Olá,

Estou tendo alguns problemas de invasões nas minhas contas de e-mail e também em várias redes sociais.

Também venho notando uma certa lentidão na navegação do meu computador, mesmo admitindo que ele é fraco, algumas páginas como o youtube ou o gmail vem abrindo bem devagar.

Além disso, tive a minha conta no Twitter agora X também rackeada e no momento está suspensa sem eu poder fazer nada nela. Apenas fiz uma redefinição de senha, mas até agora o suporte deles não me deixa mais acessá-la. E praticamente nunca usava essa conta e eles me bloquearam por infringir as regras deles.

Aqui estão os logs do FRST.

Fico no aguardo da análise.

Alguém me ajuda?
todos meus arquivos .ini / .dll ( estão lendo assim: êâÒÐÝÐÓØÝ ) 
isso no bloco de notas e até notepad++

êâÒÐÝÐÓØÝØÅÈöÃÞÄÁÂì¼»ÂÖŸãÔÂÞÝÄÅØÞßàÄÐÝØÅÈŒ€Ÿ¼»ÂÖŸçØÔÆõØÂÅÐßÒÔàÄÐÝØÅÈŒ‚¼»ÂÖŸðßÅØðÝØÐÂØßÖàÄÐÝØÅÈŒ‚¼»ÂÖŸâÙÐÕÞÆàÄÐÝØÅÈŒ‚¼»ÂÖŸáÞÂÅáÃÞÒÔÂÂàÄÐÝØÅÈŒ‚¼»ÂÖŸåÔÉÅÄÃÔàÄÐÝØÅÈŒ‚¼»ÂÖŸô××ÔÒÅÂàÄÐÝØÅÈŒ‚¼»ÂÖŸ÷ÞÝØÐÖÔàÄÐÝØÅÈŒ‚¼»ÂÖŸâÙÐÕØßÖàÄÐÝØÅÈŒ‚¼»¼»êžâÒÃØÁÅžôßÖØßÔŸöÐÜÔäÂÔÃâÔÅÅØßÖÂì¼»ÓäÂÔçâÈßÒŒåÃÄÔ¼»ÓäÂÔõÈßÐÜØÒãÔÂÞÝÄÅØÞߌ÷ÐÝÂÔ¼»ãÔÂÞÝÄÅØÞßâØËÔ錀ƒ‰¼»ãÔÂÞÝÄÅØÞßâØËÔ茆ƒ¼»ýÐÂÅäÂÔÃòÞß×ØÃÜÔÕãÔÂÞÝÄÅØÞßâØËÔ錀ƒ‰¼»ýÐÂÅäÂÔÃòÞß×ØÃÜÔÕãÔÂÞÝÄÅØÞßâØËÔ茆ƒ¼»æØßÕÞÆáÞÂ錜€¼»æØßÕÞÆáÞÂ茜€¼»÷ÄÝÝÂÒÃÔÔßüÞÕÔŒ¼»ýÐÂÅòÞß×ØÃÜÔÕ÷ÄÝÝÂÒÃÔÔßüÞÕÔŒ¼»áÃÔ×ÔÃÃÔÕ÷ÄÝÝÂÒÃÔÔßüÞÕÔŒ€¼»çÔÃÂØÞߌ„¼»ðÄÕØÞàÄÐÝØÅÈýÔÇÔÝŒ¼»ýÐÂÅòÞß×ØÃÜÔÕðÄÕØÞàÄÐÝØÅÈýÔÇÔÝŒ¼»÷ÃÐÜÔãÐÅÔýØÜØÅŒŸ¼»õÔÂØÃÔÕâÒÃÔÔßæØÕÅÙŒ€ƒ‰¼»ÓäÂÔõÔÂØÃÔÕâÒÃÔÔßùÔØÖÙÅŒ÷ÐÝÂÔ¼»õÔÂØÃÔÕâÒÃÔÔßùÔØÖÙÅŒ†ƒ¼»ýÐÂÅäÂÔÃòÞß×ØÃÜÔÕõÔÂØÃÔÕâÒÃÔÔßæØÕÅÙŒ€ƒ‰¼»ýÐÂÅäÂÔÃòÞß×ØÃÜÔÕõÔÂØÃÔÕâÒÃÔÔßùÔØÖÙÅŒ†ƒ¼»ýÐÂÅãÔÒÞÜÜÔßÕÔÕâÒÃÔÔßæØÕÅÙŒœ€Ÿ¼»ýÐÂÅãÔÒÞÜÜÔßÕÔÕâÒÃÔÔßùÔØÖÙÅŒœ€Ÿ¼»ýÐÂÅòáäóÔßÒÙÜÐÃÚãÔÂÄÝÅŒœ€Ÿ¼»ýÐÂÅöáäóÔßÒÙÜÐÃÚãÔÂÄÝÅŒœ€Ÿ¼»ýÐÂÅöáäóÔßÒÙÜÐÃÚüÄÝÅØÁÝØÔÃŒ€Ÿ¼»ÓäÂÔùõãõØÂÁÝÐÈþÄÅÁÄÅŒ÷ÐÝÂÔ¼»ùõãõØÂÁÝÐÈþÄÅÁÄÅÿØÅÂŒ€¼»¼»êâÙÐÕÔÃáØÁÔÝØßÔòÐÒÙÔŸòÐÒÙÔ÷ØÝÔì¼»ýÐÂÅþÁÔßÔÕŒâÞÝÐÃÝÐßÕ¼»¼»

FICAM ASSIM TODOS!


(.Encrypt)

Esta assim:




Mando remover e nada acontece. E agora?

Olá, meu notebook ficou lento "do nada", segue o log para análise, desde já agradeço a atenção


https://www.cjoint.com/c/MGgqCviPEtE


https://www.cjoint.com/c/MGgqCT4zC1E

Bom dia, alguns dias atrás sofri um caso de invasão em todas minhas contas, acredito que por meio de um arquivo executável no computador, mudei então todas as minhas senhas das contas comprometidas e rodei alguns antivírus no computador, entre eles malwarebytes e kaspersky, as versões gratuitas, após isso formatei o computador, e novamente alterei as senhas para garantir, hoje as duas da manhã recebo uma email do google com o seguinte conteúdo " App suspeito detectado - Alguém pode ter acessado sua Conta do Google usando um app suspeito. Sua conta foi desconectada neste dispositivo por motivo de segurança.", verifiquei então atividades de segurança recentes e tinha o app suspeito detectado, mas nos na seção "meus dispositivos" não consta nada suspeito, o malwarebytes acusa alguns arquivo como adware.elex.shrtcln mesmo após a formatação, devo fazer uma análise com o Farbar Recovery Scan Tool visto que não tenho conhecimento avançado com computador, qual a melhor forma de resolver? Como posso ter certeza de que o Malware não está mais no meu pc e como poderia removê-lo, caso ainda esteja? 

