Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 22-01-2022 Executado por del_bone (23-01-2022 06:38:47) Executando a partir de C:\Users\rabar\Desktop Microsoft Windows 10 Pro Versão 21H1 19043.1466 (X64) (2021-06-04 11:01:19) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-652207974-1608278505-3514412468-500 - Administrator - Disabled) Convidado (S-1-5-21-652207974-1608278505-3514412468-501 - Limited - Disabled) DefaultAccount (S-1-5-21-652207974-1608278505-3514412468-503 - Limited - Disabled) del_bone (S-1-5-21-652207974-1608278505-3514412468-1002 - Administrator - Enabled) => C:\Users\rabar ligia (S-1-5-21-652207974-1608278505-3514412468-1006 - Limited - Enabled) => C:\Users\ligia WDAGUtilityAccount (S-1-5-21-652207974-1608278505-3514412468-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Avira Antivirus (Enabled - Up to date) {8A154ED8-4428-DB2D-0E3F-BD82C448FD94} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.4 - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated) Adobe Reader 8.1.2 - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.) AMD Product Verification Tool version 1.0.6.0 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.6.0 - AMD) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.) APP Shop v1.0.41 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.41 - ASRock Inc.) ASRRGBLED v2.0.67 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 2.0.67 - ASRock Inc.) ASUS DRAM_LIB (HKLM\...\{2F0D3D1A-1B75-4DFC-8C0E-C55C4EAB67F8}) (Version: 1.0.22 - ASUS COMPUTER INC.) Hidden ASUS DRAM_LIB (HKLM-x32\...\{6bd55e2a-f475-4183-b862-1dd70c1ce699}) (Version: 1.0.22 - ASUS COMPUTER INC.) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{548dd834-70c5-4426-8065-fbeabdd2bb5d}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.10 - ASUSTeK Computer Inc.) Hidden A-Tuning v3.0.258 (HKLM-x32\...\A-Tuning_is1) (Version: 3.0.258 - ASRock Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2201.2134 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.60.26061 - Avira Operations GmbH & Co. KG) Hidden Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;) Avira Software Updater (HKLM-x32\...\{5FFF909D-D88F-42B9-9A85-328A1290611C}) (Version: 2.0.6.48309 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.15.0.11263 - Avira Operations GmbH & Co. KG) Hidden Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform) Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project) Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0.49 - Banco Bradesco S.A.) CPUID CPU-Z 1.96 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.96 - CPUID, Inc.) Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform) ENE RGB HAL (HKLM\...\{8DA1B230-D82E-4A24-9237-363E2E1E2695}) (Version: 1.0.21.0 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{bb670f8d-3d66-4f36-8e60-02b71bb0a4e9}) (Version: 1.0.21.0 - Ene Tech.) Hidden ENE_DRAM_RGB_AURA42 (HKLM\...\{978E8FD1-5778-47EF-91A4-F891DA415DDE}) (Version: 1.0.4.0 - Ene Tech.) Hidden ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{587316c6-4804-4857-af01-1f2f78d4a0e5}) (Version: 1.0.4.0 - Ene Tech.) Hidden ENE_EHD_HAL (HKLM\...\{F56EC5A0-3A93-492E-882A-E036F5897CC7}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_HAL (HKLM-x32\...\{cc33eebd-777b-4177-8cd7-6ab9fd06ceed}) (Version: 1.00.04 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM\...\{4B397BDC-D46C-419C-BD2F-4A41D205C16A}) (Version: 1.00.03 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{dcc0769f-f8a2-4ffe-8a59-e162c13aea76}) (Version: 1.00.03 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_SSS_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.00.00 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_SSS_HAL (HKLM-x32\...\{b00e47a4-d642-402c-a060-8d959a0537db}) (Version: 1.00.00 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{BD45908C-377D-4432-888D-67F6BD5F7F11}) (Version: 1.1.236.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden GameInput Redistributable (HKLM-x32\...\{7E52156F-18FE-B953-BEA9-6BE6A77AFDFF}) (Version: 10.1.19041.3906 - Microsoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC) IRPF2019 (HKLM-x32\...\IRPF2019) (Version: 1.6 - Receita Federal do Brasil) IRPF2020 (HKLM-x32\...\IRPF2020) (Version: 1.4 - Receita Federal do Brasil) IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.1 - Receita Federal do Brasil) Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) K-Lite Mega Codec Pack 15.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.4.0 - KLCP) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LibreOffice 7.1.3.2 (HKLM\...\{76B2DBF3-5773-4463-9EEB-D4A099EB6265}) (Version: 7.1.3.2 - The Document Foundation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProPlus2019Retail - pt-br) (Version: 16.0.14729.20260 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-652207974-1608278505-3514412468-1006\...\OneDriveSetup.exe) (Version: 21.245.1128.0002 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-652207974-1608278505-3514412468-1002\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{E34002C7-8CE7-3F76-B36C-09FA973BC4F6}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{57660847-B1F7-35BD-9118-F62EB863A598}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{e6edaf4d-f9a1-4023-be00-d6189343feb9}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation) Minecraft1.12.2 (HKLM-x32\...