Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 30-06-2022 01 Executado por Diego (03-07-2022 22:19:07) Executando a partir de C:\Users\Diego\Desktop\BIBLIOTECA Microsoft Windows 11 Pro Versão 21H2 22000.778 (X64) (2021-12-19 03:25:55) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrator (S-1-5-21-2829915707-2987789524-1347783848-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2829915707-2987789524-1347783848-503 - Limited - Disabled) Diego (S-1-5-21-2829915707-2987789524-1347783848-1001 - Administrator - Enabled) => C:\Users\Diego Guest (S-1-5-21-2829915707-2987789524-1347783848-501 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-2829915707-2987789524-1347783848-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 3uTools (HKLM-x32\...\3uTools) (Version: 2.60.022 - ShangHai ZhangZheng Network Technology Co., Ltd.) 7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov) ABBYY FineReader PDF 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.4684 - ABBYY Production LLC) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.) Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_1) (Version: 23.2.1.303 - Adobe Inc.) Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.88 - Hulubulu Software) AIDA64 (HKLM-x32\...\AIDA64_is1) (Version: 6.70.6000 - ) Amazon Kindle (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\Amazon Kindle) (Version: 1.17.1.44183 - Amazon) Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team) AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden Bandwidth Monitor v3.4 build 757 (HKLM-x32\...\{A92AB371-E1AC-478B-B4C1-62984CFB7396}_is1) (Version: - BWMONITOR.COM) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 26.0.1.222 - Bitdefender) BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.8.101.1001 - BlueStack Systems, Inc.) BlueStacks X (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\BlueStacks X) (Version: 0.16.3.1 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 103.1.40.109 - Brave Software Inc) calibre (HKLM-x32\...\{D3CF17E8-ECE2-4B16-86D3-1C6B2F94BF8C}) (Version: 5.44.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP) CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.) Cisco Webex Meetings (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\ActiveTouchMeetingClient) (Version: 42.2.4 - Cisco Webex LLC) CPUID CPU-Z 2.01 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.01 - CPUID, Inc.) CPUID HWMonitor 1.45 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.45 - CPUID, Inc.) CrystalDiskInfo 8.13.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.13.2 - Crystal Dew World) CrystalDiskMark 8.0.4 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4 - Crystal Dew World) CyberLink PowerDVD 21 (HKLM-x32\...\{9BD348A7-CED8-4814-963B-B611CB925176}) (Version: 21.0.2019.62 - CyberLink Corp.) Desinstalar Impressora EPSON L395 Series (HKLM\...\EPSON L395 Series) (Version: - Seiko Epson Corporation) Dynamic Application Loader Host Interface Service (HKLM\...\{5509B79F-D323-4265-941C-C4402A915A38}) (Version: 1.0.0.0 - Intel Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{4A5076AD-020F-4BCE-B558-47C82911061F}) (Version: 1.3.23.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.) Epson Easy Photo Print 2 (HKLM-x32\...\{922E2D91-9314-45AA-9AEF-E585F93B59A9}) (Version: 2.6.1.0 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{E244A764-EDD0-46B0-8689-661F6B28D9E5}) (Version: 3.10.0069 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{AA6AE72A-371E-4454-9066-3D02BB4BC4E9}) (Version: 3.3.1.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{14898485-6509-496B-8C30-D5DB8C1C8639}) (Version: 4.6.3 - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{0CB4EF8E-EE5B-49F6-8376-A702C222D6DA}) (Version: 3.1.3.0 - SEIKO EPSON Corporation) f.lux (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\Flux) (Version: - f.lux Software LLC) FFmpeg v2.2.2 for Audacity - 64bit (HKLM\...\FFmpeg for Audacity_is1) (Version: - ) Fireflies Screensaver (remove only) (HKLM-x32\...\Fireflies) (Version: - ) foobar2000 v1.6.10 (HKLM-x32\...\foobar2000) (Version: 1.6.10 - Peter Pawlowski) Foxit PDF Editor (HKLM-x32\...\{E4EE2646-3FF1-11EC-ADC0-54BF64A63C26}) (Version: 11.2.0.53415 - Foxit Software Inc.) Free JPG To PDF Converter 3.0 (HKLM-x32\...\Free JPG To PDF Converter_is1) (Version: 3.0 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.66 - Google LLC) Google Chrome Canary (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\Google Chrome SxS) (Version: 105.0.5158.0 - Google LLC) Google Earth Pro (HKLM\...\{DE181B35-ACEF-4DB0-86D9-731D5767ABB1}) (Version: 7.3.4.8642 - Google) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden HandBrake 1.5.1 (HKLM-x32\...\HandBrake) (Version: 1.5.1 - ) IMAX Hubble Screen Saver (HKLM-x32\...\IMAX Hubble) (Version: - ) Intel Driver && Support Assistant (HKLM-x32\...\{975595A4-33B3-40A7-9D08-27777A4C54DC}) (Version: 22.4.26.9 - Intel) Hidden Intel(R) Chipset Device Software (HKLM\...