Desde já agradeço.

Eu estava mechendo no meu computador e recebi uma notificação do computador de um amigo, uma vez liberei acesso a ele ao meu pc para ajeitar alguma coisa que n lembro, desde então de vez enquando recebo uma notificação na barra de tarefas em cima do relógio falando sobree alguma atividade do pc dele sei que é dele por causa do nome do pc dele

Meu note está com quedas constantes do wifi, modificações da luminosidade da tela sem comando, desconexão de periféricos de portas USB...
Agradeço a ajuda, desde já.
Seguem logs

FRST

https://www.cjoint.com/c/NDrpV713c3q

Addition

https://www.cjoint.com/c/NDrpWygALLq

Boa tarde, baixei um software e no virus total mostra o CrowdStrike Falcon Win/grayware_confidence_60% (D) e o Bkav ProW32.AIDetectMalware, com isso, gostaria de saber se os dois são falsos positivos.

Olá. Eu tinha feito um tópico sobre meu PC congelar depois de um tempo, daí o usuário PH me sugeriu abrir um tópico aqui nessa área.
De repente encontro uma luz nesse fim de túnel por aqui.

Segue abaixo os logs do FRST:

"Log FRST"

https://www.cjoint.com/c/LGecNNgDEJ1

"Log Addition"

https://www.cjoint.com/c/LGecOHPSTu1

Grato a quem me ouvir.

Bom dia amigos analistas.
Gostaria que por favor analisassem esses logs pra me ajudar a encontrar a solução para alguns problemas aqui, os sintomas são:

- Muita lentidão do sistema operacional (uso o Windows 10);
- Internet sempre funcionando com 10 % da velocidade;
- Alguns sites abrem, outros não e as paginas abrem muito devagar;
- Existe um aplicativo do banco Brasdesco que mesmo eu removendo, sempre volta. 

Por falar em aplicativo de banco, gostaria de uma opinião se eu posso usar uma maquina virtual (VirtualBox) para acessar a conta do banco, pois fazendo assim, ele ficaria lento apenas na hora de acessar a conta, ao invés da lentidão me atrapalhar sempre que estou usando o PC.

Desde já agradeço e fico no aguardo de mais procedimentos.

Boa pessoal!
Estou precisando de uma ajuda.
Está acontecendo que estou em uma tela ex: eu estou com a tela do navegador google com whats aberto porem minimizada e word aberto digitando de repente ele pula para tela do navegador e o que estava digitando no word continua no navegador mas sem mudar a tela no monitor ou seja a tela do word continua aberta só que selecionada o navegador (não sei se consegui explicar claramente) daí aparece uma msg na tela do windows defender"
[Window Title]
Defender.exe
[Content]
O Windows não pode encontrar 'Defender.exe'. Certifique-se de que o nome foi digitado corretamente e tente novamente.
[OK]
Eu rodei o programa FRST64.exe na maquina e abaixo estão os logs.
FRST.txt---->https://www.cjoint.com/c/MCiwHxE7Nut
Addition.txt----->https://www.cjoint.com/c/MCiwH5MiUCt
(Windows 10)
Se alguém puder me ajudar agradeço

Boa tarde!

@joram

Servidor Controlador de domínio Windows Server 2016 com problemas em acessar sites de antivírus.

Esse Servidor tem o Kaspersky Small Office há anos, mas os donos deixaram ele vencer com isso ele parou de funcionar. O problema que ao comprarem a nova licença o mesmo não aceita, pois não tem comunicação com os servidores, nem acessa o site, nem com ele nem qualquer outro site antivírus. Nada foi identificado por varredura on-line.

Seguem os logs

FRST
Addition

Para somar, alguns logs de eventos em alerta

- Specified preferred and alternate DNS servers are not running
- DNS server(s) primary for the records to be registered is not running
- Preferred or alternate DNS servers are configured with wrong root hints
- Parent DNS zone contains incorrect delegation to the child zone authoritative for the DNS records that failed registration

USER ACTION
Fix possible misconfiguration(s) specified above and initiate registration or deletion of the DNS records by running 'nltest.exe /dsregdns' from the command prompt on the domain controller or by restarting Net Logon service on the domain controller.

Oi, hj mais cedo estava tentando baixar um mod do minecraft que meu amigo upou pra jogar c meus amigos, e meu windows defender estava bloqueando o download dizendo que tinha um arquivo desse tipo aqui:


mas o dos meus amigos, nenhum apareceu aviso. Depois disso resolvi procurar pra ver se tem algum virus no meu pc, então vi um tutorial dizendo pra abrir o editor de registro e procurar por "TWC", fiz isso e encontrei as seguintes coisas estranhas:


fiquei com medo de desinstalar, sabem oq pode ser?

Jogo Tibia, e baixei um executável em um fã site que a própria empresa do jogo (Cipsoft) indica.
Formatei o computador e instalei um executável como de costume para liberar o mapa do jogo. (Ps. Não uso anti vírus)
Só que me deu hoje na cabeça de analisar esse arquivo executável e três antivírus indicaram vírus:

Gridinsoft (no cloud)Trojan.Win32.Downloader.sa ;
VBA32Suspected Of Trojan.Downloader.gen ;
SecureAge Malicious ;

Quem conhece o site, sabe que são utilizados diversos diversos anti vírus para análise. E somente 3 indicaram.

Enfim, devo me preocupar, e formatar o computador novamente? Ou devo descartar a análise desses 3 antivirus e não devo me preocupar tanto?

Quando escaneio essa pasta o Windows Defender ele detecta o vírus, mas não exclui ela... por que?

É realmente perigoso fazer isso, mesmo passando o antivírus e não detectando nada de perigoso?

Bom dia pessoal.
Meu notebook está muito, principalmente quando ele vai reiniciar após eu baixar a tampa do notebook, e tanto faz se ele estiver configurado para hibernar ou suspender. E após ele reiniciar, o cooler fica em alta rotação e constante.

Segue log do FRST64, não fiz nada, apenas o log mesmo.

