Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 27-12-2021 Executado por ANGIOLETTO (07-01-2022 16:10:50) Executando a partir de C:\Users\ANGIOLETTO\Desktop Microsoft Windows 10 Pro Versão 21H1 19043.1415 (X64) (2022-01-01 04:24:01) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-3059253328-2993587930-46944393-500 - Administrator - Disabled) ANGIOLETTO (S-1-5-21-3059253328-2993587930-46944393-1001 - Administrator - Enabled) => C:\Users\ANGIOLETTO Convidado (S-1-5-21-3059253328-2993587930-46944393-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3059253328-2993587930-46944393-503 - Limited - Disabled) Entra ai bb (S-1-5-21-3059253328-2993587930-46944393-1002 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-3059253328-2993587930-46944393-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.) Alan Wake Remastered (HKLM-x32\...\Alan Wake Remastered_is1) (Version: - ) Ankama Launcher 3.5.10 (HKLM\...\{410fcd79-1be8-5bf1-986e-ea09c55f7edf}) (Version: 3.5.10 - Ankama) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 97.1.34.80 - Autores do Brave) Corel Graphics - Windows Shell Extension (HKLM\...\_{33DB43C3-E6BE-40AE-AECF-56E9F03E3B4D}) (Version: 23.0.0.362 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{33DB43C3-E6BE-40AE-AECF-56E9F03E3B4D}) (Version: 23.0.362 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C697E994-12BE-4CF3-B9BF-B3FD1659E717}) (Version: 23.0.362 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM (x64) (HKLM\...\{EF56927C-ED92-41B1-8B88-FA225384E2A4}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content BR (x64) (HKLM\...\{3D6825D1-5843-4585-B915-A9F234554C2C}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content CS (x64) (HKLM\...\{CCBA3120-A726-4C64-8986-AF5B6C519FE7}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content CT (x64) (HKLM\...\{EC73C33E-4349-45E7-A08C-8566DF799EC5}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content CZ (x64) (HKLM\...\{289B6A1B-EA8B-4FBE-9CF4-A0FE4E91DD37}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content DE (x64) (HKLM\...\{4F09DBC6-B00A-4E83-886D-94EFAD76A36C}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content EN (x64) (HKLM\...\{DDD18F44-5B1B-44FB-A604-1A4EBDB65FC9}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content ES (x64) (HKLM\...\{176AC6B0-1B9D-4257-94DD-02B006CBC779}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content FR (x64) (HKLM\...\{D6DDBE6D-E2D0-48C1-9DAC-5DB93DA8DA83}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content IT (x64) (HKLM\...\{ED790B20-D67B-465C-B3B9-768547F5E389}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content JP (x64) (HKLM\...\{243F3C09-43FC-447C-98AF-E640955397BB}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content NL (x64) (HKLM\...\{AA0464E0-EBA2-4879-A116-D7FFBC41267E}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content PL (x64) (HKLM\...\{7E5076C4-E945-49BA-AFC6-01577CD06ABA}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content RU (x64) (HKLM\...\{74BEF304-6B74-4196-A4C4-63C6D4BECCB0}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content SV (x64) (HKLM\...\{A397DC31-3A23-4157-8881-A5E4957ABB19}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content TR (x64) (HKLM\...\{3B5FBE0B-541B-47FB-89EC-20ECA3E8D97A}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - Writing Tools (x64) (HKLM\...\{31CD96CF-4A33-4535-A6CC-F419CEAEFD70}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 (64-Bit) (HKLM\...\_{B9EA48EE-695F-4E90-B89D-F7CE4767B49F}) (Version: 23.0.0.363 - Corel Corporation) Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.1.0 - IObit) Epic Games Launcher (HKLM-x32\...\{ECDCFB08-3C8E-4072-93C1-7A3EFDFCF4F9}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden Iratus: Lord of the Dead (HKLM-x32\...\1447412730_is1) (Version: 181.13.00 - GOG.com) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.62 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation) Microsoft Excel LTSC - pt-br (HKLM\...\Excel2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Office LTSC Professional Plus 2021 - pt-br (HKLM\...\ProPlus2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft PowerPoint LTSC - pt-br (HKLM\...\PowerPoint2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Project Professional 2021 - pt-br (HKLM\...\ProjectPro2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visio LTSC Professional 2021 - pt-br (HKLM\...\VisioPro2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.63.2 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation) Microsoft Word LTSC - pt-br (HKLM\...\Word2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MiniTool Partition Wizard Free 12.6 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.6 - MiniTool Software Limited) MiniTool Power Data Recovery 10.0 (HKLM\...