Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 27-12-2021 Executado por ANGIOLETTO (09-01-2022 00:49:21) Executando a partir de C:\Users\ANGIOLETTO\Desktop Microsoft Windows 10 Pro Versão 21H1 19043.1415 (X64) (2022-01-01 04:24:01) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-3059253328-2993587930-46944393-500 - Administrator - Disabled) ANGIOLETTO (S-1-5-21-3059253328-2993587930-46944393-1001 - Administrator - Enabled) => C:\Users\ANGIOLETTO Convidado (S-1-5-21-3059253328-2993587930-46944393-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3059253328-2993587930-46944393-503 - Limited - Disabled) Entra ai bb (S-1-5-21-3059253328-2993587930-46944393-1002 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-3059253328-2993587930-46944393-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.) Alan Wake Remastered (HKLM-x32\...\Alan Wake Remastered_is1) (Version: - ) Ankama Launcher 3.5.10 (HKLM\...\{410fcd79-1be8-5bf1-986e-ea09c55f7edf}) (Version: 3.5.10 - Ankama) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 97.1.34.80 - Autores do Brave) Corel Graphics - Windows Shell Extension (HKLM\...\_{33DB43C3-E6BE-40AE-AECF-56E9F03E3B4D}) (Version: 23.0.0.362 - Corel Corporation) Corel Graphics - Windows Shell Extension (HKLM\...\{33DB43C3-E6BE-40AE-AECF-56E9F03E3B4D}) (Version: 23.0.362 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C697E994-12BE-4CF3-B9BF-B3FD1659E717}) (Version: 23.0.362 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM (x64) (HKLM\...\{EF56927C-ED92-41B1-8B88-FA225384E2A4}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content BR (x64) (HKLM\...\{3D6825D1-5843-4585-B915-A9F234554C2C}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content CS (x64) (HKLM\...\{CCBA3120-A726-4C64-8986-AF5B6C519FE7}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content CT (x64) (HKLM\...\{EC73C33E-4349-45E7-A08C-8566DF799EC5}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content CZ (x64) (HKLM\...\{289B6A1B-EA8B-4FBE-9CF4-A0FE4E91DD37}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content DE (x64) (HKLM\...\{4F09DBC6-B00A-4E83-886D-94EFAD76A36C}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content EN (x64) (HKLM\...\{DDD18F44-5B1B-44FB-A604-1A4EBDB65FC9}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content ES (x64) (HKLM\...\{176AC6B0-1B9D-4257-94DD-02B006CBC779}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content FR (x64) (HKLM\...\{D6DDBE6D-E2D0-48C1-9DAC-5DB93DA8DA83}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content IT (x64) (HKLM\...\{ED790B20-D67B-465C-B3B9-768547F5E389}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content JP (x64) (HKLM\...\{243F3C09-43FC-447C-98AF-E640955397BB}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content NL (x64) (HKLM\...\{AA0464E0-EBA2-4879-A116-D7FFBC41267E}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content PL (x64) (HKLM\...\{7E5076C4-E945-49BA-AFC6-01577CD06ABA}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content RU (x64) (HKLM\...\{74BEF304-6B74-4196-A4C4-63C6D4BECCB0}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content SV (x64) (HKLM\...\{A397DC31-3A23-4157-8881-A5E4957ABB19}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - IPM Content TR (x64) (HKLM\...\{3B5FBE0B-541B-47FB-89EC-20ECA3E8D97A}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 - Writing Tools (x64) (HKLM\...\{31CD96CF-4A33-4535-A6CC-F419CEAEFD70}) (Version: 23.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2021 (64-Bit) (HKLM\...\_{B9EA48EE-695F-4E90-B89D-F7CE4767B49F}) (Version: 23.0.0.363 - Corel Corporation) Driver Booster 9 (HKLM-x32\...\Driver Booster_is1) (Version: 9.1.0 - IObit) Epic Games Launcher (HKLM-x32\...\{ECDCFB08-3C8E-4072-93C1-7A3EFDFCF4F9}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden Iratus: Lord of the Dead (HKLM-x32\...\1447412730_is1) (Version: 181.13.00 - GOG.com) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.55 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation) Microsoft Excel LTSC - pt-br (HKLM\...\Excel2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Office LTSC Professional Plus 2021 - pt-br (HKLM\...\ProPlus2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft PowerPoint LTSC - pt-br (HKLM\...\PowerPoint2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Project Professional 2021 - pt-br (HKLM\...