\Minecraft1.12.2) (Version: - ) Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 96.0.1 (x64 pt-BR)) (Version: 96.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla) OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenVPN 2.4.8-I602-Win10 (HKLM\...\OpenVPN) (Version: 2.4.8-I602-Win10 - OpenVPN Technologies, Inc.) Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.00 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{0edb50a3-501b-40f9-b197-0d143fdef576}) (Version: 1.00.00 - Patriot Memory) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: 1.6.0 - PCSX2 Team) PDF24 Creator 9.2.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.2 - PDF24.org) PPSSPP (HKLM\...\PPSSPP_is1) (Version: 1.11.3.0 - PPSSPP Team) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8730.1 - Realtek Semiconductor Corp.) Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.1.1.12 - Steppschuh) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.5 - Rockstar Games) SafeNet Authentication Client 10.5 (HKLM\...\{F0DD70BB-4BC5-4A31-AE15-BB1A401CF698}) (Version: 10.5.175.0 - Gemalto) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 37.0 - Ubisoft) Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation) VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN) Warsaw 2.26.0.20 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.26.0.20 - Topaz) WinDS PRO 2021.04.18 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2021.04.18 - WinDS PRO Central) WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH) WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) Zoom (HKU\S-1-5-21-652207974-1608278505-3514412468-1002\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.) Packages: ========= AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.10006.0_x64__0a9344xs7nr4m [2021-11-23] (Advanced Micro Devices Inc.) Editor For Adobe Acrobat PDF Reader Annotate -> C:\Program Files\WindowsApps\58069Idealpandaapps.EditorForAdobeAcrobatPDFReader_1.0.23.0_x64__hj51khn65y1a0 [2021-09-12] (Idealpandaapps) Indivisible -> C:\Program Files\WindowsApps\505GAMESS.P.A.IndivisiblePCGP_1.0.11.0_x64__tefn33qh9azfc [2020-08-24] (505 GAMES S.P.A.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-04] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-04] (Microsoft Corporation) [MS Ad] Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.183.0_x64__dt26b99r8h8gj [2021-11-23] (Realtek Semiconductor Corp) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-652207974-1608278505-3514412468-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\rabar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Nenhum Arquivo ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Nenhum Arquivo ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-11-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-11-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers4: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> Nenhum Arquivo ContextMenuHandlers4: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> Nenhum Arquivo ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-11-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-11-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2021-07-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [310784 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [Arquivo não assinado] ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) Shortcut: C:\Users\rabar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\rabar\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat () ShortcutWithArgument: C:\Users\rabar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ==================== Módulos Carregados (Whitelisted) ============= ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [9394] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2142] AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [9394] AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [9394] AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [9394] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [9394] ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2020-01-11] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2020-01-11] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Facilitador de Leitor de Link Adobe PDF -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-29] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-14] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-14] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-14] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-14] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-14] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\SafeNet\Authentication\SAC\x64;C:\Program Files\SafeNet\Authentication\SAC\x32 HKU\S-1-5-21-652207974-1608278505-3514412468-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\rabar\Desktop\thumb-1920-928770.jpg HKU\S-1-5-21-652207974-1608278505-3514412468-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 181.213.132.2 - 181.213.132.