\{06D713D6-9845-436D-B857-5BF2596B4554}) (Version: 10.1.18634.8254 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{99926fb7-5da9-4101-b79f-eec3674ca64b}) (Version: 10.1.18634.8254 - Intel(R) Corporation) Intel(R) Graphics Driver Software (HKLM-x32\...\{0703311b-31d5-4c17-9668-c48dee4b7749}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{34663e82-6c5e-4b48-b1b1-fee1881dc39b}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{34989299-2d34-4a1b-baa2-4de4fafbb4d0}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{7e58df71-ff1c-43fd-a618-5511b76c0dd9}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{8850e5d7-7f46-4a65-8f61-90533664733c}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{c49f9463-8ca3-4422-82b0-c06c7a9640ed}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) LMS (HKLM\...\{EBE07B2C-43AB-4FA7-9783-D07C6A1124DE}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2105.15.0.2155 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{39479C27-85A6-40FF-BEFC-1F27F824F303}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{BC46A079-3405-414F-8157-B7C1FC40AAA3}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{469E67E3-F4BD-4EC7-B5F2-81CF63A1A25C}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Network Connections 26.2.0.1 (HKLM\...\{AC44C09E-6D45-4F0F-8749-C3DF69A55FDE}) (Version: 26.2.0.1 - Intel) Hidden Intel(R) Network Connections 26.2.0.1 (HKLM\...\PROSetDX) (Version: 26.2.0.1 - Intel) Intel® Driver & Support Assistant (HKLM-x32\...\{ee77e23b-6afb-4277-9298-9576093d573f}) (Version: 22.4.26.9 - Intel) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: 6.40.11 - Tonec Inc.) Iridium Browser (HKLM\...\{01777018-E609-4821-A07F-07D317CC766A}) (Version: 96.0.0 - The Iridium Authors) iTunes (HKLM\...\{51E78C79-92F0-48B2-8A9A-3A5C0A7DD3F2}) (Version: 12.6.5.3 - Apple Inc.) Java 8 Update 333 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180333F0}) (Version: 8.0.3330.2 - Oracle Corporation) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) K-Lite Mega Codec Pack 17.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.0.5 - KLCP) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Libgen Desktop 1.4.1 (64-bit) (HKLM\...\{88846ABC-26D2-4038-B51A-94A0920E73D2}) (Version: 1.4.1 - Libgen Apps) Lingvanex Translator (HKLM\...\{E89DF4A5-063F-4688-8862-5B7AAC961B0A}) (Version: 1.1.139.0 - Lingvanex) Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo) Loquendo TTS 7 Felipe Multimedia High Quality (HKLM-x32\...\{A1614B8B-E966-4512-BEA9-13A4779983FF}) (Version: 7.3.0 - Loquendo) Loquendo TTS 7 Fernanda Multimedia High Quality (HKLM-x32\...\{975D7450-C0A7-4AD7-8903-3957B0F92B42}) (Version: 7.3.0 - Loquendo) Loquendo TTS 7 Portuguese (HKLM-x32\...\{C278A74A-707D-49B5-B847-651B4B80EDED}) (Version: 7.4.0 - Loquendo) MAGIX Speed burnR (HKLM\...\{87DA727F-D65B-4B1A-B1AD-C37DD4FD1EC3}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM-x32\...\MX.{87DA727F-D65B-4B1A-B1AD-C37DD4FD1EC3}) (Version: 7.0.2.6 - MAGIX Software GmbH) MakeMKV v1.16.7 (HKLM-x32\...\MakeMKV) (Version: v1.16.7 - GuinpinSoft inc) Manual Epson L395 (HKLM-x32\...\UsersGuideManual Epson L395_is1) (Version: 1.0 - Epson America, Inc.) Maxthon (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\Maxthon) (Version: 6.1.3.2020 - The Maxthon Authors) MediaHuman YouTube to MP3 Converter 3.9.9.68 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.68 - MediaHuman) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Metal Gear Solid 1 (HKLM-x32\...\Metal Gear Solid 1) (Version: - ) Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.6 (x64) (HKLM\...\{F48FB46C-3334-47AA-98ED-D5A47DED33F1}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.6 (x64) (HKLM\...\{089493D9-430B-4210-8A47-8F611288F461}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.6 (x64) (HKLM\...\{00478901-CD97-4A20-8FF3-3276865A2B44}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.44 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.44 - Microsoft Corporation) Microsoft Office LTSC Standard 2021 - en-us (HKLM\...\Standard2021Volume - en-us) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Office LTSC Standard 2021 - en-us.proof (HKLM\...\Standard2021Volume - en-us.proof) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Office LTSC Standard 2021 - pt-br (HKLM\...\Standard2021Volume - pt-br) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Project Professional 2021 - en-us (HKLM\...\ProjectPro2021Volume - en-us) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Project Professional 2021 - en-us.proof (HKLM\...\ProjectPro2021Volume - en-us.proof) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Project Professional 2021 - pt-br (HKLM\...\ProjectPro2021Volume - pt-br) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation) Microsoft Visio LTSC Professional 2021 - en-us (HKLM\...\VisioPro2021Volume - en-us) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Visio LTSC Professional 2021 - en-us.proof (HKLM\...\VisioPro2021Volume - en-us.proof) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Visio LTSC Professional 2021 - pt-br (HKLM\...\VisioPro2021Volume - pt-br) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30037 (HKLM-x32\...