• Tecnologia
  • Equipamento elétrico
  • Indústria de Materiais
  • Vida digital
  • política de Privacidade
  • Ó nome
Localização: Casa / Tecnologia / Solicitado por OH MY

Solicitado por OH MY

techserving |
1798

Os documentos do MS Word estavam travando, não fechando por muito tempo, nem abrindo, nem salvando rapidamente, nem salvando rapidamente.Digitalizando com o AVG, o Malwarebyes não mostrou nada. A versão antiga do Emsisoft mostrava isso:

Setting.DisableRegistryTools (A)

Valor: HKEY_Local_Machine\SOFTWARE\MICROSOFT\WINDOWS\CURRCURRENT\VERSION\POLICIES\SYSTEM –

Gen:Trojan.Heur.KT.2@l@@ai4D7Fki (B

Setting.DisableRegistryTools (A)

Valor: HKEY_Local_Machine\SOFTWARE\MICROSOFT\WINDOWS\CURRCURRENT\VERSION\POLICIES\SYSTEM –

Gen:Trojan.Heur.KT.2@l@@ai4D7Fki (B

Kit de Emergência Emsisoft - Versão 9.0

Última atualização: 18/11/2018 18:31:20

Conta de usuário: Precision-T3600\MEH

Configurações de digitalização:

Tipo de digitalização: Smart Scan

Objetos: Rootkits, Memória, Traços, C:\Windows\, C:\Arquivos de Programas\, C:\Arquivos de Programas (x86)\

Detectar PUPs: Ligado

Verificar arquivos: Desativado

Verificação ADS: Ativado

Filtro de extensão de arquivo: Desativado

Cache avançado: ativado

Acesso direto ao disco: Desativado

Início da verificação: 01/05/2022 13:59:18

Valor: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detectado: Setting.DisableRegistryTools (A)

C:\Arquivos de Programas\Microsoft Office\Office14\1033\EXCEL.DEV.HXSdetectado: Gen:Trojan.Heur.KT.2.@l@@ai4D7Fki (B

C:\Arquivos de Programas\Microsoft Office\Office14\1033\EXCEL.HXSdetectado: Gen:Trojan.Heur.KT.2.@l@@ai4D7Fki (B

C:\Arquivos de programas\Microsoft Office\Office14\1033\GRAPH.HXS detectado: Gen:Trojan.Heur.KT.2.Li@@ai4D7Fki (B

C:\Arquivos de programas\Microsoft Office\Office14\1033\MSOUC.HXS detectado: Gen:Trojan.Heur.KT.2.Ai@@ai4D7Fki (B

C:\Arquivos de Programas\Microsoft Office\Office14\1033\MSTORE.HXSdetectado: Gen:Trojan.Heur.KT.2.xi@@ai4D7Fki (B

C:\Arquivos de programas\Microsoft Office\Office14\1033\OIS.HXS detectado: Gen:Trojan.Heur.KT.2.Bi@@ai4D7Fki (B

C:\Arquivos de Programas\Microsoft Office\Office14\1033\ONENOTE.HXSdetectado: Gen:Trojan.Heur.KT.2.Qj@@ai4D7Fki (B

C:\Arquivos de programas\Microsoft Office\Office14\1033\OUTLOOK.DEV.HXS detectado: Gen:Trojan.Heur.KT.2.@l@@ai4D7Fki (B

C:\Arquivos de programas\Microsoft Office\Office14\1033\OUTLOOK.HXSdetectado: Gen:Trojan.Heur.KT.2.@l@@ai4D7Fki (B

C:\Program Files\Microsoft Office\Office14\1033\POWERPNT.DEV.HXSdetectado: Gen:Trojan.Heur.KT.2.@l@@ai4D7Fki (B

C:\Arquivos de programas\Microsoft Office\Office14\1033\POWERPNT.HXS detectado: Gen:Trojan.Heur.KT.2.@l@@ai4D7Fki (B

C:\Arquivos de programas\Microsoft Office\Office14\1033\SETLANG.HXS detectado: Gen:Trojan.Heur.KT.2.yi@@ai4D7Fki (B

C:\Arquivos de programas\Microsoft Office\Office14\1033\WINWORD.DEV.HXS detectado: Gen:Trojan.Heur.KT.2.@l@@ai4D7Fki (B

C:\Arquivos de Programas\Microsoft Office\Office14\1033\WINWORD.HXSdetectado: Gen:Trojan.Heur.KT.2.@l@@ai4D7Fki (B

C:\Program Files (x86)\Common Files\microsoft shared\Help\HxRuntime.HxSdetected: Gen:Trojan.Heur.KT.2.bi!@ai4D7Fki (B

C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleUpdateBroker.exe detectado: Gen:Trojan.Heur.FU.hu2@a4WmjAci (B

C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleUpdateOnDemand.exedetectado: Gen:Trojan.Heur.FU.hu2@a0QUcoki (B

C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleUpdateSetup.exedetectado: Gen:Trojan.Heur2.FU.wv2@aGX6qsAP (B

C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.36.132\GoogleUpdateSetup.exe detectado: Gen:Trojan.Heur2.FU.wv2@aGX6qsAP (B

Digitalizado 249192

Encontrou 20

Fim da verificação: 01/05/2022 14h55min20s

Tempo de verificação:0:56:02

Resultado da verificação da Farbar Recovery Scan Tool (FRST) (x64) Versão: 22-04-2022

Executado por MEH (administrador) em PRECISION-T3600 (Dell Inc. Precision T3600) (01-05-2022 19:43:12)

Executando em C:\Users\MEH\Downloads

Perfis carregados: MEH

Plataforma: Microsoft Windows 7 ProfessionalService Pack 1 (X64) Idioma: Inglês (Estados Unidos)

Navegador padrão: FF

Modo de Inicialização: Normal

====================== Processos (lista branca) =================

(Se uma entrada for incluída na fixlist, o processo será encerrado. O arquivo não será movido.)

(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe

(AuthenTec, Inc. -> Authentec Inc.) C:\Arquivos de programas\Arquivos comuns\SPBA\upeksvr.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Arquivos de Programas (x86)\AVG\Antivirus\AVGUI.exe <4>

(C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\ Antivírus\aswEngSrv.exe

(C:\Arquivos de Programas\Arquivos Comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Arquivos de Programas\Arquivos Comuns\Microsoft Shared\Windows Live \WLIDSVCM.EXE

(C:\Arquivos de Programas\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Arquivos de Programas\Malwarebytes\Anti-Malware\mbamtray.exe

(CNET Networks -> Webshots.com) C:\Arquivos de Programas (x86)\Webshots\Webshots.scr

(explorer.exe ->) (Google LLC -> Google LLC) C:\Arquivos de Programas (x86)\Google\Chrome\Application\chrome.exe <13>

(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Arquivos de Programas (x86)\Microsoft\Edge\Aplicativo\msedge.exe <17>

(Mozilla Corporation -> Mozilla Corporation) C:\Arquivos de Programas (x86)\Mozilla Firefox\firefox.exe <14>

(Oracle America, Inc. -> Oracle Corporation) C:\Arquivos de Programas (x86)\Arquivos Comuns\Java\Java Update\jusched.exe

(Piriform Software Ltd -> Piriform Software Ltd) C:\Arquivos de Programas\CCleaner\CCleaner64.exe

(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\afwServ.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe

(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe

(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Arquivos de Programas\Malwarebytes\Anti-Malware\MBAMService.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDSVC.EXE

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UI0Detect.exe

====================== Registro (lista branca) ===================

(Se uma entrada for incluída na fixlist, o item do registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Executar: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [168376 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

HKLM\...\Executar: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)

HKLM-x32\...\Executar: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO

HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\Executar: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)

HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\Winlogon: [Shell] - <==== ATENÇÃO

HKU\S-1-5-21-4144036370-3246485623-2860655430-501\...\Executar: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)

HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )

HKLM\...\Windows x64\Print Processors\hpcpp160: C:\Windows\System32\spool\prtprocs\x64\hpcpp160.dll [602912 2013-12-04] (Hewlett-Packard Company -> Hewlett -Packard Corporation)

HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW081.DLL [74016 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard)

HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )

HKLM\...\Print\Monitors\HPMLM135: C:\Windows\system32\hpmlm135.dll [237344 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Company)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-14] (Google LLC -> Google LLC)

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->

HKLM\Software\...\Autenticação\Provedores de credenciais: [{18CBEEAA-6708-41A1-9379-D08915333CF2}] -> C:\Program Files\Common Files\SPBA\provider.dll [2012-08-17] (AuthenTec, Inc. -> Authentec Inc.)

