Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 26-05-2022 Executado por Paulo (28-05-2022 10:16:31) Executando a partir de C:\Users\Paulo\Desktop Microsoft Windows 10 Pro Versão 21H2 19044.1706 (X64) (2021-05-05 23:35:22) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrator (S-1-5-21-1900339767-290322625-421212182-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1900339767-290322625-421212182-503 - Limited - Disabled) Guest (S-1-5-21-1900339767-290322625-421212182-501 - Limited - Disabled) Paulo (S-1-5-21-1900339767-290322625-421212182-1001 - Administrator - Enabled) => C:\Users\Paulo pdgit (S-1-5-21-1900339767-290322625-421212182-1003 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-1900339767-290322625-421212182-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Anti-Virus (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AV: Kaspersky Anti-Virus (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 7-Zip 21.07 (x64 edition) (HKLM-x32\...\{23170F69-40C1-2702-2107-000001000000}) (Version: 21.07.00.0 - Igor Pavlov) Able2Extract Professional 8.0 (HKLM-x32\...\{C894CC24-0DEC-4340-BCC9-DD4310DF3BED}_is1) (Version: 8.0 - Investintech.com Inc.) ACL 9 (HKLM-x32\...\{ADE4FB90-E08A-4EB0-AA3E-893DB26A8E08}) (Version: 9.1.0.213 - ACL Software) Agent (HKLM-x32\...\{FC1C15A4-12ED-4E11-AC08-2381455FE89D}) (Version: 1.0 - InstallAware Software Corporation) Hidden Amazon Kindle (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\Amazon Kindle) (Version: 1.34.1.63103 - Amazon) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.6 - philandro Software GmbH) Assinador do Portal de Assinatura Digital (HKLM-x32\...\{F58A9AEA-B4A4-41FA-A772-587A5741CD79}) (Version: 1.0.0.0 - Sefaz-SP) Cisco Webex Meetings (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\ActiveTouchMeetingClient) (Version: 42.5.3 - Cisco Webex LLC) CORSAIR iCUE Software (HKLM-x32\...\{3D350B22-542B-4FB4-B3AC-EA760941C319}) (Version: 3.38.61 - Corsair) Dell OS Recovery Tool (HKLM-x32\...\{DC9A5A75-8655-4E1F-B1F0-4D1D8A14BF09}) (Version: 2.3.6066.0 - Dell) Hidden Dell OS Recovery Tool (HKLM-x32\...\{f0deb949-9f06-446c-8829-e23f999840b8}) (Version: 2.3.6066 - Dell Inc.) Dell SupportAssist (HKLM-x32\...\{E0659C89-D276-4B77-A5EC-A8F2F042E78F}) (Version: 3.10.4.18 - Dell Inc.) Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.) EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: - epubfilereader.com) Evernote 10.4.4 (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.4.4 - Evernote Corporation) Excel (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel) Gerup – Envio de Peças para Processos Eletrônicos (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\e1498b1a2c58fcdd) (Version: 1.2.0.64 - Sefaz-SP) GIA (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\0703abebc8058ac7) (Version: 8.0.1.162 - Secretaria da Fazenda do Estado de São Paulo) Giesecke & Devrient GmbH StarSign CUT (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84217}) (Version: 1.7.17.0 - Giesecke & Devrient GmbH) Hidden Giesecke & Devrient GmbH StarSign CUT (HKLM-x32\...\SZCCID) (Version: 1.7.17.0 - Giesecke & Devrient GmbH) Google Chrome (HKLM-x32\...\{324F0C8C-3C39-3293-ADD7-3002D643A520}) (Version: 101.0.4951.67 - Google LLC) Intel(R) Management Engine Components (HKLM-x32\...\{18ECCB13-1AAB-4366-B8CD-D78EDDDCB37E}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2014.14.0.1540 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{5F3D379F-069B-4BBB-B7AA-CBDFA1877343}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM-x32\...\{8FFDA2DD-9B70-4A8A-8ACD-CBF774D1885B}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM-x32\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.1.1043 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{98A452E7-A559-4687-A58C-0C6A3EBEB625}) (Version: 14.8.1.1043 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x64 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.60.155.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.60.155.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{047f2156-ee7f-4a24-b3c2-c0c5c2c81557}) (Version: 1.60.155.0 - Intel Corporation) Hidden IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.2 - Receita Federal do Brasil) Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) League of Legends (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains) Malwarebytes version 4.5.9.198 (HKLM-x32\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.9.198 - Malwarebytes) Maxx Audio Installer (x64) (HKLM-x32\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden Microsoft OneDrive (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\OneDriveSetup.exe) (Version: 22.099.0508.0001 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\Teams) (Version: 1.5.00.11163 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM-x32\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20194 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden Outlook (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM-x32\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) pje-office versão 1.0.22 (HKLM-x32\...