Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 27-12-2021 Executado por ANGIOLETTO (06-01-2022 14:48:34) Executando a partir de C:\Users\ANGIOLETTO\Desktop Microsoft Windows 10 Pro Versão 21H1 19043.1415 (X64) (2022-01-01 04:24:01) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-3059253328-2993587930-46944393-500 - Administrator - Disabled) ANGIOLETTO (S-1-5-21-3059253328-2993587930-46944393-1001 - Administrator - Enabled) => C:\Users\ANGIOLETTO Convidado (S-1-5-21-3059253328-2993587930-46944393-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3059253328-2993587930-46944393-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3059253328-2993587930-46944393-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.) Alan Wake Remastered (HKLM-x32\...\Alan Wake Remastered_is1) (Version: - ) Ankama Launcher 3.5.10 (HKLM\...\{410fcd79-1be8-5bf1-986e-ea09c55f7edf}) (Version: 3.5.10 - Ankama) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 96.1.33.106 - Autores do Brave) Corel Graphics - Windows Shell Extension (HKLM\...\_{33DB43C3-E6BE-40AE-AECF-56E9F03E3B4D}) (Version: 23.0.0.362 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{33DB43C3-E6BE-40AE-AECF-56E9F03E3B4D}) (Version: 23.0.362 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C697E994-12BE-4CF3-B9BF-B3FD1659E717}) (Version: 23.0.362 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM (x64) (HKLM\...\{EF56927C-ED92-41B1-8B88-FA225384E2A4}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content BR (x64) (HKLM\...\{3D6825D1-5843-4585-B915-A9F234554C2C}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content CS (x64) (HKLM\...\{CCBA3120-A726-4C64-8986-AF5B6C519FE7}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content CT (x64) (HKLM\...\{EC73C33E-4349-45E7-A08C-8566DF799EC5}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content CZ (x64) (HKLM\...\{289B6A1B-EA8B-4FBE-9CF4-A0FE4E91DD37}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content DE (x64) (HKLM\...\{4F09DBC6-B00A-4E83-886D-94EFAD76A36C}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content EN (x64) (HKLM\...\{DDD18F44-5B1B-44FB-A604-1A4EBDB65FC9}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content ES (x64) (HKLM\...\{176AC6B0-1B9D-4257-94DD-02B006CBC779}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content FR (x64) (HKLM\...\{D6DDBE6D-E2D0-48C1-9DAC-5DB93DA8DA83}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content IT (x64) (HKLM\...\{ED790B20-D67B-465C-B3B9-768547F5E389}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content JP (x64) (HKLM\...\{243F3C09-43FC-447C-98AF-E640955397BB}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content NL (x64) (HKLM\...\{AA0464E0-EBA2-4879-A116-D7FFBC41267E}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content PL (x64) (HKLM\...\{7E5076C4-E945-49BA-AFC6-01577CD06ABA}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content RU (x64) (HKLM\...\{74BEF304-6B74-4196-A4C4-63C6D4BECCB0}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content SV (x64) (HKLM\...\{A397DC31-3A23-4157-8881-A5E4957ABB19}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content TR (x64) (HKLM\...\{3B5FBE0B-541B-47FB-89EC-20ECA3E8D97A}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - Writing Tools (x64) (HKLM\...\{31CD96CF-4A33-4535-A6CC-F419CEAEFD70}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 (64-Bit) (HKLM\...\_{B9EA48EE-695F-4E90-B89D-F7CE4767B49F}) (Version: 23.0.0.363 - Corel Corporation) Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.1.0 - IObit) Epic Games Launcher (HKLM-x32\...\{ECDCFB08-3C8E-4072-93C1-7A3EFDFCF4F9}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden Iratus: Lord of the Dead (HKLM-x32\...\1447412730_is1) (Version: 181.13.00 - GOG.com) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation) Microsoft Excel LTSC - pt-br (HKLM\...\Excel2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Office LTSC Professional Plus 2021 - pt-br (HKLM\...\ProPlus2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft PowerPoint LTSC - pt-br (HKLM\...\PowerPoint2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Project Professional 2021 - pt-br (HKLM\...\ProjectPro2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visio LTSC Professional 2021 - pt-br (HKLM\...\VisioPro2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.63.2 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation) Microsoft Word LTSC - pt-br (HKLM\...\Word2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 95.0.2 (x64 pt-BR)) (Version: 95.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 95.0.2 - Mozilla) Nexus Ultimate (HKLM-x32\...\Winstep Xtreme_is1) (Version: - ) NVIDIA Software do sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14332.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20110 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.14332.20110 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.108.49699 - Electronic Arts, Inc.) PhotoScape X Pro (HKLM\...\{B6F94770-08EF-466A-B987-447A9E5EE1D9}) (Version: 4.0.2 - Mooii Tech) Hidden PhotoScape X Pro (HKLM\...\PhotoScape X Pro 4.0.2) (Version: 4.0.2 - Mooii Tech) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.53.576 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft) Ubuntu iPack (HKLM\...