HKLM\Software\...\Autenticação\Provedores de credenciais: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

HKLM\Software\...\Autenticação\Filtros do provedor de credenciais: [{AE583D93-8D1B-424F-9858-5623FB7824EE}] -> C:\Program Files\Common Files\SPBA\provider.dll [2012-08-17] (AuthenTec, Inc. -> Authentec Inc.)

Inicialização: C:\Users\MEH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk [2022-02-18]

Alvo do Atalho: Webshots.lnk -> C:\Program Files (x86)\Webshots\Launcher.exe (CNET Networks -> Webshots.com)

BootExecute: autocheck autochk * sdnclean64.exe

GroupPolicy: Restrição ? <==== ATENÇÃO

Políticas: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO

HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO

====================== Tarefas agendadas (lista branca) ==========

(Se uma entrada for incluída na fixlist, ela será removida do registro. O arquivo não será movido a menos que seja listado separadamente.)

Tarefa: {00715906-9A6C-43DA-866C-7523D9352346} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)

Tarefa: {06800F5D-26DE-4E82-985C-2B5EDD75F748} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2017-12-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Tarefa: {35E42BBA-94A0-448C-A0DE-486444F0E3CF} - System32\Tasks\AdobeGCInvoker-1.0-Precision-T3600-MEH => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)

Tarefa: {419FB094-AADC-4E57-A1A2-146C5965B067} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Arquivos de Programas (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"

Tarefa: {4B700974-F9F9-4691-B0F1-289888C6E47C} - System32\Tasks\Opera agendada atualização automática 1544753743 => C:\Users\MEH\AppData\Local\Programs\Opera\launcher.exe [2469120 2022-04-20] (Opera Software AS -> Opera Software)

Tarefa: {5505C032-DF9F-4291-8D1B-E5D18C7C2E97} - System32\Tasks\PinItAutoUpdate => C:\Program Files (x86)\Pinterest\Pin It\AutoUpdater.exe [52224 2013-10-17] () [Arquivo não assinado]

Tarefa: {5535F17E-2A3B-49AE-A978-B9F9AAFCB300} - System32\Tasks\WSCEAA => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe [35184 2012-11-28] (Wave Systems Corp. -> Wave Systems Corp.)

Tarefa: {61DE9BA2-EB53-4D31-A4FB-E5F41422B32E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe /StartRecording (sem arquivo)

Tarefa: {654A59F0-4DA5-4631-9129-7724ABE2DAC0} - \Notificador NPAPI do Adobe Flash Player -> Nenhum arquivo <==== ATENÇÃO

Tarefa: {65E60B25-67DB-4B81-8C0D-12D4BB8400B7} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [5008312 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

Tarefa: {73A86648-CAE9-4631-B6CC-22C4813F53BB} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [893832 2017-12-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Tarefa: {776C0E4A-EC83-4830-ABE6-AE805CFE1A93} - System32\Tasks\HPCeeScheduleForMEH => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)

Tarefa: {7EC5865E-ADD8-4742-A146-2F0E0AC97EE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)

Tarefa: {83B042A5-62E5-401C-BF12-6A57A8DA3F74} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2332984 2022-03-07] (AVG Technologies USA, LLC -> AVG Technologies)

Tarefa: {86AEF45F-AA8D-43EF-8E3C-034D046B7BA0} - System32\Tasks\Opera assistente agendado Atualização automática 1582400741 => C:\Users\MEH\AppData\Local\Programs\Opera\launcher.exe [2469120 2022-04-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\MEH\AppData\Local\Programs\Opera\assistant" $(Arg0)

Tarefa: {8A93C550-C837-46C1-B6CD-6E9A060BE90E} - System32\Tasks\{F08BEBEE-FD4F-4756-AE73-0B076D713704} => C:\Windows\system32\pcalua.exe -a "C:\Users\MEH\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IX4WHZXN\JavaSetup8u191.exe" -d C:\Users\MEH \Área de Trabalho

Tarefa: {8FCAE949-B150-4ACE-9806-6D92EE95C7A2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)

Tarefa: {9EE9132B-95A6-41F2-B4E0-BBDC36446286} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

Tarefa: {ACBC7FF7-1B9B-4A32-8465-EE0C5A74421C} - \Adobe Flash Player PPAPI Notifier -> Nenhum arquivo <==== ATENÇÃO

Tarefa: {BE0C51C0-C83E-4CEB-96C5-96A11F08AE90} - System32\Tasks\AdobeAAMUpdater-1.0-Precision-T3600-MEH => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Tarefa: {C1BC7535-CE35-44EA-AB29-CA485836CFDB} - System32\Tasks\{E08EF988-BD4A-416B-BCA4-271B6798517A} => C:\Users\MEH\Desktop\JRT_NEW.exe (sem arquivo)

Tarefa: {CFE23D24-940B-4A38-BF63-B93311BCC136} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)

Tarefa: {EDA1EEAA-630F-47CD-91BB-BFE68FE98CD6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (sem arquivo)

Tarefa: {EEE9458D-E547-490C-BB08-BB85467EF2A1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)

Tarefa: {F532A395-364D-4F8F-B602-A9F923DC3FFE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2017-12-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Tarefa: C:\Windows\Tasks\HPCeeScheduleForMEH.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

====================== Internet (lista branca) ====================

(Se um item for incluído na fixlist, se for um item de registro, ele será removido ou restaurado para o padrão.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{07844A5C-8366-4EB3-9E56-C221DF0D0D64}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{883F6A1F-DB26-41AD-A138-5D9A044B7999}: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{9C16CE0E-C564-4F18-B93B-E2AFE99373FE}: [DhcpNameServer] 10.1.10.1

Extremidade:

=======

Edge DefaultProfile: Padrão

Edge Profile: C:\Users\MEH\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-01]

Edge HomePage: Padrão -> hxxp://www.duckduckgo.com/

Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:

==========

FF DefaultProfile: 0u1mt6n7.default-1416744754553

FF ProfilePath: C:\Users\MEH\AppData\Roaming\Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 [2022-05-01]

Página inicial do FF: Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 -> hxxp://www.duckduckgo.com

Restauração da sessão FF: Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 -> está ativado.

FF NewTabOverride: Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 -> Ativado: newtaboverride@agenedia.com

FF NewTabOverride: Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 -> Ativado: @webrtc-leak-shield

FF NewTabOverride: Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 -> Ativado: ddg@search.mozilla.org

FF NewTabOverride: Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 -> Ativado: wikipedia@search.mozilla.org

FF NewTabOverride: Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 -> Ativado: google@search.mozilla.org

FF NewTabOverride: Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 -> Ativado: ebay@search.mozilla.org

FF NewTabOverride: Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 -> Ativado: bing@search.mozilla.org

FF NewTabOverride: Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553 -> Ativado: amazondotcom@search.mozilla.org

FF Extension: (WebRTC Leak Shield) - C:\Users\MEH\AppData\Roaming\Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553\Extensions\@webrtc-leak-shield.xpi [2021-09- 29]

FF Extension: (Pinterest Save Button) - C:\Users\MEH\AppData\Roaming\Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2022-03-01 ]

FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\MEH\AppData\Roaming\Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-04-26 ]

FF Extension: (New Tab Override) - C:\Users\MEH\AppData\Roaming\Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553\Extensions\newtaboverride@agenedia.com.xpi [2022-02-07 ]

Extensão FF: (Complemento para desativação do Google Analytics (pelo Google)) - C:\Users\MEH\AppData\Roaming\Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553\Extensions\{6d96bb5e-1175 -4ebf-8ab5-5f56f1c79f65}.xpi [2021-10-31] [UpdateUrl:hxxps://tools.google.com/service/update2/ff?guid=%ITEM_ID%&version=%ITEM_VERSION%&aplicativo =%APP_ID%&appversion=%APP_VERSION%]

FF Extension: (NoScript) - C:\Users\MEH\AppData\Roaming\Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2022 -04-18]

Extensão FF: (Uma cor dentro de outra cor) - C:\Users\MEH\AppData\Roaming\Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553\Extensions\{9e420261-1c2f-4eb7-a9f0-dc7292f17459} .xpi [2021-12-01]

FF Extension: (Adblock Plus - bloqueador de anúncios gratuito) - C:\Users\MEH\AppData\Roaming\Mozilla\Firefox\Profiles\0u1mt6n7.default-1416744754553\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d }.xpi [2021-11-23]

Plugin FF: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [Sem arquivo]

Plugin FF: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-29] (Oracle America, Inc. -> Oracle Corporation)

Plugin FF: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-29] (Oracle America, Inc. -> Oracle Corporation)

Plugin FF: @microsoft.com/GENUINE -> desativado [Sem arquivo]

Plugin FF: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

Plugin FF: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems Incorporated -> Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [Sem arquivo]