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. Network Binding: ============= Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled) Conexão Local: Diebold Network Monitor -> nt_wsddntf (enabled) ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "SACMonitor" HKLM\...\StartupApproved\Run32: => "PDFPrint" HKU\S-1-5-21-652207974-1608278505-3514412468-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-652207974-1608278505-3514412468-1002\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-652207974-1608278505-3514412468-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-652207974-1608278505-3514412468-1002\...\StartupApproved\Run: => "OPENVPN-GUI" HKU\S-1-5-21-652207974-1608278505-3514412468-1002\...\StartupApproved\Run: => "Lync" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [UDP Query User{022CC092-B6DE-4C0B-AC14-3A792215C39E}C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe] => (Block) C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe FirewallRules: [TCP Query User{1BE59831-F6F0-462D-AEB9-67E586F78095}C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe] => (Block) C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe FirewallRules: [UDP Query User{4F25347F-F1A2-45AB-B9EC-F823BAAAED3D}C:\users\rabar\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\rabar\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{56DAFD28-4649-4D83-8A1F-1A0B00A95C03}C:\users\rabar\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\rabar\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B7C1365E-8BF8-4B6A-95BC-B3A461A35F74}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\South Park The Fractured But Whole\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{FFF643E4-2DA3-4CFD-A583-A30884CB535F}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\South Park The Fractured But Whole\steamapps\common\South Park The Fractured But Whole\SouthPark_TFBW.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [UDP Query User{F418E4EE-0A56-4FDA-95E3-ED0F3DFB51D9}E:\rafael\games\winds pro\emu\citracanary\citra-qt.exe] => (Block) E:\rafael\games\winds pro\emu\citracanary\citra-qt.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{C1436802-C65A-4A4F-A8AD-112F3D6280FD}E:\rafael\games\winds pro\emu\citracanary\citra-qt.exe] => (Block) E:\rafael\games\winds pro\emu\citracanary\citra-qt.exe () [Arquivo não assinado] FirewallRules: [UDP Query User{5E829BFB-47F6-427E-B9E5-75E1A4862FD9}E:\rafael\games\winds pro\emu\citranightly\citra-qt.exe] => (Block) E:\rafael\games\winds pro\emu\citranightly\citra-qt.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{9FF31BDC-ABCB-415E-98FE-14644AC206F2}E:\rafael\games\winds pro\emu\citranightly\citra-qt.exe] => (Block) E:\rafael\games\winds pro\emu\citranightly\citra-qt.exe () [Arquivo não assinado] FirewallRules: [UDP Query User{99C9E9C7-D74E-4454-B639-84DAC93E4F61}C:\program files (x86)\common files\oracle\java\javapath_target_10246718\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_10246718\javaw.exe FirewallRules: [TCP Query User{1C5CC425-7FB3-42E0-89F5-187053D7E3CD}C:\program files (x86)\common files\oracle\java\javapath_target_10246718\javaw.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_10246718\javaw.exe FirewallRules: [UDP Query User{8AA949DB-C9B0-4A5C-99A8-B25BF21E39DB}C:\program files\java\jre1.8.0_231\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_231\bin\java.exe FirewallRules: [TCP Query User{0BAED35C-3F37-4D98-93EA-12D6131EF979}C:\program files\java\jre1.8.0_231\bin\java.exe] => (Block) C:\program files\java\jre1.8.0_231\bin\java.exe FirewallRules: [{F8F23A86-D016-47C3-BF6B-79B4735A37CD}] => (Allow) C:\program files (x86)\remote control server\remote control server.exe (Steppschuh) [Arquivo não assinado] FirewallRules: [{2BBD1177-F7DA-474D-B2D2-F031A69B0347}] => (Allow) C:\program files (x86)\remote control server\remote control server.exe (Steppschuh) [Arquivo não assinado] FirewallRules: [UDP Query User{9368ADB4-1ADB-48BE-8A17-2196DCE9CC5D}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe (Steppschuh) [Arquivo não assinado] FirewallRules: [TCP Query User{5D57AE07-7406-409F-96DB-B2F33B1BE616}C:\program files (x86)\remote control server\remote control server.exe] => (Allow) C:\program files (x86)\remote control server\remote control server.exe (Steppschuh) [Arquivo não assinado] FirewallRules: [{90487DD4-F550-4CF4-B55D-42B308E6F067}] => (Allow) C:\Users\rabar\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{73A82921-8E15-4E26-930A-25C1F8B57B0E}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Inc. -> The OpenVPN Project) FirewallRules: [TCP Query User{6CB68965-195B-48AE-A84C-DEE6B25EDEF7}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Inc. -> The OpenVPN Project) FirewallRules: [UDP Query User{EF856399-416A-4E31-9C53-BA03BB155CD1}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe FirewallRules: [TCP Query User{E21EE398-38CA-4108-A36B-9FDB0B130436}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe FirewallRules: [{7F6DBDD8-73B9-45D3-BCC1-A0A7E103B6CC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{85F0EFE9-FD4E-4C80-A005-7016ACC388D7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{17C7B31C-66F9-4522-B94A-78016AAA5DB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> ) FirewallRules: [{F69D8C6A-E10E-4750-9FB0-DDF80152EAFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe (Square Enix Ltd. -> ) FirewallRules: [{2293D657-5756-4623-B114-8F1A28CDF196}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{ACAA696C-32D1-4E8A-B78E-FE8557ADE106}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{AF321070-EFC7-43C2-AFFC-E010E8919068}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.) FirewallRules: [{BB4F23ED-8B34-4015-B75E-297F679B110C}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.) FirewallRules: [{D8EEB50B-7C74-4A96-927D-96D71ECC3F1B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{004B9547-F0D0-4203-962A-D3CB3BFCB505}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{10CC7A2C-2963-45A6-977D-6C3F71800FD0}C:\users\rabar\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\rabar\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe FirewallRules: [UDP Query User{921552F5-76DC-45F3-8D69-9505D6B68329}C:\users\rabar\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\rabar\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe FirewallRules: [{19C85596-F427-483A-BCE4-387F5C3DA2FB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{466C4BC7-3677-43A0-AB8F-7AAFF47EF525}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{69DCF739-C76E-4FEC-9F5A-0869CCDB879E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{13DFFE85-9390-435E-8BD0-115E26A5990B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{870D5101-D1E6-417C-88F8-035E0652496D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{17B8A332-451C-4C1D-B46E-A8A03A714362}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{2D441B76-D0D0-4DFE-AB11-F1ED43173664}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Inc. -> The OpenVPN Project) FirewallRules: [UDP Query User{41502520-92BF-4AD7-BEF5-6D45566EC840}C:\program files\openvpn\bin\openvpn.exe] => (Allow) C:\program files\openvpn\bin\openvpn.exe (OpenVPN Inc. -> The OpenVPN Project) FirewallRules: [TCP Query User{7E639D34-F5B8-4859-806E-570CE3ABE18A}C:\users\rabar\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\rabar\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe FirewallRules: [UDP Query User{E754724A-2DBB-4350-A1A9-11399FE1734D}C:\users\rabar\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\rabar\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe FirewallRules: [TCP Query User{D6EBA531-9BD5-4D45-8830-99890666EF88}C:\users\rabar\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\rabar\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe FirewallRules: [UDP Query User{35912FE4-A7E9-4E47-9A8E-6495B16EE1A5}C:\users\rabar\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\rabar\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe FirewallRules: [{7D630CF8-3321-4A24-8A7F-32275D215C46}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{1BF2CD4B-3B4D-4C6E-840D-46D9F52CB277}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B2CB1EBA-D9ED-4A1B-8110-9CE6FAC259B0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BB35E49A-FA1E-4623-B4C1-BE9D4290983B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{66F7A773-0E17-4996-BEA7-E0642F9AEDEB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{9659D303-F6F5-4050-95E5-C1815CCE0BFF}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{78D1FDF4-2B7D-491C-BDB4-A9E846941542}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) FirewallRules: [{046340BE-0653-4EB4-AA83-34ACB03AA9F7}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) ==================== Pontos de Restauração ========================= 17-12-2021 18:10:24 Instalador de Módulos do Windows 14-01-2022 00:22:51 Instalador de Módulos do Windows ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (01/23/2022 06:34:57 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORIDADE NT) Description: O Windows não pode carregar a DLL de contador extensível "C:\WINDOWS\system32\sysmain.dll" (código de erro do Win32 126). Error: (01/21/2022 05:06:39 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORIDADE NT) Description: O Windows não pode carregar a DLL de contador extensível "C:\WINDOWS\system32\sysmain.dll" (código de erro do Win32 126). Error: (01/20/2022 05:16:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: DaS_21.exe, versão: 2.1.0.4, carimbo de data/hora: 0x540c90b2 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.19041.1466, carimbo de data/hora: 0xe01c7650 Código de exceção: 0xe0434352 Deslocamento da falha: 0x0000000000034f69 ID do processo com falha: 0x32e0 Hora de início do aplicativo com falha: 0x01d80e3a9596640c Caminho do aplicativo com falha: C:\Users\rabar\AppData\Local\Temp\DaS_21.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: 462346c6-78c3-4a05-9859-c1b8f8bad813 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/20/2022 05:16:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: DaS_21.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.IO.IOException em System.IO.