9894-A9916031CCA8}" => removido (a) com sucesso. C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49570756-6ADF-4420-BBF2-F567FBFA9F24}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49570756-6ADF-4420-BBF2-F567FBFA9F24}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Opera scheduled assistant Autoupdate 1576838203 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1576838203" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5510920A-52BD-4CDA-A4C1-E06C28EB40FC}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5510920A-52BD-4CDA-A4C1-E06C28EB40FC}" => removido (a) com sucesso. C:\Windows\System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Auto Maintenance Task Agent" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C34AA8A-A092-4453-8EE2-FCBA57A8094B}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C34AA8A-A092-4453-8EE2-FCBA57A8094B}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeBackgroundTaskHandlerLogon" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{621A1456-B4DA-44DB-819F-53A6620CA05F}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{621A1456-B4DA-44DB-819F-53A6620CA05F}" => removido (a) com sucesso. C:\Windows\System32\Tasks\ModifyLinkUpdate => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ModifyLinkUpdate" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C20AB84-A680-4722-A488-0D86577A60C0}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C20AB84-A680-4722-A488-0D86577A60C0}" => removido (a) com sucesso. C:\Windows\System32\Tasks\StartCNBM => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartCNBM" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B9A3E3D-221E-4DA0-AFAD-67432C84B8E0}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B9A3E3D-221E-4DA0-AFAD-67432C84B8E0}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentFallBack2016" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{813C8F90-E997-4B55-B4EC-E76941238FD0}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{813C8F90-E997-4B55-B4EC-E76941238FD0}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Orchestrator => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Orchestrator" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92D2D785-395B-4285-8D72-D360E4B530F7}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92D2D785-395B-4285-8D72-D360E4B530F7}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Shutdown => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Shutdown" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{951F8D96-B977-4BC8-8048-6AB7BA661B44}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{951F8D96-B977-4BC8-8048-6AB7BA661B44}" => removido (a) com sucesso. C:\Windows\System32\Tasks\klcp_update => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{95716E15-AC07-46B8-A048-F40A58515FA2}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95716E15-AC07-46B8-A048-F40A58515FA2}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates 2.0" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98F7D800-CC7A-4A22-8195-F4F0861034D2}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98F7D800-CC7A-4A22-8195-F4F0861034D2}" => removido (a) com sucesso. C:\Windows\System32\Tasks\McAfee\DAD.Execute.Updates => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\DAD.Execute.Updates" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9F2BD1AE-9A81-45F6-8741-96428752BF9A}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F2BD1AE-9A81-45F6-8741-96428752BF9A}" => removido (a) com sucesso. C:\Windows\System32\Tasks\StartDVR => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartDVR" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C45D70A8-BE3F-4A33-B445-053521B704BF}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C45D70A8-BE3F-4A33-B445-053521B704BF}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C4CD0060-4B29-432B-9D70-95499E155027}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4CD0060-4B29-432B-9D70-95499E155027}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentLogOn2016" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C906B71F-C0DA-47FD-B6FD-12BA1E5D01BB}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C906B71F-C0DA-47FD-B6FD-12BA1E5D01BB}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CDFEBBF5-B27A-4C4F-9F67-576B50DC5F0B}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDFEBBF5-B27A-4C4F-9F67-576B50DC5F0B}" => removido (a) com sucesso. C:\Windows\System32\Tasks\McAfeeLogon => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfeeLogon" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D87C985A-93D1-47B8-AFA3-BE8CA3967501}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D87C985A-93D1-47B8-AFA3-BE8CA3967501}" => removido (a) com sucesso. C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Idle Detection Task" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAC87C8F-CA18-4A27-99A6-FD162A4A6964}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAC87C8F-CA18-4A27-99A6-FD162A4A6964}" => removido (a) com sucesso. C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F2E4423E-8169-468A-953A-C9AF5D239F85}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2E4423E-8169-468A-953A-C9AF5D239F85}" => removido (a) com sucesso. C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1573773820 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1573773820" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F807E8AE-D6CE-46DD-855D-4F931C5C749F}" => não encontrado (a) C:\Windows\System32\Tasks\AMDLinkUpdate => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AMDLinkUpdate" => removido (a) com sucesso. C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => movido com sucesso ========= ipconfig /flushdns ========= Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-21-2802420505-662629979-4225180187-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-21-2802420505-662629979-4225180187-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. ========= Fim de RemoveProxy: ========= Ponto de Restauração criado com sucesso. =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 711764676 B Java, Flash, Steam htmlcache => 711480737 B Windows/system/drivers => 1403321 B Edge => 531204 B Chrome => 242216115 B Firefox => 2064719179 B Opera => 318689843 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 3274377 B systemprofile32 => 3274377 B LocalService => 8332238 B NetworkService => 8342848 B Usuario => 319489717 B RecycleBin => 1333995367 B EmptyTemp: => 5.3 GB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 16:45:32 ====

@Elias Pereira FRST Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 19-07-2021 01 Executado por Usuario (administrador) em DESKTOP-I5G2Q4N (Dell Inc. Inspiron 7520) (26-07-2021 12:46:27) Executando a partir de C:\Users\Usuario\Desktop Perfis Carregados: Usuario Platform: Windows 10 Pro Versão 1909 18363.1556 (X64) Idioma: Português (Brasil) Navegador padrão: FF Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe (Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359518.inf_amd64_ddc5c961c2795261\B359297\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359518.inf_amd64_ddc5c961c2795261\B359297\atiesrxx.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture_DELL.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.3.107.0\McCSPServiceHost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3> (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\mesmo\McSmtFwk.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_4\mcapexe.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) C:\Program Files\Diebold\Warsaw\core.exe <2> (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (Scarlet.Crush Productions) [Arquivo não assinado] C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348200 2015-07-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [Arquivo não assinado] HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [409760 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM-x32\...\Run: [HDD Regenerator] => "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [msnmsgr] => "C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" /background HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1045056 2021-05-21] (Digital Wave Ltd -> Digital Wave Ltd) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [uTorrent] => C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe [2268136 2019-12-06] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [Opera Browser Assistant] => C:\Users\Usuario\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4079824 2021-07-21] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Policies\Explorer: [] HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\MountPoints2: {8990ba3c-4929-11eb-9811-e006e6cf8ea8} - "E:\LaunchU3.exe" -a HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2019-11-13] (pdfforge GmbH) [Arquivo não assinado] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.164\Installer\chrmstp.exe [2021-07-20] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0580C1BE-0FF4-499D-AA2E-E24D6F3D5FEA} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {06600067-3001-40FE-8D94-1802B9BAFAAA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation) Task: {0938693D-6B30-4F53-AB6F-C686A95D847B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation -> Mozilla Foundation) Task: {223B46EB-0666-45BC-A983-7011C33BD9C6} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {28568FCD-C388-40E2-B4C1-0B37E311FF0A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {2BC10DF2-E766-4413-9894-A9916031CCA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC) Task: {49570756-6ADF-4420-BBF2-F567FBFA9F24} - System32\Tasks\Opera scheduled assistant Autoupdate 1576838203 