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1233203.dll [2018-05-15] (Adobe Systems, Inc.) [Arquivo não assinado]

FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Arquivos de Programas (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.) [Arquivo não assinado]

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.38 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2012-05-21] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2012-05-21] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> desativado [Sem arquivo]

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @real.com/nppl3260;version=18.1.5.699 -> c:\arquivos de programas (x86)\real\realplayer\Netscape6\nppl3260.dll [Sem arquivo]

FF Plugin-x32: @real.com/nprpplugin;version=18.1.5.699 -> c:\arquivos de programas (x86)\real\realplayer\Netscape6\nprpplugin.dll [Sem arquivo]

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems Incorporated -> Adobe Systems)

Cromo:

=======

CHR Profile: C:\Users\MEH\AppData\Local\Google\Chrome\User Data\Default [2022-05-01]

CHR DefaultSearchURL: Padrão -> hxxps://www.bing.com/search?q={searchTerms}&PC=U316&FORM=CHROMN

CHR DefaultSearchKeyword: Default -> bing.com

CHR DefaultNewTabURL: Padrão -> hxxps://www.bing.com/chrome/newtab

CHR DefaultSuggestURL: Padrão -> hxxps://www.bing.com/osjson.aspx?query={searchTerms}&language={idioma}&PC=U316

CHR Extension: (Beauty) - C:\Users\MEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbbelgoeoihcmnkgkeanmogncgkfichm [2021-10-09]

CHR Extension: (NiftySplit) - C:\Users\MEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkmjnlfillpnkgmjnhgklpjjlpjnfeil [2018-06-16]

CHR Extension: (Adblock Plus - bloqueador de anúncios gratuito) - C:\Users\MEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-13]

CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [28-04-2022]

CHR Extension: (AutoplayStopper) - C:\Users\MEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejddcgojdblidajhngkogefpkknnebdh [28-02-2022]

CHR Extension: (Don't bleep With Paste) - C:\Users\MEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkgllhigpcljnhoakjkgaieabnkmgdkb [2020-05-31]

CHR Extension: (Chrome Web Store Payments) - C:\Users\MEH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Profile: C:\Users\MEH\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-01]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Ópera:

=======

OPR Profile: C:\Users\MEH\AppData\Roaming\Opera Software\Opera Stable [2022-05-01]

OPR StartupUrls: Opera Stable -> "hxxps://duckduckgo.com/"

OPR DefaultSuggestURL: Opera Stable -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list&t={opera:vpnClient}

OPR Extension: (Rich Hints Agent) - C:\Users\MEH\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-03-03]

OPR Extension: (Opera Crypto Wallet) - C:\Users\MEH\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-04-22]

OPR Extension: (WebRTC Leak Prevent) - C:\Users\MEH\AppData\Roaming\Opera Software\Opera Stable\Extensions\jjabaljgaabcnmcoalhaldkmcfbojkkb [2021-04-26]

OPR Extension: (Amazon Assistant Promotion) - C:\Users\MEH\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]

====================== Serviços (lista branca) ===================

(Se uma entrada for incluída na fixlist, ela será removida do registro. O arquivo não será movido a menos que seja listado separadamente.)

S4 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)

S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)

R2 AVG Antivírus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [713656 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 AVG Firewall; C:\Program Files (x86)\AVG\Antivirus\afwServ.exe [1770424 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

Ferramentas R2 AVG; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [460728 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [8413296 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [109480 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

S4 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [204288 2012-08-02] (Broadcom Corporation) [Arquivo não assinado]

S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)

S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)

S4 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2486272 2013-04-30] (Dell Inc.) [Arquivo não assinado]

S4 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [231792 2013-03-11] (Wave Systems Corp. -> )

S4 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc. -> Invincea, Inc.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8347832 2022-05-01] (Malwarebytes Inc -> Malwarebytes)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 15-11-2013] (Hewlett-Packard) [Arquivo não assinado]

S4 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [21504 2013-01-21] (Dell, Inc.) [Arquivo não assinado]

Driver R2 Pml HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [Arquivo não assinado]

S4 poaService; C:\Program Files\Dell\PPO\poaService.exe [641232 2013-07-19] (Techporch Incorporated -> Dell Inc.)

S4 PoaSMSrv; C:\Program Files\Dell\PPO\poaSmSrv.exe [277712 2013-07-19] (Techporch Incorporated -> Dell Inc.)

S4 poaTaServ; C:\Program Files\Dell\PPO\poaTaServ.exe [516304 2013-07-19] (Techporch Incorporated -> Dell Inc.)

S4 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] (Invincea, Inc. -> )

S4 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [Arquivo não assinado]

Serviço Gerenciador de Autenticação S4 Wave; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1773056 2013-02-26] (Wave Systems Corp.) [Arquivo não assinado]

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-28] (Microsoft Windows -> Microsoft Corporation)

R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

S4 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254824 2013-03-08] (Wave Systems Corp. -> Wave Systems Corp.)

===================== Drivers (lista branca) ===================

(Se uma entrada for incluída na fixlist, ela será removida do registro. O arquivo não será movido a menos que seja listado separadamente.)

S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1579520 2013-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)

R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [222240 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [372336 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [250456 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [99432 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [41480 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [184768 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [539120 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2018-11-11] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)

R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [107976 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [83040 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [852352 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [557784 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [214496 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [316752 2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 16-11-2014] (Emsisoft GmbH -> Emsisoft GmbH)

R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [48464 2015-06-19] (Dell Inc. -> Dell Inc.)

R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2013-04-29] (Techporch Incorporated -> Dell Computer Corporation)

R1 epp64; C:\EEK\bin\epp64.sys [136456 2018-10-27] (Emsisoft Ltd -> Emsisoft GmbH)

S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] (Invincea, Inc. -> )

R2 MBAMCameleão; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239560 2022-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [80384 2010-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)

R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [181248 2010-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)

R3 POADrvr; C:\Windows\System32\drivers\POADrvr.sys [21264 2013-07-19] (Techporch Incorporated -> Dell Computer Corporation)

R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation -> Corel Corporation)

S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] (Invincea, Inc. -> )

S3 NTIOLib_DVDSetup; \??\F:\NTIOLib_X64.sys [X]

====================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, ela será removida do registro. O arquivo não será movido a menos que seja listado separadamente.)

====================== Um mês (criado) (lista de permissões) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2022-05-01 19:43 - 2022-05-01 19:44 - 000030777 _____ C:\Users\MEH\Downloads\FRST.txt

2022-05-01 19:35 - 2022-05-01 19:35 - 002366976 _____ (Farbar) C:\Users\MEH\Downloads\FRST64(1).exe

2022-05-01 19:33 - 2022-05-01 19:33 - 002366976 _____ (Farbar) C:\Users\MEH\Downloads\FRST64.exe

2022-05-01 19:30 - 2022-05-01 19:30 - 002366976 _____ (Farbar) C:\Users\MEH\Downloads\Não confirmado 516431.crdownload

2022-05-01 13:51 - 2022-05-01 19:37 - 000005014 _____ C:\Windows\system32\Tasks\WSCEAA

2022-04-21 10:37 - 2022-04-21 10:37 - 000128848 _____ C:\Users\MEH\Downloads\Minnesota Urology_20220421.pdf

2022-04-18 17:30 - 2022-04-18 17:30 - 000002178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk

2022-04-18 17:30 - 2022-04-18 17:30 - 000002166 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk

2022-04-09 16:08 - 2022-04-09 16:08 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla

2022-04-09 16:08 - 2022-04-09 16:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38

====================== Um mês (modificado) ================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2022-05-01 19:43 - 2014-11-14 19:10 - 000000000 ____D C:\FRST

2022-05-01 19:34 - 2014-05-11 05:53 - 000000000 ____D C:\Program Files (x86)\Google

2022-05-01 19:31 - 2016-11-17 18:09 - 000000000 ____D C:\Users\MEH\AppData\LocalLow\Mozilla

2022-05-01 17:47 - 2017-01-15 21:07 - 000000000 ____D C:\Program Files\CCleaner

2022-05-01 15:48 - 2014-11-16 06:25 - 000000000 ____D C:\EEK

2022-05-01 15:39 - 2021-10-27 05:21 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys

2022-05-01 15:39 - 2021-08-07 00:53 - 000239560 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys

2022-05-01 15:39 - 2020-09-27 19:21 - 000001962 _____ C:\ProgramData\Microsoft\Windows\Menu Iniciar\Programas\Malwarebytes.lnk

2022-05-01 15:39 - 2020-01-24 06:28 - 000001950 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2022-05-01 15:38 - 2020-01-24 06:28 - 000103888 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys

2022-05-01 15:38 - 2017-12-23 17:02 - 000000000 ____D C:\Program Files\Malwarebytes

2022-05-01 15:38 - 2014-04-29 21:07 - 000000000 ____D C:\ProgramData\Malwarebytes

2022-05-01 15:19 - 2014-04-29 18:39 - 000000000 ____D C:\Usuários\MEH\Documentos\Word

2022-05-01 14:00 - 2009-07-13 23:45 - 000034832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d- 8115-601632D005A0

2022-05-01 14:00 - 2009-07-13 23:45 - 000034832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d- 8115-601632D005A0

2022-05-01 13:55 - 2009-07-14 00:13 - 000783790 _____ C:\Windows\system32\PerfStringBackup.INI

2022-05-01 13:55 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf

2022-05-01 13:48 - 2016-10-25 17:37 - 000000000 ____D C:\ProgramData\Avg

2022-05-01 13:47 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2022-05-01 13:46 - 2019-12-07 21:15 - 000065536 _____ C:\Windows\system32\spu_storage.bin

2022-05-01 02:00 - 2014-06-12 13:04 - 000000000 ____D C:\Users\MEH\AppData\Local\Adobe

2022-04-29 04:31 - 2020-07-06 19:08 - 000002225 _____ C:\ProgramData\Microsoft\Windows\Menu Iniciar\Programas\Microsoft Edge.lnk

2022-04-29 04:31 - 2020-07-06 19:08 - 000002184 _____ C:\Users\Público\Desktop\Microsoft Edge.lnk

2022-04-28 01:40 - 2017-10-02 04:53 - 000003174 _____ C:\Windows\system32\Tasks\HPCeeScheduleForMEH

2022-04-28 01:40 - 2017-10-02 04:53 - 000000324 _____ C:\Windows\Tasks\HPCeeScheduleForMEH.job

2022-04-25 15:17 - 2017-08-25 20:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

2022-04-25 15:17 - 2014-03-15 16:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2022-04-21 12:31 - 2018-12-13 21:15 - 000004080 _____ C:\Windows\system32\Tasks\Opera Scheduled Autoupdate 1544753743

2022-04-21 10:56 - 2021-10-21 10:55 - 000004310 _____ C:\Windows\system32\Tasks\Opera agendada assistente Atualização automática 1582400741

2022-04-20 04:29 - 2014-05-11 05:53 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA

2022-04-20 04:29 - 2014-05-11 05:53 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore

2022-04-18 17:30 - 2014-05-11 05:53 - 000000000 ____D C:\Program Files\Google

2022-04-14 20:29 - 2017-05-30 07:04 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Menu Iniciar\Programas\Google Chrome.lnk

2022-04-14 20:29 - 2017-05-30 07:04 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2022-04-13 15:01 - 2015-07-15 13:07 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Menu Iniciar\Programas\Acrobat Reader DC.lnk

2022-04-09 22:24 - 2020-07-06 19:01 - 000003380 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2022-04-09 22:24 - 2020-07-06 19:01 - 000003252 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2022-04-09 16:08 - 2014-03-15 16:07 - 000000000 ____D C:\ProgramData\Mozilla

2022-04-09 11:33 - 2019-12-07 21:13 - 000003346 _____ C:\Windows\system32\Tasks\AMD ThankingURL

2022-04-09 11:33 - 2018-08-25 14:15 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software

2022-04-09 11:33 - 2018-01-24 21:12 - 000003468 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0-Precision-T3600-MEH

2022-04-09 11:33 - 2017-11-15 06:40 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update

2022-04-09 11:33 - 2017-06-24 06:48 - 000004174 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update

2022-04-09 11:33 - 2017-04-02 20:07 - 000003316 _____ C:\Windows\system32\Tasks\PinItAutoUpdate

2022-04-09 11:33 - 2017-01-15 21:07 - 000002800 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC

2022-04-09 11:33 - 2014-12-25 07:16 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task

2022-04-09 11:33 - 2014-06-08 13:11 - 000003512 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-Precision-T3600-MEH

====================== Arquivos na raiz de alguns diretórios ========

2016-08-04 13:38 - 2016-08-04 13:38 - 000000132 _____ () C:\Users\MEH\AppData\Roaming\Adobe GIF Format CS5 Prefs

2018-10-07 17:25 - 2022-01-08 09:10 - 000000132 _____ () C:\Users\MEH\AppData\Roaming\Adobe PNG Format CS5 Prefs

2018-09-22 13:00 - 2018-09-22 13:00 - 000308274 _____ () C:\Users\MEH\AppData\Local\ars.cache

2018-09-22 13:00 - 2018-09-22 13:00 - 000589594 _____ () C:\Users\MEH\AppData\Local\census.cache

2018-09-22 12:24 - 2018-09-22 12:24 - 000000036 _____ () C:\Users\MEH\AppData\Local\housecall.guid.cache

2018-09-27 16:17 - 2018-09-27 16:17 - 000000000 _____ () C:\Users\MEH\AppData\Local\oobelibMkey.log

====================== SigCheck ========================== ==

(Não há correção automática para arquivos que não passam na verificação.)

LastRegBack: 2022-04-27 00:23

====================== Fim do FRST.txt ====================== ==

Resultado de verificação adicional da Farbar Recovery Scan Tool (x64) Versão: 22-04-2022

Executado por MEH (01-05-2022 19:44:22)

Executando em C:\Users\MEH\Downloads

Microsoft Windows 7 ProfessionalService Pack 1 (X64) (2014-03-15 17:07:50)

Modo de Inicialização: Normal

==================================================== =============

====================== Contas: ========================= ====

(Se uma entrada for incluída na fixlist, ela será removida.)

Administrador (S-1-5-21-4144036370-3246485623-2860655430-500 - Administrador - Desativado)

Convidado (S-1-5-21-4144036370-3246485623-2860655430-501 - Limitado - Ativado) => C:\Usuários\Convidado

HomeGroupUser$ (S-1-5-21-4144036370-3246485623-2860655430-1002 - Limitado - Ativado)

MEH (S-1-5-21-4144036370-3246485623-2860655430-1000 - Administrador - Habilitado) => C:\Usuários\MEH

====================== Central de Segurança ======================

(Se uma entrada for incluída na fixlist, ela será removida.)

AV: AVG Antivirus (desativado - atualizado) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}

AS: AVG Antivirus (desativado - atualizado) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}

AS: Windows Defender (desativado - atualizado) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: AVG Antivirus (Ativado) {2092F4DC-EC63-3680-C854-E2DACF7E736A}

====================== Programas Instalados ======================

(Apenas os programas de adware com o sinalizador "Oculto" podem ser adicionados à fixlist para exibi-los. Os programas de adware devem ser desinstalados manualmente.)

Instalador de componentes HP CIO de 64 bits (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Versão: 16.2.1 - Hewlett-Packard) Oculto

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Versão: 22.001.20117 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Versão: 3.9.1.335 - Adobe Systems Incorporated)

Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Versão: 12.1.0.0 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Versão: 12.3.3.203 - Adobe Systems, Inc.)

Amazon Kindle (HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\Amazon Kindle) (Versão: 1.28.0.57030 - Amazon)

Software AMD (HKLM\...\AMD Catalyst Install Manager) (Versão: 17.12.1 - Advanced Micro Devices, Inc.)

AVG Internet Security (HKLM\...\AVG Antivirus) (Versão: 21.9.3208 - AVG Technologies)

Instalador de gerenciamento e driver de netlink Broadcom NetXtreme-I (HKLM\...\{7AA348CE-190E-416B-839E-68E33CFEB580}) (Versão: 15.4.14.1 - Broadcom Corporation)

CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Versão: 3.1.0.1 - Canon Inc.)

Tarefa CANON iMAGE GATEWAY para ZoomBrowser EX (HKLM-x32\...\Tarefa CANON iMAGE GATEWAY) (Versão: 1.8.0.1 - Canon Inc.)

Canon Internet Library para ZoomBrowser EX (HKLM-x32\...\Canon Internet Library para ZoomBrowser EX) (Versão: 1.7.0.1 - Canon Inc.)

Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Versão: 1.7.0.6 - Canon Inc.)

Codificador Canon MOV (HKLM-x32\...\Canon MOV Encoder) (Versão: 1.5.0.3 - Canon Inc.)

Tarefa Canon MovieEdit para ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Versão: 3.6.0.5 - Canon Inc.)

Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Versão: 6.6.0.23 - Canon Inc.)

Utilitário de cartão de memória Canon ZoomBrowser EX (HKLM-x32\...\Utilitário de cartão de memória ZoomBrowser EX) (Versão: 1.4.0.4 - Canon Inc.)