Farban

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 27-02-2023
Executado por nio (28-02-2023 08:34:10)
Executando a partir de C:\Users\nio\AppData\Local\Temp\MicrosoftEdgeDownloads\57a9a461-ecfd-4d7d-b84e-b11cbe1fbf79
Microsoft Windows 10 Home Versão 21H2 19044.2604 (X64) (2022-09-25 22:20:22)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
(Se uma entrada for incluída na fixlist, será removida.)
Administrator (S-1-5-21-3684977379-4134005145-3223122422-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3684977379-4134005145-3223122422-1007 - Limited - Enabled)
DefaultAccount (S-1-5-21-3684977379-4134005145-3223122422-503 - Limited - Disabled)
Guest (S-1-5-21-3684977379-4134005145-3223122422-501 - Limited - Disabled)
nio (S-1-5-21-3684977379-4134005145-3223122422-1004 - Administrator - Enabled) => C:\Users\nio
WDAGUtilityAccount (S-1-5-21-3684977379-4134005145-3223122422-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Acrobat Reader - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 22.003.20310 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{AEEF33DD-E3B9-4049-B709-0E546C2B1AAB}) (Version: 20.25.401.14526 - Alcor Micro Corp.)
Anaconda3 2022.05 (Python 3.9.12 64-bit) (HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\Anaconda3 2022.05 (Python 3.9.12 64-bit)) (Version: 2022.05 - Anaconda, Inc.)
AnkiApp 5.1.9 (HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\fc2c79f7-8a62-536a-a955-20ff2787efdf) (Version: 5.1.9 - AnkiApp Inc.)
Apple Mobile Device Support (HKLM\...\{44325855-D4CA-4994-A27A-39FE50CE6A8E}) (Version: 16.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Área de Trabalho Remota (HKLM\...\{D0351596-B657-4880-9733-C42C1DCD5E8C}) (Version: 1.2.3401.0 - Microsoft Corporation)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1703 - Microsoft Corporation)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS GiftBox Service (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 3.2.1.0 - ASUSTeK COMPUTER INC.)
ASUS Hello (HKLM-x32\...\{D8CE1923-92A9-4036-817E-9E0D8AA2169B}) (Version: 1.1.3.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.13 - ASUSTeK COMPUTER INC.)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.18 - ASUS)
ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0061 - ASUSTeK COMPUTER INC.)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 110.1.48.171 - Brave Software Inc)
Canon G3010 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_G3010_series) (Version: 1.01 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.5.3 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.05.1.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
DCE (HKLM-x32\...\{F59E9FC6-01FC-4BF0-8495-423BE6A21217}) (Version: 1.0.0 - Prysmian Cabos e Sistema do Brasil)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Download Accelerator Plus (DAP) (HKLM-x32\...\Download Accelerator Plus (DAP)) (Version: 10060 (Build 2599) - Speedbit Ltd.)
Ecodial Advance Calculation INT V4.97 (HKLM-x32\...\{DBCFAA8B-C8B7-4709-A37F-D318C94E66F5}) (Version: 4.97 - Schneider Electric)
EndNote X9 (HKLM-x32\...\{86B3F2D6-AC2B-0019-8AE1-F2F77F781B0C}) (Version: 19.3.3.13966 - Clarivate Analytics)
Eraser 6.2.0.2993 (HKLM\...\{82602EDA-27BE-4358-AB3A-BD09EA51A1E6}) (Version: 6.2.2993 - The Eraser Project)
ETAP 6.0.0 (HKLM-x32\...\{7784591C-27AA-4BCA-8677-E0A467D9940A}) (Version: 6.0.0 - Operation Technology, Inc.) Hidden
FlashGet 1.9.6.1073 (HKLM-x32\...\FlashGet) (Version: 1.9.6.1073 - hxxp://www.FlashGet.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.178 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 70.0.2.0 - Google LLC)
Grammarly Editor (HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\GrammarlyForWindows) (Version: 1.5.80 - Grammarly)
Grammarly for Microsoft® Office Suite (HKLM\...\{DE46CC28-5477-4CFB-9AE2-8C7C111E3EE7}) (Version: 6.8.261 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\{ee962c45-b827-4262-a720-3a939910ce37}) (Version: 6.8.261 - Grammarly)
Graphviz (HKLM-x32\...\{884CF059-9A11-4DF7-A2A7-17EFE90B9278}) (Version: 2.38 - AT&T Research Labs.)
HI-TECH C51-lite V9.60PL0 (HKLM-x32\...\HC51 9.60PL0) (Version: 9.60 - HI-TECH Software)
HI-TECH PICC lite V9.60PL0 (HKLM-x32\...\PICC 9.60PL0) (Version: 9.60 - HI-TECH Software)
HOMER Pro x64 (HKLM\...\{15992EF3-C3F2-440D-9AE8-9C5E52B8FB74}) (Version: 3.14.2 - HOMER Energy)
icecap_collection_neutral (HKLM-x32\...\{7FAC6D5C-55C2-43BE-8903-95516B16D7BC}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{9A0A0E1C-9FBD-429B-A67B-21192BC4E8FB}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{7CC918CC-7ACB-4798-9975-7D4B8E4138EB}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{4B09E5DC-B157-4972-BEDB-80FD89C2784A}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
iCloud Outlook (HKLM\...\{F054257C-600A-4918-B730-F6829E491781}) (Version: 13.0.0.201 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{871689FB-5226-4641-8ED2-6FDAA2DF65C1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{D9D63ED7-B857-450C-B46A-1371885084E5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{2D80C096-13FF-402A-BF65-04C8E67944C5}) (Version: 15.5.2.1054 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.5.2.1054 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{0AF335C8-701E-41FA-8333-4702475CF32A}) (Version: 30.100.1724.2 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1724.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
IRPF2020 (HKLM-x32\...\IRPF2020) (Version: 1.8 - Receita Federal do Brasil)
IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.5 - Receita Federal do Brasil)
IRPF2022 (HKLM-x32\...\IRPF2022) (Version: 1.5 - Receita Federal do Brasil)
iTunes (HKLM\...\{473F85FE-0A03-4F8D-A8B8-F8A110F785D0}) (Version: 12.12.7.1 - Apple Inc.)
Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
Kaspersky (HKLM-x32\...\{0BB51252-A5F0-3D7C-AE3E-052278FEB384}) (Version: 21.8.5.452 - Kaspersky) Hidden
Kaspersky (HKLM-x32\...\InstallWIX_{0BB51252-A5F0-3D7C-AE3E-052278FEB384}) (Version: 21.8.5.452 - Kaspersky)
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Malwarebytes version 4.5.22.236 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.22.236 - Malwarebytes)
Mathpix Snipping Tool (HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\{9B0574FA-22E5-4E96-8504-D135BB7F07FB}_is1) (Version: 03.00.0091 - Mathpix)
MathType 6 (HKLM-x32\...\DSMT6) (Version: 6.9 - Design Science, Inc.)
MATLAB R2022b (HKLM\...\MATLAB R2022b) (Version: 9.13 - MathWorks)
Mendeley Desktop 1.19.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.19.4 - Mendeley Ltd.)
Meteonorm 8 (HKLM-x32\...\{55BB4EBA-2514-48F7-BFB9-B589FD71FD6F}) (Version: 8.0.3 - Meteotest)
