Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 14-11-2021 Executado por celoc (21-11-2021 12:23:46) Executando a partir de C:\Users\celoc\Desktop Microsoft Windows 11 Home Single Language Versão 21H2 22000.318 (X64) (2021-10-21 13:25:50) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-3942932795-2033351287-3184112979-500 - Administrator - Disabled) celoc (S-1-5-21-3942932795-2033351287-3184112979-1001 - Administrator - Enabled) => C:\Users\celoc Convidado (S-1-5-21-3942932795-2033351287-3184112979-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3942932795-2033351287-3184112979-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3942932795-2033351287-3184112979-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Amazon Music (HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\Amazon Amazon Music) (Version: 8.7.1.2286 - Amazon.com Services LLC) Anki (HKLM-x32\...\Anki) (Version: 2.1.48 - ) ColorEngine (HKLM\...\{0B48E952-494A-408B-8D9D-5F3331F96659}) (Version: 5.4 - Samsung Electronics Co., Ltd.) Discord (HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.) DjVu Solo 3.1 (HKLM-x32\...\DjVu Solo 3.1) (Version: - ) Epic Games Launcher (HKLM-x32\...\{ECDCFB08-3C8E-4072-93C1-7A3EFDFCF4F9}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.0.1.49938 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Live Wallpaper Service (HKLM\...\{67F55FED-4FB0-47B0-B5AD-84AD8293F499}) (Version: 3.0.1 - Samsung Electronics Co., Ltd.) Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.12.4779 - Logitech) Microsoft 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.53 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.53 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProPlus2019Retail - pt-br) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\Teams) (Version: 1.4.00.19572 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation) MSI Afterburner 4.6.4 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 4 - MSI Co., LTD) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden Online Support(S Service) Agent (HKLM\...\{11F387C2-0BE2-489A-A9C1-8FB1FEE475B9}) (Version: 2.2.6 - Samsung Electronics Co., Ltd.) Opera Stable 80.0.4170.63 (HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\Opera 80.0.4170.63) (Version: 80.0.4170.63 - Opera Software) Quick Search Service (HKLM\...\{9DC0EE04-4FCF-4F3A-B6BC-AFF66AB024AD}) (Version: 1.1.2 - Samsung Electronics Co., Ltd.) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.5.4 - Rainmeter) RivaTuner Statistics Server 7.3.2 Beta 5 (HKLM-x32\...\RTSS) (Version: 7.3.2 Beta 5 - Unwinder) Samsung DeX (HKLM-x32\...\{5E2BEDEC-EEE1-49B7-A9D0-6971AFA9B5F2}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.) Hidden Samsung DeX (HKLM-x32\...\{bc458b5f-1945-4287-8fae-353650fd3109}) (Version: 1.0.2.26 - Samsung Electronics Co., Ltd.) Samsung PC Cleaner 2 Service (HKLM\...\{94C1399D-1516-4E38-B3BA-3A4E8099AC7B}) (Version: 2.0.21 - Samsung Electronics Co., Ltd.) Samsung Recovery Service (HKLM\...\{A942FE64-54BE-4787-A336-C0674F50A118}) (Version: 8.1.31 - Samsung Electronics Co., Ltd.) Slack (HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\slack) (Version: 4.18.0 - Slack Technologies Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Telegram Desktop version 3.2.2 (HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.2.2 - Telegram FZ-LLC) Verificação de integridade do PC Windows (HKLM\...\{7B8625FE-28B8-4926-B150-AB5EDC01AB3E}) (Version: 3.1.2109.29003 - Microsoft Corporation) WhatsApp (HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\WhatsApp) (Version: 2.2140.7 - WhatsApp) WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH) Zoom (HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\ZoomUMX) (Version: 5.7.4 (804) - Zoom Video Communications, Inc.) Packages: ========= AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-07-15] (Microsoft Corporation) Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-10-16] (INTEL CORP) [Startup Task] Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-13] (Microsoft Corporation) Extensão de Vídeo MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-25] (Microsoft Corporation) Galaxy Book Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungWelcome_1.0.21.0_x64__3c1yjt4zspk6g [2021-10-16] (Samsung Electronics Co. Ltd.) Link Sharing -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.1412377A9806A_1.2.8.0_x64__3c1yjt4zspk6g [2021-11-14] (Samsung Electronics Co. Ltd.) Live Wallpaper -> C:\Program Files\WindowsApps\Sidia.LiveWallpaper_3.0.4.0_x64__wkpx6gdq8qyz8 [2021-11-14] (Samsung Electronics Co. Ltd.