\{E1BCD081-4BF4-4E2F-832A-911EC42EF3C5}_is1) (Version: 10.0 - MiniTool Software Limited) Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 95.0.2 (x64 pt-BR)) (Version: 95.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 95.0.2 - Mozilla) Nexus Ultimate (HKLM-x32\...\Winstep Xtreme_is1) (Version: - ) NVIDIA Driver de gráficos 497.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.29 - NVIDIA Corporation) NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation) NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14332.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20110 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.14332.20110 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.108.49699 - Electronic Arts, Inc.) PhotoScape X Pro (HKLM\...\{B6F94770-08EF-466A-B987-447A9E5EE1D9}) (Version: 4.0.2 - Mooii Tech) Hidden PhotoScape X Pro (HKLM\...\PhotoScape X Pro 4.0.2) (Version: 4.0.2 - Mooii Tech) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft) Ubuntu iPack (HKLM\...\Ubuntu iPack) (Version: - Tornado (7themes.su)) Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation) WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) Packages: ========= Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2022-01-01] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2022-01-07] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.221.0_x64__dt26b99r8h8gj [2022-01-01] (Realtek Semiconductor Corp) Waves MaxxAudio For Acer -> C:\Program Files\WindowsApps\WavesAudio.20761030F5EAC_1.0.67.0_x64__fh4rh281wavaa [2022-01-01] (Waves Audio) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_317ffda8092148c1\nvshext.dll [2022-01-01] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll [2019-09-23] (www.startisback.com) [Arquivo não assinado] ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2015-03-17 06:34 - 2015-03-17 06:34 - 000010240 _____ () [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\AcroTray.ptb 2022-01-01 02:06 - 2021-10-05 22:30 - 126961152 _____ () [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2022-01-01 02:06 - 2021-10-05 22:30 - 000384000 _____ () [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2022-01-01 02:06 - 2021-10-05 22:30 - 008006656 _____ () [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2022-01-01 02:21 - 2022-01-01 02:22 - 000004608 _____ () [Arquivo não assinado] C:\WINDOWS\SYSTEM32\SecureUxTheme.dll 2020-03-06 06:11 - 2020-03-06 06:11 - 000021504 _____ (Adobe Systems Inc.) [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\Acrobat Elements\ContextMenuShim64.ptb 2022-01-01 02:06 - 2021-10-05 22:30 - 000983552 _____ (The Chromium Authors) [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll 2022-01-01 02:40 - 2017-11-24 17:43 - 000026624 _____ (Winstep Software Technologies) [Arquivo não assinado] C:\Program Files (x86)\Winstep\WsxMMTimer.dll 2022-01-01 02:19 - 2019-09-23 23:51 - 000255488 _____ (www.startisback.com) [Arquivo não assinado] C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer32.dll 2022-01-01 02:19 - 2019-09-23 23:51 - 000261632 _____ (www.startisback.com) [Arquivo não assinado] C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Sem Nome -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll [2019-09-23] (www.startisback.com) [Arquivo não assinado] BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Sem Nome -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer32.dll [2019-09-23] (www.startisback.com) [Arquivo não assinado] BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2022-01-01 15:52 - 000000922 _____ C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 apps.corel.com 0.0.0.0 mc.corel.com 0.0.0.0 origin-mc.corel.com 0.0.0.0 iws.corel.com ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3059253328-2993587930-46944393-1001\Control Panel\Desktop\\Wallpaper -> c:\users\angioletto\pictures\1030253.jpg DNS Servers: 181.213.132.2 - 181.213.132.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "WavesSvc" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "utweb" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "GogGalaxy" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{7ACE1727-A804-41AF-8294-1AB1E5F2217D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BFEB4F94-0415-402E-B67F-6A37B21F8778}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C14148D2-5B8D-4D66-AD56-FF61AD1C4671}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8BD081A1-5E71-43E6-BDFD-7DDA7B24DEB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CB6C8F78-2F02-404F-A57E-C1098C7F012E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0A9C4DC7-B273-45A0-9EAF-D1F6941E2489}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