Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 01-12-2021 Executado por leopi (03-12-2021 12:48:45) Executando a partir de C:\Users\leopi\OneDrive\Área de Trabalho Microsoft Windows 10 Home Versão 20H2 19042.1348 (X64) (2021-07-21 00:49:42) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-860217186-209173525-3749562553-500 - Administrator - Disabled) Convidado (S-1-5-21-860217186-209173525-3749562553-501 - Limited - Disabled) DefaultAccount (S-1-5-21-860217186-209173525-3749562553-503 - Limited - Disabled) leopi (S-1-5-21-860217186-209173525-3749562553-1001 - Administrator - Enabled) => C:\Users\leopi WDAGUtilityAccount (S-1-5-21-860217186-209173525-3749562553-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {BAD274F4-FA00-8560-1CDE-6C830442BEFA} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Amazon Games (HKU\S-1-5-21-860217186-209173525-3749562553-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 2.1.5699.1 - Amazon.com Services, Inc.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.09.01.140 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.11.3 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{1f00ea4b-bcb4-45fa-a4c8-bbcbfa0304ae}) (Version: 3.09.01.140 - Advanced Micro Devices, Inc.) Hidden Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.7.9 - Electronic Arts, Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 25.0.1.194 - Bitdefender) Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.21.270 - Bitdefender) BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.3.145.1002 - BlueStack Systems, Inc.) BlueStacks X (HKU\S-1-5-21-860217186-209173525-3749562553-1001\...\BlueStacks X) (Version: 0.11.1.9 - BlueStack Systems, Inc.) Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden Discord (HKU\S-1-5-21-860217186-209173525-3749562553-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{4FD72C51-C53D-481B-A88B-8D4CF216B76A}) (Version: 1.2.17.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) FiveM (HKU\S-1-5-21-860217186-209173525-3749562553-1001\...\CitizenFX_FiveM) (Version: - Cfx.re) Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.13.2.0 - miHoYo Co.,Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC) Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation) Knockout City (HKLM-x32\...\{C75F8E76-29EF-44D0-9762-4F6D65BF0111}) (Version: 3.1.0.0 - Electronic Arts, Inc.) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-860217186-209173525-3749562553-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.41 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.41 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProPlus2019Retail - pt-br) (Version: 16.0.14527.20276 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30130 (HKLM\...\{D121438D-80C5-443F-B982-8E89F5C0D770}) (Version: 14.29.30130 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30130 (HKLM\...\{ED7828EB-80D2-4343-9E64-0115FEE8E209}) (Version: 14.29.30130 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30130 (HKLM-x32\...\{65903554-0A65-4376-BCC0-63484BA17339}) (Version: 14.29.30130 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30130 (HKLM-x32\...\{B5E417DC-EB8F-4EBE-814A-54E0E0F22E86}) (Version: 14.29.30130 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{47C2CCDB-7A04-3797-992B-A84D3E90258F}) (Version: 10.0.60833 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.14527.20234 - Microsoft Corporation) Hidden Opera GX Stable 81.0.4196.61 (HKU\S-1-5-21-860217186-209173525-3749562553-1001\...\Opera GX 81.0.4196.61) (Version: 81.0.4196.61 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.107.49426 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{f9636d6f-9bff-4bdf-a26a-c6f839feab6f}) (Version: latest - ppy Pty Ltd) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) Rockstar Games Launcher (HKLM\...\Rockstar Games Launcher) (Version: 0.0.0.0 - Rockstar Games) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.49.529 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games) RyzenMasterSDK (HKLM\...\{EA8C6C72-2CEE-4568-8CFA-F4B8C362C022}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH) The Seven Deadly Sins Global (HKLM-x32\...\SevenDeadlySinsGlobal) (Version: 1.4.1 - Netmarble F&C) TLauncher (HKLM-x32\...\TLauncher2.82) (Version: 2.82 - TLauncher Inc.) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft) VALORANT (HKU\S-1-5-21-860217186-209173525-3749562553-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation) WinRAR 5.70 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.2 - win.rar GmbH) Zoom (HKU\S-1-5-21-860217186-209173525-3749562553-1001\...\ZoomUMX) (Version: 5.8.0 (1324) - Zoom Video Communications, Inc.) Packages: ========= Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad] Samsung Notes -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungNotes_4.2.66.0_x64__wyx1vj98g3asy [2021-12-01] (Samsung Electronics Co, Ltd.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.173.517.0_x86__zpdnekdrzrea0 [2021-11-27] (Spotify AB) [Startup Task] ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-860217186-209173525-3749562553-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-23] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-23] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-11-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-23] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-23] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2021-11-20 11:47 - 2021-10-05 22:30 - 126961152 _____ () [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2021-11-20 11:47 - 2021-10-05 22:30 - 000384000 _____ () [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2021-11-20 11:47 - 2021-10-05 22:30 - 008006656 _____ () [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 000017920 _____ () [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 003567616 _____ () [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2021-11-26 19:34 - 2021-11-26 19:35 - 104870912 _____ () [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\libcef.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 000112128 _____ () [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\libegl.