Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 14-11-2021 Executado por Pedro (14-11-2021 12:36:24) Executando a partir de C:\Users\Pedro\Desktop Microsoft Windows 10 Pro Versão 21H1 19043.1348 (X64) (2021-10-06 21:21:33) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-611549626-2275227888-1322670845-500 - Administrator - Disabled) Convidado (S-1-5-21-611549626-2275227888-1322670845-501 - Limited - Disabled) DefaultAccount (S-1-5-21-611549626-2275227888-1322670845-503 - Limited - Disabled) Pedro (S-1-5-21-611549626-2275227888-1322670845-1001 - Administrator - Enabled) => C:\Users\Pedro WDAGUtilityAccount (S-1-5-21-611549626-2275227888-1322670845-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Bitdefender Antivirus Free Antimalware (Disabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Photoshop 2021 (HKLM\...\Adobe Photoshop 2021_is1) (Version: 22.4 - SanLex) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) BCC 8 OFX 64Bit (HKLM\...\{24D38864-527F-4688-B831-A1A4CC60CD54}) (Version: 8.0.1 - Boris FX, Inc.) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.194 - Bitdefender) Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.21.267 - Bitdefender) BitTorrent (HKU\S-1-5-21-611549626-2275227888-1322670845-1001\...\BitTorrent) (Version: 7.10.5.46097 - BitTorrent Inc.) BorisFX Sapphire OFX (HKLM\...\GenArts Sapphire OFX_is1) (Version: 11.0 - Team V.R) Discord (HKU\S-1-5-21-611549626-2275227888-1322670845-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line) FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-611549626-2275227888-1322670845-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.11.8744 - Logitech) Magic Bullet Suite 64-bit (HKLM\...\{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes) MeldaProduction Audio Plugins 14 (HKLM-x32\...\MeldaProduction Audio Plugins 14) (Version: - MeldaProduction) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.53 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.53 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-611549626-2275227888-1322670845-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) NVIDIA Driver de áudio HD 1.3.38.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.92 - NVIDIA Corporation) NVIDIA Driver de gráficos 496.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 496.49 - NVIDIA Corporation) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation) Port Forward Network Utilities version 3.3.0.0 (HKLM-x32\...\{532683E3-230C-49B0-9609-10A5228F1445}_is1) (Version: 3.3.0.0 - Portforward, LLC) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) VEGAS Pro 14.0 - Steam Powered (64-bit) (HKLM\...\{6FE6DD00-61C2-11E7-A4ED-95BE57594EAC}) (Version: 14.0.271 - VEGAS) Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation) Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.21.0.44 - Voicemod S.L.) WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH) Packages: ========= Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-28] (NVIDIA Corp.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0 [2021-10-31] (Spotify AB) [Startup Task] ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-611549626-2275227888-1322670845-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-13] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_44dc4eefedc0d082\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-11-13] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2021-11-03 22:57 - 2021-11-03 16:45 - 000635904 _____ () [Arquivo não assinado] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgyjhioihinfh [0] ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-611549626-2275227888-1322670845-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-611549626-2275227888-1322670845-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pedro\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dragon ball tohad.jpg DNS Servers: 181.213.132.2 - 181.213.132.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKU\S-1-5-21-611549626-2275227888-1322670845-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-611549626-2275227888-1322670845-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-611549626-2275227888-1322670845-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-611549626-2275227888-1322670845-1001\...\StartupApproved\Run: => "Voicemod" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{29605282-E75F-4E09-A674-9D6BA922D73A}] => (Allow) E:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{2D686219-39D4-4890-B9EE-CC90C72E2179}] => (Allow) E:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{1D9E0EAA-57D5-43C5-834D-05603D731B21}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{FA6B35D9-A51D-4FAA-A5AB-39F7B13005DE}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{B004C18F-7406-49A2-95ED-03FD3124BA65}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{F3D74BC9-18AC-4297-AE4F-1C8DEC1F71CA}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve) FirewallRules: [{59ACEE1F-E7CB-4E88-8DAF-AB048327A8AB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svencoop.exe (Sven Co-op team) [Arquivo não assinado] FirewallRules: [{6F0DF55E-1618-4286-867D-C012CCF02003}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svencoop.exe (Sven Co-op team) [Arquivo não assinado] FirewallRules: [{09F0A2D4-31C3-4C34-AAEA-B92EF747759C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svends.exe (Sven Co-op team) [Arquivo não assinado] FirewallRules: [{DAD32CFF-B8B5-479F-966E-1076E9BF4733}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svends.exe (Sven Co-op team) [Arquivo não assinado] FirewallRules: [{CCD71120-A726-4336-BCDD-1CC86FEFBBA4}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Barony\barony.exe (Turning Wheel LLC) [Arquivo não assinado] FirewallRules: [{B6BA7EBE-3372-470B-987E-C53009BE3BD3}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Barony\barony.exe (Turning Wheel LLC) [Arquivo não assinado] FirewallRules: [{8D33F17B-F31F-4300-B510-45B960C9007E}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Barony\editor.exe (Turning Wheel LLC) [Arquivo não assinado] FirewallRules: [{BC599A6F-0FEE-4024-8110-7C5C3D0594D9}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Barony\editor.exe (Turning Wheel LLC) [Arquivo não assinado] FirewallRules: [{409A3598-47B9-4CCB-84E9-F653EC9A441D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{6226804B-235A-4DFA-A588-A50E33032E0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4E093BF3-8436-440E-A6D5-B8D63D40DBB3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8C8E8549-99EB-4B47-88CA-ED705EB7C0C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{23557DC2-E1D3-4D64-93D4-A3AB4EC94F1A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8A7435E6-F087-4AF8-859D-29245E6F5E74}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{61716E7F-2E6E-4444-97BF-C1FE0D4FFB83}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{D5C90BEE-9DAF-4FAD-9FF8-7D248901439F}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [{6349B7A2-E634-47B3-9EF2-0EAF243B3F29}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{2CD9B4A1-554E-4319-9B99-11F9EDFFA486}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{ABA4BC52-87BA-49D4-958C-A8416E4BA686}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{2842059B-36A1-494E-B226-AD3D17CE7D0B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{E91091A4-599C-43D4-AB3D-A8329ED62157}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vegas Pro 14.0\Vegas Pro 14.0\launch_vegas140.exe (MAGIX Software GmbH -> MAGIX Software GmbH) FirewallRules: [{9379755A-AD2A-436D-B40A-4279708D30F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Vegas Pro 14.0\Vegas Pro 14.0\launch_vegas140.exe (MAGIX Software GmbH -> MAGIX Software GmbH) FirewallRules: [TCP Query User{6484A314-3E3F-492A-BFC8-79A67A011677}C:\program files (x86)\steam\steamapps\common\vegas pro 14.0\vegas pro 14.0\vegas140.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vegas pro 14.0\vegas pro 14.0\vegas140.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) FirewallRules: [UDP Query User{2D18A1E8-0D93-4ECD-8103-DDEB5AFF1EE7}C:\program files (x86)\steam\steamapps\common\vegas pro 14.0\vegas pro 14.0\vegas140.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\vegas pro 14.0\vegas pro 14.0\vegas140.exe (MAGIX Software GmbH -> MAGIX Computer Products Intl. Co.) FirewallRules: [TCP Query User{16A40F2D-0BC3-4EEA-ADB6-14BD35C4337D}C:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mccwinstore-win64-shipping.exe] => (Allow) C:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mccwinstore-win64-shipping.exe => Nenhum Arquivo FirewallRules: [UDP Query User{3A4D3EF4-EAEC-4D60-B390-CC4885F80D74}C:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mccwinstore-win64-shipping.exe] => (Allow) C:\program files\modifiablewindowsapps\halomcc\mcc\binaries\win64\mccwinstore-win64-shipping.exe => Nenhum Arquivo FirewallRules: [{A7D042DB-EF6C-4474-987D-8243F0F3E14D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [Arquivo não assinado] FirewallRules: [{351B1316-38F7-4839-949D-D3A42BB9CFFF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{D3601A19-9189-4ECD-9F6E-BB672D73B4FB}C:\users\pedro\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\pedro\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{7DA62997-B1AC-4CA2-8543-1EC37B52B42F}C:\users\pedro\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\pedro\appdata\roaming\bittorrent\bittorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{550E46E9-1527-4E8A-BE68-BEB188EA6C13}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> ) FirewallRules: [{67EBE022-FE1D-4469-9ABD-6DF97F070BEB}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> ) FirewallRules: [TCP Query User{E162A109-BF45-44BB-BEFB-63AAC6E5737E}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{D0770221-E450-4B5F-82F3-DB6F05882BA2}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [{E051427B-5A48-41E0-A2D4-12D5717F60F8}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SpiderHeck Demo\SPIDERHECK.exe () [Arquivo não assinado] FirewallRules: [{28BABBFC-B66A-40EE-A55B-D493F797256D}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SpiderHeck