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Usuario\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {5510920A-52BD-4CDA-A4C1-E06C28EB40FC} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC) Task: {5C34AA8A-A092-4453-8EE2-FCBA57A8094B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {621A1456-B4DA-44DB-819F-53A6620CA05F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {6C20AB84-A680-4722-A488-0D86577A60C0} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7B9A3E3D-221E-4DA0-AFAD-67432C84B8E0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {813C8F90-E997-4B55-B4EC-E76941238FD0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Orchestrator => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [1662662 2018-02-24] (MS) [Arquivo não assinado] Task: {92D2D785-395B-4285-8D72-D360E4B530F7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Shutdown => C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe [1662662 2018-02-24] (MS) [Arquivo não assinado] Task: {951F8D96-B977-4BC8-8048-6AB7BA661B44} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-07-08] () [Arquivo não assinado] Task: {95716E15-AC07-46B8-A048-F40A58515FA2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23563208 2021-07-05] (Microsoft Corporation -> Microsoft Corporation) Task: {98F7D800-CC7A-4A22-8195-F4F0861034D2} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4114728 2021-04-29] (McAfee, LLC -> McAfee, LLC) Task: {9F2BD1AE-9A81-45F6-8741-96428752BF9A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {C45D70A8-BE3F-4A33-B445-053521B704BF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208216 2021-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {C4CD0060-4B29-432B-9D70-95499E155027} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3512736 2021-07-20] (Microsoft Corporation -> Microsoft Corporation) Task: {C906B71F-C0DA-47FD-B6FD-12BA1E5D01BB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {CDFEBBF5-B27A-4C4F-9F67-576B50DC5F0B} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC) Task: {D87C985A-93D1-47B8-AFA3-BE8CA3967501} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC) Task: {EAC87C8F-CA18-4A27-99A6-FD162A4A6964} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC) Task: {F2E4423E-8169-468A-953A-C9AF5D239F85} - System32\Tasks\Opera scheduled Autoupdate 1573773820 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-07] (Opera Software AS -> Opera Software) Task: {F807E8AE-D6CE-46DD-855D-4F931C5C749F} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1645240 2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.15.1 Tcpip\..\Interfaces\{040a3816-807d-4343-a4da-d10f7485137c}: [DhcpNameServer] 192.168.15.1 Tcpip\..\Interfaces\{6536d128-8fca-4d42-adc4-1b88cca0c3a2}: [DhcpNameServer] 192.168.15.1 Edge: ======= Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)] Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)] Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)] Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)] Edge Profile: C:\Users\Usuario\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-23] FireFox: ======== FF DefaultProfile: vgzm1g9q.default FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App [2021-07-26] FF Homepage: Mozilla\Firefox\Profiles\mvwwq55k.App -> hxxps://www.google.com/ FF NewTab: Mozilla\Firefox\Profiles\mvwwq55k.App -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName= FF SearchPlugin: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App\searchplugins\My Bing Search.xml [2021-07-22] FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\vgzm1g9q.default [2021-07-26] FF Homepage: Mozilla\Firefox\Profiles\vgzm1g9q.default -> hxxps://www.google.com/ FF NewTab: Mozilla\Firefox\Profiles\vgzm1g9q.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName= FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release [2021-07-26] FF NewTab: Mozilla\Firefox\Profiles\z5b2d0y9.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName= FF Notifications: Mozilla\Firefox\Profiles\z5b2d0y9.default-release -> hxxps://minhaclaroresidencial.claro.com.br; hxxps://www.palmeiras.com.br; hxxps://medal.tv; hxxps://www.faceit.com; hxxps://villacountry.com.br FF Extension: (BetterTTV) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\[email protected] [2021-07-20] FF Extension: (Direct Message DM for Instagram) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\[email protected] [2020-12-03] FF Extension: (Bilômetro) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\{09d09f49-3615-4cf3-ad57-a6cc924f29e8}.xpi [2021-07-13] FF Extension: (GamersClub Booster) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\{68a6744b-6d1e-4c85-83ad-637c9dc135b5}.xpi [2021-06-26] FF SearchPlugin: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\searchplugins\My Bing Search.xml [2021-07-22] FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => não encontrado (a) FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-06-30] [] [não assinado] FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-06-04] (McAfee, LLC -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-06-04] (McAfee, LLC -> ) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2021-07-26] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2021-07-23] CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?fr=mcafee&type=E211BR105G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSuggestURL: Default -> hxxps://br.search.yahoo.com/sugg/gossip/gossip-br-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms} CHR Extension: (Apresentações) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-13] CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-13] CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-26] CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-13] CHR Extension: (Facebook Pixel Helper) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2021-07-22] CHR Extension: (Planilhas) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-13] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-07-22] CHR Extension: (Documentos Google off-line) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-10] CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-26] CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-01] CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-06] CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-06] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] Opera: ======= OPR Profile: C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable [2021-07-25] OPR Notifications: Opera Stable -> hxxps://www.; hxxps://www.reddit.com; hxxps://www.youtube.com OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-25] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado] R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe [61624 2020-09-23] (Advanced Micro Devices, Inc. -> AMD) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482696 2021-07-05] (Microsoft Corporation -> Microsoft Corporation) R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421536 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [80544 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [422432 2021-05-23] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3981856 2021-05-23] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [623136 2021-05-23] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-06-21] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-05-27] (Dell Inc -> ) S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [454720 2021-05-21] (Digital Wave Ltd -> Digital Wave Ltd) R2 Ds3Service; C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe [381952 2014-04-02] (Scarlet.Crush Productions) [Arquivo não assinado] S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [24914888 2021-07-25] (FACE IT LIMITED -> ) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-07-05] (HP Inc. -> HP Inc.) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [974168 2021-06-24] (McAfee, LLC -> McAfee, LLC) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_4\McApExe.exe [797576 2021-06-04] (McAfee, LLC -> McAfee, LLC) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.3.107.0\\McCSPServiceHost.exe [2825792 2021-05-12] (McAfee, LLC -> McAfee, LLC) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1669200 2021-05-28] (McAfee, LLC -> McAfee, LLC) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-06-22] (Electronic Arts, Inc. -> Electronic Arts) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288320 2021-04-21] (McAfee, LLC -> McAfee, LLC) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1716632 2021-05-11] (Rockstar Games, Inc. -> Rockstar Games) R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [2269056 2021-03-02] (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6517736 2021-05-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-07-01] (Dell Inc -> Dell Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12054872 2019-10-10] (TeamViewer GmbH -> TeamViewer GmbH) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1141648 2020-08-10] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL) S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 athr; C:\Windows\System32\drivers\athw10x.sys [4316784 2015-06-16] (WDKTestCert qcaswbld,130129545209614653 -> Qualcomm Atheros Communications, Inc.) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80400 2021-05-19] (McAfee, Inc. -> McAfee, LLC) S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2021-07-26] (CPUID S.A.R.L.U. -> CPUID) R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [27896 2021-05-17] (WDKTestCert Amit_K_Tiwari,132158070448517957 -> ) R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [42256 2020-01-11] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [59344 2020-01-11] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 EMAC-Driver; C:\Windows\System32\drivers\EMAC-Driver-x64.sys [3453464 2021-07-24] (Gamers Club (Gamers Club Ltda) -> ) S3 EMACDRV; C:\Windows\System32\drivers\EMAC-Driver-x64.sys [3453464 2021-07-24] (Gamers Club (Gamers Club Ltda) -> ) R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [12112880 2021-07-25] (FACE IT LIMITED -> ) U5 GCSYS; C:\Users\Usuario\AppData\Local\Programs\gcac-launcher\resources\bin\EMAC-Driver-x64.sys [3453464 2021-07-24] (Gamers Club (Gamers Club Ltda) -> ) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.) R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [89112 2021-01-18] (McAfee, LLC -> McAfee, LLC) R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [550944 2021-05-19] (McAfee, Inc. -> McAfee, LLC) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [390664 2021-05-19] (McAfee, Inc. -> McAfee, LLC) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85952 2021-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [527368 2021-05-19] (McAfee, Inc. -> McAfee, LLC) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [1037320 2021-05-19] (McAfee, Inc. -> McAfee, LLC) R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [590032 2021-04-16] (McAfee, Inc. -> McAfee LLC.) S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [120512 2021-04-16] (McAfee, Inc. -> McAfee LLC.) R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [121352 2021-05-19] (McAfee, Inc. -> McAfee, LLC) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [257552 2021-05-19] (McAfee, Inc. -> McAfee, LLC) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-11-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [351968 2019-11-13] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-13] (Microsoft Windows -> Microsoft Corporation) R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [47800 2021-07-26] (Gas Informatica Ltda -> GAS Tecnologia) R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [61456 2020-08-11] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44728 2019-04-15] (Gas Informatica Ltda -> GAS Tecnologia) R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43528 2020-07-23] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) S3 amdkmdap; \SystemRoot\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atikmpag.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-07-26 12:46 - 2021-07-26 12:47 - 000035818 _____ C:\Users\Usuario\Desktop\FRST.txt 2021-07-26 12:46 - 2021-07-26 12:46 - 000000000 ____D C:\FRST 2021-07-26 11:49 - 2021-07-26 11:49 - 010311711 _____ C:\Users\Usuario\Downloads\Office 2020 by ApkGames.rar 2021-07-26 11:11 - 2021-07-26 11:12 - 002300416 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe 2021-07-26 11:06 - 2021-07-26 11:06 - 000003110 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2021-07-25 19:35 - 2021-07-25 19:35 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2802420505-662629979-4225180187-1002 2021-07-25 19:35 - 2021-07-25 19:35 - 000002436 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-07-25 18:01 - 2021-07-25 18:01 - 012112880 _____ C:\Windows\system32\Drivers\FACEIT.sys 2021-07-24 15:59 - 2021-07-24 15:59 - 000000000 _____ C:\Windows\system32\Drivers\dump_storahci.sys 2021-07-24 15:59 - 2021-07-24 15:59 - 000000000 _____ C:\Windows\system32\Drivers\dump_dumpfve.sys 2021-07-24 15:59 - 2021-07-24 15:59 - 000000000 _____ C:\Windows\system32\Drivers\dump_diskdump.sys 2021-07-23 19:35 - 2021-07-23 20:06 - 000000000 ____D C:\ESD 2021-07-23 19:33 - 2021-07-23 19:33 - 000000000 ___HD C:\$Windows.~WS 2021-07-23 16:36 - 2021-07-23 16:36 - 000000000 ____D C:\Pasta compartilhada 2021-07-23 11:21 - 2021-07-23 11:22 - 000000000 ____D C:\AdwCleaner 2021-07-22 20:31 - 2021-07-22 20:31 - 000026498 _____ C:\ZA-Scan.txt 2021-07-22 20:20 - 2021-07-22 20:20 - 000000000 ____D C:\zoek_backup 2021-07-22 19:20 - 2021-07-22 19:20 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe 2021-07-22 19:10 - 2021-07-22 19:20 - 000000000 ____D C:\ProgramData\HitmanPro 2021-07-22 19:10 - 2021-07-22 19:10 - 000040960 _____ C:\Windows\system32\Drivers\hitmanpro37.sys 2021-07-22 18:58 - 2021-07-22 18:58 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-07-22 11:28 - 2021-07-22 11:28 - 000001879 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk 2021-07-22 11:28 - 2021-07-22 11:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\UTW008 2021-07-22 10:47 - 2021-07-22 10:57 - 000066881 _____ C:\Users\Usuario\Desktop\Ed.Comercial BH.dwg 2021-07-21 20:02 - 2021-07-22 00:13 - 000000000 ____D C:\Program Files (x86)\HDD Regenerator 2021-07-21 20:02 - 2021-07-21 20:02 - 000002112 _____ C:\Users\Public\Desktop\HDD Regenerator.lnk 2021-07-21 20:02 - 2021-07-21 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator 2021-07-21 20:01 - 2021-07-21 20:01 - 000914679 _____ C:\Users\Usuario\Downloads\Crack.rar 2021-07-21 20:00 - 2021-07-21 20:00 - 008222163 _____ C:\Users\Usuario\Downloads\HDD Regenerator.rar 2021-07-21 19:27 - 2021-07-21 19:27 - 000000118 ___RH C:\Users\Usuario\Downloads\Stinger.opt 2021-07-21 19:24 - 2021-07-21 19:24 - 000000000 ____D C:\Quarantine 2021-07-21 19:21 - 2021-07-21 19:27 - 000000000 ____D C:\Program Files\stinger 2021-07-21 18:38 - 2021-07-21 18:44 - 000000000 ____D C:\ProgramData\Ultra Adware Killer 2021-07-21 18:38 - 2021-07-21 18:38 - 001241848 ____H (Carifred) C:\Users\Usuario\Desktop\UltraAdwareKiller64.exe 2021-07-21 17:37 - 2021-07-21 17:37 - 000004484 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1576838203 2021-07-21 17:13 - 2021-07-21 17:22 - 000000000 ___HD C:\$SysReset 2021-07-21 11:10 - 2021-07-21 11:10 - 001564823 _____ C:\ProgramData\7593 2021-07-21 11:10 - 2021-07-21 11:10 - 000324410 _____ C:\ProgramData\64070.64070 2021-07-21 11:10 - 2021-07-21 11:10 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\wG3cB0qZ3rM5x 2021-07-21 11:10 - 2021-07-21 11:10 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\discord_files 2021-07-21 11:10 - 2021-07-21 11:10 - 000000000 ____D C:\ProgramData\74 2021-07-21 11:09 - 2021-07-21 11:09 - 000000821 _____ C:\Users\Usuario\AppData\LocalLow\machineinfo.txt 2021-07-21 11:08 - 2021-07-21 17:46 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\closestep 2021-07-21 11:08 - 2021-07-21 11:09 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\nW6mI-7yS1k 2021-07-21 11:08 - 2021-07-21 11:08 - 001564823 _____ C:\ProgramData\6274 2021-07-21 11:08 - 2021-07-21 11:08 - 001564823 _____ C:\ProgramData\6070 2021-07-21 11:08 - 2021-07-21 11:08 - 000325129 _____ C:\ProgramData\110856.110856 2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Adzuvt 2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\yJ7yX3xU-6u 2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\Users\Usuario\AppData\Local\Yandex 2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\ProgramData\FBTAIOVZP25IC3ZBHCJGMO8MR 2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\ProgramData\79 2021-07-21 11:08 - 2021-07-21 11:08 - 000000000 ____D C:\ProgramData\77 2021-07-21 10:23 - 2021-07-21 19:53 - 000000000 ____D C:\ProgramData\TEMP 2021-07-20 16:19 - 2021-07-20 16:19 - 000007193 _____ C:\Users\Usuario\Desktop\818165.pdf 2021-07-20 10:55 - 2021-07-20 14:58 - 000089389 _____ C:\Users\Usuario\Desktop\2.dxe 2021-07-20 10:25 - 2021-07-20 10:25 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2021-07-19 16:52 - 2021-07-19 16:52 - 038736547 _____ C:\Users\Usuario\Downloads\catalogo_comercial_dispan.pdf 2021-07-19 10:37 - 2021-07-19 10:37 - 004726824 _____ (Crystal Dew World ) C:\Users\Usuario\Downloads\crystaldiskinfo-8-12-4.exe 2021-07-15 17:26 - 2021-07-15 17:26 - 000092643 _____ C:\Users\Usuario\Desktop\85603968 - orçamento cliente 4 15.07.2021.PDF 2021-07-15 16:50 - 2021-07-15 16:50 - 000071886 _____ C:\Users\Usuario\Desktop\Gustavo Ceron.pdf 2021-07-13 17:39 - 2021-07-13 17:39 - 162153414 _____ C:\Users\Usuario\Downloads\catalago-wetzel-2019.pdf 2021-07-13 13:51 - 2021-07-13 13:51 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-07-11 16:59 - 2021-07-11 17:10 - 000000000 ____D C:\Users\Usuario\AppData\Local\FACEIT 2021-07-11 16:59 - 2021-07-11 16:59 - 000002185 _____ C:\Users\Usuario\Desktop\FACEIT.lnk 2021-07-11 16:58 - 2021-07-25 18:02 - 000000000 ____D C:\Program Files\FACEIT AC 2021-07-11 16:58 - 2021-07-11 16:58 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk 2021-07-09 08:07 - 2021-07-09 08:07 - 000004232 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1573773820 2021-07-09 08:07 - 2021-07-09 08:07 - 000001411 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk 2021-07-08 18:21 - 2021-07-08 18:21 - 000127532 _____ C:\Users\Usuario\Desktop\CREA G6.pdf 2021-07-08 17:25 - 2021-07-08 17:25 - 000959077 _____ C:\Users\Usuario\Downloads\1121_AR_EX_0001_PLA_R04.dwg 2021-07-08 17:12 - 2021-07-08 17:13 - 000973189 _____ C:\Users\Usuario\Downloads\1121_AR_EX_0001_PLA_R04.bak 2021-07-07 17:21 - 2021-07-07 17:21 - 001269039 _____ C:\Users\Usuario\Downloads\1121_AR_EX_0001_PLA_R05.dwg 2021-07-05 17:49 - 2021-07-05 20:10 - 001024344 _____ C:\Users\Usuario\Downloads\1121_AR_EX_0001_PLA_R05.bak 2021-07-03 18:19 - 2021-07-25 19:37 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\FACEIT 2021-07-03 18:19 - 2021-07-11 16:59 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FACEIT Ltd 2021-06-30 11:15 - 2021-06-30 11:15 - 000003300 _____ C:\Windows\system32\Tasks\McAfeeLogon 2021-06-30 11:13 - 2021-05-19 10:48 - 000550944 _____ (McAfee, LLC) C:\Windows\system32\Drivers\mfeaack.sys 2021-06-30 11:13 - 2021-05-19 10:48 - 000121352 _____ (McAfee, LLC) C:\Windows\system32\Drivers\mfeplk.sys 2021-06-30 11:13 - 2021-05-11 09:40 - 000609304 _____ (McAfee, LLC) C:\Windows\system32\mfevtps.exe 2021-06-27 17:46 - 2021-06-27 17:46 - 000000000 ____D C:\Users\Usuario\Documents\Zen Studios ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-07-26 