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-29] (Microsoft Studios) [MS Ad] Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_51.10913.5790.0_x64__8wekyb3d8bbwe [2021-11-20] (Microsoft Corporation) Online Support(S Service) -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.OnlineSupportSService_2.4.38.0_x64__3c1yjt4zspk6g [2021-11-14] (Samsung Electronics Co. Ltd.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-07-15] (Realtek Semiconductor Corp) Samsung Cloud Bluetooth Sync -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungCloudBluetoothSync_1.0.19.0_x64__3c1yjt4zspk6g [2021-11-14] (Samsung Electronics Co. Ltd.) Samsung Flow -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.8.5.0_x64__wyx1vj98g3asy [2021-11-14] (Samsung Electronics Co, Ltd.) Samsung Gallery -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.PCGallery_4.6.28.0_x64__3c1yjt4zspk6g [2021-11-14] (Samsung Electronics Co. Ltd.) Samsung Notes -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungNotes_4.2.47.0_x64__wyx1vj98g3asy [2021-09-30] (Samsung Electronics Co, Ltd.) Samsung PC Cleaner -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPCCleaner_2.0.27.0_x64__3c1yjt4zspk6g [2021-10-16] (Samsung Electronics Co. Ltd.) Samsung Quick Search -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungQuickSearch_1.1.5.0_x64__3c1yjt4zspk6g [2021-11-14] (Samsung Electronics Co. Ltd.) Samsung Recovery -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungRecovery_8.1.37.0_x64__3c1yjt4zspk6g [2021-10-16] (Samsung Electronics Co. Ltd.) Samsung Screen Recorder -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungScreenRecording_2.0.5.0_x86__3c1yjt4zspk6g [2021-11-14] (Samsung Electronics Co. Ltd.) Samsung Security 1.2 -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungSecurity1.2_1.2.32.0_x64__3c1yjt4zspk6g [2021-11-14] (Samsung Electronics Co. Ltd.) Samsung Settings 1.2 -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungSettings1.2_1.2.14.0_x64__3c1yjt4zspk6g [2021-11-14] (Samsung Electronics Co. Ltd.) Samsung Voice Note -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.NewVoiceNote_3.0.31.0_x64__3c1yjt4zspk6g [2021-10-16] (Samsung Electronics Co. Ltd.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0 [2021-11-13] (Spotify AB) [Startup Task] Studio Plus -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.StudioPlus_3.5.9.0_x64__3c1yjt4zspk6g [2021-10-16] (Samsung Electronics Co. Ltd.) TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj [2021-11-06] (Charles Milette) [Startup Task] WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2144.11.0_x64__cv1g1gvanyjgm [2021-11-20] (WhatsApp Inc.) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-3942932795-2033351287-3184112979-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-3942932795-2033351287-3184112979-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\celoc\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Arquivo não assinado] ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\celoc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\Vysor.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm ==================== Módulos Carregados (Whitelisted) ============= 2021-11-20 00:05 - 2021-11-19 00:43 - 000635904 _____ () [Arquivo não assinado] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node 2021-11-20 12:56 - 2017-10-17 09:02 - 000022528 _____ () [Arquivo não assinado] C:\Windows\system\KMSAuto_Files\bin\driver\x64WDV\WinDivert.dll 2021-02-08 13:28 - 2021-02-08 13:28 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2021-02-08 13:28 - 2021-02-08 13:28 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll 2021-11-06 07:06 - 2021-11-06 07:06 - 000137184 _____ (Microsoft Windows -> Microsoft Corporation) [Arquivo não assinado] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20045.455.