\{C510F90E-98E9-4AE1-A79D-3F3A7DD79356}_is1) (Version: 1.0.22 - Conselho Nacional de Justica - CNJ) PowerPoint (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint) Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10480 - Qualcomm) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.) Receitanet (HKLM-x32\...\ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5) (Version: 1.23 - Serpro - Serviço Federal de Processamento de Dados) Receitanet BX (HKLM-x32\...\EC016E3C-26D1-4DC8-9D8A-6AC06B3005A5) (Version: 1.7.9 - Serpro - Serviço Federal de Processamento de Dados) SafeSign 64-bits (HKLM-x32\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.124 - A.E.T. Europe B.V.) ScriptRunner Bootstrap Installer (HKLM-x32\...\{47f5a208-ecde-403e-8b4e-f11e83cb7a77}) (Version: 2.18.1.1 - N-able) Hidden ScriptRunner.Installer 2.18.1.1 (HKLM-x32\...\{68248BDF-A94E-4793-ACAC-F9AE04675131}) (Version: 2.18.1.1 - N-able) Hidden Sped Contábil PVA (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\Sped Contábil PVA) (Version: PVA - ) Sped ECF PVA (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\Sped ECF PVA) (Version: PVA - ) Sped Fiscal 2.1.1-SNAPSHOT (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\Sped Fiscal 2.1.1-SNAPSHOT) (Version: 2.1.1-SNAPSHOT - ) Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.19 - Splashtop Inc.) Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.4.6.2 - Nome de sua empresa:) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Taxcel 2021 (HKLM-x32\...\{AAC80EA6-942A-4DAE-9AB0-3ECA6925B4AB}) (Version: 5.18.0225.1647 - Taxcel Soluções Fiscais S.A.) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.9267 - Microsoft Corporation) Telegram Desktop versão 2.7.4 (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.7.4 - Telegram FZ-LLC) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM-x32\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation) VALID 1.0.2.0 (HKLM-x32\...\{0985B22D-E23D-4B3A-990A-906A1FAF2339}_is1) (Version: 1.0.2.0 - Valid Certificadora Digital) VDownloader 5.0.4016 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited) Verificação de integridade do PC Windows (HKLM-x32\...\{2403B2D2-1FDC-497D-B181-F53D079FEAAA}) (Version: 3.6.2204.08001 - Microsoft Corporation) Warsaw 2.26.0.20 64 bits (HKLM-x32\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.26.0.20 - Topaz) Web PKI (HKLM-x32\...\{EB7A447E-7ABF-2CA8-DE64-D70072CA4B1B}) (Version: 2.10.1.0 - Lacuna Software) Web Signer (HKLM-x32\...\{79127DE4-83FE-7670-2BCD-6EEC691A3A09}) (Version: 2.9.0.0 - Softplan Sistemas) WhatsApp (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\WhatsApp) (Version: 2.2218.8 - WhatsApp) WinRAR 5.91 (64-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) Word (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word) YouTube Music (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\f6acac02f1a33e61cdbf857c8ff556df) (Version: 1.0 - Google\Chrome) Zoom (HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\ZoomUMX) (Version: 5.7.4 (804) - Zoom Video Communications, Inc.) Packages: ========= Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-26] (INTEL CORP) [Startup Task] Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.7.0_x64__htrsf667h5kn2 [2022-05-28] (Dell Inc) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-05] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-05] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.5120.0_x64__8wekyb3d8bbwe [2022-05-18] (Microsoft Studios) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-05-24] (NVIDIA Corp.) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0 [2022-05-28] (Spotify AB) [Startup Task] ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-1900339767-290322625-421212182-1001_Classes\CLSID\{04271989-4A69-8ED6-95FB-EDBABB39A6E2} -> [OneDrive - Sobral Advogados] => C:\Users\Paulo\OneDrive - Sobral Advogados [2022-05-22 17:27] CustomCLSID: HKU\S-1-5-21-1900339767-290322625-421212182-1001_Classes\CLSID\{04271989-4A69-C3CC-EDBB-70A39EE7A2FF} -> [Sobral Advogados] => C:\Users\Paulo\Sobral Advogados [2022-05-23 10:22] CustomCLSID: HKU\S-1-5-21-1900339767-290322625-421212182-1001_Classes\CLSID\{04271989-C4D2-F93B-953B-6635BE909882} -> [OLB Advogados] => C:\Users\Paulo\OLB Advogados [2021-07-15 12:25] CustomCLSID: HKU\S-1-5-21-1900339767-290322625-421212182-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Paulo\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC) CustomCLSID: HKU\S-1-5-21-1900339767-290322625-421212182-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Paulo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22062.