Mi PC Suite (HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\MiPhoneManager) (Version:  - Xiaomi Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft 365 Apps para Grandes Empresas - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.15601.20538 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 14.41.137.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{421B88F8-D7C9-44CB-8B73-166D65B18DCC}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\Teams) (Version: 1.5.00.11163 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{D736B443-AF61-4775-9488-DDF59F87BD1F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F102A269-3323-427C-914D-E5E71F61453D}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visio - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.15601.20538 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29913 (HKLM\...\{620A7633-7A09-42A8-8580-076A4483C4B0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29913 (HKLM\...\{EECDD137-13DA-46ED-ADA0-BDF7F8BE65B8}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.2.2146.50370 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{FBD07775-EE1E-4901-BD8E-A86A0527CD1D}) (Version: 3.2.2137.26324 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{1365842E-FCB1-4C2E-B3D0-2FF44FEA1854}) (Version: 3.2.2137.26324 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 110.0 (x64 pt-BR)) (Version: 110.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 98.0.2 - Mozilla)
NI Package Manager (HKLM\...\NI Package Manager) (Version: 23.0.0 - NI)
NI Software (HKLM-x32\...\NI Uninstaller) (Version: 21.5.0 - NI)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.7 - Notepad++ Team)
NVIDIA CUDA Development 11.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADevelopment_11.7) (Version: 11.7 - NVIDIA Corporation)
NVIDIA CUDA Documentation 11.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocument_11.7) (Version: 11.7 - NVIDIA Corporation)
NVIDIA CUDA Nsight NVTX 11.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_nsight_nvtx_11.7) (Version: 11.7 - NVIDIA Corporation)
NVIDIA CUDA Runtime 11.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDARuntimes_11.7) (Version: 11.7 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 11.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_visual_studio_integration_11.7) (Version: 11.7 - NVIDIA Corporation)
NVIDIA Driver de gráficos 516.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.94 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Nsight Compute 2022.2.1 (HKLM\...\{B1210B44-FB31-4960-83F0-1E825091E416}) (Version: 22.2.1.0 - NVIDIA Corporation)
NVIDIA Nsight Systems 2019.5.2 (HKLM\...\{1705FB38-B9C3-474A-9B0E-58E5E35525BC}) (Version: 19.5.2.16 - NVIDIA Corporation)
NVIDIA Nsight Systems 2022.1.3 (HKLM\...\{9DB46C4E-91B1-47AC-8C69-BEE1995A1133}) (Version: 22.1.3.3 - NVIDIA Corporation)
NVIDIA Nsight Systems v2019.3.7 (HKLM\...\{1431BD9D-EA3A-4379-BDB1-4C99F59BD137}) (Version: 19.3.7.5 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 2022.2.1.22136 (HKLM\...\{7A18FED1-69B6-4B4C-AFE0-DA190AC57F37}) (Version: 22.2.1.22136 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{B56D2F88-8865-40FD-B7AC-F074EE4D201D}) (Version: 1.00.00.00 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20378 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20538 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.15601.20378 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{1E0CF1C6-D640-4566-8E6F-2C2708422A25}) (Version: 4.4.2 - pdfforge GmbH)
PVSize (HKLM-x32\...\ST5UNST #1) (Version:  - )
PVSize 2.2 (HKLM-x32\...\{A719D2B4-C6D5-4467-AB8B-7C48FF60C39F}) (Version: 2.2 - ABB)
PVSOL premium 2021 (HKLM-x32\...\PVSOL premium 2021_is1) (Version: 2021.4 - Valentin Software GmbH)
PVsyst (HKLM\...\{514B23CC-593E-4063-A62C-4313D8CD7F14}) (Version: 7.3.1 - PVsyst SA) Hidden
PVsyst (HKLM\...\{F8CA785B-794E-4CDD-824C-FF3195738D63}) (Version: 7.2.11 - PVsyst SA) Hidden
PVsyst (HKLM\...\PVsyst 7.2.11) (Version: 7.2.11 - PVsyst SA)
PVsyst (HKLM\...\PVsyst 7.3.1) (Version: 7.3.1 - PVsyst SA)
PVsyst (HKLM-x32\...\{1BDFE66C-E161-4B5A-805B-DD178A7F3868}) (Version: 6.7.0 - PVsyst SA)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.19.627.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9013.1 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: 1.0.21.3540 - Clarivate Analytics)
Schneider Electric Software Update (HKLM-x32\...\{3EC76A85-5E6A-4F84-ADF1-5933E4BD59BB}) (Version: 2.5.1 - Schneider Electric)
Super Utilities for Visio V3 (HKLM-x32\...\{278FE890-2278-48B9-8026-B166A4AAF872}) (Version: 3.7.3 - Paul Herber) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.13565 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.30.3 - TeamViewer)
Telegram Desktop (HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.7.3 - Telegram FZ-LLC)
Tribler (HKLM-x32\...\Tribler) (Version: 7.12.1 - The Tribler Team)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
Verificação de integridade do PC Windows (HKLM\...\{2403B2D2-1FDC-497D-B181-F53D079FEAAA}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Verificação de integridade do PC Windows (HKLM\...\{AF93144A-D3D7-47E5-9BA1-C4EC3B08B2D2}) (Version: 2.3.2106.25001 - Microsoft Corporation)
Visual Studio Community 2022 (HKLM-x32\...\c5190d4c) (Version: 17.2.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
VMware Horizon Client (HKLM\...\{334F537E-DDFA-4727-A81A-AB3AB5AE66B2}) (Version: 5.5.3.24986 - VMware, Inc.) Hidden
VMware Horizon Client (HKLM-x32\...\{682ca727-72a0-4d86-bc2d-30328e31607a}) (Version: 5.5.3.24986 - VMware, Inc.)
VMware Horizon HTML5 Multimedia Redirection Client (HKLM\...\{8429393C-D5B3-428F-8307-E8AC640925D6}) (Version: 7.13.1 - VMware, Inc.) Hidden
VMware Horizon Media Engine 11.0.0.616 (64-bit) (HKLM\...\{02744919-A25D-4BF8-80A6-7474FA55C74F}) (Version: 11.0.0.616 - VMware, Inc.) Hidden
VMware Horizon Media Redirection for Microsoft Teams (HKLM\...\{8EC564B4-3EB1-4BAC-8275-0D26E1161ECA}) (Version: 7.13.1 - VMware, Inc.) Hidden
vs_communitymsires (HKLM-x32\...\{91213070-3890-4245-BC28-6A50F569E74C}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{C6DCD585-9605-4FC0-8E45-5164E035320B}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{16496D31-2D8A-4A97-AFE5-9DD7E176708B}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{47FFBE37-D10A-4FF5-BE10-94C8ABE64CAB}) (Version: 17.2.32503 - Microsoft Corporation) Hidden
vs_devenvsharedmsi (HKLM-x32\...\{FA16332C-56FE-4572-84FE-3A6B98091886}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{A390A358-669B-47F5-92DE-8A6891C22677}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{86D5580C-53FF-4B34-A4B1-FFDE5FD0664B}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{6D1FB3F2-0650-4131-8051-57A745F7AB6A}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{FE6B31A6-397D-4729-B968-E034426E4566}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{41F8BECB-CE42-458C-8EE8-C227DA705B97}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{913CEAA5-24AC-4B91-A193-EAE47570E536}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{B51EDDD4-C10B-41A2-8ED5-5EEEBA85DB03}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{754F51B1-2A82-4CB4-8C02-99039164C3EA}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{F405AEC2-B264-475C-8620-07E8BE9D888C}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{57851EC7-0C25-4F95-8264-F35147675DCB}) (Version: 17.2.32408 - Microsoft Corporation) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.7.0 - Azureus Software, Inc.)