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 006227456 _____ () [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\libglesv2.dll 2021-07-07 05:37 - 2021-07-07 05:37 - 000562688 _____ (Advanced Micro Devices) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Device.dll 2021-07-07 05:37 - 2021-07-07 05:37 - 000058880 _____ (Advanced Micro Devices) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Platform.dll 2021-11-16 18:12 - 2021-11-16 18:12 - 001711616 _____ (Advanced Micro Devices, Inc.) [Arquivo não assinado] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll 2017-09-04 23:15 - 2017-09-04 23:15 - 004396032 _____ (Microsoft Corporation) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\D3DCOMPILER_47.dll 2021-11-20 11:47 - 2021-10-05 22:30 - 000983552 _____ (The Chromium Authors) [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll 2021-11-26 19:34 - 2021-11-26 19:34 - 000810496 _____ (The Chromium Authors) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\chrome_elf.dll 2021-11-23 18:06 - 2021-08-15 14:17 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Origin\LIBEAY32.dll 2021-11-23 18:06 - 2021-08-15 14:17 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Origin\ssleay32.dll 2021-11-23 18:06 - 2021-08-15 14:17 - 001611264 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2021-11-23 18:06 - 2021-08-15 14:17 - 005487104 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Core.dll 2021-11-23 18:06 - 2021-08-15 14:17 - 005841920 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Gui.dll 2021-11-23 18:06 - 2021-08-15 14:17 - 001179136 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Network.dll 2021-11-23 18:06 - 2021-08-15 14:17 - 000146432 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2021-11-23 18:06 - 2021-08-15 14:17 - 005089792 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2021-11-23 18:06 - 2021-08-15 14:17 - 000184832 _____ (The Qt Company Ltd) [Arquivo não assinado] C:\Program Files (x86)\Origin\Qt5Xml.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 001227776 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 006270976 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 006947328 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 000740352 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 001110528 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 000326656 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 003798528 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 000440832 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 004255744 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 000206336 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 000133120 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 000396800 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 102854656 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 005611008 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 000463360 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 000210432 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2021-04-21 03:01 - 2021-04-21 03:01 - 002877440 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2021-11-26 19:33 - 2021-11-26 19:33 - 000047104 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\audio\qtaudio_windows.dll 2021-11-26 19:34 - 2021-11-26 19:34 - 000026112 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\imageformats\qgif.dll 2021-11-26 19:34 - 2021-11-26 19:34 - 000027136 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\imageformats\qico.dll 2021-11-26 19:34 - 2021-11-26 19:34 - 000243712 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\imageformats\qjpeg.dll 2021-11-26 19:34 - 2021-11-26 19:34 - 000223744 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\imageformats\qmng.dll 2021-11-26 19:34 - 2021-11-26 19:34 - 000020992 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\imageformats\qsvg.dll 2021-11-26 19:34 - 2021-11-26 19:34 - 000332288 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\imageformats\qtiff.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 001140224 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\platforms\qwindows.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 004943360 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\Qt5Core.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 005022208 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\Qt5Gui.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 000626176 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\Qt5Multimedia.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 000877056 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\Qt5Network.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 002908672 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\Qt5Qml.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 003078656 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\Qt5Quick.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 000259072 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\Qt5Svg.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 004718080 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\Qt5Widgets.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 000439296 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\Qt5WinExtras.dll 2021-11-26 19:35 - 2021-11-26 19:35 - 000159232 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Arquivos de Programas\Battle.net\Battle.net.13177\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-860217186-209173525-3749562553-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2021-09-04] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2021-09-04] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-22] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-22] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-22] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-22] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-22] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-22] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-22] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-22] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-11-22] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-860217186-209173525-3749562553-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\leopi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{88ADC4F6-5BF6-49CF-B908-C6FB45160FF4}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5F9114AD-6400-4FBD-AB29-22A6EDF4E442}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{BB2C0350-02AB-43FD-9EF9-293AFA627F2B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{B8103278-E73B-49CD-88C9-4D35B742D5B4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) ==================== Pontos de Restauração ========================= 24-11-2021 19:39:46 Instalador de Módulos do Windows 29-11-2021 18:58:05 DirectX instalado 02-12-2021 20:15:55 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 02-12-2021 20:16:13 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (12/03/2021 12:43:33 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando. . Operação: Executando Operação Assíncrona Contexto: Estado Atual: DoSnapshotSet Error: (12/03/2021 12:43:18 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {20b9ce51-0e6e-4670-bf76-fc453c999dd6} Error: (12/03/2021 12:38:23 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando. . Operação: Executando Operação Assíncrona Contexto: Estado Atual: DoSnapshotSet Error: (12/03/2021 