\ProjectPro2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visio LTSC Professional 2021 - pt-br (HKLM\...\VisioPro2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.63.2 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation) Microsoft Word LTSC - pt-br (HKLM\...\Word2021Volume - pt-br) (Version: 16.0.14332.20176 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MiniTool Partition Wizard Free 12.6 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.6 - MiniTool Software Limited) MiniTool Power Data Recovery 10.0 (HKLM\...\{E1BCD081-4BF4-4E2F-832A-911EC42EF3C5}_is1) (Version: 10.0 - MiniTool Software Limited) Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 95.0.2 (x64 pt-BR)) (Version: 95.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 95.0.2 - Mozilla) Nexus Ultimate (HKLM-x32\...\Winstep Xtreme_is1) (Version: - ) NVIDIA Driver de gráficos 497.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.29 - NVIDIA Corporation) NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation) NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14332.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20110 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20204 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.14332.20110 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.108.49699 - Electronic Arts, Inc.) PhotoScape X Pro (HKLM\...\{B6F94770-08EF-466A-B987-447A9E5EE1D9}) (Version: 4.0.2 - Mooii Tech) Hidden PhotoScape X Pro (HKLM\...\PhotoScape X Pro 4.0.2) (Version: 4.0.2 - Mooii Tech) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteamGridDB Manager 0.4.2 (HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\{94e65122-19c4-523a-b7ce-d67766ba0e17}) (Version: 0.4.2 - SteamGridDB.com) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 73.0 - Ubisoft) Ubuntu iPack (HKLM\...\Ubuntu iPack) (Version: - Tornado (7themes.su)) Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation) WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) Packages: ========= Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.11.12160.0_x64__8wekyb3d8bbwe [2022-01-01] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2022-01-07] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.221.0_x64__dt26b99r8h8gj [2022-01-01] (Realtek Semiconductor Corp) Waves MaxxAudio For Acer -> C:\Program Files\WindowsApps\WavesAudio.20761030F5EAC_1.0.67.0_x64__fh4rh281wavaa [2022-01-01] (Waves Audio) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_317ffda8092148c1\nvshext.dll [2022-01-01] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) FolderExtensions: [] -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} => C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll [2019-09-23] (www.startisback.com) [Arquivo não assinado] ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2015-03-17 06:34 - 2015-03-17 06:34 - 000010240 _____ () [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\AcroTray.ptb 2022-01-01 02:06 - 2021-10-05 22:30 - 126961152 _____ () [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll 2022-01-01 02:06 - 2021-10-05 22:30 - 000384000 _____ () [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll 2022-01-01 02:06 - 2021-10-05 22:30 - 008006656 _____ () [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll 2022-01-01 02:21 - 2022-01-01 02:22 - 000004608 _____ () [Arquivo não assinado] C:\WINDOWS\SYSTEM32\SecureUxTheme.dll 2020-03-06 06:11 - 2020-03-06 06:11 - 000021504 _____ (Adobe Systems Inc.) [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\Acrobat Elements\ContextMenuShim64.ptb 2022-01-01 02:06 - 2021-10-05 22:30 - 000983552 _____ (The Chromium Authors) [Arquivo não assinado] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll 2022-01-01 02:40 - 2017-11-24 17:43 - 000026624 _____ (Winstep Software Technologies) [Arquivo não assinado] C:\Program Files (x86)\Winstep\WsxMMTimer.dll 2022-01-01 02:19 - 2019-09-23 23:51 - 000255488 _____ (www.startisback.com) [Arquivo não assinado] C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer32.dll 2022-01-01 02:19 - 2019-09-23 23:51 - 000261632 _____ (www.startisback.com) [Arquivo não assinado] C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Sem Nome -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll [2019-09-23] (www.startisback.com) [Arquivo não assinado] BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Sem Nome -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer32.dll [2019-09-23] (www.startisback.com) [Arquivo não assinado] BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-01] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2022-01-01 15:52 - 000000922 _____ C:\WINDOWS\system32\drivers\etc\hosts 0.0.0.0 apps.corel.com 0.0.0.0 mc.corel.com 0.0.0.0 origin-mc.corel.com 0.0.0.0 iws.corel.com ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3059253328-2993587930-46944393-1001\Control Panel\Desktop\\Wallpaper -> c:\users\angioletto\pictures\1030253.jpg DNS Servers: 181.213.132.2 - 181.213.132.