{040971DE-5BCE-46DB-A7FA-A602686798AE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DD4DA610-B541-44F9-90AD-F85A831A1BDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6DE2158D-41B5-43C1-8422-44617DAEADA4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{77327B85-F266-4501-8B1C-16A431110992}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7D6E8D30-EDB0-4A23-86B2-35A4B355D6F6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6CFE29A6-00CB-4709-88FA-DA9E2D566907}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{1E4C6185-58D6-4566-B961-3AB977172381}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{1C2867CD-6579-4D8C-89D5-912AEA756660}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{3FC198E9-3A6B-4EC8-803B-C24B2EF36790}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C67803E4-386F-4C5B-A801-98FC96354599}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => Nenhum Arquivo FirewallRules: [{BBCFA4B3-D23C-423E-9475-99F09551EA65}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => Nenhum Arquivo FirewallRules: [{B1FD0EAC-DE06-413C-A8FF-C820EEDCA63B}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe => Nenhum Arquivo FirewallRules: [{2315E400-3416-44FD-8518-15808389D8FC}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe => Nenhum Arquivo FirewallRules: [{BB11AE42-0F6B-47C8-AC63-3DEA3331C0CA}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => Nenhum Arquivo FirewallRules: [{5B0FA18D-AB8F-4DB5-B81F-46612012FC70}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => Nenhum Arquivo FirewallRules: [{840245F1-6D0E-48AB-992F-04326BCB52AF}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => Nenhum Arquivo FirewallRules: [{B9F92BCE-D132-496F-B26B-B28911723770}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => Nenhum Arquivo FirewallRules: [{23D12383-6541-41E0-BBBC-BA1230D911BD}] => (Allow) D:\SteamLibrary\steamapps\common\left 4 dead\left4dead.exe => Nenhum Arquivo FirewallRules: [{D7B79A4D-FD92-4B57-ABF2-97C97680BAA8}] => (Allow) D:\SteamLibrary\steamapps\common\left 4 dead\left4dead.exe => Nenhum Arquivo FirewallRules: [{C8BE4827-06CB-4373-A20D-2498BDE92690}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => Nenhum Arquivo FirewallRules: [{F240F8EC-A342-4C64-B898-BED4FDFB386E}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => Nenhum Arquivo FirewallRules: [{7216F381-D7C4-4698-8A48-547E30533A18}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Nenhum Arquivo FirewallRules: [{B27692AD-3C15-4FEF-9CDE-7AEBEF8D9DDF}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Nenhum Arquivo FirewallRules: [TCP Query User{05065DE9-D18A-4621-9500-F5DCAD54A911}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => Nenhum Arquivo FirewallRules: [UDP Query User{F6FF39D7-288F-4890-B324-75CB1D03FA39}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => Nenhum Arquivo FirewallRules: [{EF3DD674-F9AC-4B60-909A-2C259EE6C126}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{5DDF8A0A-7E3C-41D8-80B5-CDC2FF5EE797}D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe => Nenhum Arquivo FirewallRules: [UDP Query User{73B9C3CA-D846-43D7-BA37-F2F5AD63C532}D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe => Nenhum Arquivo FirewallRules: [{4491DFB0-2D67-406F-9988-84FE2DE356CC}] => (Allow) D:\SteamLibrary\steamapps\common\ZombieArmy4\Launcher\za4.exe => Nenhum Arquivo FirewallRules: [{AD70A705-188E-49B5-8754-E8331F900660}] => (Allow) D:\SteamLibrary\steamapps\common\ZombieArmy4\Launcher\za4.exe => Nenhum Arquivo FirewallRules: [TCP Query User{004354AB-9984-496A-B4D7-807737C2C249}D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe] => (Allow) D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe => Nenhum Arquivo FirewallRules: [UDP Query User{CFBFD7E3-B39A-4F33-A926-4D74C13216DC}D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe] => (Allow) D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe => Nenhum Arquivo FirewallRules: [{696BC539-4071-4321-8EBF-B0E84707EE4D}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{6229B029-02E8-459D-B210-0FC71A8B5B6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C4A814B7-8FE7-48C0-B363-88DE535EA8B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{EE1B63FB-D743-4B9D-9DA9-869895C88272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DF16D48F-21F0-4AB1-A13B-98FC8B8A4A0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{89E5FD9A-51A3-4EC1-877D-FB5B45A0D57D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{1A7644F0-518A-4190-8C35-0FDF9F2BCE33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{564EA2A9-9A2F-477F-8613-8D3E090113CF}E:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) E:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe () [Arquivo não assinado] FirewallRules: [UDP Query User{689820CB-9DED-4242-9738-D5C1AB24ADE6}E:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) E:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{BAFEFD89-F075-41F9-82EC-6E7394D7332F}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{DAA62418-B42D-4CF9-BB87-1C75A69AB038}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) ==================== Pontos de Restauração ========================= 06-01-2022 22:43:43 W10 JA TOP 06-01-2022 22:49:02 W10 ponto feito. ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (01/07/2022 03:56:58 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa left4dead2.exe versão 0.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 265c Hora de Início: 01d803f82e83197f Hora de Término: 66 Caminho do Aplicativo: E:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe ID do Relatório: 34b4f213-7153-4708-b1e3-a94dcfc4786f Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Unknown Error: (01/07/2022 03:51:37 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\SEC7$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps Método: GET(16ms) Estágio: GetCACaps O nome ou o endereço do servidor não pôde ser resolvido 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED) Error: (01/07/2022 02:48:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelPP.exe, versão: 23.0.0.363, carimbo de data/hora: 0x6035f83b Nome do módulo com falha: Styles.dll, versão: 23.0.0.363, carimbo de data/hora: 0x6035ec36 Código de exceção: 0xc000041d Deslocamento da falha: 0x00000000000061da ID do processo com falha: 0x2448 Hora de início do aplicativo com falha: 0x01d803eec8f0bd82 Caminho do aplicativo com falha: E:\CoreLDRAW\CorelDRAW Graphics Suite 2021\Programs64\CorelPP.exe Caminho do módulo com falha: E:\CoreLDRAW\CorelDRAW Graphics Suite 2021\Programs64\Styles.dll ID do Relatório: 54ce34c7-b612-4a10-84f1-c9fd668423c6 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/07/2022 02:48:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelPP.exe, versão: 23.0.0.363, carimbo de data/hora: 0x6035f83b Nome do módulo com falha: Styles.dll, versão: 23.0.0.363, carimbo de data/hora: 0x6035ec36 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000061da ID do processo com falha: 0x2448 Hora de início do aplicativo com falha: 0x01d803eec8f0bd82 Caminho do aplicativo com falha: E:\CoreLDRAW\CorelDRAW Graphics Suite 2021\Programs64\CorelPP.exe Caminho do módulo com falha: E:\CoreLDRAW\CorelDRAW Graphics Suite 2021\Programs64\Styles.dll ID do Relatório: c5b62abd-c75f-402f-9b18-373a4d5387df Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/07/2022 02:48:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: CorelPP.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FF8D89A61DA Error: (01/07/2022 02:47:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelPP.exe, versão: 23.0.0.363, carimbo de data/hora: 0x6035f83b Nome do módulo com falha: Styles.dll, versão: 23.0.0.363, carimbo de data/hora: 0x6035ec36 Código de exceção: 0xc000041d Deslocamento da falha: 0x00000000000061da ID do processo com falha: 0x16e4 Hora de início do aplicativo com falha: 0x01d803ee99cfaf08 Caminho do aplicativo com falha: E:\CoreLDRAW\CorelDRAW Graphics Suite 2021\Programs64\CorelPP.exe Caminho do módulo com falha: E:\CoreLDRAW\CorelDRAW Graphics Suite 2021\Programs64\Styles.dll ID do Relatório: 3d8a1cf1-8453-41e1-9249-970cef1598aa Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/07/2022 02:47:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: CorelPP.exe, versão: 23.0.0.363, carimbo de data/hora: 0x6035f83b Nome do módulo com falha: Styles.dll, versão: 23.0.0.363, carimbo de data/hora: 0x6035ec36 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00000000000061da ID do processo com falha: 0x16e4 Hora de início do aplicativo com falha: 0x01d803ee99cfaf08 Caminho do aplicativo com falha: E:\CoreLDRAW\CorelDRAW Graphics Suite 2021\Programs64\CorelPP.exe Caminho do módulo com falha: E:\CoreLDRAW\CorelDRAW Graphics Suite 2021\Programs64\Styles.dll ID do Relatório: 64436872-1d9b-45d6-9e8e-fdc73eebb303 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/07/2022 02:47:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: CorelPP.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FF8D88F61DA Erros de Sistema: ============= Error: (01/07/2022 03:51:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Origin Web Helper Service devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (01/07/2022 03:51:33 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1096) (User: AUTORIDADE NT) Description: A Política de Grupo não foi processada. O Windows não pôde aplicar as configurações de política baseado no Registro para o objeto de Política de Grupo LocalGPO. As configurações de Política de Grupo não serão resolvidas enquanto esse evento não for resolvido. Exiba os detalhes do evento para obter mais informações sobre nome e caminho do arquivo que causou a falha. Error: (01/07/2022 03:51:32 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento do sistema que ocorreu às 15:09:13 do dia ‎07/‎01/‎2022 não era esperado. Error: (01/07/2022 03:10:09 PM) (Source: Virtual Disk Service) (EventID: 8) (User: ) Description: Falha ao abrir o dispositivo \\?