CCleaner (HKLM\...\CCleaner) (Versão: 5.77 - Piriforme)

cloudLibrary 2.3 (HKLM-x32\...\cloudLibrary) (Versão: 2.3 - Bibliotheca)

CopyTrans HEIC para Windows (HKLM\...\CopyTrans HEIC para Windows_is1) (Versão: 1.0.1.0 - Ursa Minor Ltd)

Personalizado (HKLM\...\{7206B668-FEE0-455B-BB1F-9B5A2E0EC94A}) (Versão: 01.00.00.002 - Wave Systems Corp.) Oculto

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Versão: 15.4.2368.0902 - Microsoft) Oculto

Atualização do sistema do cliente Dell (HKLM-x32\...\{04566294-A6B6-4462-9721-031073EB3694}) (versão: 1.3.0 - Dell Inc.)

Proteção de dados da Dell | Acesso (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Versão: 2.3.00003.072 - Dell Inc.)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Versão: 1.0.0 - Dell Inc)

Dell Precision Performance Optimizer (HKLM-x32\...\{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}) (Versão: 01.07.00 - Dell Inc.)

Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Versão: 2.3.15835 - Invincea, Inc.)

DellAccess (HKLM\...\{20A4AA32-B3FF-4A0B-853C-ACDDCD6CB344}) (Versão: 01.03.00.078 - Wave Systems Corp.) Oculto

Núcleo do cliente EMBASSY (HKLM\...\{7EC46A4C-E659-418E-A65A-BD7FC82D4C48}) (Versão: 01.03.00.123 - Wave Systems Corp.) Oculto

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Versão:- Seiko Epson Corporation)

Conector ERAS (HKLM\...\{D46BCA58-0AF7-4455-8017-34CE3FEEE808}) (Versão: 02.09.05.0335 - Wave Systems Corp) Oculto

FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Versão: 5.1.0.30630 - FARO Scanner Production)

Gemalto (HKLM\...\{91CE5F03-3A2A-4268-935A-04944F058AE9}) (Versão: 01.64.01.0010 - Wave Systems Corp) Oculto

GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Versão: 2.0.1 - Gemalto) Oculto

Complemento do navegador para desativação do Google Analytics (HKLM\...\{381243CE-484C-4DD1-9F0C-0B117AE4D5C1}) (versão: 0.9.7.0 - Google Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Versão: 100.0.4896.127 - Google LLC)

Google Earth Pro (HKLM\...\{C36E66A6-6EE5-47DB-945F-A6F03225D540}) (Versão: 7.3.4.8573 - Google)

Ajudante do Google Update (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Versão: 1.3.25.11 - Google Inc.) Oculto

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Versão: 1.2.1.1010 - Intel Corporation)

Intel® Identity Protection Technology 1.2.27.0 (HKLM-x32\...\{F109D156-577D-101B-A622-CF4351943AA4}) (Versão: 1.2.27.0 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Versão: 7.1.70.1205 - Intel Corporation)

Intel® Network Connections 16.8.45.00 (HKLM\...\PROSetDX) (Versão: 16.8.45.00 - Dell)

Intel® Rapid Storage Technology Enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Versão: 3.7.0.1092 - Intel Corporation)

Java 8 Update 311 (64 bits) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180311F0}) (Versão: 8.0.3110.11 - Oracle Corporation)

Atualização do filtro de lixo eletrônico (HKLM-x32\...\{400C31E4-796F-4E86-8FDC-C3C4FACC6847}) (Versão: 16.4.3505.0912 - Microsoft Corporation) Oculto

Malwarebytes versão 4.5.8.191 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Versão: 4.5.8.191 - Malwarebytes)

Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Versão: 4.8.03761 - Microsoft Corporation)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Versão: 101.0.1210.32 - Microsoft Corporation)

Suplemento de validação de arquivo do Microsoft Office (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Versão: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Versão: 14.0.7015.1000 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Versão: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistribuível (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Versão: 8.0.61001 - Microsoft Corporation)

Requested by OH MY

Microsoft Visual C++ 2005 Redistribuível (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Versão: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistribuível (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Versão: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistribuível (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Versão: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistribuível (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Versão: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistribuível - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Versão: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistribuível - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Versão: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistribuível - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Versão: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistribuível - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Versão: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistribuível - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Versão: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistribuível - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Versão: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010x64 Redistribuível - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Versão: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010x86 Redistribuível - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Versão: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistribuível (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Versão: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistribuível (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Versão: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistribuível (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Versão: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistribuível (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Versão: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistribuível (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Versão: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistribuível (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Versão: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistribuível (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Versão: 14.0.24123.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistribuível (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Versão: 14.0.23918.0 - Microsoft Corporation)

Ferramentas do Microsoft Visual Studio 2010 para Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools para Office Runtime (x64)) (Versão: 10.0.50903 - Microsoft Corporation)

Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Versão: 16.4.3505.0912 - Microsoft Corporation) Oculto

Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Versão: 16.4.3505.0912 - Microsoft Corporation) Oculto

Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 99.0 (x64 en-US)) (Versão: 99.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Versão: 57.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Versão: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Versão: 4.20.9876.0 - Microsoft Corporation)

Opera Stable 85.0.4341.75 (HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\Opera 85.0.4341.75) (Versão: 85.0.4341.75 - Opera Software)

OverDrive para Windows (HKLM-x32\...\{FF27E73D-C30A-4F32-B2D7-22069F01DDB9}) (Versão: 3.6.0 - OverDrive, Inc.)

PBA Driver-x64 (HKLM\...\{DF5B5BEC-BA44-4669-98C8-2A691C5EA428}) (Versão: 1.0.1.8 - Dell Inc.) Oculto

Pin It (HKLM-x32\...\Pin It_is1) (Versão: 0.0.4 - Pinterest)

Gerenciador de pré-inicialização (HKLM\...\{59ACD2BB-FC62-4427-81D2-618CF81A2A32}) (Versão: 03.05.00.043 - Wave Systems Corp.) Oculto

Gerenciador de informações privadas (HKLM\...\{A90F92B7-3C3F-4AEF-B281-31DD17BB73CA}) (Versão: 07.03.00.032 - Wave Systems Corp.) Oculto

PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Versão: 12.0 - Adobe Systems Incorporated) Oculto

RealDownloader (HKLM-x32\...\{410F406E-7AFC-4E9F-BF7E-0CB3C72BDAB9}) (Versão: 18.1.5.699 - RealNetworks, Inc.) Oculto

RealDownloader (HKLM-x32\...\{4e8ca438-78fb-4658-ac5b-2d128f60c54e}) (Versão: 18.1.5.699 - RealNetworks) Oculto

RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Versão: 9.0 - RealNetworks, Inc) Oculto

RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Versão: 10.0 - RealNetworks, Inc) Oculto

Driver de áudio de alta definição Realtek (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Versão: 6.0.1.5890 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Versão: 1.1.0 - RealNetworks, Inc.) Oculto

Driver controlador de host Renesas Electronics USB 3.0 (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Versão: 2.0.30.0 - Renesas Electronics Corporation) Oculto

Driver controlador de host Renesas Electronics USB 3.0 (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Versão: 2.0.30.0 - Renesas Electronics Corporation)

Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Versão: 2.1.1 - VS Revo Group, Ltd.)

Service Pack 2 para Microsoft Office 2010 (KB2687455) Edição de 64 bits (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Versão:-Microsoft)

Tempo de execução C compartilhado para x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Versão: 10.0.0 - McAfee)

SI TSS (HKLM\...\{A2309A2F-4BEB-45C8-92E1-84D430AC15AD}) (Versão: 2.1.41 - Inovação em segurança) Oculto

SPBA (WBF) 5.9 (HKLM\...\{DD317AA5-F0EF-480F-9501-507712B5E0B6}) (Versão: 5.9.7.7232 - Authentec Inc.) Oculto

swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Versão: 12.0.0.1 - Adobe Systems, Inc) Oculto

toolkit32for64bit (HKLM-x32\...\{CB63285D-990D-4207-AE31-000025626917}) (Versão: 7.70.13.0001 - Wave Systems Corp) Oculto

Trusted Drive Manager (HKLM\...\{236EBEF4-8DE5-4E0E-8FD0-27D94F772FF0}) (Versão: 5.0.2.24 - Wave Systems Corp.) Oculto

UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Versão: 1.0.0 - RealNetworks, Inc.) Oculto

vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Versão: 1.0.0.0 - Realnetworks) Oculto

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Versão: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Versão: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Versão: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Versão: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Versão: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Versão: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Versão: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Versão: 9.0.30729.177 - Microsoft Corporation)