\{4b2f3795-f407-415e-88d5-8c8ab322909d}) (Version: 14.29.30037.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30037 (HKLM\...\{529D20E8-132A-4F1A-A25F-9211B8C943AC}) (Version: 14.29.30037 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30037 (HKLM\...\{C874FB5A-1C85-460A-A4A9-CBCC3FAE7880}) (Version: 14.29.30037 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM\...\{B9E46F95-AC34-4943-AFE2-B72EFD56C6C0}) (Version: 48.27.42342 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM-x32\...\{aad3b888-fde2-48c0-95c2-2f7a729283fb}) (Version: 6.0.6.31318 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) MKVToolNix 68.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 68.0.0 - Moritz Bunkus) Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 102.0 (x64 pt-BR)) (Version: 102.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.8.1 - Mozilla) Mp3tag v3.12 (HKLM-x32\...\Mp3tag) (Version: 3.12 - Florian Heidenreich) MPC-BE x64 1.6.3 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.6.3 - MPC-BE Team) MSVCRT Redists (HKLM\...\{43E74D8F-99E7-11EC-9A8E-50E549394757}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden MSVCRT Redists (HKLM\...\{FA5695F0-37CB-11EC-8913-00155D984A50}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden MSYS2 64bit (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\{25812ee3-b795-4217-b585-9ec395a5f7e2}) (Version: 20220319 - The MSYS2 Developers) Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.) NextUp-ScanSoft Raquel Brazilian Portuguese Voice (HKLM-x32\...\{5FAFC823-5E8C-40FB-8238-F2C536B2FB11}) (Version: 4.0.0 - NextUp.com) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.2 - Notepad++ Team) Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Linspire Inc.) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20324 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20324 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.14332.20281 - Microsoft Corporation) Hidden Opera Stable 88.0.4412.53 (HKLM-x32\...\Opera 88.0.4412.53) (Version: 88.0.4412.53 - Opera Software) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: 1.6.0 - PCSX2 Team) PlayerFab (x64) (24/04/2022) (HKLM-x32\...\PlayerFab (x64)) (Version: 7.0.1.0 - DVDFab Software Inc.) Pro Evolution Soccer 5 (HKLM-x32\...\InstallShield_{85C3FA3C-4832-4204-B21E-168E4920936A}) (Version: 1.00.0000 - KONAMI) qBittorrent 4.4.3.1 (HKLM-x32\...\qBittorrent) (Version: 4.4.3.1 - The qBittorrent project) Quake: Enhanced (HKLM-x32\...\Quake: Enhanced_is1) (Version: - ) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9136.1 - Realtek Semiconductor Corp.) REDRAGON Gaming Mouse (HKLM-x32\...\{5F85281F-2C9B-4690-948A-011A8A979CD4}}_is1) (Version: 1.0.40 - REDRAGON ZONE) RetroArch (HKLM-x32\...\RetroArch) (Version: 1.10.0.0 - Libretro) Revo Uninstaller Pro 4.5.0 (HKLM\...\Revo Uninstaller Pro_is1) (Version: 4.5.0 - VS Revo Group) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.58.822.0 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.7 - Rockstar Games) Send Anywhere 21.4.211415 (HKLM\...\20db1975-fda0-5740-b262-81be26ba22ab) (Version: 21.4.211415 - Estmob Inc.) SharePoint Client Components (HKLM\...\{95150004-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4711.1001 - Microsoft Corporation) Sigil 1.8.0 (HKLM\...\Sigil_is1) (Version: 1.8.0 - Sigil-Ebook) Skype versão 8.82 (HKLM-x32\...\Skype_is1) (Version: 8.82 - Skype Technologies S.A.) SOUND FORGE Pro 16.0 Suite (x64) (HKLM\...\{430D1A2E-99E7-11EC-9351-50E549394757}) (Version: 16.0.72 - MAGIX) SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.) Stellarium 0.21.2 (HKLM\...\Stellarium_is1) (Version: 0.21.2 - Stellarium team) Subtitle Edit 3.6.6 (HKLM\...\SubtitleEdit_is1) (Version: 3.6.6.0 - Nikse) Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - ) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.3.3 - Krzysztof Kowalczyk) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.) Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.) Telegram Desktop version 3.7.3 (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.7.3 - Telegram FZ-LLC) Update Notifier (HKLM\...\{CA4A7F7E-296C-4E14-861D-24517ABADA03}) (Version: 3.0.0.57 - MAGIX Software GmbH) Hidden Update Notifier (HKLM\...\MX.{CA4A7F7E-296C-4E14-861D-24517ABADA03}) (Version: 3.0.0.57 - MAGIX Software GmbH) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VEGAS Pro 19.0 (HKLM\...\{E063E530-1D13-11EC-B740-00155D26A171}) (Version: 19.0.381 - VEGAS) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) WeMod (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\WeMod) (Version: 8.0.11 - WeMod) WhatsApp (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\WhatsApp) (Version: 2.2222.12 - WhatsApp) WinDirStat 1.1.2 (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\WinDirStat) (Version: - ) WinMerge 2.16.16.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.16.16.0 - Thingamahoochie Software) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) WordWeb (HKLM-x32\...