Demo\SPIDERHECK.exe () [Arquivo não assinado] FirewallRules: [{73FF3F16-4E2A-4D00-B401-CB5596113B7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM Co.,Ltd. -> CAPCOM U.S.A, INC.) FirewallRules: [{72A541F6-7981-4C26-B2D1-507D87971DEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 4\Bin32\bio4.exe (CAPCOM Co.,Ltd. -> CAPCOM U.S.A, INC.) FirewallRules: [{252CF52E-4253-4918-8EF9-A784F986610A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{C97B8615-F525-4A7A-BF40-4226E1D44AA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4D1F9A99-1187-4A79-99A5-EAA76085BD06}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{D26BCA47-2A5B-4A70-B061-2761E96C42C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{99CCC30D-16FF-413D-BD05-5AEF8CA22936}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E437D695-B9BB-4756-B96B-B1330D3C01BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{68F99FFB-D2D7-482D-BE0A-D6462B03793D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E7DE1703-F8FD-4C99-B02A-AA84F11A497D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0F980A83-FDD7-4195-A2A7-4541C6FAD991}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{938D77DB-1346-484C-B22C-4B57F677D413}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{37D0D293-7F92-450F-B754-A56F4AFD24DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{3CDC4420-030B-4F29-9C5B-D94D8BD32613}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\bin\gmod.exe () [Arquivo não assinado] FirewallRules: [{B7D64187-DC9A-4F37-9DC8-D48C6DFB679A}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\bin\gmod.exe () [Arquivo não assinado] FirewallRules: [{BB637A54-AB38-44BB-83E6-0F8B46915538}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\bin\win64\gmod.exe () [Arquivo não assinado] FirewallRules: [{29A04C53-A861-4F1C-8277-26EE9AE92879}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\bin\win64\gmod.exe () [Arquivo não assinado] FirewallRules: [{B7D718BA-1AFF-4457-99F1-A81D8E5A9177}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BAA50448-985E-4BCA-AED4-D5A03764D638}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{ADEAAFB0-741F-48A5-ABD0-D0C1087D5835}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E81CB669-0F3C-40CE-930B-5B2F4D27DD99}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{12DD3FAF-7C2B-40E9-9DFA-1778E19FB62B}C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\eb75e920-94eb-11ea-a64d-17be303ea466\bins\16.2\1.32a\lolminer.exe] => (Allow) C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\eb75e920-94eb-11ea-a64d-17be303ea466\bins\16.2\1.32a\lolminer.exe => Nenhum Arquivo FirewallRules: [UDP Query User{AFB10339-6A8C-497B-A4A8-21CEB287CDA5}C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\eb75e920-94eb-11ea-a64d-17be303ea466\bins\16.2\1.32a\lolminer.exe] => (Allow) C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\eb75e920-94eb-11ea-a64d-17be303ea466\bins\16.2\1.32a\lolminer.exe => Nenhum Arquivo FirewallRules: [TCP Query User{5D2AED70-F981-45DA-8CDF-79F52E755CF1}C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\16.1\miner.exe] => (Allow) C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\16.1\miner.exe => Nenhum Arquivo FirewallRules: [UDP Query User{BA9BA710-9356-4E57-A707-1942132541AE}C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\16.1\miner.exe] => (Allow) C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\e7a58030-94eb-11ea-a64d-17be303ea466\bins\16.1\miner.exe => Nenhum Arquivo FirewallRules: [TCP Query User{811F2AC2-0A24-4FBF-B288-199DECBB6BFF}C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\f25fee20-94eb-11ea-a64d-17be303ea466\bins\16.1\nanominer-windows-3.3.14-cuda11\nanominer.exe] => (Allow) C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\f25fee20-94eb-11ea-a64d-17be303ea466\bins\16.1\nanominer-windows-3.3.14-cuda11\nanominer.exe => Nenhum Arquivo FirewallRules: [UDP Query User{AE279953-36C3-4F3B-BDCB-D91ECD504A66}C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\f25fee20-94eb-11ea-a64d-17be303ea466\bins\16.1\nanominer-windows-3.3.14-cuda11\nanominer.exe] => (Allow) C:\users\pedro\appdata\local\programs\nicehash miner\miner_plugins\f25fee20-94eb-11ea-a64d-17be303ea466\bins\16.1\nanominer-windows-3.3.14-cuda11\nanominer.exe => Nenhum Arquivo FirewallRules: [TCP Query User{AF8A183E-2D2C-4476-927C-B01CD9474AC5}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{527EAD72-A29F-478A-A849-86D5E4102663}C:\program files\lghub\lghub_agent.exe] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [{B85B1055-27E6-4740-ABFA-033954BA4187}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Pontos de Restauração ========================= 11-11-2021 18:34:27 Instalador de Módulos do Windows 13-11-2021 17:14:29 Removed Verificação de integridade do PC Windows ==================== Dispositivos Apresentando Falhas No Gerenciador ============ Name: Controlador de barramento SM Description: Controlador de barramento SM Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (11/13/2021 02:15:10 