Redistribuíveis do Visual Studio 2012 x64 (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Versão: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Versão: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

vs2015_redist x64 (HKLM\...\{EAED8692-5B63-4665-B857-D626633691DA}) (Versão: 1.0.0.0 - Realnetworks) Oculto

vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Versão: 1.0.0.0 - Realnetworks) Oculto

Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Versão: 1.0.65.0 - LunarG, Inc.) Oculto

Wave Crypto Runtime 2.0.9.0 x64 (HKLM\...\{5F160A36-29D0-4AE0-986C-671A564BC0D4}) (Versão: 02.00.09.0000 - Wave Systems Corp) Oculto

Wave Crypto Runtime 2.0.9.0 x86 (HKLM-x32\...\{29D07FB4-A026-4E1F-B9A2-8C9EC0E2FEBB}) (Versão: 02.00.09.0000 - Wave Systems Corp) Oculto

Wave Infrastructure Installer (HKLM\...\{90DB5C39-360F-4187-9D56-E3B013CEEF73}) (Versão: 07.70.13.0001 - Wave Systems Corp) Oculto

Wave Support Software Installer (HKLM\...\{86A9BBDF-9B6D-4E3D-810E-23C9079C6217}) (Versão: 05.15.00.024 - Wave Systems Corp) Oculto

Webshots Desktop (HKLM-x32\...\Webshots Desktop_is1) (Versão:- Redes CNET)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Versão: 16.4.3505.0912 - Microsoft Corporation)

====================== CLSID personalizado (lista branca): ==============

(Se uma entrada for incluída na fixlist, ela será removida do registro. O arquivo não será movido a menos que seja listado separadamente.)

CustomCLSID: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )

ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2013-03-05] (Wave Systems Corp. -> Wave Systems Corp.)

ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2013-03-05] (Wave Systems Corp. -> Wave Systems Corp.)

ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )

ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>-> Nenhum arquivo

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-12-06] (Advanced Micro Devices, Inc.) [Arquivo não assinado]

ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] (Adobe Systems Incorporated -> )

ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2021-10-27] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

====================== Codecs (lista branca) ====================

====================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"CmdLineConsumer_WSCEAA\"",Filter="__EventFilter.Name=\"CmdLinefilter_WSCEAA\"::

WMI:assinatura\__EventFilter->CmdLinefilter_WSCEAA::[Consulta => SELECIONE * DE MSNdis_StatusMediaConnect]

WMI:assinatura\__EventFilter->BVTFilter::[Consulta => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]

WMI:assinatura\CommandLineEventConsumer->CmdLineConsumer_WSCEAA::[CommandLineTemplate => C:\Arquivos de Programas\Dell\Dell Data Protection\Access\Avançado\Wave\RemoteManagement\\WSCEAA.exe -nic][WorkingDirectory => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\]

WMI:assinatura\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\ferramentas\\kernrate]

====================== Módulos carregados (lista branca) =============

2017-12-06 19:26 - 2017-12-06 19:26 - 000155688 _____ (AMD PMP-PE CB Code Signer v20170331 -> Advanced Micro Devices, Inc.) [Arquivo não assinado] C:\ Windows\system32\amdihk64.dll

2013-11-15 00:47 - 2013-11-15 00:47 - 000050688 _____ (Hewlett-Packard) [Arquivo não assinado] c:\windows\system32\hpzinw12.dll

2013-11-15 00:47 - 2013-11-15 00:47 - 000066048 _____ (Hewlett-Packard) [Arquivo não assinado] c:\windows\system32\hpzipm12.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ 1033\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\ defs\22050104\avg.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\msvcp140.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\defs\22050104\avg.local_vc142.crt\MSVCP140.dll

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\ucrtbase.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\1033\avg.local_vc142.crt\ucrtbase.DLL

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\ucrtbase.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\defs\22050104\avg.local_vc142.crt\ucrtbase.DLL

2021-10-27 09:06 - 2021-10-27 09:06 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\vcruntime140.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\1033\avg.local_vc142.crt\VCRUNTIME140.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\vcruntime140.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\defs\22050104\avg.local_vc142.crt\VCRUNTIME140.dll

2022-05-01 11:40 - 2022-05-01 11:40 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Arquivos de Programas (x86)\AVG\Antivirus\avg.local_vc142.crt\vcruntime140_1.dll] C:\Arquivos de Programas (x86)\AVG\Antivirus\defs\22050104\avg.local_vc142.crt\VCRUNTIME140_1.dll

====================== Fluxos de dados alternativos (lista branca) ========

====================== Modo de segurança (lista branca) ================

(Se uma entrada for incluída na fixlist, ela será removida do registro. O "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Motorista"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Motorista"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Motorista"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Serviço"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Motorista"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Motorista"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Motorista"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Serviço"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nanoheal Client => "DisplayName"="Nanoheal"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nanoheal Client => "Controle de Erro"="1"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nanoheal Client => "ImagePath"="C:\Arquivos de programas\Nanoheal\Client\srvc.exe"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nanoheal Client => "ObjectName"="LocalSystem"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nanoheal Client => "Iniciar"="2"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nanoheal Client => "Tipo"="272"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nanoheal Client\Parameters => "Aplicativo"="C:\Arquivos de Programas\Nanoheal\Client\srvc.exe"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nanoheal Client\Parameters => "AppParameters"=""

====================== Associação (lista branca) =================

====================== Internet Explorer (versão 11) (lista branca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Pesquisar página =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Página de pesquisa =

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Página inicial = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd =ie&ar=iesearch

HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\Software\Microsoft\Internet Explorer\Principal,Página inicial = hxxps://www.bing.com/

HKU\S-1-5-21-4144036370-3246485623-2860655430-501\Software\Microsoft\Internet Explorer\Main,Página inicial = hxxp://dell13.msn.com/?pc=DCJB

HKU\S-1-5-21-4144036370-3246485623-2860655430-501\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB

Escopos de pesquisa: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

Escopos de pesquisa: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

Escopos de pesquisa: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000 -> DefaultScope {404F5F50-8A0E-4007-B50F-2A7CE96CB1E7} URL =

Escopos de pesquisa: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000 -> {404F5F50-8A0E-4007-B50F-2A7CE96CB1E7} URL =

BHO: Sem nome -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> Nenhum arquivo

BHO: complemento do navegador para desativação do Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files\Google\Google Analytics Opt-Out\gaoptout_x64.dll [2019-04-04] (Google LLC -> Google, Inc.)

BHO: Auxiliar SSV do plug-in Java -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_311\bin\ssv.dll [2021-11-29] (Oracle America, Inc. -> Oracle Corporation)

BHO: Assistente de login do Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

BHO: Manipulador de Cache de Documentos do Office -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-11-29] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: complemento do navegador para desativação do Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Program Files (x86)\Google\Google Analytics Opt-Out\gaoptout.dll [2019-04-04] (Google LLC -> Google, Inc.)

BHO-x32: Assistente de login do Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

BHO-x32: Manipulador de Cache de Documentos do Office -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, ela será removida do registro.)

site confiável do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\juno.com -> juno.com

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\2mdn.net -> m1.2mdn.net

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\adbright.com -> ads.adbright.com

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\adbrite.com -> ads.adbrite.com

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\atdmt.com -> ad.atdmt.com

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\doubleclick.net -> ad.doubleclick.net

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\google-analytics.com -> google-analytics.com

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\googleadvervice.com -> googleadvervice.com

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\googlesyndication.com -> googlesyndication.com

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\paypopups.com -> paypopups.com

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\rmxads.com -> rmxads.com

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\tumri.net -> tumri.net

site restrito do IE: HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\...\yimg.com -> ads.yimg.com

====================== Hospeda o conteúdo: ====================== =

(Se necessário Hosts: a diretiva pode ser incluída na fixlist para redefinir Hosts.)

2018-11-15 17:15 - 2018-12-03 11:19 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

2015-06-23 07:14 - 2015-06-23 07:14 - 000000375 _____ C:\Windows\system32\drivers\etc\hosts.ics

====================== Outras Áreas ========================= ==

(Atualmente não há correção automática para esta seção.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ Arquivos de Programas\Arquivos Comuns\Microsoft Shared\Windows Live;C:\Arquivos de Programas (x86)\Arquivos Comuns\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Arquivos de Programas (x86) \Intel\Services\IPT;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Gemalto\Access Client\ v5;C:\Program Files (x86)\Security Innovation\SI TSS\bin;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Common Files\Autodesk Shared\

HKU\S-1-5-21-4144036370-3246485623-2860655430-1000\Painel de controle\Área de trabalho\\Papel de parede -> C:\Users\MEH\AppData\Roaming\Webshots\The Webshots Desktop\Webshots Wallpaper.bmp

HKU\S-1-5-21-4144036370-3246485623-2860655430-501\Painel de controle\Área de trabalho\\Papel de parede -> C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

Servidores DNS: 192.168.0.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Firewall do Windows está ativado.