\WordWeb) (Version: 9 - WordWeb Software) Packages: ========= Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-20] (INTEL CORP) [Startup Task] Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.32.3.0_x64__6rarf9sa4v8jt [2022-06-29] (Disney) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-08] (Microsoft Studios) [MS Ad] Mp3tag -> C:\Program Files (x86)\Mp3tag [2022-01-21] (0) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.32.261.0_x64__dt26b99r8h8gj [2022-01-29] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0 [2022-06-23] (Spotify AB) [Startup Task] The Simple Timer -> C:\Program Files\WindowsApps\20876takutana.TheSimpleTimer_1.0.12.0_x64__5drpp4c7vp0fr [2022-03-19] (takutana) WinRAR -> C:\Program Files\WinRAR [2022-04-16] (0) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [Arquivo não assinado] CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\Diego\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\Diego\AppData\Local\Maxthon\Application\6.1.3.2020\notification_helper.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\Diego\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\Diego\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Diego\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{D26DAF8A-5153-3B69-DC48-9C659B879181}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Diego\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\Diego\AppData\Local\Google\Chrome SxS\Application\105.0.5158.0\notification_helper.exe (Google LLC -> Google LLC) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers1: [$PowerDVD21] -> {20B7D826-CC5F-49AB-B080-12E6116A2C2A} => C:\ProgramData\CyberLink\PowerDVD21\OpenWith\PDVD_Shell64.dll [2021-08-19] (CyberLink Corp. -> CyberLink Corp.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-05-29] (Notepad++ -> ) ContextMenuHandlers1: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2020-09-09] (ABBYY Production LLC -> ABBYY Production LLC.) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\ConvertToPDFShellExtension_x64.dll [2021-11-02] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG) ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG) ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Nenhum Arquivo ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2020-09-09] (ABBYY Production LLC -> ABBYY Production LLC.) ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\ConvertToPDFShellExtension_x64.dll [2021-11-02] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Nenhum Arquivo ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [55296 2005-01-21] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [Arquivo não assinado] ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) Shortcut: C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamb 2.1.0.0 beta 2\Yamb - Website.lnk -> hxxp://yamb.unite-video.com ShortcutWithArgument: C:\Users\Diego\Desktop\Google Chrome Canary.lnk -> C:\Users\Diego\AppData\Local\Google\Chrome SxS\Application\chrome.exe (Google LLC) -> --load-extension="C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extension\akqmfdarrbfnqieklrrecicrenkajqnq\7.8.1._0" ShortcutWithArgument: C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk -> C:\Users\Diego\AppData\Local\Google\Chrome SxS\Application\chrome.exe (Google LLC) -> --load-extension="C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extension\akqmfdarrbfnqieklrrecicrenkajqnq\7.8.1._0" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --load-extension="C:\Users\Diego\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extension\edflcordqrioceejnqjqccipnifnfjjk\2.3.2._0" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extension\akqmfdarrbfnqieklrrecicrenkajqnq\7.8.1._0" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --load-extension="C:\Users\Diego\AppData\Local\Microsoft\Edge\User Data\Default\Extension\aiokncckakibkfefmrkdfpjraolemmco\5.3.6._0" ShortcutWithArgument: C:\Users\Public\Desktop\Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --incognito --load-extension="C:\Users\Diego\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extension\edflcordqrioceejnqjqccipnifnfjjk\2.3.2._0" ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extension\akqmfdarrbfnqieklrrecicrenkajqnq\7.8.1._0" ShortcutWithArgument: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> -inprivate --load-extension="C:\Users\Diego\AppData\Local\Microsoft\Edge\User Data\Default\Extension\aiokncckakibkfefmrkdfpjraolemmco\5.3.6._0" ==================== Módulos Carregados (Whitelisted) ============= 2020-02-12 01:40 - 2020-02-12 01:40 - 000147968 _____ () [Arquivo não assinado] C:\Program Files\Send Anywhere\context_handler\x64\snda_context_handler.dll 2022-02-25 21:03 - 2021-12-26 11:00 - 000093696 _____ (Igor Pavlov) [Arquivo não assinado] C:\Program Files\7-Zip\7-zip.dll 2015-12-24 13:40 - 2015-12-24 13:40 - 000500736 ____S (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\Windows\System32\enppmon.dll 2022-06-19 23:58 - 2022-05-21 08:34 - 000814080 _____ (Tabibito Technology) [Arquivo não assinado] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\IcarosPropertyHandler.