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa Microsoft.Photos.exe versão 2021.21090.10008.0 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 2950 Hora de Início: 01d7d82c7149ed86 Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe ID do Relatório: e98cbb60-1c06-4051-a4ca-f7c7366911f2 Nome completo do pacote com falha: Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: App Tipo com falha: Quiesce Error: (11/12/2021 07:52:51 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-T82EIRJ) Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status. Error: (11/12/2021 03:46:24 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-T82EIRJ) Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status. Error: (11/12/2021 11:45:35 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-T82EIRJ) Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status. Error: (11/12/2021 08:12:36 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-T82EIRJ) Description: Não foi possível abrir o objeto de desempenho do serviço do Servidor. Os primeiros quatro bytes (DWORD) da seção de dados contém o código do status. Error: (11/12/2021 02:38:44 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa YourPhone.exe versão 1.21092.149.0 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 23e8 Hora de Início: 01d7d7585d5fa0aa Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21092.149.0_x64__8wekyb3d8bbwe\YourPhone.exe ID do Relatório: 9eaaf39c-4a8f-4529-8ee9-eddcc19be2e2 Nome completo do pacote com falha: Microsoft.YourPhone_1.21092.149.0_x64__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: App Tipo com falha: Quiesce Error: (11/12/2021 02:29:44 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa Microsoft.Photos.exe versão 2021.21090.10008.0 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: b24 Hora de Início: 01d7d75c8ad8832b Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe ID do Relatório: 61055b27-aed9-4e87-9697-c20905f48c94 Nome completo do pacote com falha: Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: App Tipo com falha: Quiesce Error: (11/11/2021 09:14:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em (E:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Erros de Sistema: ============= Error: (11/14/2021 02:04:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T82EIRJ) Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário. Error: (11/14/2021 02:04:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T82EIRJ) Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário. Error: (11/14/2021 02:04:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T82EIRJ) Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário. Error: (11/14/2021 02:04:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T82EIRJ) Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário. Error: (11/14/2021 02:04:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T82EIRJ) Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário. Error: (11/14/2021 02:04:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T82EIRJ) Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário. Error: (11/14/2021 02:04:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T82EIRJ) Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário. Error: (11/14/2021 02:04:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T82EIRJ) Description: O servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} não se registrou no DCOM dentro do tempo limite necessário. CodeIntegrity: =============== Date: 2021-11-14 12:27:10 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\bdamsi\265489687200912704\antimalware_provider64.dll that did not meet the Windows signing level requirements. Date: 2021-11-14 12:24:26 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bitdefender Antivirus Free\bdamsi\265489687200912704\antimalware_provider64.dll that did not meet the Windows signing level requirements. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. F2 08/10/2015 placa-mãe: Gigabyte Technology Co., Ltd. H81M-H Processador: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz Percentagem de memória em uso: 58% RAM física total: 8090.84 MB RAM física disponível: 3322.79 MB Virtual Total: 11904.64 MB Virtual disponível: 4971.97 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:446.57 GB) (Free:249.75 GB) NTFS Drive d: (Reservado pelo Sistema) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive e: () (Fixed) (Total:930.32 GB) (Free:41.27 GB) NTFS \\?\Volume{017a156b-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS \\?\Volume{b8ded416-0000-0000-0000-80aae8000000}\ () (Fixed) (Total:0.85 GB) (Free:0.41 GB) NTFS \\?\Volume{017a156b-0000-0000-0000-e0a76f000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B8DED416) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=930.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=867 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 017A156B) Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=518 MB) - (Type=27) ==================== Fim de Addition.txt =======================