Warsaw 2.34.1.1 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.34.1.1 - Topaz)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.9.0 - ASUSTeK COMPUTER INC.)
ZenAnywhere (HKLM\...\{F49A2D02-F515-4AB5-AA93-A8BB0571FD52}) (Version: 4.5.28 - Orbweb Inc.) Hidden
ZenAnywhere (HKLM-x32\...\ZenAnywhere 4.5.28) (Version: 4.5.28 - Orbweb Inc.)
Zoom (HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\ZoomUMX) (Version: 5.7.6 (1055) - Zoom Video Communications, Inc.)
Packages:
=========
ASUS Battery Health Charging -> C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy [2021-10-14] (ASUSTeK COMPUTER INC.) [Startup Task]
ASUS GIFTBOX -> C:\Program Files\WindowsApps\B9ECED6F.ASUSGIFTBOX_3.2.4.0_x64__qmba6cd70vzyy [2022-09-26] (ASUSTeK COMPUTER INC.)
ASUS Product Registration Program -> C:\Program Files\WindowsApps\B9ECED6F.ASUSProductRegistrationProgram_3.0.3.0_x86__qmba6cd70vzyy [2021-10-14] (ASUSTeK COMPUTER INC.) [Startup Task]
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-14] (Microsoft Corporation)
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.30.520.0_x86__q7m17pa7q8kj0 [2023-02-17] (Deezer SA)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.16.352.0_x64__rz1tebttyb220 [2023-02-22] (Dolby Laboratories)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2022.4.2.0_x64__t5j2fzbtdg37r [2023-02-17] (DTS, Inc.)
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2021-10-14] (ASUSTeK COMPUTER INC.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa [2023-01-14] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-09-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-09-25] (Microsoft Corporation) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10126.517.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-17] (NVIDIA Corp.)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2023-02-17] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-02-17] (Microsoft Studios) [MS Ad]
Splendid -> C:\Program Files\WindowsApps\B9ECED6F.Splendid_1.0.15.0_x64__qmba6cd70vzyy [2021-10-14] (ASUSTeK COMPUTER INC.) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0 [2023-02-17] (Spotify AB) [Startup Task]
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2023-01-13] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2023-01-13] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
==================== Análise Personalizada CLSID (Whitelisted): ==============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-3684977379-4134005145-3223122422-1004_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\nio\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3684977379-4134005145-3223122422-1004_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\nio\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.8.261\1596E5851D\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-3684977379-4134005145-3223122422-1004_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\nio\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.8.261\1596E5851D\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
CustomCLSID: HKU\S-1-5-21-3684977379-4134005145-3223122422-1004_Classes\CLSID\{d9fb3690-9bd4-4613-9398-ff574d5e5a1e}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-13] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-11-08] (Notepad++ -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-09-25] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.8] -> {2072673C-3290-48FF-8503-8F69FACA7B02} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\x64\shellex.dll [2023-01-23] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Nenhum Arquivo
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2021-11-18] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [UnLockerMenu] -> {A6FF0E3A-8437-482C-8E04-4F9E15C57538} =>  -> Nenhum Arquivo
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-09-25] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.8] -> {2072673C-3290-48FF-8503-8F69FACA7B02} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\x64\shellex.dll [2023-01-23] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-09-25] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.8] -> {2072673C-3290-48FF-8503-8F69FACA7B02} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\x64\shellex.dll [2023-01-23] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\70.0.2.0\drivefsext.dll [2023-02-13] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-09-25] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxDTCM.dll [2020-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvamig.inf_amd64_0c50dc64ed3c91bc\nvshext.dll [2022-07-28] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-09-25] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.8] -> {2072673C-3290-48FF-8503-8F69FACA7B02} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\x64\shellex.dll [2023-01-23] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-3684977379-4134005145-3223122422-1004: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> Nenhum Arquivo
==================== Codecs (Whitelisted) ====================
==================== Atalhos & WMI ========================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\nio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\TeamViewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=oooiobdokpcfdlahlmcddobejikcmkfo
ShortcutWithArgument: C:\Users\nio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\draw.io Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=pebppomjfocnoigkeepgbmcifnnlndla
ShortcutWithArgument: C:\Users\nio\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8a6c2e281a335bdc\Mendeley Web Importer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dagcmkpagjlhakfdhnbomgmjdpkdklff
==================== Módulos Carregados (Whitelisted) =============
2007-06-15 02:35 - 2007-06-15 02:35 - 000626688 _____ () [Arquivo não assinado] C:\Program Files (x86)\FlashGet\FGBTCORE.dll
2007-06-14 06:52 - 2007-06-14 06:52 - 001327184 _____ () [Arquivo não assinado] C:\Program Files (x86)\FlashGet\FGEMCORE.dll
2007-05-18 12:13 - 2007-05-18 12:13 - 000045056 _____ (flashget) [Arquivo não assinado] C:\Program Files (x86)\FlashGet\debugrpt.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Arquivo não assinado] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Arquivo não assinado] c:\windows\system32\hpzipm12.dll
2022-09-23 16:34 - 2022-07-15 10:00 - 000094720 _____ (Igor Pavlov) [Arquivo não assinado] C:\Program Files\7-Zip\7-zip.dll
2020-08-10 16:57 - 2020-08-10 16:57 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-08-10 16:57 - 2020-08-10 16:57 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2022-05-07 15:32 - 2022-05-07 15:32 - 000181248 _____ (pdfforge GmbH) [Arquivo não assinado] C:\WINDOWS\System32\pdfcmon.dll
2007-05-18 12:13 - 2007-05-18 12:13 - 000053329 _____ (www.flashget.com) [Arquivo não assinado] C:\Program Files (x86)\FlashGet\fgmgr.dll