__Error.WinIOError(Int32, System.String) em System.Console.SetWindowSize(Int32, Int32) em DriverAndServicesOut.Program.Main(System.String[]) Error: (01/20/2022 05:16:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: DaS_21.exe, versão: 2.1.0.4, carimbo de data/hora: 0x540c90b2 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.19041.1466, carimbo de data/hora: 0xe01c7650 Código de exceção: 0xe0434352 Deslocamento da falha: 0x0000000000034f69 ID do processo com falha: 0x92c Hora de início do aplicativo com falha: 0x01d80e3a95086a50 Caminho do aplicativo com falha: C:\Users\rabar\AppData\Local\Temp\DaS_21.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: c41be8a5-aca9-409e-80b4-51e948a3f486 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/20/2022 05:16:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicativo: DaS_21.exe Versão do Framework: v4.0.30319 Descrição: O processo foi terminado devido a uma exceção sem tratamento. Informações da Exceção: System.IO.IOException em System.IO.__Error.WinIOError(Int32, System.String) em System.Console.SetWindowSize(Int32, Int32) em DriverAndServicesOut.Program.Main(System.String[]) Error: (01/20/2022 05:11:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: ZA-Scan.exe, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.19041.1466, carimbo de data/hora: 0xc79f51a9 Código de exceção: 0xc0000409 Deslocamento da falha: 0x0012b662 ID do processo com falha: 0x1cd8 Hora de início do aplicativo com falha: 0x01d80e39f3a2bd69 Caminho do aplicativo com falha: C:\Users\rabar\Desktop\ZA-Scan.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: 9082480e-7e2d-48e0-96c8-d32d7cc8f071 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (01/20/2022 05:11:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: ShellExperienceHost.exe, versão: 10.0.19041.1320, carimbo de data/hora: 0xe78af3dd Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.19041.1466, carimbo de data/hora: 0xe01c7650 Código de exceção: 0xc000027b Deslocamento da falha: 0x000000000010b362 ID do processo com falha: 0x2ae4 Hora de início do aplicativo com falha: 0x01d80e39d2bb4470 Caminho do aplicativo com falha: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: 3877de72-86ab-4657-a8d6-24d52e206c5d Nome completo do pacote com falha: Microsoft.Windows.ShellExperienceHost_10.0.19041.1320_neutral_neutral_cw5n1h2txyewy ID do aplicativo relativo ao pacote com falha: App Erros de Sistema: ============= Error: (01/23/2022 06:34:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Avira Security foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (01/23/2022 06:34:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Avira Updater Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Error: (01/23/2022 06:34:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Serviço Clique para Executar do Microsoft Office foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (01/23/2022 06:34:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Componente de Segurança Bradesco foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/23/2022 06:34:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Avira Optimizer Host foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (01/23/2022 06:34:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Realtek Audio Universal Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (01/23/2022 06:34:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço SACSrv foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (01/23/2022 06:34:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço AMD External Events Utility foi encerrado inesperadamente. Isso aconteceu 1 vez(es). CodeIntegrity: =============== Date: 2022-01-22 10:21:33 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume6\Program Files\Topaz OFD\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements. Date: 2022-01-20 06:24:35 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Topaz OFD\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements. Date: 2022-01-20 06:24:35 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume6\Program Files\Topaz OFD\Warsaw\wslbscr64.dll that did not meet the Microsoft signing level requirements. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. P2.90 11/27/2019 placa-mãe: ASRock B450M Steel Legend Processador: AMD Ryzen 5 3400G with Radeon Vega Graphics Percentagem de memória em uso: 24% RAM física total: 14264.73 MB RAM física disponível: 10815.06 MB Virtual Total: 25016.73 MB Virtual disponível: 20455.41 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:222.32 GB) (Free:128.16 GB) NTFS Drive d: (Reservado pelo Sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] Drive e: () (Fixed) (Total:931.41 GB) (Free:521.36 GB) NTFS \\?\Volume{3a4a893f-47bf-4a40-b54d-f5ef6efdde1c}\ (Recuperação) (Fixed) (Total:1.03 GB) (Free:0.53 GB) NTFS \\?\Volume{134af644-b0a7-9b0f-38de-ba355adc78e3}\ () (Fixed) (Total:5.31 GB) (Free:0 GB) NTFS \\?\Volume{736849fb-a9ba-492c-91ec-04defae8d9dd}\ () (Fixed) (Total:0.19 GB) (Free:0.17 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0557E8A2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 223.6 GB) (Disk ID: F6B53FCC) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 2. ==================== Fim de Addition.txt =======================