\Ubuntu iPack) (Version: - Tornado (7themes.su)) uTorrent Web (HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\utweb) (Version: 1.2.7 - BitTorrent, Inc.) Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation) WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) Packages: ========= Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2022-01-01] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2022-01-01] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.221.0_x64__dt26b99r8h8gj [2022-01-01] (Realtek Semiconductor Corp) Waves MaxxAudio For Acer -> C:\Program Files\WindowsApps\WavesAudio.20761030F5EAC_1.0.67.0_x64__fh4rh281wavaa [2022-01-01] (Waves Audio) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Nenhum Arquivo ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_317ffda8092148c1\nvshext.dll [2022-01-01] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll [2019-09-23] (www.startisback.com) [Arquivo não assinado] ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2022-01-01 02:21 - 2022-01-01 02:22 - 000004608 _____ () [Arquivo não assinado] C:\WINDOWS\SYSTEM32\SecureUxTheme.dll 2022-01-01 02:31 - 2087-01-23 04:20 - 005563392 _____ (ActVer©®™) [Arquivo não assinado] C:\Program Files (x86)\IObit\Driver Booster\9.1.0\version.dll 2020-03-06 06:11 - 2020-03-06 06:11 - 000021504 _____ (Adobe Systems Inc.) [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\Acrobat Elements\ContextMenuShim64.ptb 2022-01-03 19:09 - 2022-01-03 19:09 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] D:\Origin\LIBEAY32.dll 2022-01-03 19:09 - 2022-01-03 19:09 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] D:\Origin\ssleay32.dll 2022-01-03 19:09 - 2022-01-03 19:09 - 001611264 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Origin\platforms\qwindows.dll 2022-01-03 19:09 - 2022-01-03 19:09 - 005487104 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Origin\Qt5Core.dll 2022-01-03 19:09 - 2022-01-03 19:09 - 005841920 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Origin\Qt5Gui.dll 2022-01-03 19:09 - 2022-01-03 19:09 - 001179136 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Origin\Qt5Network.dll 2022-01-03 19:09 - 2022-01-03 19:09 - 000146432 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Origin\Qt5WebSockets.dll 2022-01-03 19:09 - 2022-01-03 19:09 - 005089792 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Origin\Qt5Widgets.dll 2022-01-03 19:09 - 2022-01-03 19:09 - 000184832 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Origin\Qt5Xml.dll 2022-01-01 02:40 - 2017-11-24 17:43 - 000026624 _____ (Winstep Software Technologies) [Arquivo não assinado] C:\Program Files (x86)\Winstep\WsxMMTimer.dll 2022-01-01 02:19 - 2019-09-23 23:51 - 000255488 _____ (www.startisback.com) [Arquivo não assinado] C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer32.dll 2022-01-01 02:19 - 2019-09-23 23:51 - 000261632 _____ (www.startisback.com) [Arquivo não assinado] C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Sem Nome -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll [2019-09-23] (www.startisback.com) [Arquivo não assinado] BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Sem Nome -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer32.dll [2019-09-23] (www.startisback.com) [Arquivo não assinado] BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2022-01-01 15:52 - 000000922 _____ C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 apps.corel.com 0.0.0.0 mc.corel.com 0.0.0.0 origin-mc.corel.com 0.0.0.0 iws.corel.com ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3059253328-2993587930-46944393-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ANGIOLETTO\Pictures\1030253.jpg DNS Servers: 181.213.132.2 - 181.213.132.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "WavesSvc" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "utweb" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "GogGalaxy" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{7ACE1727-A804-41AF-8294-1AB1E5F2217D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BFEB4F94-0415-402E-B67F-6A37B21F8778}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C14148D2-5B8D-4D66-AD56-FF61AD1C4671}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8BD081A1-5E71-43E6-BDFD-7DDA7B24DEB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CB6C8F78-2F02-404F-A57E-C1098C7F012E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0A9C4DC7-B273-45A0-9EAF-D1F6941E2489}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{040971DE-5BCE-46DB-A7FA-A602686798AE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DD4DA610-B541-44F9-90AD-F85A831A1BDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6DE2158D-41B5-43C1-8422-44617DAEADA4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{77327B85-F266-4501-8B1C-16A431110992}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7D6E8D30-EDB0-4A23-86B2-35A4B355D6F6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6CFE29A6-00CB-4709-88FA-DA9E2D566907}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{1E4C6185-58D6-4566-B961-3AB977172381}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{1C2867CD-6579-4D8C-89D5-912AEA756660}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{3FC198E9-3A6B-4EC8-803B-C24B2EF36790}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C67803E4-386F-4C5B-A801-98FC96354599}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{BBCFA4B3-D23C-423E-9475-99F09551EA65}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{B1FD0EAC-DE06-413C-A8FF-C820EEDCA63B}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Arquivo