2007-05-18 12:13 - 2007-05-18 12:13 - 000176208 _____ (www.flashget.com) [Arquivo não assinado] C:\Program Files (x86)\FlashGet\fgupdate.dll
==================== Alternate Data Streams (Whitelisted) ========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2334]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [135]
==================== Modo de Segurança (Whitelisted) ==================
==================== Associação (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: FGCatchUrl -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\FlashGet\jccatch.dll [2007-08-06] (www.flashget.com) [Arquivo não assinado]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2022-10-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Program Files (x86)\DAP\LinkVerifier.dll [2022-06-12] (Speed-Bit LTD -> Speedbit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-10-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: FlashGet GetFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\FlashGet\getflash.dll [2007-05-18] (www.flashget.com) [Arquivo não assinado]
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_301-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0018-0000-00301-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_301-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_301-windows-i586.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-17] (Microsoft Corporation -> Microsoft Corporation)
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\ed.ac.uk -> hxxps://homepages.inf.ed.ac.uk
IE trusted site: HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\sharepoint.com -> hxxps://petrobrasbr-files.sharepoint.com
==================== Hosts Conteúdo: =========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2018-04-11 19:38 - 2022-06-13 14:18 - 000000876 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 view-localhost # view localhost server
2021-10-27 08:40 - 2021-10-27 08:40 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Outras Áreas ===========================
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v11.7\bin;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v11.7\libnvvp;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Graphviz2.38\bin;C:\WINDOWS;C:\WINDOWS\system32;C:\WINDOWS\;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Polyspace\R2020b\runtime\win64;C:\Program Files\Polyspace\R2020b\bin;C:\Program Files\Polyspace\R2020b\polyspace\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\MATLAB\R2022b\runtime\win64;C:\Program Files\MATLAB\R2022b\bin;C:\Program Files\NVIDIA Corporation\Nsight Compute 2022.2.1\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\nio\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-80-2318606733-4105731500-2265514868-2382646068-3090068018\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 181.213.132.5 - 181.213.132.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Se uma entrada for incluída na fixlist, será removida.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: brave => 2
MSCONFIG\Services: bravem => 3
MSCONFIG\Services: client_service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 2
MSCONFIG\Services: DevActSvc => 3
MSCONFIG\Services: EPLAN Client Service => 3
MSCONFIG\Services: esifsvc => 2
MSCONFIG\Services: ftnlsv3hv => 2
MSCONFIG\Services: ftscanmgrhv => 2
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GiftBox.Service => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICEsoundService => 2
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: KSDE5.3 => 2
MSCONFIG\Services: LkCitadelServer => 3
MSCONFIG\Services: lkClassAds => 2
MSCONFIG\Services: lkTimeSync => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NIDomainService => 2
MSCONFIG\Services: niSvcLoc => 2
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: RtkBtManServ => 2
MSCONFIG\Services: Schneider Electric SUT Service => 2
MSCONFIG\Services: SetupARService => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: vmwsprrdpwks => 2
MSCONFIG\Services: Wondershare InstallAssist => 2
MSCONFIG\Services: ZenAnywhere => 3
MSCONFIG\Services: ZenAnywhere Updater => 3
MSCONFIG\Services: ZenAnywhereNetworkService => 3
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKLM\...\StartupApproved\Run32: => "NI Background Service"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Syncios device service"
HKLM\...\StartupApproved\Run32: => "SESU"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\StartupFolder: => "ctfmon.exe.lnk"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_315ABC1E4B46CD6BA7C6666A946401F0"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\Run: => "MiPhoneManager"
HKU\S-1-5-21-3684977379-4134005145-3223122422-1004\...\StartupApproved\Run: => "DownloadAccelerator"
==================== Regras do Firewall (Whitelisted) ================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{7959744D-234A-402F-9ECC-24735D758AD9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{96122FA9-2FB7-402A-B3E7-F2C277A26C2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{26FCB3C2-009D-46AD-8BB3-5F19F57B7D4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C34B2C8E-AFD4-4472-85D7-C0E4DE86B33F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{9B00DFF2-2400-477C-B108-5323A6EA6226}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FF30C41C-4DD9-4493-B610-74BA697C0ED5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{E17784A6-0878-4F21-B8EF-677CEB362E2A}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{5B076A89-845D-49C4-BFBB-EB39B8385E6B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{D437F8B5-8CD4-4A74-918F-D5D9D8389D45}C:\program files\eplan\platform\2.9.4\bin\eplan.exe] => (Block) C:\program files\eplan\platform\2.9.4\bin\eplan.exe (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
FirewallRules: [TCP Query User{AE2A5DBD-F651-4650-8F55-051DBC27B6C0}C:\program files\eplan\platform\2.9.4\bin\eplan.exe] => (Block) C:\program files\eplan\platform\2.9.4\bin\eplan.exe (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
FirewallRules: [UDP Query User{58F0A0BA-87AD-482C-ADBE-042AA8D5C7E7}C:\program files\eplan\platform\2.9.4\bin\eplan.exe] => (Block) C:\program files\eplan\platform\2.9.4\bin\eplan.exe (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
FirewallRules: [TCP Query User{5217325B-1F33-4BAC-9394-06599986D5D7}C:\program files\eplan\platform\2.9.4\bin\eplan.exe] => (Block) C:\program files\eplan\platform\2.9.4\bin\eplan.exe (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
FirewallRules: [{85469388-AE7D-43E9-8D66-75156696BDBC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C26FF07F-76C7-422B-8337-0BBE1A429E7B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B83CF615-164C-4F94-9A9A-2133CD54A496}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2CB8797E-C4C3-42D1-BD68-38DA0FCFE380}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [UDP Query User{83DB4A5D-CA9C-4DE4-94D8-374401CD491C}C:\arquivos de programas rfb\irpf2022\java-runtime\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2022\java-runtime\bin\javaw.exe