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1900339767-290322625-421212182-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\Paulo\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC) CustomCLSID: HKU\S-1-5-21-1900339767-290322625-421212182-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Paulo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-1900339767-290322625-421212182-1001_Classes\CLSID\{e3d5b9e0-1da4-e37a-7ffd-9648aba287dc8}\InprocServer32 -> 0x64674341414F52324F3859304B74634241494136516B6C4A3241455141424C356761633554385959734D51713770684A67696342416F78345078322B496D634F4451716D693337376D6B36503741676E46587A457231452F4535446142627A4B6F6364 (a entrada de dados tem 42 mais caracteres). => Nenhum Arquivo ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-03-10] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-03-10] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-24] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-03-10] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Nenhum Arquivo ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_611865a864e13c72\nvshext.dll [2022-05-05] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.) ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2022-03-10] (AO Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-24] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\Paulo\Desktop\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod ShortcutWithArgument: C:\Users\Paulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm ShortcutWithArgument: C:\Users\Paulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb ShortcutWithArgument: C:\Users\Paulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf ShortcutWithArgument: C:\Users\Paulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi ShortcutWithArgument: C:\Users\Paulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\Simple EPUB Reader.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ojhbgcchcbdjdenibfmjofobklkkhofc ShortcutWithArgument: C:\Users\Paulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod ShortcutWithArgument: C:\Users\Paulo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod ==================== Módulos Carregados (Whitelisted) ============= 2021-03-05 18:44 - 2021-03-05 18:44 - 000209408 _____ () [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll 2021-03-05 18:44 - 2021-03-05 18:44 - 000101376 _____ () [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll 2017-05-09 09:27 - 2017-05-09 09:27 - 000116224 _____ (A.E.T. Europe B.V.) [Arquivo não assinado] C:\WINDOWS\system32\aetcngss.dll 2017-05-09 09:27 - 2017-05-09 09:27 - 003067904 _____ (A.E.T. Europe B.V.) [Arquivo não assinado] C:\WINDOWS\system32\aetpkss1.dll 2008-07-07 00:57 - 2008-07-07 00:57 - 000335872 _____ (Adobe Systems Inc.) [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu64.ptb 2021-12-26 19:00 - 2021-12-26 19:00 - 000093696 _____ (Igor Pavlov) [Arquivo não assinado] C:\Program Files\7-Zip\7-zip.dll 2019-12-07 06:10 - 2019-12-07 06:10 - 000130560 _____ (Microsoft Corporation) [Arquivo não assinado] [O arquivo está em uso] C:\WINDOWS\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll 2019-12-07 06:10 - 2019-12-07 06:53 - 000820736 _____ (Microsoft Corporation) [Arquivo não assinado] C:\WINDOWS\System32\cscui.dll 2019-12-07 06:10 - 2019-12-07 06:10 - 001583616 _____ (Microsoft Corporation) [Arquivo não assinado] C:\Windows\System32\dfshim.dll 2021-10-13 06:19 - 2021-10-13 06:19 - 000184320 _____ (Microsoft Corporation) [Arquivo não assinado] C:\WINDOWS\System32\inetpp.dll 2021-05-06 01:08 - 2021-05-06 01:08 - 004443136 _____ (Microsoft Corporation) [Arquivo não assinado] C:\WINDOWS\system32\MLS6.dll 2019-12-07 06:10 - 2019-12-07 06:10 - 000383488 _____ (Microsoft Corporation) [Arquivo não assinado] C:\WINDOWS\system32\mscoree.dll 2019-12-07 06:10 - 2019-12-07 06:10 - 000107520 _____ (Microsoft Corporation) [Arquivo não assinado] C:\WINDOWS\SYSTEM32\netfxperf.dll 2021-05-06 01:08 - 2021-05-06 01:08 - 000182784 _____ (Microsoft Corporation) [Arquivo não assinado] C:\WINDOWS\System32\NLSData0416.dll 2020-12-01 00:14 - 2020-12-01 00:14 - 001638912 _____ (Robert Simpson, et al.) [Arquivo não assinado] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll 2020-12-16 09:26 - 2020-12-16 09:26 - 000090112 _____ (Silicon Laboratories, Inc.) [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2021-03-05 18:43 - 2021-03-05 18:43 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll 2021-03-05 18:43 - 2021-03-05 18:43 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [10546] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2142] AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [10546] AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [10546] ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service" ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKU\S-1-5-21-1900339767-290322625-421212182-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://dell17win10.msn.com/?pc=DCTE BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-04-11] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_333\bin\ssv.