não assinado] FirewallRules: [{2315E400-3416-44FD-8518-15808389D8FC}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe () [Arquivo não assinado] FirewallRules: [{BB11AE42-0F6B-47C8-AC63-3DEA3331C0CA}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{5B0FA18D-AB8F-4DB5-B81F-46612012FC70}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{840245F1-6D0E-48AB-992F-04326BCB52AF}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{B9F92BCE-D132-496F-B26B-B28911723770}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{23D12383-6541-41E0-BBBC-BA1230D911BD}] => (Allow) D:\SteamLibrary\steamapps\common\left 4 dead\left4dead.exe () [Arquivo não assinado] FirewallRules: [{D7B79A4D-FD92-4B57-ABF2-97C97680BAA8}] => (Allow) D:\SteamLibrary\steamapps\common\left 4 dead\left4dead.exe () [Arquivo não assinado] FirewallRules: [{C8BE4827-06CB-4373-A20D-2498BDE92690}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{F240F8EC-A342-4C64-B898-BED4FDFB386E}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{7216F381-D7C4-4698-8A48-547E30533A18}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{B27692AD-3C15-4FEF-9CDE-7AEBEF8D9DDF}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{0687A822-D5B3-4674-8424-0CEE105D74DF}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [TCP Query User{05065DE9-D18A-4621-9500-F5DCAD54A911}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{F6FF39D7-288F-4890-B324-75CB1D03FA39}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{EF3DD674-F9AC-4B60-909A-2C259EE6C126}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{CA548D86-9673-47CD-8611-6BF9630B89A0}] => (Allow) C:\Users\ANGIOLETTO\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{6E78742D-9843-47B0-8A5A-A40BAD4A7ED6}] => (Allow) C:\Users\ANGIOLETTO\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{5DDF8A0A-7E3C-41D8-80B5-CDC2FF5EE797}D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Arquivo não assinado] FirewallRules: [UDP Query User{73B9C3CA-D846-43D7-BA37-F2F5AD63C532}D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Arquivo não assinado] FirewallRules: [{4491DFB0-2D67-406F-9988-84FE2DE356CC}] => (Allow) D:\SteamLibrary\steamapps\common\ZombieArmy4\Launcher\za4.exe () [Arquivo não assinado] FirewallRules: [{AD70A705-188E-49B5-8754-E8331F900660}] => (Allow) D:\SteamLibrary\steamapps\common\ZombieArmy4\Launcher\za4.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{004354AB-9984-496A-B4D7-807737C2C249}D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe] => (Allow) D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe (Rebellion) [Arquivo não assinado] FirewallRules: [UDP Query User{CFBFD7E3-B39A-4F33-A926-4D74C13216DC}D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe] => (Allow) D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe (Rebellion) [Arquivo não assinado] ==================== Pontos de Restauração ========================= ATENÇÃO: A Restauração do Sistema está desabilitada (Total:118.57 GB) (Free:62.18 GB) (52%) ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (01/05/2022 12:03:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: wmiprvse.exe, versão: 10.0.19041.546, carimbo de data/hora: 0x5da7ab91 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0x80131623 Deslocamento da falha: 0x00007ffdd268200f ID do processo com falha: 0x3310 Hora de início do aplicativo com falha: 0x01d801e0d52622f9 Caminho do aplicativo com falha: C:\WINDOWS\system32\wbem\wmiprvse.exe Caminho do módulo com falha: unknown ID do Relatório: 30bccec5-6187-4885-8e18-935e2ef32357 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/05/2022 12:03:37 AM) (Source: .NET Runtime) (EventID: 1025) (User: ) Description: Application: wmiprvse.exe Framework Version: v4.0.30319 Description: The application requested process termination through System.Environment.FailFast(string message). Message: Exceção inesperada acionada no provedor: System.IO.FileLoadException: File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers() Stack: at System.Environment.FailFast(System.String) at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink) Error: (01/05/2022 12:03:36 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: ) Description: Event-ID 3002 Error: (01/05/2022 12:03:36 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: ) Description: Event-ID 2002 Error: (01/05/2022 12:03:36 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: ) Description: Event-ID 2003 Error: (01/04/2022 11:19:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: wmiprvse.exe, versão: 10.0.19041.546, carimbo de data/hora: 0x5da7ab91 Nome do módulo com falha: unknown, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Código de exceção: 0x80131623 Deslocamento da falha: 0x00007ffdc856200f ID do processo com falha: 0xf5c Hora de início do aplicativo com falha: 0x01d801daade27feb Caminho do aplicativo com falha: C:\WINDOWS\system32\wbem\wmiprvse.exe Caminho do módulo