FirewallRules: [TCP Query User{C5A45B8B-B0A0-4378-B0D1-DD22621146D5}C:\arquivos de programas rfb\irpf2022\java-runtime\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2022\java-runtime\bin\javaw.exe
FirewallRules: [UDP Query User{CB3EFD2A-997E-4E95-BA54-6EDC43A911B6}C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe] => (Block) C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe
FirewallRules: [TCP Query User{ED05A124-6D3E-43AC-9887-7B488AEB6727}C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe] => (Block) C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe
FirewallRules: [UDP Query User{185227E4-A1C1-4EED-A081-19DEB8248EC7}C:\users\nio\downloads\skm power tools - 7.0.2.4\install\ptw32\bin\server\ptserv32.exe] => (Allow) C:\users\nio\downloads\skm power tools - 7.0.2.4\install\ptw32\bin\server\ptserv32.exe (POET Software) [Arquivo não assinado]
FirewallRules: [TCP Query User{B5A5930A-06CA-4609-903F-205D26E59E46}C:\users\nio\downloads\skm power tools - 7.0.2.4\install\ptw32\bin\server\ptserv32.exe] => (Allow) C:\users\nio\downloads\skm power tools - 7.0.2.4\install\ptw32\bin\server\ptserv32.exe (POET Software) [Arquivo não assinado]
FirewallRules: [UDP Query User{E81FE99E-8DF5-418D-ABD5-44710BA2D7FF}C:\program files (x86)\flashget\flashget.exe] => (Allow) C:\program files (x86)\flashget\flashget.exe (FlashGet.com) [Arquivo não assinado]
FirewallRules: [TCP Query User{0438D7C8-A921-49C0-877C-107C0D5A7CD7}C:\program files (x86)\flashget\flashget.exe] => (Allow) C:\program files (x86)\flashget\flashget.exe (FlashGet.com) [Arquivo não assinado]
FirewallRules: [UDP Query User{73169425-D3CF-4472-9C73-AAFFDA1B0E64}C:\users\nio\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\nio\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{BE33105E-1B4F-455D-90BC-5E30FB4C0993}C:\users\nio\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\nio\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{EAF0D0C3-7278-4D8D-A695-7B20F216C612}] => (Allow) C:\Users\nio\AppData\Local\MiPhoneManager\main\MiPCSuite.exe (Xiaomi Technology Inc -> Xiaomi.Inc)
FirewallRules: [{ED679C58-F3BA-4319-83DC-68AC42C4FA07}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4D8CC12-9853-494F-AFFE-0876CF73A90D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D333FCEC-5C14-4CC7-8765-29B7B1B4BD9D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72356014-0E23-4648-9A24-C4F848B98688}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B5A663C7-ACFD-4448-87E1-B42968D9288B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE07395A-8916-4157-9777-B129CC876F7A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{E70163DC-2099-4E02-A8F0-CF9FAA1C063F}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{9CA684AC-DA3C-4C0C-9EA4-61F0541602E0}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{20151A1C-C2B9-4268-BF5A-BAF5D9AFC5A6}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{294D189C-E95B-4FB4-A687-A9EB287B2CAF}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{6C6F0CDC-F202-41FD-AC0B-1027B950A0A1}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\x64\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{6CE0FD0D-365E-4544-A918-6A0DD9B767D1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C45DFB45-B95E-4617-A72F-E70E34E55C7C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EBC6ACF2-4FDA-4035-8DD7-920079DBB462}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4D5D0B9E-A2D0-45AE-80FC-252AEC418F07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B071845E-A0C3-48F2-9E04-2176488607A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F767D34E-548D-4CF6-BF7C-02E5DB27D8AC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{03D956D3-416C-46AC-AF8B-C71FEC59CB04}C:\program files\windowsapps\spotifyab.spotifymusic_1.162.583.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.162.583.0_x86__zpdnekdrzrea0\spotify.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{61805B19-13DF-4273-A50F-866385E13720}C:\program files\windowsapps\spotifyab.spotifymusic_1.162.583.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.162.583.0_x86__zpdnekdrzrea0\spotify.exe => Nenhum Arquivo
FirewallRules: [TCP Query User{50F67DD0-64D0-411B-8447-A355A3075588}C:\program files (x86)\flashget\flashget.exe] => (Allow) C:\program files (x86)\flashget\flashget.exe (FlashGet.com) [Arquivo não assinado]
FirewallRules: [UDP Query User{0FA66407-CCA1-447C-A605-910EEAF17546}C:\program files (x86)\flashget\flashget.exe] => (Allow) C:\program files (x86)\flashget\flashget.exe (FlashGet.com) [Arquivo não assinado]
FirewallRules: [{B33170D4-ED99-4030-91A2-DB3E68D7D8D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6ECEDDA-2186-44D4-B525-5AFDE3DCAA73}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2ACF9B40-4697-4214-ADAA-53A2FA4A432A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A4FC67FD-8FB7-46EE-BEC1-13831BF38F0F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{99314779-A45A-4947-8B68-122B8B2AB85F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C808296C-DB6D-4DFE-942C-7FF47CF6FCDC}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{1DBCF1AD-BBB1-40E8-A3D0-33B36DE83B16}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{580DE7B9-1878-44FB-B424-9B857C7A894C}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{0E3439B3-C442-4068-A688-CD67B8DC650F}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{D37CB4CE-D7FA-4164-B482-9DAD16B0B541}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{1ED7B8F8-7AFA-4CA9-8854-F840F3E7780C}C:\program files\windowsapps\spotifyab.spotifymusic_1.162.583.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.162.583.0_x86__zpdnekdrzrea0\spotify.exe => Nenhum Arquivo
FirewallRules: [UDP Query User{EC5A72E1-E3AB-4252-9C02-FAE7B12803EE}C:\program files\windowsapps\spotifyab.spotifymusic_1.162.583.0_x86__zpdnekdrzrea0\spotify.exe] => (Allow) C:\program files\windowsapps\spotifyab.spotifymusic_1.162.583.0_x86__zpdnekdrzrea0\spotify.exe => Nenhum Arquivo
FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{384AE6C7-F5D0-416E-81BC-EF1F7C4C4B88}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B3C1233F-5737-43B2-AF66-EFDED042D5D2}] => (Allow) C:\Program Files\Tribler\tribler.exe () [Arquivo não assinado]
FirewallRules: [{4756F572-FE9C-47AF-BB60-B4979C18B694}] => (Allow) C:\Program Files\Tribler\tribler.exe () [Arquivo não assinado]