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== SearchScopes: HKLM -> DefaultScope {791EFDD8-2D09-4605-8A97-61B71535963A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM -> {791EFDD8-2D09-4605-8A97-61B71535963A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE SearchScopes: HKLM-x32 -> DefaultScope {791EFDD8-2D09-4605-8A97-61B71535963A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> {791EFDD8-2D09-4605-8A97-61B71535963A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 05:14 - 2019-12-07 05:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\celoc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 170.84.29.154 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\StartupApproved\Run: => "com.squirrel.slack.slack" HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\StartupApproved\Run: => "Amazon Music Helper" HKU\S-1-5-21-3942932795-2033351287-3184112979-1001\...\StartupApproved\Run: => "Opera Browser Assistant" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [UDP Query User{401DA2A0-D189-46F0-AF5B-D4D339AAD690}C:\users\celoc\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\celoc\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{058A2FC4-4F1E-42A3-96CF-CBB0EB5C49DC}C:\users\celoc\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\celoc\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{301E02B5-403E-4A81-B492-55369138790D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{96A53D07-9F93-481E-BD67-EFF32A977EC6}C:\users\celoc\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\celoc\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{F122864C-4B54-4D2D-8E07-B66C96EAE943}C:\users\celoc\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\celoc\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E3714052-2B1B-4107-89B6-545B8081447D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{D7F664E9-6687-4985-8518-89B9D757D0A9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{36C7E77C-F46A-4710-BA31-E562B7072B2A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{32F3387E-EEF7-434A-B0DD-1E46AA88E541}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4054D892-9DA8-4F0E-9B1E-FD489C150848}] => (Allow) C:\Users\celoc\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo FirewallRules: [{F51C8BF6-D309-4B77-9332-0A2544EF2C2F}] => (Allow) C:\Users\celoc\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo FirewallRules: [{E0C308F0-8DAE-4C33-BD9C-25C4DABE4AA4}] => (Allow) C:\Users\celoc\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{78B8714F-2B51-4A43-914A-0BD9B79EEAEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [Arquivo não assinado] FirewallRules: [{8A40F824-82BC-4372-8408-79751B496A6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [Arquivo não assinado] FirewallRules: [{17B35CF8-8481-45B1-B33A-2B3751C77CC6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{2C527BF3-9276-4729-9F87-BC1077C99AC6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A340753F-D809-4C4A-BEE0-FA86316CA354}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{36BDFF77-A2B4-4B47-8455-2C9CB3F5D64C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{0AF48773-52C3-4684-B118-2E661876E511}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{86AE2888-F558-4EF9-B725-C4E2B35018C2}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [{0A9ED04C-67C9-4A76-9986-864DBACCDAC3}] => (Allow) C:\MfgDiag\DiagTools\DefectTracking\AMTMonitor.exe => Nenhum Arquivo FirewallRules: [{254F6724-A668-4AA6-AAE2-3B310311B8F6}] => (Allow) C:\MfgDiag\DiagTools\DefectTracking\AMTMonitor.exe => Nenhum Arquivo FirewallRules: [{DE3E56AC-F802-4BC9-8B37-BE5E7DDD9B6A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ED4CE938-1A06-4E52-9BFF-ABE23C759929}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{90D6DD2A-FBFF-46E7-9ABC-D75E52F0EBDB}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.8.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{2E2EE501-FD51-4277-8FB2-EB3E483F41EE}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.8.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{FF3A963B-EB0A-4721-B0D4-5D77D54B6508}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.8.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{2CB4FF85-EAC6-4416-B5E4-B7DAD79BE3B9}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.8.5.