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-05-24] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-10] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) DPF: HKLM {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_281-windows-i586.cab DPF: HKLM {CAFEEFAC-0018-0000-00281-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_281-windows-i586.cab DPF: HKLM {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_281-windows-i586.cab Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-05-27] (Microsoft Corporation -> Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2019-12-07] (Microsoft Corporation) [Arquivo não assinado] Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Corporation) [Arquivo não assinado] Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2019-12-07] (Microsoft Corporation) [Arquivo não assinado] Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Corporation) [Arquivo não assinado] Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2019-12-07] (Microsoft Corporation) [Arquivo não assinado] Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Corporation) [Arquivo não assinado] (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\sharepoint.com -> hxxps://olbadv-files.sharepoint.com ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\VDownloader;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\ HKU\S-1-5-21-1900339767-290322625-421212182-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paulo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg DNS Servers: 181.213.132.5 - 181.213.132.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. Network Binding: ============= Wi-Fi: Diebold Network Monitor -> nt_wsddntf (enabled) Ethernet 3: Diebold Network Monitor -> nt_wsddntf (enabled) ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk" HKLM\...\StartupApproved\StartupFolder: => "pje-office.lnk" HKLM\...\StartupApproved\Run: => "CertificateRegistration" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher" HKLM\...\StartupApproved\Run32: => "CentraStage" HKLM\...\StartupApproved\Run32: => "pje-office" HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon" HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-1900339767-290322625-421212182-1001\...\StartupApproved\Run: => "Steam" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [UDP Query User{24E82988-0786-4790-B97B-C1EECC209E1C}C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe FirewallRules: [TCP Query User{D96EF333-3F47-481B-AD01-10B6F49061CE}C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2021\java-runtime\bin\javaw.exe FirewallRules: [{76241089-EE5D-4E2D-9A72-CB2607C6DC97}] => (Allow) C:\Program Files (x86)\Take Control Agent\BASupSrvc.exe => Nenhum Arquivo FirewallRules: [{350E4477-E657-46E6-A93B-88A9F3AA46E7}] => (Allow) C:\Program Files (x86)\Take Control Agent\BASupSrvc.exe => Nenhum Arquivo FirewallRules: [{B9A32CB5-70B9-4732-9D22-89FD505D4C2B}] => (Allow) C:\Program Files (x86)\Take Control Agent\BASupSrvc.exe => Nenhum Arquivo FirewallRules: [{236DBD60-C38D-424F-ABE1-864D1AE52575}] => (Allow) C:\Program Files (x86)\Take Control Agent\BASupSrvc.exe => Nenhum Arquivo FirewallRules: [{A7E566E3-2833-40F9-99FB-606027A471CA}] => (Allow) C:\Users\Paulo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{D3769BCB-57B7-4861-8078-622620BFC34B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> ) FirewallRules: [{A91CD61C-0EF3-4E4B-AC70-5625321B9EB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> ) FirewallRules: [{2B23346D-AA15-43D4-A576-5BDCF6678C83}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe => Nenhum Arquivo FirewallRules: [UDP Query