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [140] ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_333\bin\ssv.dll [2022-06-23] (Oracle America, Inc. -> Oracle Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) BHO: Foxit PDF Editor Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin_x64.dll [2021-11-02] (FOXIT SOFTWARE INC. -> ) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-06-23] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Foxit PDF Editor Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin.dll [2021-11-02] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Toolbar: HKLM - Foxit PDF Editor Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin_x64.dll [2021-11-02] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM-x32 - Foxit PDF Editor Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin.dll [2021-11-02] (FOXIT SOFTWARE INC. -> ) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2022-01-13 19:05 - 2022-04-16 02:43 - 000001204 ____R C:\Windows\system32\drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com 127.0.0.1 genuine.adobe.com 127.0.0.1 prod.adobegenuine.com 127.0.0.1 cap.cyberlink.com 127.0.0.1 activation.cyberlink.com 1.0.0.0 www.dvdfabstore.com 1.0.0.0 ssl.dvdfab.cn ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Calibre2\;C:\Program Files\dotnet\ HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "EPPCCMON" HKLM\...\StartupApproved\Run: => "PowerDVD21Agent" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\StartupFolder: => "Lingvanex Translator.lnk" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\StartupFolder: => "REDRAGON Gaming Mouse.lnk" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer_PowerDVD21" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "EPSDNMON" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "5dc33e66718bf8297b3b73b1e4733cd2" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "611dd93a9b5c578be68b17d997792402" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "QMxNetworkSync" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "Google Update" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "Windscribe" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "SendAnywhere" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "4f63842c5ef1a9d4ee3c64ea199dba50" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [TCP Query User{5FEB61D0-C0E9-4A3F-ACB9-7993B4ED7422}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{888949DB-2AE2-4201-A04B-44B8FEF56A2E}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{B4FAD114-45BD-4B59-8F60-A3572B3F9852}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{8C0267C4-192F-419D-AC3E-096209D97F9D}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{30C5173D-3A65-4169-A1BA-D213F211A68B}] => (Allow) C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe (MAGIX Software GmbH -> MAGIX) FirewallRules: [{A6D4DB5D-719D-42D5-836B-F69FD5B21957}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司) FirewallRules: [{DE6B4478-0C85-4E8C-8605-EB67D253F094}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司) FirewallRules: [{C7F71750-10EE-493B-84A4-9F0CB8D358A0}] => (Allow) LPort=80 FirewallRules: [TCP Query User{F2C74E45-ED55-4028-BAE3-DBD6C0668FBF}C:\program files (x86)\mipony\mipony.exe] => (Allow) C:\program files (x86)\mipony\mipony.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D829193A-55BE-4667-8B94-DE015854E695}C:\program files (x86)\mipony\mipony.exe] => (Allow) C:\program files (x86)\mipony\mipony.exe => Nenhum Arquivo FirewallRules: [TCP Query User{3B93F029-8BAE-4930-B91E-44A65A822379}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{CE491BE3-8F1E-4DE4-83C5-18D7CF6AC466}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => Nenhum Arquivo FirewallRules: [TCP Query User{EE8ECD58-F7B9-498F-B2EC-473F6E34FA9F}C:\program files (x86)\dvdfab\player 6\dvdfab player server.exe] => (Block) C:\program files (x86)\dvdfab\player 6\dvdfab player server.exe => Nenhum Arquivo FirewallRules: [UDP Query User{93F11AC8-CF98-4A98-B8A9-77615C66FDDF}C:\program files (x86)\dvdfab\player 6\dvdfab player server.exe] => (Block) C:\program files (x86)\dvdfab\player 6\dvdfab player server.exe => Nenhum Arquivo FirewallRules: [TCP Query User{EBF23381-99E1-4249-92FE-0B65A7BC062F}C:\program files (x86)\dvdfab\player 6\dvdfab player 6.exe] => (Block) C:\program files (x86)\dvdfab\player 6\dvdfab player 6.exe => Nenhum Arquivo FirewallRules: [UDP Query User{986FB723-8B65-4821-9856-9725E2DE0EDA}C:\program files (x86)\dvdfab\player 6\dvdfab player 6.exe] => (Block) C:\program files (x86)\dvdfab\player 6\dvdfab player 6.exe => Nenhum Arquivo FirewallRules: [{64390755-A7D2-4F74-A2A6-C5FF52E65C86}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7898E08C-01B1-4C17-839F-DBAFE842E821}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{0F6E4706-EB1F-4DEF-9000-63339F1CD055}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{F376AB06-98A8-4F30-B429-AF49A8DABEC1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{5DA8B65D-9152-421B-8CDC-2DA3AAF52812}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{64C6349D-CCE5-4A9D-AF9A-ACF234CC6958}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [{4E97726C-2A7A-45A4-9F0D-9D5A2CC546D8}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [TCP