12:46 - 2019-11-14 20:15 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla 2021-07-26 12:18 - 2019-11-13 15:07 - 000000000 ____D C:\Program Files (x86)\Google 2021-07-26 11:47 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-07-26 11:37 - 2019-11-24 08:30 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\WhatsApp 2021-07-26 11:11 - 2019-06-29 01:01 - 001742324 _____ C:\Windows\system32\PerfStringBackup.INI 2021-07-26 11:11 - 2019-03-19 09:46 - 000752820 _____ C:\Windows\system32\prfh0416.dat 2021-07-26 11:11 - 2019-03-19 09:46 - 000148836 _____ C:\Windows\system32\prfc0416.dat 2021-07-26 11:11 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF 2021-07-26 11:09 - 2020-12-16 07:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2021-07-26 11:07 - 2020-12-16 13:26 - 000000000 __RSD C:\Users\Usuario\Documents\McAfee Vaults 2021-07-26 11:07 - 2019-11-13 15:07 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-07-26 11:06 - 2019-11-14 21:09 - 000047800 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys 2021-07-26 11:06 - 2019-11-14 20:27 - 000000000 ____D C:\Windows\system32\Tasks\McAfee 2021-07-26 11:06 - 2019-11-13 15:25 - 000000000 __SHD C:\Users\Usuario\IntelGraphicsProfiles 2021-07-26 11:06 - 2019-11-13 15:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2021-07-26 11:06 - 2019-06-29 00:54 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-07-25 19:43 - 2019-11-13 16:29 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2021-07-25 19:43 - 2019-03-19 01:37 - 000786432 _____ C:\Windows\system32\config\BBI 2021-07-25 19:42 - 2019-11-14 21:11 - 000000000 ____D C:\Program Files (x86)\Steam 2021-07-25 19:37 - 2019-12-14 15:28 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Discord 2021-07-25 19:35 - 2019-11-13 15:06 - 000000000 ___RD C:\Users\Usuario\OneDrive 2021-07-25 19:21 - 2019-12-14 15:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\Discord 2021-07-25 17:59 - 2020-06-13 17:21 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\gcac-launcher 2021-07-25 14:05 - 2019-06-29 00:53 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-07-25 10:07 - 2019-11-14 20:25 - 000000000 ____D C:\ProgramData\McAfee 2021-07-24 15:59 - 2021-03-21 15:14 - 003453464 _____ C:\Windows\system32\Drivers\EMAC-Driver-x64.sys 2021-07-24 15:59 - 2020-10-10 16:36 - 000001561 _____ C:\Users\Usuario\Desktop\Gamers Club Anti-Cheat.lnk 2021-07-23 20:34 - 2020-06-18 09:22 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-23 20:06 - 2019-06-29 00:53 - 000000000 ____D C:\Windows\Panther 2021-07-23 18:30 - 2021-04-20 12:02 - 000167989 _____ C:\Windows\diagwrn.xml 2021-07-23 18:30 - 2021-04-20 12:02 - 000167643 _____ C:\Windows\diagerr.xml 2021-07-23 15:45 - 2019-11-13 14:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\Packages 2021-07-23 11:54 - 2019-12-18 22:01 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\ZHP 2021-07-23 10:24 - 2019-11-13 15:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-07-22 20:21 - 2019-11-15 17:51 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps 2021-07-22 19:57 - 2019-11-14 08:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\D3DSCache 2021-07-22 18:58 - 2019-11-13 15:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-07-22 18:54 - 2019-11-15 12:38 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Telegram Desktop 2021-07-22 11:37 - 2019-11-14 21:27 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\HD Tune Pro 2021-07-22 11:28 - 2019-12-06 21:29 - 000000000 ____D C:\Users\Usuario\AppData\Local\BitTorrentHelper 2021-07-22 10:02 - 2021-04-23 17:07 - 000000000 ____D C:\Users\Usuario\AppData\Local\WhatsApp 2021-07-22 10:02 - 2021-04-09 17:48 - 000015458 _____ C:\Users\Usuario\Desktop\Conta Corrente.xlsx 2021-07-21 20:02 - 2019-11-29 11:45 - 000000000 ____D C:\Users\Usuario\AppData\Local\Downloaded Installations 2021-07-21 19:39 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-07-21 19:30 - 2020-12-01 13:13 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\IGDump 2021-07-21 19:21 - 2019-11-14 20:26 - 000000000 ____D C:\Program Files\McAfee 2021-07-21 17:46 - 2021-03-24 17:33 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\zOONnDYbqMmrswTL 2021-07-21 17:46 - 2021-03-24 17:30 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\XsIFHGJDtKPLGWOf 2021-07-21 17:31 - 2019-11-14 08:16 - 000000000 ____D C:\ProgramData\FLEXnet 2021-07-21 17:31 - 2019-11-13 15:21 - 000000000 ____D C:\Program Files\AMD 2021-07-21 17:28 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-07-21 17:27 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\registration 2021-07-21 17:22 - 2019-11-14 22:01 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\DVDVideoSoft 2021-07-21 11:23 - 2019-11-13 14:01 - 000000000 ____D C:\Users\Usuario 2021-07-21 10:48 - 2019-03-19 01:37 - 000032768 _____ C:\Windows\system32\config\ELAM 2021-07-20 23:02 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness 2021-07-20 20:19 - 2019-11-13 15:08 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-07-20 10:25 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-07-20 10:24 - 2019-06-29 01:29 - 000000000 ____D C:\Program Files\Microsoft Office 2021-07-20 10:22 - 2019-12-07 12:58 - 000000000 ___HD C:\$Windows.~BT 2021-07-19 06:30 - 2019-11-13 15:15 - 000000000 ____D C:\Windows\system32\MRT 2021-07-19 06:27 - 2019-11-13 15:15 - 133422552 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-07-16 19:40 - 2021-03-24 17:52 - 000000000 ____D C:\ProgramData\Wondershare Filmora 2021-07-16 19:33 - 2021-03-24 17:44 - 000000000 ____D C:\Users\Usuario\Documents\Wondershare Filmora 9 2021-07-16 11:13 - 2019-11-13 15:08 - 000003588 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-07-16 11:13 - 2019-11-13 15:08 - 000003464 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-07-13 09:23 - 2019-11-24 08:30 - 000000000 ____D C:\Users\Usuario\AppData\Local\SquirrelTemp 2021-07-11 16:59 - 2019-11-13 16:36 - 000000000 ____D C:\Users\Usuario\AppData\Local\cache 2021-07-09 14:10 - 2020-01-21 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2021-07-09 14:09 - 2019-11-16 20:47 - 000000000 ____D C:\ProgramData\PCDr 2021-07-09 10:29 - 2020-02-07 10:57 - 000000132 _____ C:\Users\Usuario\AppData\Roaming\Adobe PNG Format CS6 Prefs 2021-07-07 15:46 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp 2021-07-06 11:00 - 2021-05-19 12:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2021-07-01 10:10 - 2019-11-14 20:26 - 000000000 ____D C:\Program Files (x86)\McAfee 2021-06-30 11:16 - 2019-11-14 20:25 - 000000000 ____D C:\Program Files\Common Files\McAfee 2021-06-30 09:06 - 2020-06-18 09:22 - 000003618 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-06-30 09:06 - 2020-06-18 09:22 - 000003494 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-06-29 17:19 - 2020-01-13 10:01 - 000000000 ____D C:\Program Files (x86)\Origin 2021-06-29 12:57 - 2019-11-13 16:31 - 000000000 ____D C:\Users\Usuario\AppData\Local\PlaceholderTileLogoFolder 2021-06-27 15:20 - 2020-01-13 10:00 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Origin 2021-06-27 15:20 - 2020-01-13 10:00 - 000000000 ____D C:\ProgramData\Origin 2021-06-27 15:17 - 2020-01-13 10:02 - 000000000 ____D C:\Program Files (x86)\Origin Games 2021-06-27 15:17 - 2020-01-13 10:00 - 000000000 ____D C:\Users\Usuario\AppData\Local\Origin ==================== Arquivos na raiz de alguns diretórios ======== 2020-02-07 10:57 - 2021-07-09 10:29 - 000000132 _____ () C:\Users\Usuario\AppData\Roaming\Adobe PNG Format CS6 Prefs 2020-12-24 17:37 - 2021-05-09 12:29 - 000007597 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg ==================== FCheck ================================ (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) FCheck: C:\Windows\system32\Drivers\dump_diskdump.sys [2021-07-24] <==== ATENÇÃO (zero byte Arquivo/Pasta) FCheck: C:\Windows\system32\Drivers\dump_dumpfve.sys [2021-07-24] <==== ATENÇÃO (zero byte Arquivo/Pasta) FCheck: C:\Windows\system32\Drivers\dump_storahci.sys [2021-07-24] <==== ATENÇÃO (zero byte Arquivo/Pasta) ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ======================== Addition Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 19-07-2021 01 Executado por Usuario (26-07-2021 12:47:55) Executando a partir de C:\Users\Usuario\Desktop Windows 10 Pro Versão 1909 18363.1556 (X64) (2019-11-13 16:58:22) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-2802420505-662629979-4225180187-500 - Administrator - Disabled) Convidado (S-1-5-21-2802420505-662629979-4225180187-501 - Limited - Enabled) DefaultAccount (S-1-5-21-2802420505-662629979-4225180187-503 - Limited - Disabled) Usuario (S-1-5-21-2802420505-662629979-4225180187-1002 - Administrator - Enabled) => C:\Users\Usuario WDAGUtilityAccount (S-1-5-21-2802420505-662629979-4225180187-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 21.005.20058 - Adobe Systems Incorporated) AdoptOpenJDK JRE with Hotspot 8.0.232.09 (x64) (HKLM\...\{D7307955-374A-4D68-9B25-29B8BB49B83B}) (Version: 8.0.232.09 - AdoptOpenJDK) AdoptOpenJDK JRE with Hotspot 8.0.232.09 (x86) (HKLM-x32\...\{6D3C434E-3E4B-44C7-B4FB-4DA3AE852836}) (Version: 8.0.232.09 - AdoptOpenJDK) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.9.2 - Advanced Micro Devices, Inc.) Aplicativo Itaú (HKLM-x32\...\{4B6778AC-BABE-44D4-BDF3-1BA382F7D580}) (Version: 1.0.162 - Banco Itaú) Aplicativos da Autodesk em destaque 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk) Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.) AutoCAD 2019 - English (HKLM\...\{28B89EEF-2001-0409-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk) Autodesk AutoCAD 2019 - English (HKLM\...\AutoCAD 2019 - English) (Version: 23.0.46.