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (Samsung Electronics CO., LTD. -> ) FirewallRules: [{A2C7FDF8-4BE5-4333-9B83-ADB780FCEBED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{4DC7B981-BC54-4F28-A08A-BF86C2CAC57E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E7BCE6F2-7E70-435F-BA8A-0B03BBF5E499}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{51A42E0B-FD0D-4276-BA77-70FD3F7487FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{47715A97-4B0B-4442-868B-64B5EC902E2D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{CFE78C1D-54ED-4C98-A231-8B4B38016E6A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BAD4A7DD-A721-4A03-96F7-0C036E3836A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{962BFA3C-E17A-446D-9CEC-3685962345FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.172.439.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{2E963EC2-857C-48B4-8721-A5C54E1014C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Horizon Chase Turbo Demo\HorizonChase.exe () [Arquivo não assinado] FirewallRules: [{F1983EE6-9452-4C60-862C-E4F7325C48B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Horizon Chase Turbo Demo\HorizonChase.exe () [Arquivo não assinado] FirewallRules: [{385A86D5-4E74-4FEA-A8AD-27B8D3E1462F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{848DE1B3-1980-4B10-AA59-8DE10E9120C4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Pontos de Restauração ========================= 17-11-2021 10:01:35 Remoção do Pacote de Idioma 20-11-2021 10:01:35 Remoção do Pacote de Idioma ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (11/20/2021 11:17:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: DaS_21.exe, versão: 2.1.0.4, carimbo de data/hora: 0x540c90b2 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.22000.318, carimbo de data/hora: 0x095a2f2a Código de exceção: 0xe0434352 Deslocamento da falha: 0x000000000004466c ID do processo com falha: 0x2dec Hora de início do aplicativo com falha: 0x01d7de8650e3c0ba Caminho do aplicativo com falha: C:\Users\celoc\AppData\Local\Temp\DaS_21.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: af5b4cd7-07e8-4609-b6fa-6a7c69cd9f9a Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (11/20/2021 11:17:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: DaS_21.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.IO.IOException em System.IO.__Error.WinIOError(Int32, System.String) em System.Console.SetWindowSize(Int32, Int32) em DriverAndServicesOut.Program.Main(System.String[]) Error: (11/20/2021 11:17:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: DaS_21.exe, versão: 2.1.0.4, carimbo de data/hora: 0x540c90b2 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.22000.318, carimbo de data/hora: 0x095a2f2a Código de exceção: 0xe0434352 Deslocamento da falha: 0x000000000004466c ID do processo com falha: 0x40c4 Hora de início do aplicativo com falha: 0x01d7de864f253024 Caminho do aplicativo com falha: C:\Users\celoc\AppData\Local\Temp\DaS_21.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: 11631d35-337d-4f12-bc22-fecd6922c54d Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (11/20/2021 11:17:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: DaS_21.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.IO.IOException em System.IO.__Error.WinIOError(Int32, System.String) em System.Console.SetWindowSize(Int32, Int32) em DriverAndServicesOut.Program.Main(System.String[]) Error: (11/20/2021 01:13:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa KMSAuto-x64.exe versão 1.3.9.0 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 2bc4 Hora de Início: 01d7de31b8b8578d Hora de Término: 4294967295 Caminho do Aplicativo: C:\Windows\System\KMSAuto-x64.exe ID do Relatório: 8f647c0f-31a7-4a08-a666-ebab41679fa8 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Top level window is idle Error: (11/20/2021 01:01:59 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa KMSAuto-x64.exe versão 1.3.9.0 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 2a80 Hora de Início: 01d7de2f8f433e66 Hora de Término: 4294967295 Caminho do Aplicativo: C:\Windows\System\KMSAuto-x64.exe ID do Relatório: 8badae33-1872-4650-9ae5-6e1857ea2b8b Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Top level window is idle Error: (11/20/2021 12:51:26 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa KMSAuto-x64.exe versão 1.3.9.0 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 