\usbstor#disk&ven_&prod_usb_disk_2.0&rev_pmap#90000bee0cb73980&0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}. Código de erro: 5@020D0002 Error: (01/07/2022 03:01:31 PM) (Source: Ntfs) (EventID: 55) (User: AUTORIDADE NT) Description: Corrupção detectada na estrutura do sistema de arquivos, no volume \\?\Volume{6c3a9db4-6f56-11ec-873c-9408538717ea}. A natureza exata da corrupção é desconhecida. As estruturas do sistema de arquivos precisam ser verificadas offline. Error: (01/07/2022 03:01:29 PM) (Source: disk) (EventID: 7) (User: ) Description: O dispositivo, \Device\Harddisk2\DR3, possui um setor defeituoso. Error: (01/07/2022 02:44:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Rockstar Game Library Service devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (01/07/2022 02:29:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Origin Web Helper Service devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Windows Defender: ================ Date: 2022-01-03 16:17:28 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {B9BFFDC8-849D-4A44-9B15-05EC7D492164} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-01-03 15:19:17 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {7693FCC2-0193-43DC-8866-EA7DB3B686BE} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-01-02 19:16:07 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega!ml&threatid=2147763770&enterprise=0 Nome: Trojan:Win32/Tnega!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: SEC7\ANGIOLETTO Nome do Processo: C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe Versão da Inteligência de Segurança: AV: 1.355.1292.0, AS: 1.355.1292.0, NIS: 1.355.1292.0 Versão do Mecanismo: AM: 1.1.18800.4, NIS: 1.1.18800.4 Date: 2022-01-02 19:16:07 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega!ml&threatid=2147763770&enterprise=0 Nome: Trojan:Win32/Tnega!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard.lnk; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard.lnk; uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1 Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: SEC7\ANGIOLETTO Nome do Processo: C:\Windows\System32\RuntimeBroker.exe Versão da Inteligência de Segurança: AV: 1.355.1292.0, AS: 1.355.1292.0, NIS: 1.355.1292.0 Versão do Mecanismo: AM: 1.1.18800.4, NIS: 1.1.18800.4 Date: 2022-01-02 19:15:53 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega!ml&threatid=2147763770&enterprise=0 Nome: Trojan:Win32/Tnega!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: SEC7\ANGIOLETTO Nome do Processo: C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe Versão da Inteligência de Segurança: AV: 1.355.1292.0, AS: 1.355.1292.0, NIS: 1.355.1292.0 Versão do Mecanismo: AM: 1.1.18800.4, NIS: 1.1.18800.4  CodeIntegrity: =============== Date: 2022-01-05 14:21:46 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements. Date: 2022-01-05 00:11:58 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:14:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-01-04 23:14:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\VBoxUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:14:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\nvvhci.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:14:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\nvswcfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:00:19 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== BIOS: Insyde Corp. V1.12 11/05/2020 placa-mãe: PK Octavia_PKS Processador: AMD Ryzen 7 3750H with Radeon Vega Mobile Gfx Percentagem de memória em uso: 91% RAM física total: 6082.64 MB RAM física disponível: 502.54 MB Virtual Total: 10892.92 MB Virtual disponível: 1988.42 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.57 GB) (Free:54.52 GB) NTFS Drive d: () (Fixed) (Total:0 GB) (Free:0 GB) Drive e: (D) (Fixed) (Total:798.13 GB) (Free:422.11 GB) NTFS \\?\Volume{dd02b63a-d037-4e88-afdf-8c0422ef3591}\ () (Fixed) (Total:0.56 GB) (Free:0.13 GB) NTFS \\?\Volume{8812ee67-cfa9-4d76-b54f-2877a3cf1853}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 0996232B) Partition: GPT. ========================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: 09954329) Partition: GPT. ==================== Fim de Addition.txt =======================