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk) Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk) Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.14.1.3 - Autodesk, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0.49 - Banco Bradesco S.A.) CORSAIR iCUE Software (HKLM-x32\...\{3D350B22-542B-4FB4-B3AC-EA760941C319}) (Version: 3.38.61 - Corsair) CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.) CPUID HWMonitor 1.42 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.42 - CPUID, Inc.) CrystalDiskInfo 8.3.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.3.2 - Crystal Dew World) Dell SupportAssist (HKLM\...\{270DE507-0182-4444-AAC8-FDD6689A92B0}) (Version: 3.10.0.47 - Dell Inc.) Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.) Dell Touchpad (HKLM\...\Elantech) (Version: 15.3.0.14 - ELAN Microelectronic Corp.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation) Discord (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Discord) (Version: 0.0.309 - Discord Inc.) FACEIT (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\FACEIT) (Version: 1.31.1 - FACEIT Ltd.) FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD) FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production) Fraps (HKLM-x32\...\Fraps) (Version: - ) Free Audio Editor (HKLM-x32\...\Free Audio Editor_is1) (Version: 1.1.35.831 - Digital Wave Ltd) Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.3.49.521 - Digital Wave Ltd) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.3.24.729 - Digital Wave Ltd) Gamers Club AC Launcher 3.2.20 (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\79ac4417-2a6e-5545-a41f-fb03b7abc70c) (Version: 3.2.20 - EMAC LAB LTDA) Gamers Club Anti-Cheat 3.1.22 (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\5336d6e5-cfd5-580d-976b-0c07db708c28) (Version: 3.1.22 - Gamers Club Engeneering) Google Chrome (HKLM\...\{104B4CED-D037-33A4-B0A4-3995A7B733B9}) (Version: 91.0.4472.164 - Google LLC) Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google) HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome) HP DeskJet 2600 series Ajuda (HKLM-x32\...\{CF6446D7-ED6A-4738-80AE-0102E9494218}) (Version: 44.0.0 - HP) HP DeskJet 2600 series Software básico do dispositivo (HKLM\...\{762C001A-5C6E-487F-B160-E2A73464D07D}) (Version: 43.3.2478.18107 - HP Inc.) HP Dropbox Plugin (HKLM-x32\...\{0E317A5C-E816-42A3-ABF5-E3EF44DACD06}) (Version: 36.0.100.66344 - HP) HP EmailSMTP Plugin (HKLM-x32\...\{E378164C-7A57-4B60-A86C-D5DA4FD0AC19}) (Version: 43.0.0.0 - HP) HP FTP Plugin (HKLM-x32\...\{01841008-D75C-447A-90A7-BA96287E6384}) (Version: 43.0.0.0 - HP) HP Google Drive Plugin (HKLM-x32\...\{72D64F2C-8290-446B-A657-80EA5BEF253D}) (Version: 36.0.100.66344 - HP) HP OneDrive Plugin (HKLM-x32\...\{379920B1-9CA6-4CCA-9A0D-721F6C4C576A}) (Version: 36.0.0.0 - HP) HP SharePoint Plugin (HKLM-x32\...\{D5CB6398-A20C-4A1E-BF09-31EDE8771388}) (Version: 43.0.0.0 - HP) iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.) K-Lite Mega Codec Pack 15.6.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.6.0 - KLCP) McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R34 - McAfee, LLC) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.55 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProjectPro2019Volume - pt-br) (Version: 16.0.10376.20033 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProPlus2019Volume - pt-br) (Version: 16.0.10376.20033 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\OneDriveSetup.exe) (Version: 21.129.0627.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{D06A5649-3BDB-4F2C-9C38-AB25CD5102E2}) (Version: 2.81.0.0 - Microsoft Corporation) Microsoft Visio Professional 2019 - pt-br (HKLM\...\VisioPro2019Volume - pt-br) (Version: 16.0.10376.20033 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{070C55FA-FB9D-46DD-B30B-4B520A83A66A}) (Version: 1.20.146.0 - Microsoft) Monitor da tecnologia Intel® Turbo Boost 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel) Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 90.0.2 (x64 pt-BR)) (Version: 90.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla) NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.10376.20033 - Microsoft Corporation) Hidden Opera Stable 77.0.4054.203 (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Opera 77.0.4054.203) (Version: 77.0.4054.203 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.5.1 - pdfforge GmbH) PyCharm Community Edition 2020.1.1 (HKLM-x32\...\PyCharm Community Edition 2020.1.1) (Version: 201.7223.92 - JetBrains s.r.o.) Python Launcher (HKLM-x32\...\{406A47EE-C4AE-4944-BADE-1B543A443873}) (Version: 3.8.7072.0 - Python Software Foundation) Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.1 - Rockstar Games) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.) Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.) TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.7.1965 - TeamViewer) Tekla BIMsight (HKLM\...\{4EDD824B-F4F9-4BA3-857F-3A712553736D}) (Version: 1.10 - Trimble Solutions Corporation) Tekla Model Sharing Foundation, Clash Check 2.7 (HKLM-x32\...\{8DFA9AE5-A5BD-4976-952F-75E95E72D6BD}) (Version: 2.7.0 - Tekla Corporation) Tekla Model Sharing Foundation, SketchUp Plugin 1.39 (HKLM-x32\...\{815A3CBE-A089-4D46-AA20-F6A446A7D6EA}) (Version: 1.39 - Tekla Corporation) Tekla Model Sharing Foundation, WebViewerXml plugin 1.9 (HKLM-x32\...\{4614B232-B595-4CF2-A4A6-DC6D29D11051}) (Version: 1.9.0 - Tekla Corporation) Telegram Desktop version 2.8.11 (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.8.11 - Telegram FZ-LLC) Trimble Connect (HKLM\...\{CDD37B47-18D6-4742-836B-1C3487A86F85}) (Version: 1.8.2.169 - Trimble Solutions Corporation) Trimble Solutions ImportSDK, BSQ Import Plugin 1.6 (x86 build) (HKLM-x32\...\{8C3EA90B-CFEC-41F8-8053-084A78084EAC}) (Version: 1.6 - Trimble Solutions Corporation) Trimble Solutions ImportSDK, DGN plugin 1.39 (x64 build) (HKLM\...\{1256F9EB-56A4-4A2A-A766-836ED45DFE59}) (Version: 1.39 - Trimble Solutions Corporation) Trimble Solutions ImportSDK, DWG plugin 1.42 (x64 build) (HKLM\...\{8CAC805E-2A2C-4CC1-A2B1-AA98F82026B2}) (Version: 1.42 - Trimble Solutions Corporation) Trimble Solutions ImportSDK, IFC plugin 5.34 (x64 build) (HKLM\...\{2C97BFCF-D053-4B14-8A4F-9DB3A6C487AD}) (Version: 5.34 - Trimble Solutions Corporation) Trimble Solutions ImportSDK, LandXML plugin 1.20 (x86 build) (HKLM-x32\...\{B5C13BC8-0942-4809-9C51-971B204639CB}) (Version: 1.20 - Trimble Solutions Corporation) Trimble Solutions ImportSDK, STEP/IGES plugin 3.15 (x64 build) (HKLM\...\{CC0283C2-0E4F-4EE1-AF60-BB57022BA43F}) (Version: 3.15 - Trimble Solutions Corporation) Warsaw 2.18.0.65 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.18.0.65 - Diebold Nixdorf) WebAdvisor da McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.605 - McAfee, LLC) WhatsApp (HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\WhatsApp) (Version: 2.2126.14 - WhatsApp) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Wondershare Filmora9(Build 9.3.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software) Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare) Packages: ========= Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-21] (Microsoft Corporation) Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.2.0_x64__htrsf667h5kn2 [2021-07-21] (Dell Inc) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_128.1.219.0_x64__v10z8vjag6ke6 [2021-07-21] (HP Inc.) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.14.0_x86__8xx8rvfyw5nnt [2021-07-21] (Instagram) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-07-21] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-07-21] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-21] (Microsoft Studios) [MS Ad] Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0 [2021-07-21] (Spotify AB) [Startup Task] ==================== Exame Personalizado CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2802420505-662629979-4225180187-1002_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2802420505-662629979-4225180187-1002_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2802420505-662629979-4225180187-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) CustomCLSID: HKU\S-1-5-21-2802420505-662629979-4225180187-1002_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2802420505-662629979-4225180187-1002_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.) ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2018-01-30] (Autodesk, Inc. -> Autodesk, Inc.) ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-01-30] (Autodesk, Inc. -> Autodesk) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-06-04] (McAfee, LLC -> McAfee, LLC) ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2018-11-13] (pdfforge GmbH -> pdfforge GmbH) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-06-04] (McAfee, LLC -> McAfee, LLC) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [Arquivo não assinado] ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2021-03-05 18:44 - 2021-03-05 18:44 - 000209408 _____ () [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll 2021-03-05 18:44 - 2021-03-05 18:44 - 000101376 _____ () [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000017920 _____ () [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 003567616 _____ () [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2018-03-13 04:47 - 2018-03-13 04:47 - 000912896 _____ () [Arquivo não assinado] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll 2018-03-13 04:47 - 2018-03-13 04:47 - 003109888 _____ () [Arquivo não assinado] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll 2015-02-19 01:13 - 2015-02-19 01:13 - 000817152 _____ () [Arquivo não assinado] C:\Program Files\AMD\Performance Profile Client\Device.dll 2015-02-19 01:13 - 2015-02-19 01:13 - 003650560 _____ () [Arquivo não assinado] C:\Program Files\AMD\Performance Profile Client\Platform.dll 2019-11-16 21:09 - 2014-05-13 21:06 - 000440320 ____N (Atheros) [Arquivo não assinado] C:\Windows\system32\athihvs.dll 2019-11-13 16:33 - 2012-08-01 13:05 - 000030208 _____ (Conexant Systems, Inc.) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\Conexant\SA3\SmartAudio.Creative.dll 2019-11-13 15:13 - 2019-11-13 15:13 - 000116736 _____ (pdfforge GmbH) [Arquivo não assinado] C:\Windows\System32\pdfcmon.dll 2020-11-20 14:10 - 2020-11-20 14:10 - 001638912 _____ (Robert Simpson, et al.) [Arquivo não assinado] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll 2020-12-16 09:26 - 2020-12-16 09:26 - 000090112 _____ (Silicon Laboratories, Inc.) [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2021-06-29 17:19 - 2020-03-16 14:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Origin\LIBEAY32.dll 2021-06-29 17:19 - 2020-03-16 14:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Origin\ssleay32.dll 2021-03-05 18:43 - 2021-03-05 18:43 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll 2021-03-05 18:43 - 2021-03-05 18:43 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll 2021-06-29 17:19 - 2020-01-13 10:01 - 001611264 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2021-06-29 17:19 - 2020-01-13 10:01 - 005487104 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Core.dll 2021-06-29 17:19 - 2020-01-13 10:01 - 005841920 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Gui.dll 2021-06-29 17:19 - 2020-01-13 10:01 - 001179136 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Network.dll 2021-06-29 17:19 - 2020-01-13 10:01 - 000146432 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2021-06-29 17:19 - 2020-01-13 10:01 - 005089792 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2021-06-29 17:19 - 2020-01-13 10:01 - 000184832 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Xml.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000031744 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000039424 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000031744 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000413696 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000025088 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000025088 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000023552 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000519168 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 001431040 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 001180672 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000135680 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2020-09-23 04:09 - 2020-09-23 04:09 - 006010880 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 006345216 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 001078272 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000313856 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 004000256 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 003802624 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000171008 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 001083904 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000205312 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000329728 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000113152 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000376320 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 092323328 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 005560832 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000463360 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000188416 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 002888704 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000053760 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000059392 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000017408 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000287232 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000329216 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000136192 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000089088 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000312320 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2020-08-19 17:48 - 2020-08-19 17:48 - 000017920 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2020-09-23 04:09 - 2020-09-23 04:09 - 000085504 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2410] AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [210] AlternateDataStreams: C:\ProgramData\TEMP:D78D6FF7 [154] ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service" ==================== Associação (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1" ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-06-24] (McAfee, LLC -> McAfee, LLC) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-14] (Microsoft Corporation -> Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-06-04] (McAfee, LLC -> McAfee, LLC) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-06-04] (McAfee, LLC -> McAfee, LLC) (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\localhost -> localhost ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\AdoptOpenJDK\jre-8.0.232.09-hotspot\bin;C:\Program Files (x86)\AdoptOpenJDK\jre-8.0.232.09-hotspot\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2802420505-662629979-4225180187-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Usuario\Desktop\86ab66de9449a62a4357ff4a9affec5b.jpg DNS Servers: 192.168.15.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. Network Binding: ============= Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled) Wi-Fi: Diebold Network Monitor -> nt_wsddntf (enabled) ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) MSCONFIG\Services: AdAppMgrSvc => 2 HKLM\...\StartupApproved\Run: => "XboxStat" HKLM\...\StartupApproved\Run32: => "HDD Regenerator" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "vidnotifier.exe" HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\StartupApproved\Run: => "msnmsgr" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{87C8E9B0-A6D4-4C6D-A1B9-1D3D36F4D51F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F229E847-715E-4560-B25F-B2D507DE4757}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{1278CF74-DC35-455D-A7F3-BE4B4737D63B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{1C28D4BF-F26E-4155-91C0-8A2B347BC04B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{55337E7B-6794-4C90-9590-195E5E4F758A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{CAFFC508-2CB7-4D04-A963-301953BE524F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{B1255BA1-FFA9-4C65-A51B-819A66ABCE4D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH) FirewallRules: [{A39DDC0C-191B-4B53-B70E-6FE430261488}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC) FirewallRules: [{504B20B6-4EE5-491D-8AA1-6C0CF829CAD5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC) FirewallRules: [{BF7CF1BD-9F7E-48DE-A216-1BDD1AE2EDBA}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC) FirewallRules: [{A9367D84-17A6-49BC-8440-F68F15A1AD79}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) FirewallRules: [{08CA8859-CC75-42CD-AD80-D2FFA5B95D3A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{0C4534B6-4705-4409-B236-4BE9679495C5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{701C8848-079A-47FA-BD40-A1E1D4813ED7}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{00A7D9E2-7A65-44CB-A493-91B548E9C816}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{7A92CA12-FE65-4522-BF9F-531204AC099B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{77D48831-FE18-4BE6-AC0E-DEF9448F2AE8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{20E0233E-0B71-48BA-9C0D-1215042CDC76}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{ED625EFF-504A-4C94-8F91-61992F1021BD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{EEB35AD4-2F51-40E2-BE24-A66A431BD419}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{445C2999-4013-418F-A44F-3006D15F8C97}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{84557DAA-B6DB-40B6-8C53-E492F53CF4B1}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{884409E2-D1E4-4F16-91D6-7BF773056682}] => (Allow) LPort=5357 FirewallRules: [{80175F56-68F8-4140-BD09-8D1BF2A595B0}] => (Allow) C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{F64BA36D-492B-42D0-8B30-7068786E7DAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cursed Treasure 2\Cursed TD2.exe () [Arquivo não assinado] FirewallRules: [{AF9F0AD1-1B9E-45C0-80CA-98B7A11980B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cursed Treasure 2\Cursed TD2.exe () [Arquivo não assinado] FirewallRules: [{C28C568E-A32D-4D01-A2EA-EE469B047F35}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{5A979F15-9BE4-440E-9EC0-B22BD19CBC7A}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{62385334-53E0-45B7-BF5B-8B4CAA9F773A}] => (Allow) C:\Program Files (x86)\InstallShield Installation Information\{BB281145-A521-2EF3-B593-C5D534DC9911}\orchestrator.exe (MS) [Arquivo não assinado] FirewallRules: [{050BF33A-FBC3-4980-93D3-B2D81F14E1A9}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{8D666B48-6D10-4811-817C-3E3B1E922FA5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) FirewallRules: [{091A3DA4-CF18-4030-8C32-19330487AE7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{CF7E6461-5568-47E5-A135-BCA583D7BB9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{A6C25E46-2D2A-49D6-A4DE-B50285714BC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\factorio.exe => Nenhum Arquivo FirewallRules: [{F63128BE-BFF3-4AD9-8324-AE9D70D7B20E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\factorio.exe => Nenhum Arquivo FirewallRules: [{02D56520-C941-480F-8F6B-ECFD84331C7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GIBZ\GIBZ.exe (Torrunt.net) [Arquivo não assinado] FirewallRules: [{7AFF0BCE-0C17-44B7-A9F1-D2C17083BE62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GIBZ\GIBZ.exe (Torrunt.net) [Arquivo não assinado] FirewallRules: [{45941221-F556-41AA-ACE9-EBA3955FB3C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bit Dungeon II\bitDungeonII.exe () [Arquivo não assinado] FirewallRules: [{3AABD1D7-43E8-4ECA-8E1D-E1AD9902E15B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bit Dungeon II\bitDungeonII.exe () [Arquivo não assinado] FirewallRules: [{0D194D60-6C62-4E6C-981D-B50EBCCA3BFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Arquivo não assinado] FirewallRules: [{A44AE0B4-971F-42BC-9532-9B79C6F13449}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BloonsTD6\BloonsTD6.exe () [Arquivo não assinado] FirewallRules: [{C1964F93-D141-466F-95D3-46AEB8C1BF7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bit Dungeon III\bd3.exe () [Arquivo não assinado] FirewallRules: [{1BFE7459-B3C4-4E82-864A-BDB271245575}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\bit Dungeon III\bd3.exe () [Arquivo não assinado] FirewallRules: [{CAC10449-BC92-4477-886B-78C983430862}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{D17B4D37-AA75-4284-9D6A-5C75C06B3122}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{38A7EE7F-86CD-4961-A12A-6F94BE73F790}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Screen Grabber Pro\AceThinker Screen Grabber Pro.exe => Nenhum Arquivo FirewallRules: [{90FDC3B9-8EE9-4116-821D-65B68267917A}] => (Allow) C:\Program Files (x86)\AceThinker\AceThinker Screen Grabber Pro\AceThinker Screen Grabber Pro.exe => Nenhum Arquivo FirewallRules: [{91FD5B87-A7EF-4A34-A8CD-CDD27837E964}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pinball FX3\Pinball FX3.exe () [Arquivo não assinado] FirewallRules: [{D278DBA0-CC2F-4B99-9CB5-D101CC3E1E6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pinball FX3\Pinball FX3.exe () [Arquivo não assinado] FirewallRules: [{2A205712-0AA6-43B0-AD90-01C411F4815B}] => (Allow) C:\Users\Usuario\AppData\Local\Programs\Opera\77.0.4054.172\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{685F7C8D-A6C7-4B7D-B7BE-67EC06858849}] => (Allow) C:\Users\Usuario\AppData\Local\Programs\Opera\77.0.4054.203\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{F10DB2D6-C3C9-41EA-B268-118C9D48A615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{A8936B80-1859-473B-A880-3870642CBE24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C0E3F50B-1B37-45B8-85EE-CF705D273B8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D6F49838-1C2C-4E91-805C-AD3439F7C52E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{7A13BF75-C21A-47DE-B9AD-D125A0E5C309}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5FE1A46A-1992-4860-9A76-21FB63BBBF74}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{283D536B-3319-4687-A537-DADFED44B55F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C3F1C2A3-B312-4E4B-961A-1343F01E7EDC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.163.568.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9DC3E7AB-E4D8-4593-8261-56EFC8822179}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C9D44B48-8ECE-479A-AE3B-DDE759E64EE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{43D2E12D-BC7C-4A7B-89A4-28433D12F329}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{93648D01-9FF2-4B51-AA0F-E7C4FB44304E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{FCEC5C81-9715-491B-B9C0-2A75F9C80EB9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{F8B0BCFE-0094-42C0-BB03-D83FEF88D7D6}] => (Allow) C:\Users\Usuario\Desktop\UltraAdwareKiller.exe => Nenhum Arquivo FirewallRules: [{67DE65AA-082C-4B95-8079-AD35A1B898C3}] => (Allow) C:\Users\Usuario\Desktop\UltraAdwareKiller.exe => Nenhum Arquivo FirewallRules: [{9DD83B58-A5CC-4E62-B61D-8D844360EC2F}] => (Allow) C:\Users\Usuario\Desktop\UltraAdwareKiller64.exe (Da Silva Alfrédo -> Carifred) FirewallRules: [{299A3166-5244-4F1E-A215-527DC77DFBA9}] => (Allow) C:\Users\Usuario\Desktop\UltraAdwareKiller64.exe (Da Silva Alfrédo -> Carifred) ==================== Pontos de Restauração ========================= 21-07-2021 19:46:35 Removed HDD Regenerator. 21-07-2021 19:50:37 Installed HDD Regenerator. 21-07-2021 19:53:55 Removed HDD Regenerator. 21-07-2021 20:02:41 Installed HDD Regenerator. 23-07-2021 11:53:29 ZHPcleaner 24-07-2021 20:57:34 2407 ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (07/25/2021 11:00:50 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: AUDIODG.EXE, versão: 10.0.18362.1533, carimbo de data/hora: 0x66e9554c Nome do módulo com falha: CX64AP71.dll, versão: 4.80.70.0, carimbo de data/hora: 0x501ae8c8 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000106baa ID do processo com falha: 0x226c Hora de início do aplicativo com falha: 0x01d7815a10b3e02d Caminho do aplicativo com falha: C:\Windows\system32\AUDIODG.EXE Caminho do módulo com falha: C:\Windows\system32\CX64AP71.dll ID do Relatório: 8be922c6-4c05-4df1-81f9-433175feba0e Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (07/24/2021 10:21:53 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado. . Error: (07/24/2021 10:21:53 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado. ] Error: (07/24/2021 10:21:53 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado. . Error: (07/24/2021 10:21:53 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado. ] Error: (07/24/2021 09:21:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: AUDIODG.EXE, versão: 10.0.18362.1533, carimbo de data/hora: 0x66e9554c Nome do módulo com falha: CX64AP71.dll, versão: 4.80.70.0, carimbo de data/hora: 0x501ae8c8 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000106baa ID do processo com falha: 0x2ca0 Hora de início do aplicativo com falha: 0x01d780eaf2696c11 Caminho do aplicativo com falha: C:\Windows\system32\AUDIODG.EXE Caminho do módulo com falha: C:\Windows\system32\CX64AP71.dll ID do Relatório: a85189e7-7e47-46b6-96f5-503420072e67 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (07/24/2021 09:18:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: MMSSHOST.EXE, versão: 1.8.121.0, carimbo de data/hora: 0x60940a2d Nome do módulo com falha: MMSSHOST.EXE, versão: 1.8.121.0, carimbo de data/hora: 0x60940a2d Código de exceção: 0xc0000409 Deslocamento da falha: 0x000000000002ba75 ID do processo com falha: 0x14e8 Hora de início do aplicativo com falha: 0x01d780e8143a3184 Caminho do aplicativo com falha: C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.EXE Caminho do módulo com falha: C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.EXE ID do Relatório: 1eee067a-ea92-469e-bcc7-cb4c70f976ef Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (07/24/2021 12:56:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: AUDIODG.EXE, versão: 10.0.18362.1533, carimbo de data/hora: 0x66e9554c Nome do módulo com falha: CX64AP71.dll, versão: 4.80.70.0, carimbo de data/hora: 0x501ae8c8 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000106baa ID do processo com falha: 0x2d88 Hora de início do aplicativo com falha: 0x01d780a40213b879 Caminho do aplicativo com falha: C:\Windows\system32\AUDIODG.EXE Caminho do módulo com falha: C:\Windows\system32\CX64AP71.dll ID do Relatório: d105758d-8dfe-4ce2-8093-a6b2184d87d1 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (07/26/2021 12:47:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço wuauserv terminou com o erro: O sistema não pode encontrar o arquivo especificado. Error: (07/26/2021 12:47:48 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} não se registrou no DCOM dentro do tempo limite necessário. Error: (07/26/2021 12:45:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço wuauserv terminou com o erro: O sistema não pode encontrar o arquivo especificado. Error: (07/26/2021 12:45:48 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} não se registrou no DCOM dentro do tempo limite necessário. Error: (07/26/2021 12:43:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço wuauserv terminou com o erro: O sistema não pode encontrar o arquivo especificado. Error: (07/26/2021 12:43:47 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} não se registrou no DCOM dentro do tempo limite necessário. Error: (07/26/2021 12:41:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço wuauserv terminou com o erro: O sistema não pode encontrar o arquivo especificado. Error: (07/26/2021 12:41:47 PM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} não se registrou no DCOM dentro do tempo limite necessário. ==================== Informações da Memória =========================== BIOS: Dell Inc. A14 05/17/2018 placa-mãe: Dell Inc. 0DNMM8 Processador: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz Percentagem de memória em uso: 49% RAM física total: 8067.35 MB RAM física disponível: 4038.99 MB Virtual Total: 12931.35 MB Virtual disponível: 7148.16 MB ==================== Drives ================================ Drive () (Fixed) (Total:465.19 GB) (Free:158.33 GB) NTFS \\?\Volume{c82ad428-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.57 GB) (Free:0.16 GB) NTFS ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C82AD428) Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 29.8 GB) (Disk ID: 21AD8077) Partition: GPT. ==================== Fim de Addition.txt =======================

@Elias Pereira Após a invasão ao instagram, troquei a senha. Ontem de manhã o facebook me avisou sobre uma tentativa de login na minha conta na Alemanha, troquei a senha também. O desempenho do notebook tá normal.