FirewallRules: [{940D42F9-A6FE-4D5A-BCB1-508798C5A88D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{09DF5E3F-C789-4081-8D20-50CB84377257}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2EE03AF7-118C-4732-8E26-63524B0A5662}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5630A8A1-05FB-49DE-8D83-DC3904809F2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E17C1A54-848B-416F-94BD-538CC2FD69D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{53C6700F-3F63-4FC8-A1A9-87E6944ED8A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BA473111-0395-469A-9FA9-4C6436DA8793}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3449AB05-F542-44F8-94A0-721AC1FC6536}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{805FD149-70FA-45CF-A736-B76ED3F08050}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{F483F162-D5D3-464E-8248-9B48EA5ED08D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02149A9D-7A56-4F99-A9EB-B2EE2185762F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C973853E-7A47-4FB1-B84A-463FA5B2AFB7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{446E31BA-1C3C-4A73-B50B-671C05A865B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE07C9E6-45FB-4604-B48C-9AC0F000F3CB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3885B5E-321D-4596-ACCE-70ABBA912E84}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Pontos de Restauração =========================
24-02-2023 16:23:28 Installed Photo Plan.
24-02-2023 17:45:47 Installed PVsyst
24-02-2023 17:52:39 Installed PVsyst
24-02-2023 17:57:39 Removed PVsyst
24-02-2023 18:00:05 Installed PVsyst
==================== Dispositivos Apresentando Falhas No Gerenciador ============
==================== Erros no Log de eventos: ========================
Erros em Aplicativos:
==================
Error: (02/28/2023 08:19:21 AM) (Source: niZeroconfService) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  25 2.9.0.3.2.0.C.A.E.8.3.C.E.5.A.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR LAPTOP-IMQJAEGH-2.local.
Error: (02/28/2023 08:19:21 AM) (Source: niZeroconfService) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.148:5353  23 2.9.0.3.2.0.C.A.E.8.3.C.E.5.A.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR LAPTOP-IMQJAEGH.local.
Error: (02/28/2023 08:19:21 AM) (Source: niZeroconfService) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  25 4.9.8.4.B.C.3.4.1.F.B.9.3.1.C.9.7.7.1.9.A.9.4.1.D.4.1.0.4.0.8.2.ip6.arpa. PTR LAPTOP-IMQJAEGH-2.local.
Error: (02/28/2023 08:19:21 AM) (Source: niZeroconfService) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.148:5353  23 4.9.8.4.B.C.3.4.1.F.B.9.3.1.C.9.7.7.1.9.A.9.4.1.D.4.1.0.4.0.8.2.ip6.arpa. PTR LAPTOP-IMQJAEGH.local.
Error: (02/28/2023 08:19:21 AM) (Source: niZeroconfService) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  25 7.0.8.5.1.1.2.E.6.5.6.3.D.5.7.1.7.7.1.9.A.9.4.1.D.4.1.0.4.0.8.2.ip6.arpa. PTR LAPTOP-IMQJAEGH-2.local.
Error: (02/28/2023 08:19:21 AM) (Source: niZeroconfService) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.148:5353  23 7.0.8.5.1.1.2.E.6.5.6.3.D.5.7.1.7.7.1.9.A.9.4.1.D.4.1.0.4.0.8.2.ip6.arpa. PTR LAPTOP-IMQJAEGH.local.
Error: (02/28/2023 08:19:21 AM) (Source: niZeroconfService) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  25 148.0.168.192.in-addr.arpa. PTR LAPTOP-IMQJAEGH-2.local.
Error: (02/28/2023 08:19:21 AM) (Source: niZeroconfService) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.148:5353  23 148.0.168.192.in-addr.arpa. PTR LAPTOP-IMQJAEGH.local.
Erros de Sistema:
=============
Error: (02/28/2023 08:20:26 AM) (Source: googledrivefs3758) (EventID: 2) (User: )
Description: The driver version of the disk does not match.
Error: (02/28/2023 08:19:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço hardlock devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (02/28/2023 08:19:12 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: hardlock.sys
Error: (02/28/2023 08:18:57 AM) (Source: volmgr) (EventID: 161) (User: )
Description: Falha na criação do arquivo despejo devido a um erro durante a criação do despejo.
Error: (02/28/2023 08:19:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 8:45:11 PM do dia ‎2/‎27/‎2023 não era esperado.
Error: (02/27/2023 11:39:11 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-IMQJAEGH)
Description: O servidor {3C5E2B20-B911-44E2-A2DD-9F05E7B5E775} não se registrou no DCOM dentro do tempo limite necessário.
Error: (02/27/2023 09:56:49 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: F:\Device\HarddiskVolume73
Error: (02/27/2023 09:21:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Windows Defender:
================
Date: 2023-02-24 16:16:37
Description:
O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {766F8D30-4FB2-47F2-BFFD-100F4D4E1CCD}
Tipo de Exame: Antimalware
Parâmetros do Exame: Quick Scan
Usuário: NT AUTHORITY\SYSTEM
Date: 2023-02-24 13:46:50
Description:
O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {97A8000F-3726-4C21-B229-3031D36EA468}
Tipo de Exame: Antimalware
Parâmetros do Exame: Quick Scan
Usuário: NT AUTHORITY\SYSTEM
Date: 2023-02-24 12:47:32
Description:
O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {D79DF850-E585-4B33-A808-7B91A5A7B850}
Tipo de Exame: Antimalware
Parâmetros do Exame: Quick Scan
Usuário: NT AUTHORITY\SYSTEM
Date: 2023-01-22 20:35:00
Description:
O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {73760D93-F8EE-485E-9D09-4A14F1A01E60}
Tipo de Exame: Antimalware
Parâmetros do Exame: Quick Scan
Usuário: NT AUTHORITY\SYSTEM
Date: 2023-01-20 20:35:15
Description:
O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão.
ID do Exame: {9158C899-FC7E-4AD4-8CAC-1C19413FCA5C}
Tipo de Exame: Antimalware
Parâmetros do Exame: Quick Scan
Usuário: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-02-28 08:35:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume5\Program Files\Topaz OFD\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.
Date: 2023-02-28 08:35:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky 21.8\avp.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-02-28 08:35:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
BIOS: American Megatrends Inc. X705UNR.317 04/17/2019
placa-mãe: ASUSTeK COMPUTER INC. X705UNR
Processador: Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz
Percentagem de memória em uso: 84%
RAM física total: 8078.52 MB
RAM física disponível: 1264.72 MB
Virtual Total: 16078.52 MB
Virtual disponível: 7593.42 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:237.42 GB) (Free:20.33 GB) (Model: HFS256G39TND-N210A) NTFS
Drive d: (New Volume) (Fixed) (Total:931.5 GB) (Free:282 GB) (Model: ST1000LM035-1RK172) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:0 GB) (Model: ST1000LM035-1RK172) FAT32
\\?\Volume{9d29e5fa-0655-42ac-8fa7-8232d87766fa}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.29 GB) NTFS
\\?\Volume{6021c21e-0c73-4394-a90b-d630c66e6042}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Tabela de Partições ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 523A263E)
Partition: GPT.
==================== Fim de Addition.txt =======================

ajudinha...


https://www.cjoint.com/c/LEmcNCgylqI

https://www.cjoint.com/c/LEmddZqJjDI

Cyber Highlander tenho o Vírus .eml vi o seu post que ajudou o Scorpions poderia me ajudar ?

Olá, adquiri um PC recentemente e essas são as configurações dele
Processador: AMD A6-5400B APU with Radeon(tm) HD Graphics 3.59 GHz
RAM: 12,0 GB
Placa de vídeo: AMD Radeon R7 240
SSD: 480 GB



Mas desde que comecei a utilizar notei que não conseguia utilizar dois aplicativos ao mesmo tempo, esse é apenas um print fiz o upload, qualquer aplicativo que estiver aberto consumirá quase que 100% começando assim a travar.