com falha: unknown ID do Relatório: a287210b-365f-4106-a343-c1c9c7c5d1d3 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/04/2022 11:19:37 PM) (Source: .NET Runtime) (EventID: 1025) (User: ) Description: Application: wmiprvse.exe Framework Version: v4.0.30319 Description: The application requested process termination through System.Environment.FailFast(string message). Message: Exceção inesperada acionada no provedor: System.IO.FileLoadException: File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers() Stack: at System.Environment.FailFast(System.String) at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink) Error: (01/04/2022 11:19:33 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: ) Description: Event-ID 3002 Erros de Sistema: ============= Error: (01/04/2022 10:33:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço CredentialEnrollmentManagerUserSvc_466c697 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (01/04/2022 10:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Steam Client Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/04/2022 10:33:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Microsoft Office Click-to-Run Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (01/04/2022 10:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Adobe Genuine Software Integrity Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/04/2022 10:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Adobe Genuine Monitor Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/04/2022 10:33:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço NVIDIA Display Container LS foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço. Error: (01/04/2022 10:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Waves Audio Services foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/04/2022 10:33:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Winstep Xtreme Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Windows Defender: ================ Date: 2022-01-03 16:17:28 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {B9BFFDC8-849D-4A44-9B15-05EC7D492164} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-01-03 15:19:17 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {7693FCC2-0193-43DC-8866-EA7DB3B686BE} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-01-02 19:16:07 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega!ml&threatid=2147763770&enterprise=0 Nome: Trojan:Win32/Tnega!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: SEC7\ANGIOLETTO Nome do Processo: C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe Versão da Inteligência de Segurança: AV: 1.355.1292.0, AS: 1.355.1292.0, NIS: 1.355.1292.0 Versão do Mecanismo: AM: 1.1.18800.4, NIS: 1.1.18800.4 Date: 2022-01-02 19:16:07 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega!ml&threatid=2147763770&enterprise=0 Nome: Trojan:Win32/Tnega!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard.lnk; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard.lnk; uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1 Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: SEC7\ANGIOLETTO Nome do Processo: C:\Windows\System32\RuntimeBroker.exe Versão da Inteligência de Segurança: AV: 1.355.1292.0, AS: 1.355.1292.0, NIS: 1.355.1292.0 Versão do Mecanismo: AM: 1.1.18800.4, NIS: 1.1.18800.4 Date: 2022-01-02 19:15:53 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega!ml&threatid=2147763770&enterprise=0 Nome: Trojan:Win32/Tnega!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: SEC7\ANGIOLETTO Nome do Processo: C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe Versão da Inteligência de Segurança: AV: 1.355.1292.0, AS: 1.355.1292.0, NIS: 1.355.1292.0 Versão do Mecanismo: AM: 1.1.18800.4, NIS: 1.1.18800.4  CodeIntegrity: =============== Date: 2022-01-05 14:21:46 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements. Date: 2022-01-05 00:11:58 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:14:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-01-04 23:14:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\VBoxUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:14:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\nvvhci.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:14:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\nvswcfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:00:19 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== BIOS: Insyde Corp. V1.12 11/05/2020 placa-mãe: PK Octavia_PKS Processador: AMD Ryzen 7 3750H with Radeon Vega Mobile Gfx Percentagem de memória em uso: 83% RAM física total: 6082.64 MB RAM física disponível: 1001.49 MB Virtual Total: 15574.7 MB Virtual disponível: 7642.55 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.57 GB) (Free:62.18 GB) NTFS Drive d: (Novo volume) (Fixed) (Total:931.51 GB) (Free:519.09 GB) NTFS \\?\Volume{dd02b63a-d037-4e88-afdf-8c0422ef3591}\ () (Fixed) (Total:0.56 GB) (Free:0.13 GB) NTFS \\?\Volume{8812ee67-cfa9-4d76-b54f-2877a3cf1853}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 0996232B) Partition: GPT. ========================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: 09954329) Partition: GPT. ==================== Fim de Addition.txt =======================