====================== MSCONFIG/TASK MANAGER desabilitado itens ==

(Se uma entrada for incluída na fixlist, ela será removida.)

MSCONFIG\Serviços: AdobeActiveFileMonitor12.0 => 2

MSCONFIG\Serviços: AdobeARMservice => 2

MSCONFIG\Serviços: AdobeUpdateService => 3

MSCONFIG\Serviços: AGMService => 2

MSCONFIG\Serviços: AGSService => 2

MSCONFIG\Serviços: Utilitário de Eventos Externos AMD => 3

MSCONFIG\Serviços: BrcmMgmtAgent => 2

MSCONFIG\Serviços: DellDataVault => 3

MSCONFIG\Serviços: EmbassyService => 2

MSCONFIG\Serviços: gupdate => 2

MSCONFIG\Serviços: gupdatem => 3

MSCONFIG\Serviços: IAStorDataMgrSvc => 2

MSCONFIG\Serviços: Serviço de monitoramento Intel® PROSet => 2

MSCONFIG\Serviços: InvProtectSvc => 3

MSCONFIG\Serviços: jhi_service => 2

MSCONFIG\Serviços: LMS => 2

MSCONFIG\Serviços: MBAMService => 2

MSCONFIG\Serviços: MozillaMaintenance => 3

MSCONFIG\Serviços: PbaDrvSvc_x64 => 2

MSCONFIG\Serviços: poaService => 2

MSCONFIG\Serviços: PoaSMSrv => 2

MSCONFIG\Serviços: poaTaServ => 2

MSCONFIG\Serviços: SboxSvc => 3

MSCONFIG\Serviços: SecureStorageService => 3

MSCONFIG\Serviços: tcsd_win32.exe => 2

MSCONFIG\Serviços: TdmService => 2

MSCONFIG\Serviços: UNS => 2

MSCONFIG\Serviços: Wave Authentication Manager Service => 2

MSCONFIG\Serviços: WvPCR => 2

MSCONFIG\pasta de inicialização: C:^ProgramData^Microsoft^Windows^Menu Iniciar^Programas^Inicialização^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup

MSCONFIG\pasta de inicialização: C:^Usuários^MEH^AppData^Roaming^Microsoft^Windows^Menu Iniciar^Programas^Inicialização^Webshots.lnk => C:\Windows\pss\Webshots.lnk.Startup

MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Arquivos de programas (x86)\Arquivos comuns\Adobe\AdobeGCClient\AGCInvokerUtility.exe"

MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Arquivos de Programas\CCleaner\CCleaner64.exe" /MONITOR

MSCONFIG\startupreg: DellPoaEvents => C:\Arquivos de Programas\Dell\PPO\DellPoaEvents.exe

MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Arquivos de programas (x86)\ATI Technologies\HydraVision\HydraDM.exe"

MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology enterprise\IAStorIcon.exe

MSCONFIG\startupreg: NUSB3MON => "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

MSCONFIG\startupreg: Opera Browser Assistant => C:\Users\MEH\AppData\Local\Programs\Opera\assistant\browser_assistant.exe

MSCONFIG\startupreg: RtHDVCpl => C:\Arquivos de Programas\Realtek\Audio\HDA\RtDCpl64.exe

MSCONFIG\startupreg: StartCCC => "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Arquivos de programas (x86)\Arquivos comuns\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: TdmNotify => C:\Program Files\Dell\Dell Data Protection\Access\Avançado\Wave\Trusted Drive Manager\TdmNotify.exe

====================== FirewallRules (lista branca) ================

(Se uma entrada for incluída na fixlist, ela será removida do registro. O arquivo não será movido a menos que seja listado separadamente.)

FirewallRules: [SPPSVC-In-TCP] => (Permitir) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Permitir) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{8391D894-0B9C-4407-A9C9-60AB7ADA451D}] => (Permitir) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{E47325C9-CDE2-450B-9396-7A9D86C145CB}] => (Permitir) LPort=2869

FirewallRules: [{73DB5D30-4F8A-4F30-B3C9-2FC67FA9F1B4}] => (Permitir) LPort=1900

FirewallRules: [{076F0951-B5C3-437B-AF88-C096F9FBA359}] => (Permitir) C:\Arquivos de Programas (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{DBF65BEF-6C63-45A9-B050-FAAA4113F253}] => (Permitir) C:\Arquivos de Programas (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{56491988-FE67-49DB-B9EB-6A2B083887E4}] => (Permitir) C:\Arquivos de Programas (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{7D1AD8E0-8A53-4AD2-BB42-AEF7C55797BC}] => (Permitir) C:\Arquivos de Programas (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

Regras de firewall: [{B02375BB-3A42-4297-A339-F972E8D7351D}] => (Permitir) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)

FirewallRules: [{EDC49DDE-F6B7-413A-A119-BDA1FE332B6F}] => (Permitir) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)

Regras de firewall: [{B4C2CF95-14A1-47BB-8229-5B8EC972EA13}] => (Bloco) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

Regras de firewall: [{021329CB-0B39-4AE9-9ABB-09A04F713A0F}] => (Bloco) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{32A841FD-C766-43A3-863A-78098975ECF0}] => (Permitir) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

====================== Restaurar Pontos =========================

15-04-2022 00:00:01 Checkpoint programado

23-04-2022 00:00:00 Checkpoint Programado

30-04-2022 00:00:02 Checkpoint programado

====================== Dispositivos do gerenciador de dispositivos com defeito ==========

Nome: Pseudointerface de túnel Teredo

Descrição: Microsoft Teredo Tunneling Adapter

Guia da turma: {4d36e972-e325-11ce-bfc1-08002be10318}

Fabricante: Microsoft

Serviço: túnel

Problema: : Este dispositivo não pode iniciar. (Código 10)

Resolução: o dispositivo falhou ao iniciar. Clique em "Atualizar Driver" para atualizar os drivers deste dispositivo.

Na guia "Propriedades gerais" do dispositivo, clique em "Solução de problemas" para iniciar o assistente de solução de problemas.

====================== Erros do registro de eventos: ========================= =

Erros de aplicativos:

==================

Erro: (05/01/2022 07:46:17 PM) (Fonte: WinMgmt) (EventID: 10) (Usuário: )

Descrição: O filtro de eventos com consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" não pôde ser reativado no namespace "//./root/CIMV2" devido ao erro 0x80041003. Os eventos não podem ser entregues por meio desse filtro até que o problema seja corrigido.

Erro: (05/01/2022 07:46:17 PM) (Fonte: Application Error) (EventID: 1000) (User: )

Descrição: Nome do aplicativo com falha: wmiprvse.exe, versão: 6.1.7601.17514, registro de data e hora: 0x4ce79d42

Nome do módulo com falha: TdmWmiProvider.dll, versão: 5.0.2.24, registro de data e hora: 0x513671b8

Código de exceção: 0xc0000005

Compensação de falha: 0x000000000001ad88

ID do processo com falha: 0x2b00

Falha na hora de início do aplicativo: 0x01d85dbcc1a4bdb7

Caminho do aplicativo com falha: C:\Windows\system32\wbem\wmiprvse.exe

Caminho do módulo com falha: C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmWmiProvider.dll

Id do relatório: 46051d0c-c9b1-11ec-82d8-000af72c30e1

Erro: (05/01/2022 07:37:08 PM) (Fonte: Application Error) (EventID: 1000) (User: )

Descrição: Nome do aplicativo com falha: wmiprvse.exe, versão: 6.1.7601.17514, registro de data e hora: 0x4ce79d42

Nome do módulo com falha: TdmWmiProvider.dll, versão: 5.0.2.24, registro de data e hora: 0x513671b8

Código de exceção: 0xc0000005

Compensação de falha: 0x000000000001ad88

ID do processo com falha: 0x21d4

Falha na hora de início do aplicativo: 0x01d85dbb7da1b9be

Caminho do aplicativo com falha: C:\Windows\system32\wbem\wmiprvse.exe

Caminho do módulo com falha: C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmWmiProvider.dll

Id do relatório: ff20d252-c9af-11ec-82d8-000af72c30e1

Erro: (05/01/2022 07:28:05 PM) (Fonte: Application Error) (EventID: 1000) (User: )

Descrição: Nome do aplicativo com falha: wmiprvse.exe, versão: 6.1.7601.17514, registro de data e hora: 0x4ce79d42

Nome do módulo com falha: TdmWmiProvider.dll, versão: 5.0.2.24, registro de data e hora: 0x513671b8