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "WavesSvc" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "utweb" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-3059253328-2993587930-46944393-1001\...\StartupApproved\Run: => "GogGalaxy" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{7ACE1727-A804-41AF-8294-1AB1E5F2217D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BFEB4F94-0415-402E-B67F-6A37B21F8778}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C14148D2-5B8D-4D66-AD56-FF61AD1C4671}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8BD081A1-5E71-43E6-BDFD-7DDA7B24DEB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{CB6C8F78-2F02-404F-A57E-C1098C7F012E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0A9C4DC7-B273-45A0-9EAF-D1F6941E2489}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{040971DE-5BCE-46DB-A7FA-A602686798AE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{DD4DA610-B541-44F9-90AD-F85A831A1BDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6DE2158D-41B5-43C1-8422-44617DAEADA4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{77327B85-F266-4501-8B1C-16A431110992}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7D6E8D30-EDB0-4A23-86B2-35A4B355D6F6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6CFE29A6-00CB-4709-88FA-DA9E2D566907}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{1E4C6185-58D6-4566-B961-3AB977172381}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{1C2867CD-6579-4D8C-89D5-912AEA756660}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{3FC198E9-3A6B-4EC8-803B-C24B2EF36790}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C67803E4-386F-4C5B-A801-98FC96354599}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => Nenhum Arquivo FirewallRules: [{BBCFA4B3-D23C-423E-9475-99F09551EA65}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => Nenhum Arquivo FirewallRules: [{B1FD0EAC-DE06-413C-A8FF-C820EEDCA63B}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe => Nenhum Arquivo FirewallRules: [{2315E400-3416-44FD-8518-15808389D8FC}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe => Nenhum Arquivo FirewallRules: [{BB11AE42-0F6B-47C8-AC63-3DEA3331C0CA}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => Nenhum Arquivo FirewallRules: [{5B0FA18D-AB8F-4DB5-B81F-46612012FC70}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => Nenhum Arquivo FirewallRules: [{840245F1-6D0E-48AB-992F-04326BCB52AF}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => Nenhum Arquivo FirewallRules: [{B9F92BCE-D132-496F-B26B-B28911723770}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => Nenhum Arquivo FirewallRules: [{23D12383-6541-41E0-BBBC-BA1230D911BD}] => (Allow) D:\SteamLibrary\steamapps\common\left 4 dead\left4dead.exe => Nenhum Arquivo FirewallRules: [{D7B79A4D-FD92-4B57-ABF2-97C97680BAA8}] => (Allow) D:\SteamLibrary\steamapps\common\left 4 dead\left4dead.exe => Nenhum Arquivo FirewallRules: [{C8BE4827-06CB-4373-A20D-2498BDE92690}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => Nenhum Arquivo FirewallRules: [{F240F8EC-A342-4C64-B898-BED4FDFB386E}] => (Allow) D:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => Nenhum Arquivo FirewallRules: [{7216F381-D7C4-4698-8A48-547E30533A18}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Nenhum Arquivo FirewallRules: [{B27692AD-3C15-4FEF-9CDE-7AEBEF8D9DDF}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe => Nenhum Arquivo FirewallRules: [TCP Query User{05065DE9-D18A-4621-9500-F5DCAD54A911}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => Nenhum Arquivo FirewallRules: [UDP Query User{F6FF39D7-288F-4890-B324-75CB1D03FA39}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => Nenhum Arquivo FirewallRules: [{EF3DD674-F9AC-4B60-909A-2C259EE6C126}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{5DDF8A0A-7E3C-41D8-80B5-CDC2FF5EE797}D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe => Nenhum Arquivo FirewallRules: [UDP Query User{73B9C3CA-D846-43D7-BA37-F2F5AD63C532}D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\word war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe => Nenhum Arquivo FirewallRules: [{4491DFB0-2D67-406F-9988-84FE2DE356CC}] => (Allow) D:\SteamLibrary\steamapps\common\ZombieArmy4\Launcher\za4.exe => Nenhum Arquivo FirewallRules: [{AD70A705-188E-49B5-8754-E8331F900660}] => (Allow) D:\SteamLibrary\steamapps\common\ZombieArmy4\Launcher\za4.exe => Nenhum Arquivo FirewallRules: [TCP Query User{004354AB-9984-496A-B4D7-807737C2C249}D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe] => (Allow) D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe => Nenhum Arquivo FirewallRules: [UDP Query User{CFBFD7E3-B39A-4F33-A926-4D74C13216DC}D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe] => (Allow) D:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe => Nenhum Arquivo FirewallRules: [{696BC539-4071-4321-8EBF-B0E84707EE4D}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{6229B029-02E8-459D-B210-0FC71A8B5B6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C4A814B7-8FE7-48C0-B363-88DE535EA8B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{EE1B63FB-D743-4B9D-9DA9-869895C88272}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DF16D48F-21F0-4AB1-A13B-98FC8B8A4A0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{89E5FD9A-51A3-4EC1-877D-FB5B45A0D57D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{1A7644F0-518A-4190-8C35-0FDF9F2BCE33}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{564EA2A9-9A2F-477F-8613-8D3E090113CF}E:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) E:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe () [Arquivo não assinado] FirewallRules: [UDP Query User{689820CB-9DED-4242-9738-D5C1AB24ADE6}E:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) E:\steamlibrary\steamapps\common\left 4 dead 2\left4dead2.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{BAFEFD89-F075-41F9-82EC-6E7394D7332F}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{DAA62418-B42D-4CF9-BB87-1C75A69AB038}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{56114914-07C2-4DC6-A6C6-861E1F20F915}E:\steamlibrary\steamapps\common\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's rainbow six siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [UDP Query User{6818056B-70EE-44F3-9FDF-4A1C265D5D26}E:\steamlibrary\steamapps\common\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's rainbow six siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [TCP Query User{3DDAA515-4FEC-4EB0-A95B-C296D2CE0D73}E:\steamlibrary\steamapps\common\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's rainbow six siege\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [UDP Query User{C0A48850-6762-47B2-B55E-C549DD27618D}E:\steamlibrary\steamapps\common\tom clancy's rainbow six siege\rainbowsix.exe] => (Allow) E:\steamlibrary\steamapps\common\tom clancy's rainbow six siege\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [TCP Query User{04FE50A8-740D-4547-B656-2497EAC57401}E:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe] => (Allow) E:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe (Rebellion) [Arquivo não assinado] FirewallRules: [UDP Query User{92CFA88B-63E2-4DAD-B1A3-7DCC5ED4642E}E:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe] => (Allow) E:\steamlibrary\steamapps\common\zombiearmy4\bin\za4_dx12.exe (Rebellion) [Arquivo não assinado] FirewallRules: [TCP Query User{724D678C-3D7C-4D7A-9CE6-BB4F95B092C9}E:\world war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) E:\world war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Arquivo não assinado] FirewallRules: [UDP Query User{4815C555-ABBB-4BB9-8333-47A38402D25E}E:\world war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) E:\world war z\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Arquivo não assinado] FirewallRules: [{6F5E3D3E-708F-4141-906A-2D1D07EC5B4A}] => (Allow) E:\SteamLibrary\steamapps\common\Dead Frontier 2\DeadFrontier2.exe (Creaky Corpse Ltd -> ) FirewallRules: [{C4408A22-7C1C-4683-84FD-E7FDB087C5A1}] => (Allow) E:\SteamLibrary\steamapps\common\Dead Frontier 2\DeadFrontier2.exe (Creaky Corpse Ltd -> ) ==================== Pontos de Restauração ========================= 06-01-2022 22:43:43 W10 JA TOP 06-01-2022 22:49:02 W10 ponto feito. ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (01/09/2022 12:49:55 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\SEC7$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sun, 09 Jan 2022 03:49:55 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 03939ed2-cf2b-4f4e-a414-c6410328f22b Método: GET(344ms) Estágio: GetCACaps Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (01/09/2022 12:41:02 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\SEC7$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps Método: GET(110ms) Estágio: GetCACaps O nome ou o endereço do servidor não pôde ser resolvido 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED) Error: (01/08/2022 01:33:59 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa DeadFrontier2.exe versão 5.6.6.44065 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: f00 Hora de Início: 01d804abf25d771b Hora de Término: 5 Caminho do Aplicativo: E:\SteamLibrary\steamapps\common\Dead Frontier 2\DeadFrontier2.exe ID do Relatório: 003c888d-d21b-41c5-86e7-4eff14e073e0 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Cross-thread Error: (01/08/2022 12:45:25 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\SEC7$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps Método: GET(47ms) Estágio: GetCACaps O nome ou o endereço do servidor não pôde ser resolvido 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED) Error: (01/08/2022 12:55:03 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa wwzRetailEgs.exe versão 0.1.0.62678 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: c14 Hora de Início: 01d804437948c717 Hora de Término: 4294967295 Caminho do Aplicativo: E:\World War Z\WorldWarZ\en_us\client\bin\pc\wwzRetailEgs.exe ID do Relatório: f2a117bd-3a88-4139-ac3c-f52690523f69 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Top level window is idle Error: (01/07/2022 10:51:38 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\SEC7$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 08 Jan 2022 01:51:38 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: aeb3d26d-8d1f-48a5-a23c-8db2334df03d Método: GET(297ms) Estágio: GetCACaps Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (01/07/2022 09:36:37 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa GTA5.exe versão 1.0.2545.0 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 28f4 Hora de Início: 01d8041d5c7c86c4 Hora de Término: 4294967295 Caminho do Aplicativo: E:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTA5.exe ID do Relatório: bd65f6cb-7ac9-42b5-839b-4d8cd3fa73b9 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Top level window is idle Error: (01/07/2022 08:10:06 PM) (Source: MsiInstaller) (EventID: 11325) (User: SEC7) Description: Product: CorelDRAW Graphics Suite 2021 -- Error 1325.CoreLDRAW is not a valid short file name. Erros de Sistema: ============= Error: (01/09/2022 12:40:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Origin Web Helper Service devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (01/09/2022 12:40:55 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1096) (User: AUTORIDADE NT) Description: A Política de Grupo não foi processada. O Windows não pôde aplicar as configurações de política baseado no Registro para o objeto de Política de Grupo LocalGPO. As configurações de Política de Grupo não serão resolvidas enquanto esse evento não for resolvido. Exiba os detalhes do evento para obter mais informações sobre nome e caminho do arquivo que causou a falha. Error: (01/09/2022 12:40:53 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento do sistema que ocorreu às 15:25:15 do dia ‎08/‎01/‎2022 não era esperado. Error: (01/09/2022 12:40:39 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORIDADE NT) Description: 3221225626Ocorrência de erro fatal em processamento de dados de restauração. Error: (01/08/2022 12:47:19 PM) (Source: Tcpip) (EventID: 4199) (User: ) Description: O sistema detectou um conflito de endereço entre o endereço IP 2804:14d:7893:995d::1000 e o sistema que possui o endereço de hardware de rede EE-DE-75-EE-42-9F. Como resultado desse conflito, as operações de rede nesse sistema podem ser interrompidas. Error: (01/08/2022 12:45:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço Origin Web Helper Service devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (01/08/2022 12:45:17 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1096) (User: AUTORIDADE NT) Description: A Política de Grupo não foi processada. O Windows não pôde aplicar as configurações de política baseado no Registro para o objeto de Política de Grupo LocalGPO. As configurações de Política de Grupo não serão resolvidas enquanto esse evento não for resolvido. Exiba os detalhes do evento para obter mais informações sobre nome e caminho do arquivo que causou a falha. Error: (01/08/2022 12:45:15 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento do sistema que ocorreu às 01:06:13 do dia ‎08/‎01/‎2022 não era esperado. Windows Defender: ================ Date: 2022-01-03 16:17:28 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {B9BFFDC8-849D-4A44-9B15-05EC7D492164} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-01-03 15:19:17 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {7693FCC2-0193-43DC-8866-EA7DB3B686BE} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-01-02 19:16:07 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega!ml&threatid=2147763770&enterprise=0 Nome: Trojan:Win32/Tnega!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: SEC7\ANGIOLETTO Nome do Processo: C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe Versão da Inteligência de Segurança: AV: 1.355.1292.0, AS: 1.355.1292.0, NIS: 1.355.1292.0 Versão do Mecanismo: AM: 1.1.18800.4, NIS: 1.1.18800.4 Date: 2022-01-02 19:16:07 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega!ml&threatid=2147763770&enterprise=0 Nome: Trojan:Win32/Tnega!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard.lnk; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12\MiniTool Partition Wizard.lnk; uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1 Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: SEC7\ANGIOLETTO Nome do Processo: C:\Windows\System32\RuntimeBroker.exe Versão da Inteligência de Segurança: AV: 1.355.1292.0, AS: 1.355.1292.0, NIS: 1.355.1292.0 Versão do Mecanismo: AM: 1.1.18800.4, NIS: 1.1.18800.4 Date: 2022-01-02 19:15:53 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tnega!ml&threatid=2147763770&enterprise=0 Nome: Trojan:Win32/Tnega!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: SEC7\ANGIOLETTO Nome do Processo: C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe Versão da Inteligência de Segurança: AV: 1.355.1292.0, AS: 1.355.1292.0, NIS: 1.355.1292.0 Versão do Mecanismo: AM: 1.1.18800.4, NIS: 1.1.18800.4  CodeIntegrity: =============== Date: 2022-01-07 17:15:50 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements. Date: 2022-01-05 00:11:58 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:14:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Users\ANGIOLETTO\Documents\temaUbuntu\OldNewExplorer\OldNewExplorer64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-01-04 23:14:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\VBoxUSB.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:14:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\nvvhci.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:14:50 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\nvswcfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2022-01-04 23:00:19 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Informações da Memória =========================== BIOS: Insyde Corp. V1.12 11/05/2020 placa-mãe: PK Octavia_PKS Processador: AMD Ryzen 7 3750H with Radeon Vega Mobile Gfx Percentagem de memória em uso: 72% RAM física total: 6082.64 MB RAM física disponível: 1685.89 MB Virtual Total: 16322.64 MB Virtual disponível: 9715.9 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:118.57 GB) (Free:52.6 GB) NTFS Drive d: () (Fixed) (Total:0 GB) (Free:0 GB) Drive e: (D) (Fixed) (Total:798.13 GB) (Free:380.83 GB) NTFS \\?\Volume{dd02b63a-d037-4e88-afdf-8c0422ef3591}\ () (Fixed) (Total:0.56 GB) (Free:0.13 GB) NTFS \\?\Volume{8812ee67-cfa9-4d76-b54f-2877a3cf1853}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 0996232B) Partition: GPT. ========================================================== Disk: 1 (Size: 119.2 GB) (Disk ID: 09954329) Partition: GPT. ==================== Fim de Addition.txt =======================