Query User{21F75D69-1161-4A46-87DF-DC5F3C1731BF}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Nenhum Arquivo FirewallRules: [UDP Query User{E579115F-BEC1-4F60-AB32-4CC47AD5DA95}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => Nenhum Arquivo FirewallRules: [{3453D8CF-52E8-4910-A5BE-F7B084CD2B9F}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [{D330F716-8D11-4B70-AE85-FC91225E4555}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [{BAF460A5-5764-4809-A39A-A62E6F722689}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5743898F-1AD8-457B-B3DE-12451894EF29}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{330C0AA7-B126-40CC-B3F5-43F3B2F36DA2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{8B98859E-6836-417E-B04C-46CA3C6D5387}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{721261E3-F66D-4694-8F0A-B05BD8552EAC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{D0DB37D8-F6F4-4918-AD52-6DE2F38A8FAD}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{9A4C390A-F2DA-4783-B763-D99CE0BFBDA1}C:\program files\java\jre1.8.0_311\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\javaw.exe => Nenhum Arquivo FirewallRules: [UDP Query User{B64B162D-0C8F-4248-A6CE-0B42B5F85421}C:\program files\java\jre1.8.0_311\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_311\bin\javaw.exe => Nenhum Arquivo FirewallRules: [{2C287E4E-1644-46E3-A05C-2AC5FE3D6091}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [{8B14F876-9F73-4F29-AAA2-B4F71597F42A}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [{737670F7-57EC-4839-853F-5BBE0B2BF43F}] => (Allow) C:\Users\Diego\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) FirewallRules: [{689207B2-BDF1-498B-853F-9EBDAF98C944}] => (Allow) C:\Users\Diego\AppData\Local\Maxthon\Application\Maxthon.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) FirewallRules: [TCP Query User{7DA9C866-8F2F-4737-81D8-781676DDA2D3}C:\program files\send anywhere\send anywhere.exe] => (Allow) C:\program files\send anywhere\send anywhere.exe (Estmob Inc. -> Estmob Inc.) FirewallRules: [UDP Query User{9150795B-643D-4E0F-97E5-DBB9630C3AA6}C:\program files\send anywhere\send anywhere.exe] => (Allow) C:\program files\send anywhere\send anywhere.exe (Estmob Inc. -> Estmob Inc.) FirewallRules: [TCP Query User{EC7ED842-D2D7-47EE-B716-D55848CA2A7B}C:\users\diego\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\diego\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{72B5379F-26B2-49F2-BC88-24F87724C95A}C:\users\diego\appdata\local\google\chrome sxs\application\chrome.exe] => (Allow) C:\users\diego\appdata\local\google\chrome sxs\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{B90DF6B1-C8F4-4315-9BF2-075753477634}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{67107F9F-A9D9-48EB-8CB8-A1061B530ADD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{89822DBA-8F8A-44AB-8023-60D3F7F09A20}] => (Allow) C:\Program Files\CyberLink\PowerDVD21\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{D994F21E-3B9B-4909-AD17-62AF7CE837F5}] => (Allow) C:\Program Files\CyberLink\PowerDVD21\ShareModule32\Kernel\DMS\CLMSServerPDVD21.exe (CyberLink Corp. -> CyberLink) FirewallRules: [{5D9DBE48-D706-4247-A0D3-A674B3882FDF}] => (Allow) C:\Program Files\CyberLink\PowerDVD21\PowerDVD21Agent.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{15558E42-F96F-403A-82CC-C7BEC687F665}] => (Allow) C:\Program Files\CyberLink\PowerDVD21\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{2101B951-B568-4F04-8996-CF3582D23078}] => (Allow) C:\Program Files\CyberLink\PowerDVD21\CastingStation.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{52F2EAF3-6604-4DAC-B7D7-202DA5026F27}] => (Allow) C:\Program Files\CyberLink\PowerDVD21\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{034B7AA5-905B-42EB-A776-E4F5BA77758C}] => (Allow) C:\Program Files\CyberLink\PowerDVD21\Common\dynamic_transcode.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{221FC6FE-808A-4396-8602-83C3142C5F29}] => (Allow) C:\Program Files\CyberLink\PowerDVD21\Common\CLMediaServer\clmediaserver.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{C177EA77-0149-4FDE-B048-3BBA25AABE2B}] => (Allow) LPort=31302 FirewallRules: [TCP Query User{43B0B7D0-F6B0-4813-B0E1-69D5F2954AF6}C:\program files\dvdfab\playerfab\playerfab server.exe] => (Block) C:\program files\dvdfab\playerfab\playerfab server.exe (DVDFab Software Inc. -> PlayerFab Server Inc.) FirewallRules: [UDP Query User{D808AB56-2B1D-4860-9F40-09470E231129}C:\program files\dvdfab\playerfab\playerfab server.exe] => (Block) C:\program files\dvdfab\playerfab\playerfab server.exe (DVDFab Software Inc. -> PlayerFab Server Inc.) FirewallRules: [TCP Query User{6F2831D9-8F85-4441-A1D7-A12F0F5F02FE}C:\program files\dvdfab\playerfab\playerfab.exe] => (Block) C:\program files\dvdfab\playerfab\playerfab.exe (DVDFab Software Inc. -> ) FirewallRules: [UDP Query