12:38:05 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {b52109d1-2ab2-42cb-8706-e791cc027528} Error: (12/02/2021 09:10:17 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado. ] Error: (12/02/2021 09:09:36 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando. . Operação: Executando Operação Assíncrona Contexto: Estado Atual: DoSnapshotSet Error: (12/02/2021 12:37:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em (D:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Error: (12/02/2021 12:24:01 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em (D:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Erros de Sistema: ============= Error: (12/03/2021 12:44:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Bitdefender Agent RedLine Service devido ao seguinte erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. Error: (12/03/2021 12:43:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Steam Client Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/03/2021 12:43:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Gaming Services foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/03/2021 12:43:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Gaming Services foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/03/2021 12:43:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Origin Web Helper Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/03/2021 12:43:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço ProductAgentService foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/03/2021 12:43:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Microsoft Office Click-to-Run Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (12/03/2021 12:43:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Bitdefender Agent RedLine Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço. Windows Defender: ================ Date: 2021-11-28 17:48:38 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nome: HackTool:Win32/AutoKMS Gravidade: Alto Categoria: Ferramenta Caminho: file:_C:\Windows\OInstall.exe; file:_C:\Windows\System32\Tasks\OInstall->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4C9C8DF-4FDE-4A57-B351-8C4A45E60F97}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OInstall; taskscheduler:_C:\Windows\System32\Tasks\OInstall Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Sistema Usuário: AUTORIDADE NT\SISTEMA Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.353.1751.0, AS: 1.353.1751.0, NIS: 1.353.1751.0 Versão do Mecanismo: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-11-28 17:08:04 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {8BAF31DF-3E01-492D-89F9-9839ED620524} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2021-11-22 17:20:27 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nome: HackTool:Win32/AutoKMS Gravidade: Alto Categoria: Ferramenta Caminho: file:_C:\Users\leopi\OneDrive\Office 2021 HayDadicas\Office 2021 HayDadicas\setup.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: DESKTOP-M6QEOK3\leopi Nome do Processo: C:\Program Files\Microsoft OneDrive\OneDrive.exe Versão da Inteligência de Segurança: AV: 1.353.1409.0, AS: 1.353.1409.0, NIS: 1.353.1409.0 Versão do Mecanismo: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-11-22 17:20:02 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nome: HackTool:Win32/AutoKMS Gravidade: Alto Categoria: Ferramenta Caminho: file:_C:\Users\leopi\OneDrive\Office 2021 HayDadicas\Office 2021 HayDadicas\setup.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: DESKTOP-M6QEOK3\leopi Nome do Processo: C:\Program Files\Microsoft OneDrive\OneDrive.exe Versão da Inteligência de Segurança: AV: 1.353.1409.0, AS: 1.353.1409.0, NIS: 1.353.1409.0 Versão do Mecanismo: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-11-22 17:19:53 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nome: HackTool:Win32/AutoKMS Gravidade: Alto Categoria: Ferramenta Caminho: file:_C:\Users\leopi\OneDrive\Office 2021 HayDadicas\Office 2021 HayDadicas\setup.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: DESKTOP-M6QEOK3\leopi Nome do Processo: C:\Program Files\Microsoft OneDrive\OneDrive.exe Versão da Inteligência de Segurança: AV: 1.353.1409.0, AS: 1.353.1409.0, NIS: 1.353.1409.0 Versão do Mecanismo: AM: 1.1.18700.4, NIS: 1.1.18700.4 Event[0]: Date: 2021-11-24 13:59:07 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou. Recurso: Monitoramento do Comportamento Código do Erro: 0x80004005 Descrição do erro: Erro não especificado Motivo: O driver de filtro requer um mecanismo atualizado para funcionar. É necessário instalar as últimas atualizações da inteligência de segurança para habilitar a proteção em tempo real. Date: 2021-11-23 15:57:20 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou. Recurso: Monitoramento do Comportamento Código do Erro: 0x80004005 Descrição do erro: Erro não especificado Motivo: A inteligência de segurança antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema. Date: 2021-11-23 15:57:19 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou. Recurso: Monitoramento do Comportamento Código do Erro: 0x80004005 Descrição do erro: Erro não especificado Motivo: A proteção em tempo real parou de funcionar por um motivo desconhecido. Reinicie o serviço para recuperar. CodeIntegrity: =============== Date: 2021-12-03 12:48:21 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bitdefender Antivirus Free\bdamsi\265489687200912704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements. Date: 2021-12-03 12:47:25 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bitdefender Antivirus Free\bdamsi\265489687200912704\antimalware_provider64.dll that did not meet the Windows signing level requirements. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. P5.40 07/09/2019 placa-mãe: ASRock A320M-HD Processador: AMD Ryzen 3 3200G with Radeon Vega Graphics Percentagem de memória em uso: 30% RAM física total: 16312.43 MB RAM física disponível: 11264.43 MB Virtual Total: 18744.43 MB Virtual disponível: 11039.07 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:237.92 GB) (Free:44.42 GB) NTFS Drive d: () (Fixed) (Total:930.88 GB) (Free:139.94 GB) NTFS \\?\Volume{647a01f9-aeb9-49bd-afb0-b0f34356fd90}\ (Recuperação) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS \\?\Volume{497e0231-0000-0000-0000-100000000000}\ (Reservado pelo Sistema) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS \\?\Volume{497e0231-0000-0000-0000-107e3b000000}\ () (Fixed) (Total:0.5 GB) (Free:0.06 GB) NTFS \\?\Volume{bbcc7e5e-e0db-4f20-ba66-aa59fde73850}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 497E0231) Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=237.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=515 MB) - (Type=27) ==================== Fim de Addition.txt =======================