User{47566A82-BF84-4DDC-A286-943409E00464}C:\users\paulo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\paulo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{51191A1E-15C8-4FCE-8388-7E6FC1C70106}C:\users\paulo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\paulo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{92969F7D-A26A-43C4-94B7-FA01B89B4902}C:\users\paulo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\paulo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{0F9DABB3-389A-4331-9D46-073D5DD4A0C5}C:\users\paulo\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\paulo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{7BCC0A5B-4041-44A2-AED7-E8EC5ACFD48E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{448080C4-FEF6-4FAE-A829-0EF448C5FA91}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{BF081441-6CD6-4F28-82F4-CD12EBFD41DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> ) FirewallRules: [{ED0AC88A-DAC0-4DC5-899E-B0F65747BD5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> ) FirewallRules: [{B7252070-2AFE-4081-98C5-64F5FDDA3CFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{11F49C2F-FEED-4FB4-9B16-003D0B1B95DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{40BB3168-9BB5-422F-A29C-573EEB57836A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Nenhum Arquivo FirewallRules: [{B7176368-238F-4DBC-A29F-9F7BE66A6528}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Nenhum Arquivo FirewallRules: [{844C410C-BE48-4376-BFEC-30FC898E8AF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{D587C9C8-CE26-492B-A37D-8D44D28FF992}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{DDB9F453-B1AE-4D08-B505-30F84E5027C3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{C424E30E-783D-49D0-B52B-98B3B865BC71}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8E5FEB31-A63B-413C-84D1-5965A46ACF5B}] => (Allow) C:\Users\Paulo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{A2364467-2F43-407F-82F4-2B3F5F0F9290}] => (Allow) C:\Users\Paulo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{7907FF4E-99D4-4E7A-AEA2-5C22DE507C2D}] => (Allow) C:\Users\Paulo\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{C1FB9643-B0C3-4CEB-8E11-B00468F708CB}] => (Block) C:\Program Files (x86)\CentraStage\UltraVNC\winvnc.exe => Nenhum Arquivo FirewallRules: [TCP Query User{BAA4473A-6423-4748-8792-C1D8F05575D6}C:\program files (x86)\pje-office\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\pje-office\jre\bin\javaw.exe FirewallRules: [UDP Query User{2F0EA58A-DE2C-43F7-B896-63ABC0273846}C:\program files (x86)\pje-office\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\pje-office\jre\bin\javaw.exe FirewallRules: [{9BD404D9-084C-4B79-93F3-60CA7BD704CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0DB28914-E457-4B4E-B1DB-27488E680C27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{19BF2C8A-CE0F-4438-B7DB-CBC2D8FE548B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B8B65F35-52B7-4AC6-B6B0-F1E83ABEA7B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{16FD299D-C9D4-4FE9-AAF2-98C7FAE61C3A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{06E1A043-1326-4132-ABF8-B98F17BFD756}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{CC5E225F-686A-4B68-BC9E-B671DF7FFE5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{CF042500-7FB7-4EA4-A619-BA8719AE0C1F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{BA09AB14-9403-4FBD-9625-A879B4F93CAB}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\RMM.WebRemote\10.1.0.42\RMM.WebRemote.exe (Datto Inc -> ) FirewallRules: [{D76A43C6-80B7-4409-8687-A3683CE762E7}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\RMM.WebRemote\10.1.0.42\RMM.WebRemote.exe (Datto Inc -> ) FirewallRules: [{99255866-1870-403C-87EB-D64AEA5F99E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{88BAD144-CDB6-4840-8375-8C06C201F113}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4CDDE9E6-F254-4FD4-8ADF-A4B9C98DE394}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{411D1D8D-BFA6-4531-B7F3-0123952E3C0F}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\RMM.WebRemote\10.2.0.43\RMM.WebRemote.exe (Datto Inc -> ) FirewallRules: [{F619A8A9-EC9E-4598-97C5-4E60FFF57B70}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\RMM.WebRemote\10.2.0.43\RMM.WebRemote.exe (Datto Inc -> ) FirewallRules: [{241C11BB-3F5A-4367-99C2-5C73CBEB89D3}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\RMM.WebRemote\10.3.0.52\RMM.WebRemote.exe (Datto Inc -> ) FirewallRules: [{09047979-270F-4DF8-B3E6-191E4BBD549B}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\RMM.WebRemote\10.3.0.52\RMM.WebRemote.exe (Datto Inc -> ) FirewallRules: [{F2CA31C4-0174-4F07-9B96-C357601E7CE3}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\aria2c.exe () [Arquivo não assinado] FirewallRules: [{6FD5AEEB-04AA-4794-B71D-811DB43774C0}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\aria2c.exe () [Arquivo não assinado] FirewallRules: [{F9D2EC9B-69A9-4ACA-9690-EDFEAEAFB75C}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\AEMAgent.exe (Datto Inc -> ) FirewallRules: [{2B9E1D15-46FB-4C2C-AE2C-8242785F8911}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\AEMAgent.exe (Datto Inc -> ) FirewallRules: [{F29B9493-C2CD-4FA1-ABE0-F46C8D232BDB}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\RMM.WebRemote\10.5.0.58\RMM.WebRemote.exe (Datto Inc -> ) FirewallRules: [{20AC4143-C75D-4BF3-812A-CAF910B8A06A}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\RMM.WebRemote\10.5.0.58\RMM.WebRemote.exe (Datto Inc -> ) FirewallRules: [{D6CA90E6-8517-47D5-8073-ADFB34D21A99}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\RMM.WebRemote\10.5.0.58\RMM.RTC.Proxy\RMM.RTC.Proxy.exe (Datto Inc -> ) FirewallRules: [{2C6774C5-1F0F-4EB8-A0C0-67BC84966569}] => (Allow) C:\ProgramData\CentraStage\AEMAgent\RMM.WebRemote\10.5.0.58\RMM.RTC.Proxy\RMM.RTC.Proxy.exe (Datto Inc -> ) FirewallRules: [{61727CF9-8522-402D-BB4B-37C0C9E4E5CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{E0DA5F86-E04B-49A0-B32B-4CEE03785B33}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\101.0.1210.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{37F4258C-5794-4F8C-9546-C19B77BA9B6B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{A7D4ABF3-E27D-46BC-823D-5857074B0789}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{DEC34103-48B0-4338-9363-D7452472118B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{3CE4B184-9622-46FA-B635-638A265C8B30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{6DFBA661-86AB-4291-A074-47E273636955}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{77C99F7A-36D0-47F7-80EA-156E85D2D00F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8EFFF34C-5A22-456A-800F-CC55C667E634}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{AF00C22C-108C-4F5A-9136-7A596E2497FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BDEACD62-5DD7-4AFA-B4BA-11310BFC5442}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{0AD1E74D-772B-472E-A0D8-F45D17762CC1}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{8C91672A-FFA6-4C5F-9DC6-69E97E1E4807}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{52E1941E-0F6E-4509-B75F-EF82655DA180}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{1E3A3824-EDCA-4349-9226-3074777EE653}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{16D6C7F3-B170-43E4-9BCB-3444B67C2848}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH) FirewallRules: [{905630F1-AA61-4A1A-B8F7-E3C58CEA2DAA}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (Splashtop Inc. -> Splashtop Inc.) FirewallRules: [{A5087314-32E9-4EB3-983D-8448CCEDD0FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3BD155EC-AE73-429E-BAA0-B7EA8A2D7ABC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{0334E608-FC30-4A35-9D82-980115B8C3EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{9FB58169-D0AB-4E7B-88EC-9667842A8560}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{902841C9-B142-4168-BB28-75C89988C3F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{F570511B-AB3F-41BA-82E4-F54379078626}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{556B8093-4552-4D24-8F8F-7E7FC4A907B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3352C9FF-3B7F-4874-8732-3A89F1680F15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.186.857.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) ==================== Pontos de Restauração ========================= 20-05-2022 02:44:13 Instalador de Módulos do Windows 21-05-2022 09:15:34 Dell OS Recovery Tool 24-05-2022 01:42:39 Dell Client Management Service 24-05-2022 01:43:27 AdwCleaner_BeforeCleaning_24/05/2022_01:43:27 28-05-2022 09:57:55 AdwCleaner_BeforeCleaning_28/05/2022_09:57:55 ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (05/28/2022 09:58:44 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (05/28/2022 09:58:44 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, A system shutdown is in progress. ] Error: (05/28/2022 09:58:44 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (05/28/2022 09:58:44 AM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, A system shutdown is in progress. ] Error: (05/28/2022 09:58:09 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema.. Details: AddLegacyDriverFiles: Unable to back up image of binary MsQuic. System Error: The resource loader failed to find MUI file. . Error: (05/28/2022 09:56:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: UsbUpdate.exe, versão: 1.1.0.1, carimbo de data/hora: 0x62833626 Nome do módulo com falha: UsbUpdate.exe, versão: 1.1.0.1, carimbo de data/hora: 0x62833626 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00006a40 ID do processo com falha: 0x2bc0 Hora de início do aplicativo com falha: 0x01d8729259305608 Caminho do aplicativo com falha: C:\WINDOWS\TEMP\inv5064_tmp\Executables\UsbUpdate.exe Caminho do módulo com falha: C:\WINDOWS\TEMP\inv5064_tmp\Executables\UsbUpdate.exe ID do Relatório: 32dc4ff4-e028-440b-8150-75887cb94fc8 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (05/28/2022 09:56:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: UsbUpdate.exe, versão: 1.1.0.1, carimbo de data/hora: 0x62833626 Nome do módulo com falha: UsbUpdate.exe, versão: 1.1.0.1, carimbo de data/hora: 0x62833626 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00006a40 ID do processo com falha: 0x1ae4 Hora de início do aplicativo com falha: 0x01d872925964e13c Caminho do aplicativo com falha: C:\WINDOWS\TEMP\inv5064_tmp\Executables\UsbUpdate.exe Caminho do módulo com falha: C:\WINDOWS\TEMP\inv5064_tmp\Executables\UsbUpdate.exe ID do Relatório: 245d0e50-e077-4398-825d-0aeaf78e201e Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (05/28/2022 09:56:33 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: UsbUpdate.exe, versão: 1.1.0.1, carimbo de data/hora: 0x62833626 Nome do módulo com falha: UsbUpdate.exe, versão: 1.1.0.1, carimbo de data/hora: 0x62833626 Código de exceção: 0xc0000005 Deslocamento da falha: 0x00006a40 ID do processo com falha: 0x1b5c Hora de início do aplicativo com falha: 0x01d872925972a596 Caminho do aplicativo com falha: C:\WINDOWS\TEMP\inv5064_tmp\Executables\UsbUpdate.exe Caminho do módulo com falha: C:\WINDOWS\TEMP\inv5064_tmp\Executables\UsbUpdate.exe ID do Relatório: 2901a2a0-fc3a-48dd-8476-d22615c12f20 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (05/28/2022 10:02:37 AM) (Source: BTHUSB) (EventID: 5) (User: ) Description: O driver Bluetooth esperava um evento HCI com um determinado tamanho, mas não o recebeu. Error: (05/28/2022 09:59:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: O serviço Proteção de Software terminou com o erro: A mídia está protegida contra gravação. Error: (05/28/2022 09:58:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço NVIDIA LocalSystem Container foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço. Error: (05/28/2022 09:58:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Dell Data Vault Collector foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (05/28/2022 09:58:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Serviço Clique para Executar do Microsoft Office foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (05/28/2022 09:58:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço AtherosSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (05/28/2022 09:58:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Dell Data Vault Processor foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (05/28/2022 09:58:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Dynamic Application Loader Host Interface Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Windows Defender: ================ Date: 2022-05-23 22:39:11 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {1E7E081B-FCB7-4533-8C05-7B8D49009073} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-02-04 15:12:09 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {98962603-7D29-49B0-BF50-808883B0BCB1} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-02-03 12:42:39 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {460C6FE8-F982-4638-BE83-8ACCBA4DE5F4} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-01-28 12:58:53 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {71E83292-A330-40F0-A262-1DCBBAA6C187} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-01-27 17:57:05 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {D2A74EF4-5CE9-4340-BD30-E8F0F08EEDE0} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Event[0]: Date: 2022-05-21 09:18:14 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.367.194.0 Fonte da Atualização: Servidor do Microsoft Update Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.19200.6 Código de Erro: 0x800704c7 Descrição do Erro: A operação foi cancelada pelo usuário. CodeIntegrity: =============== Date: 2022-05-28 10:07:00 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements. ==================== Informações da Memória =========================== BIOS: Dell Inc. 1.6.0 01/11/2019 placa-mãe: Dell Inc. 0WT51R Processador: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz Percentagem de memória em uso: 47% RAM física total: 16083.13 MB RAM física disponível: 8365.67 MB Virtual Total: 29907.13 MB Virtual disponível: 21039.07 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:446.56 GB) (Free:132.33 GB) (Model: CT480BX500SSD1) NTFS \\?\Volume{7467d4cb-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.57 GB) (Free:0.12 GB) NTFS ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 7467D4CB) Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt =======================