1844 Hora de Início: 01d7de2e82a34611 Hora de Término: 4294967295 Caminho do Aplicativo: C:\Windows\System\KMSAuto-x64.exe ID do Relatório: 8a7f36a5-5d0c-410b-9362-fd16ce1a3859 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Top level window is idle Error: (11/13/2021 05:15:35 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: LAPTOP-M5U7U45Q) Description: O aplicativo ou serviço 'Microsoft Office SDX Helper' não pôde ser encerrado. Erros de Sistema: ============= Error: (11/20/2021 10:58:36 PM) (Source: Server) (EventID: 2505) (User: ) Description: O servidor não pôde se associar ao transporte \Device\NetBT_Tcpip_{D4A64125-AD98-4CC4-B411-E82E6730F01B} porque outro computador na rede tem o mesmo nome. Não foi possível iniciar o servidor. Error: (11/18/2021 10:02:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (11/17/2021 05:35:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (11/16/2021 09:02:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Assistente de Conexão de Conta da Microsoft devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (11/16/2021 09:02:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Assistente de Conexão de Conta da Microsoft. Error: (11/16/2021 12:08:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (11/15/2021 09:58:27 PM) (Source: Server) (EventID: 2505) (User: ) Description: O servidor não pôde se associar ao transporte \Device\NetBT_Tcpip_{D4A64125-AD98-4CC4-B411-E82E6730F01B} porque outro computador na rede tem o mesmo nome. Não foi possível iniciar o servidor. Error: (11/15/2021 01:17:42 AM) (Source: DCOM) (EventID: 10010) (User: AUTORIDADE NT) Description: O servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} não se registrou no DCOM dentro do tempo limite necessário. Windows Defender: ================ Date: 2021-11-20 14:09:13 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Ymacco.AA61&threatid=2147757007&enterprise=0 Nome: Trojan:Win32/Ymacco.AA61 Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\WINDOWS\System32\Tasks\Zloop task->(UTF-16LE); file:_C:\Windows\system\Zloop.exe; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8DED93E-1087-4816-B67D-B048E83F6798}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Zloop task; taskscheduler:_C:\WINDOWS\System32\Tasks\Zloop task Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Sistema Usuário: AUTORIDADE NT\SISTEMA Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.353.1331.0, AS: 1.353.1331.0, NIS: 0.0.0.0 Versão do Mecanismo: AM: 1.1.18700.4, NIS: 0.0.0.0਍ Date: 2021-11-20 14:09:13 Description: N/A Date: 2021-11-20 12:48:57 Description: N/A Date: 2021-11-20 12:48:27 Description: N/A Date: 2021-11-20 12:48:12 Description: N/A Event[0] Date: 2021-11-20 23:35:03 Description: Microsoft Defender Antivírus encontrou um erro ao tentar restaurar um item da quarentena. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sabsik.FL.B!ml&threatid=2147780203&enterprise=0 Nome: Trojan:Win32/Sabsik.FL.B!ml Gravidade: Grave Categoria: Cavalo de Tróia Usuário: LAPTOP-M5U7U45Q\celoc Código de Erro: 0x80508014 Descrição do erro: O item em quarentena não pode ser restaurado. Versão da Inteligência de Segurança: AV: 1.353.1331.0, AS: 1.353.1331.0 Versão do Mecanismo: 1.1.18700.4਍ Date: 2021-11-20 23:35:00 Description: N/A ==================== Informações da Memória =========================== BIOS: American Megatrends International, LLC. P09CFB.036.210701.HQ 07/01/2021 placa-mãe: SAMSUNG ELECTRONICS CO., LTD. NP550XDA-KF2BR Processador: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz Percentagem de memória em uso: 65% RAM física total: 7915.35 MB RAM física disponível: 2702.24 MB Virtual Total: 15205.79 MB Virtual disponível: 7783.64 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:222.7 GB) (Free:138.07 GB) NTFS \\?\Volume{5fdec103-7686-47a4-9f4d-d0bf3d2a02f0}\ (Windows RE tools) (Fixed) (Total:0.83 GB) (Free:0.09 GB) NTFS \\?\Volume{aeee2543-1693-4193-85d8-250f80fdb917}\ (SAMSUNG_REC2) (Fixed) (Total:13.67 GB) (Free:1.7 GB) NTFS \\?\Volume{dc1eac7e-13ab-4aca-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.43 GB) FAT32 \\?\Volume{af675a62-3c38-451e-b95c-d7f46cdb82e4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 26EA9241) Partition: GPT. ==================== Fim de Addition.txt =======================