User{F7DC52E6-D601-4D7D-ACF2-33637CF0D2C5}C:\program files\dvdfab\playerfab\playerfab.exe] => (Block) C:\program files\dvdfab\playerfab\playerfab.exe (DVDFab Software Inc. -> ) FirewallRules: [{E7C056E1-3C9D-46C5-B124-100CE15CA609}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [{AB34E9AA-8840-44B8-823E-CB54EABDD783}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [TCP Query User{B8EBDD77-3EF2-4A92-9C17-269B833E6DAE}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{69738E34-64BA-4079-AFF2-531EF5B43A88}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [{E35288BD-34AF-4ECF-9C86-84226364E6FF}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado] FirewallRules: [{9A4B6FB0-3AAC-4FE2-9321-144DDB4A1AA6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado] FirewallRules: [{666D75C7-621A-4367-B126-C6A61E80496B}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [{74C79A1C-441B-40BC-A596-48714DF5319E}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [{ED48799B-B409-4736-BDA5-3297A7EE4445}] => (Allow) C:\Program Files\Opera\88.0.4412.40\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{EE2AA7B8-F8CB-40DD-8F42-DBCB4E205729}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22147.303.1400.1220_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{947E3A53-27CB-40AD-B13C-055687287236}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22147.303.1400.1220_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{561596C5-0B8E-45BC-89DA-72A42568A7FA}] => (Allow) C:\Program Files\Opera\88.0.4412.53\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{2D38DDEF-3386-46AF-B080-0512EFC3FA3F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E75DAE3F-0376-42B7-A1ED-C34BC34DA127}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{DEBD7AD3-9B6E-4AB0-9A42-5A6294E0A792}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{8C6691E7-F4C4-4A76-BBC1-E89BFFE3CFA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3455E324-C1E8-46FB-9C46-B96CE5A6017E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{3ECF4702-4049-4EBF-B0CC-12AD7B8E07C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E9D488AC-CD98-4A72-A0C5-1332DC026213}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{B42A2963-A0DD-4688-ACF9-2AACE265C6EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{6F9D49C9-C096-46D3-AFC0-5ED8203BFBF2}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [{89EB1C75-1FA4-47D3-BF27-56BA24192422}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.) FirewallRules: [{422A1F1F-40DF-48B2-83B7-190A8B46CE3B}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems) FirewallRules: [{E7B5569B-F294-4428-A95B-21F3F8F094DB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{F4A008B0-3B52-4829-A21F-2AFA403FE686}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{0B451964-5351-4BA2-B62D-39326FDAF976}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Pontos de Restauração ========================= 30-06-2022 13:37:29 Intel® Driver & Support Assistant 03-07-2022 17:07:36 Revo Uninstaller Pro's restore point - Adobe Acrobat DC 03-07-2022 17:28:08 Removed Adobe Acrobat DC. 03-07-2022 22:17:22 AdwCleaner_BeforeCleaning_03/07/2022_22:17:22 ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (07/03/2022 10:10:01 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\WinMerge\WinMergeU.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest. Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest. Error: (07/03/2022 10:09:25 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (07/03/2022 10:09:25 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, A system shutdown is in progress. ] Error: (07/03/2022 09:56:39 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, A system shutdown is in progress. ] Error: (07/03/2022 09:56:27 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\WinMerge\WinMergeU.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest. Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest. Error: (07/03/2022 09:56:27 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\WinMerge\WinMergeU.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest. Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest. Error: (07/03/2022 09:56:25 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\WinMerge\WinMergeU.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest. Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest. Error: (07/03/2022 09:56:25 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\WinMerge\WinMergeU.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest. Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest. Erros de Sistema: ============= Error: (07/03/2022 10:17:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Graphics Command Center Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (07/03/2022 10:17:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Bitdefender Product Agent Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (07/03/2022 10:17:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Dynamic Application Loader Host Interface Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (07/03/2022 10:17:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Content Protection HDCP Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (07/03/2022 10:17:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Driver & Support Assistant foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (07/03/2022 10:17:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Bitdefender Agent RedLine Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Restart the service. Error: (07/03/2022 10:17:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Driver & Support Assistant Updater foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (07/03/2022 10:17:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Microsoft Office Click-to-Run Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Restart the service. Windows Defender: ================ Date: 2022-07-03 22:10:43 Description: O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão. ID do Exame: {9CE9A442-9C3F-4A8E-A1D0-3AA0860DED56} Tipo de Exame: Antimalware Parâmetros do Exame: Quick Scan Usuário: Computador\Diego Date: 2022-07-03 22:10:17 Description: Microsoft Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:PowerShell/MaleficAms&threatid=2147805219&enterprise=0 Nome: VirTool:PowerShell/MaleficAms Gravidade: Severe Categoria: Tool Caminho: amsi:_\Device\HarddiskVolume3\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Origem da Detecção: Unknown Tipo da Detecção: Concrete Fonte da Detecção: System Usuário: NT AUTHORITY\SYSTEM Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.369.723.0, AS: 1.369.723.0, NIS: 1.369.723.0 Versão do Mecanismo: AM: 1.1.19300.2, NIS: 1.1.19300.2 Date: 2022-07-03 21:57:32 Description: Microsoft Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:PowerShell/MaleficAms&threatid=2147805219&enterprise=0 Nome: VirTool:PowerShell/MaleficAms Gravidade: Severe Categoria: Tool Caminho: amsi:_\Device\HarddiskVolume3\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Origem da Detecção: Unknown Tipo da Detecção: Concrete Fonte da Detecção: System Usuário: NT AUTHORITY\SYSTEM Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.369.718.0, AS: 1.369.718.0, NIS: 1.369.718.0 Versão do Mecanismo: AM: 1.1.19300.2, NIS: 1.1.19300.2 Date: 2022-07-03 21:56:31 Description: Microsoft Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:PowerShell/MaleficAms&threatid=2147805219&enterprise=0 Nome: VirTool:PowerShell/MaleficAms Gravidade: Severe Categoria: Tool Caminho: amsi:_\Device\HarddiskVolume3\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Origem da Detecção: Unknown Tipo da Detecção: Concrete Fonte da Detecção: System Usuário: NT AUTHORITY\SYSTEM Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.369.718.0, AS: 1.369.718.0, NIS: 1.369.718.0 Versão do Mecanismo: AM: 1.1.19300.2, NIS: 1.1.19300.2 Date: 2022-07-03 20:17:33 Description: Microsoft Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:PowerShell/MaleficAms&threatid=2147805219&enterprise=0 Nome: VirTool:PowerShell/MaleficAms Gravidade: Severe Categoria: Tool Caminho: amsi:_\Device\HarddiskVolume3\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Origem da Detecção: Unknown Tipo da Detecção: Concrete Fonte da Detecção: System Usuário: NT AUTHORITY\SYSTEM Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.369.708.0, AS: 1.369.708.0, NIS: 1.369.708.0 Versão do Mecanismo: AM: 1.1.19300.2, NIS: 1.1.19300.2 Event[0] Date: 2022-07-03 19:22:12 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivirus encontrou um erro e falhou. Recurso: On Access Código do Erro: 0x8007043c Descrição do erro: This service cannot be started in Safe Mode Motivo: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2022-07-03 17:52:53 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivirus encontrou um erro e falhou. Recurso: On Access Código do Erro: 0x8007043c Descrição do erro: This service cannot be started in Safe Mode Motivo: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. CodeIntegrity: =============== Date: 2022-07-03 22:14:29 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2022-07-03 22:10:03 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3ad50285c3647623\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Informações da Memória =========================== BIOS: American Megatrends International, LLC. 1.40 01/07/2022 placa-mãe: Micro-Star International Co., Ltd. Z590-A PRO (MS-7D09) Processador: 11th Gen Intel(R) Core(TM) i5-11400 @ 2.60GHz Percentagem de memória em uso: 21% RAM física total: 16193.62 MB RAM física disponível: 12772.78 MB Virtual Total: 18625.62 MB Virtual disponível: 15504.54 MB ==================== Drives ================================ Drive c: (WIN11-SSD-WD-1TB) (Fixed) (Total:930.77 GB) (Free:574.68 GB) (Model: WDC WDS100T2B0A-00SM50) NTFS \\?\Volume{755a15aa-edcf-414d-ab38-aab732a0b960}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS \\?\Volume{b87c39f3-6a73-4228-90dc-eb47cf4c908a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 04EB840C) Partition: GPT. ==================== Fim de Addition.txt =======================