@Elias Pereira Obrigado pela ajuda. Só tenho uma dúvida... Posso estar infectado com algum outro tipo de vírus que não são pegos pelos programas que foram passados ?

@Elias Pereira Tudo ok, nenhum problema.

@Elias Pereira RogueKiller Anti-Malware V15.0.8.0 (x64) [Jul 13 2021] (Premium) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.18363) 64-bit Started in : Normal mode User : Usuario [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Signatures : 20210720_183440, Driver : Loaded Mode : Standard Scan, Delete -- Date : 2021/07/23 19:30:31 (Duration : 00:09:21) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Suspicious.Path (Potentially Malicious)] HKEY_USERS\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Microsoft\Windows\CurrentVersion\Run|utweb -- [%_Usuario_appdata%\uTorrent Web\utweb.exe] -> Deleted [PUM.Policies (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Replaced (2) [PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename -- My Bing Search -> Deleted [PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine -- My Bing Search -> Deleted [PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename -- My Bing Search -> Deleted [PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine -- My Bing Search -> Deleted

@Elias Pereira RogueKiller Anti-Malware V15.0.8.0 (x64) [Jul 13 2021] (Premium) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 10 (10.0.18363) 64-bit Started in : Normal mode User : Usuario [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Signatures : 20210720_183440, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2021/07/23 16:06:07 (Duration : 00:09:21) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> O4 - Run [Suspicious.Path (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2802420505-662629979-4225180187-1002\Software\Microsoft\Windows\CurrentVersion\Run|utweb -- "C:\Users\Usuario\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (missing) -> Found >>>>>> XX - System Policies [PUM.Policies (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> Firefox Config [PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename (C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App\prefs.js) -- My Bing Search -> Found [PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine (C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App\prefs.js) -- My Bing Search -> Found [PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename (C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\prefs.js) -- My Bing Search -> Found [PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine (C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\prefs.js) -- My Bing Search -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

@Elias Pereira AdwCleaner # ------------------------------- # Malwarebytes AdwCleaner 8.3.0.0 # ------------------------------- # Build: 06-29-2021 # Database: 2021-06-29.1 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 07-23-2021 # Duration: 00:00:01 # OS: Windows 10 Pro # Cleaned: 13 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{C915F573-4C11-4968-9080-29E611FDBE9F} ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** Deleted My Bing Search Deleted My Bing Search Deleted https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName= Deleted https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName= Deleted https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName= Deleted https://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName= ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [2960 octets] - [23/07/2021 11:21:33] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## ZHPCleaner ~ ZHPCleaner v2021.7.23.313 by Nicolas Coolman (2021/07/23) ~ Run by Usuario (Administrator) (23/07/2021 11:54:11) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\Usuario\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Usuario\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : OK ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 18363) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (11) MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++www.softonic.com.br\.metadata-v2 =>SUP.Optional.Softonic MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++ultraiso.br.uptodown.com\.metadata-v2 =>PUP.Optional.UpToDown MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++pxlgnpgecom-a.akamaihd.net\.metadata-v2 =>.SUP.AkamaiHD MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++pxlclnmdecom-a.akamaihd.net\.metadata-v2 =>.SUP.AkamaiHD MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++k-lite-mega-codec-pack.br.uptodown.com\.metadata-v2 =>PUP.Optional.UpToDown MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++daemon-tools.br.uptodown.com\.metadata-v2 =>PUP.Optional.UpToDown MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++camtasia-studio.br.uptodown.com\.metadata-v2 =>PUP.Optional.UpToDown MOVED file: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\storage\default\https+++balabolka-portable.br.uptodown.com\.metadata-v2 =>PUP.Optional.UpToDown MOVED file: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\Usuario\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium MOVED folder: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj =>.SUP.Orphan ---\\ Registry ( Key, Value, Data) (0) ~ No malicious or unnecessary items found. ---\\ Summary of the elements found (5) https://nicolascoolman.eu/forum/Topic/softonic-logiciel-potentiellement-superflu-lps/ =>SUP.Optional.Softonic https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>PUP.Optional.UpToDown https://nicolascoolman.eu/2017/12/26/sup-akamaihd/ =>.SUP.AkamaiHD https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan ---\\ Other deletions. (4) ~ Registry Keys Tracing deleted (4) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Mozilla Firefox OK ~ Internet Explorer OK ~ Opera Stable OK ---\\ Statistics ~ Items scanned : 5512 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h00mn36s ---\\ Reports (4) ZHPCleaner-[R]-21072021-18_30_51.txt ZHPCleaner-[S]-21072021-18_19_19.txt ZHPCleaner-[S]-23072021-11_51_52.txt ZHPCleaner-[R]-23072021-11_54_47.txt

Boa noite. Meu Instagram começou a seguir perfis "sozinho" e estou suspeitando de algum vírus no meu notebook que tenha roubado a senha. Alguém pode me ajudar a fazer uma verificação ? Edit: Restauração de sistema apresentando erro 0x80070005, também não consigo criar um ponto de restauração. ZA-Scan.txt

Gostaria de comprar um WD Blue e nenhuma dessas lojas tem. Sabe me dizer se o HD Seagate BarraCuda, 500GB, 2.5´, Notebook, SATA - ST500LM030 é um bom HD ?

Boa tarde. Estou precisando comprar um HD novo de 500GB para notebook, porém após fazer uma pesquisa fiquei meio perdido devido as diferenças de preço entre sites e marcas. Alguém tem indicação de loja ou vendedor no mercado livre que ofereça produtos legítimos e com zero horas de uso ? Em 90% dos anúncios de HD no mercado livre tem alguém nas avaliações dizendo que o produto já veio com horas de uso.

Boa tarde. Eu costumo usar ele pois ele ja me salvou uma vez com um HD de PS3 que foi desligado enquanto atualizava, técnicos condenaram o HD e eu mesmo arrumei. Daqui pra frente vou levar sua dica em consideração. Valeu! Entendi... Pensei em um WD mesmo, inclusive tem um em promoção na Kabum WD Externo Portátil Elements USB 3.0 1TB R$285,90. Valeu pela ajuda.

É normal isso acontecer com um HD externo que foi ligado tão poucas vezes e com poucas horas de uso ? Pode me indicar um produto bom de 1TB ?

Bom dia. Estou com problemas com um HD externo Samsung M3 1TB. Após tentar fazer um backup, o HD ficou inacessível, quando clicava na unidade vinha a mensagem "Acesso negado". Abri o CrystalDisk e vi que o HD em questão estava em estado de alerta. (foto) Executei a ferramenta de reparo CHKDSK no cmd. A ferramenta encontrou diversos cluster inválidos, alguns foram substituídos, porém depois apareceu a seguinte frase "o disco não tem espaço suficiente para substituir clusters inválidos". Após esse procedimento, o disco voltou a ficar acessível, porém ainda em estado de alerta no CrystalDisk. Passei o HDD Regenerator só que o processo não vai até o fim, aparecendo a mensagem "Device not ready". Alguém conhece mais algum procedimento que eu possa fazer para tentar o reparo ? Será que ele morreu ?

Boa noite. Quero fazer um upgrade de memória RAM, de 2x4GB para 2x8GB no meu Inspiron 7520 15R SE. Já vi um vídeo no youtube com o upgrade e a memória utilizada foi a Corsair Apple Certified 16 GB (2x8 GB) DDR3 1600MHz (PC3 12800) Laptop Memory 1.35V. No mercado livre está em torno de R$400,00. No aliexpress encontrei um modelo da Crucial que tem as mesmas especificações da Mac Memory da Corsair, no qual eu gastaria menos de R$300,00 (caso não seja taxado). As marcas se equivalem, ou uma é melhor que a outra ? Compensa essa economia de R$100,00 ?