Código de exceção: 0xc0000005

Compensação de falha: 0x000000000001ad88

ID do processo com falha: 0x22e4

Falha na hora de início do aplicativo: 0x01d85dba395c561d

Caminho do aplicativo com falha: C:\Windows\system32\wbem\wmiprvse.exe

Caminho do módulo com falha: C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmWmiProvider.dll

Id do relatório: bb228935-c9ae-11ec-82d8-000af72c30e1

Erro: (05/01/2022 07:19:01 PM) (Fonte: Application Error) (EventID: 1000) (User: )

Descrição: Nome do aplicativo com falha: wmiprvse.exe, versão: 6.1.7601.17514, registro de data e hora: 0x4ce79d42

Nome do módulo com falha: TdmWmiProvider.dll, versão: 5.0.2.24, registro de data e hora: 0x513671b8

Código de exceção: 0xc0000005

Compensação de falha: 0x000000000001ad88

ID do processo com falha: 0x22a0

Falha na hora de início do aplicativo: 0x01d85db8f51b890c

Caminho do aplicativo com falha: C:\Windows\system32\wbem\wmiprvse.exe

Caminho do módulo com falha: C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmWmiProvider.dll

Id do relatório: 76e2caf9-c9ad-11ec-82d8-000af72c30e1

Erro: (05/01/2022 07:09:57 PM) (Fonte: Application Error) (EventID: 1000) (User: )

Descrição: Nome do aplicativo com falha: wmiprvse.exe, versão: 6.1.7601.17514, registro de data e hora: 0x4ce79d42

Nome do módulo com falha: TdmWmiProvider.dll, versão: 5.0.2.24, registro de data e hora: 0x513671b8

Código de exceção: 0xc0000005

Compensação de falha: 0x000000000001ad88

ID do processo com falha: 0x194

Falha na hora de início do aplicativo: 0x01d85db7b0de8edf

Caminho do aplicativo com falha: C:\Windows\system32\wbem\wmiprvse.exe

Caminho do módulo com falha: C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmWmiProvider.dll

Id do relatório: 32a1fde8-c9ac-11ec-82d8-000af72c30e1

Erro: (05/01/2022 07:00:53 PM) (Fonte: Application Error) (EventID: 1000) (User: )

Descrição: Nome do aplicativo com falha: wmiprvse.exe, versão: 6.1.7601.17514, registro de data e hora: 0x4ce79d42

Nome do módulo com falha: TdmWmiProvider.dll, versão: 5.0.2.24, registro de data e hora: 0x513671b8

Código de exceção: 0xc0000005

Compensação de falha: 0x000000000001ad88

ID do processo com falha: 0x18d8

Falha na hora de início do aplicativo: 0x01d85db66ca2642f

Caminho do aplicativo com falha: C:\Windows\system32\wbem\wmiprvse.exe

Caminho do módulo com falha: C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmWmiProvider.dll

Id do relatório: ee62a25b-c9aa-11ec-82d8-000af72c30e1

Erro: (05/01/2022 06:51:49 PM) (Fonte: Application Error) (EventID: 1000) (User: )

Descrição: Nome do aplicativo com falha: wmiprvse.exe, versão: 6.1.7601.17514, registro de data e hora: 0x4ce79d42

Nome do módulo com falha: TdmWmiProvider.dll, versão: 5.0.2.24, registro de data e hora: 0x513671b8

Código de exceção: 0xc0000005

Compensação de falha: 0x000000000001ad88

ID do processo com falha: 0x3a8

Falha na hora de início do aplicativo: 0x01d85db5286538e3

Caminho do aplicativo com falha: C:\Windows\system32\wbem\wmiprvse.exe

Caminho do módulo com falha: C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmWmiProvider.dll

Id do relatório: aa24164a-c9a9-11ec-82d8-000af72c30e1

Erros do sistema:

===============

Erro: (05/01/2022 07:47:16 PM) (Fonte: DCOM) (EventID: 10010) (Usuário: )

Descrição: O servidor {BB6DF56B-CACE-11DC-9992-0019B93A3A84} não foi registrado no DCOM dentro do tempo limite necessário.

Erro: (05/01/2022 03:48:42 PM) (Fonte: Service Control Manager) (EventID: 7000) (Usuário: )

Descrição: Falha ao iniciar o serviço cleanhlp devido ao seguinte erro:

Não é possível criar um arquivo quando esse arquivo já existe.

Erro: (05/01/2022 01:57:37 PM) (Fonte: Service Control Manager) (EventID: 7000) (Usuário: )

Descrição: Falha ao iniciar o serviço cleanhlp devido ao seguinte erro:

Não é possível criar um arquivo quando esse arquivo já existe.

Erro: (05/01/2022 01:54:37 PM) (Fonte: Service Control Manager) (EventID: 7023) (Usuário: )

Descrição: O serviço Security Center foi encerrado com o seguinte erro:

%%16389

Erro: (05/01/2022 01:54:14 PM) (Fonte: WMPNetworkSvc) (EventID: 14332) (Usuário:)

Descrição: o serviço 'WMPNetworkSvc' não foi iniciado corretamente porque CoCreateInstance(CLSID_UPnPDeviceFinder) encontrou o erro '0x80004005'. Verifique se o serviço UPnPHost está em execução e se o componente UPnPHost do Windows está instalado corretamente.

Erro: (05/01/2022 01:50:02 PM) (Fonte: Service Control Manager) (EventID: 7031) (Usuário: )

Descrição: O serviço de Pesquisa do Windows foi encerrado inesperadamente. Isso foi feito 1 vez(es). A seguinte ação corretiva será executada em 30000 milissegundos: Reinicie o serviço.

Erro: (05/01/2022 01:50:02 PM) (Fonte: Service Control Manager) (EventID: 7024) (Usuário: )

Descrição: o serviço Windows Search foi encerrado com o erro específico do serviço %%-1073473535.

Erro: (05/01/2022 01:49:17 PM) (Fonte: DCOM) (EventID: 10016) (Usuário: NT AUTHORITY)

Descrição: as configurações de permissão específicas do aplicativo não concedem permissão de inicialização local para o aplicativo COM Server com CLSID

{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}

e APPID

{344ED43D-D086-4961-86A6-1106F4ACAD9B}

para o usuário NT AUTHORITY\SYSTEM SID (S-1-5-18) do endereço LocalHost (usando LRPC). Essa permissão de segurança pode ser modificada usando a ferramenta administrativa de Serviços de componentes.

Defensor do Windows:

==================Evento[0]:

Data: 12-01-2017 17:09:22.056

Descrição:

O Windows Defender encontrou um erro ao tentar carregar assinaturas e tentará reverter para um conjunto de assinaturas em bom estado.

Tentativas de assinaturas:Atual

Código de erro:0x80070002

Descrição do erro: O sistema não pode encontrar o arquivo especificado.

Versão da assinatura:0.0.0.0

Versão do mecanismo:0.0.0.0

====================== Informações de memória ========================= ==

BIOS: Dell Inc. A12 11/03/2013

Placa-mãe: Dell Inc. 08HPGT

Processador: CPU Intel® Xeon® E5-1620 0 @ 3,60 GHz

Porcentagem de memória em uso: 42%

RAM física total: 16341,69 MB

RAM física disponível: 9477,45 MB

Total Virtual: 32681,53 MB

Disponível Virtual: 23453,89 MB

====================== Unidades ========================== ======

Drive c: (SO) (Fixo) (Total:464,99 GB) (Grátis:342,63 GB) NTFS

Drive d: (MEH) (Fixo) (Total:465,76 GB) (Grátis:362,78 GB) NTFS

\\?\Volume{c2ff78dd-6fab-11e3-bf1a-806e6f6e6963}\ (RECUPERAÇÃO) (Fixo) (Total:0,73 GB) (Grátis:0,49 GB) NTFS

====================== MBR & Tabela de partição ====================

==================================================== =============

Disco: 0 (Código MBR: Windows 7 ou Vista) (Tamanho: 465,8 GB) (ID do disco: 4A3DDD73)

Partição 1: (Não ativo) - (Tamanho=39 MB) - (Tipo=DE)

Partição 2: (Ativo) - (Tamanho=750 MB) - (Tipo=07 NTFS)

Partição 3: (Não ativo) - (Tamanho=465 GB) - (Tipo=07 NTFS)

==================================================== =============

Disco: 1 (Código MBR: Windows 7/8/10) (Tamanho: 465,8 GB) (ID do disco: 4A3DDD04)

Partição 1: (Não ativo) - (Tamanho=465,8 GB) - (Tipo=07 NTFS)

====================== Fim da adição.txt ====================== =