Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 04-07-2022 Executado por Diego (04-07-2022 20:15:16) Executando a partir de C:\Users\Diego\Desktop Microsoft Windows 11 Pro Versão 21H2 22000.778 (X64) (2021-12-19 03:25:55) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrator (S-1-5-21-2829915707-2987789524-1347783848-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2829915707-2987789524-1347783848-503 - Limited - Disabled) Diego (S-1-5-21-2829915707-2987789524-1347783848-1001 - Administrator - Enabled) => C:\Users\Diego Guest (S-1-5-21-2829915707-2987789524-1347783848-501 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-2829915707-2987789524-1347783848-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 3uTools (HKLM-x32\...\3uTools) (Version: 2.60.022 - ShangHai ZhangZheng Network Technology Co., Ltd.) 7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov) ABBYY FineReader PDF 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.4684 - ABBYY Production LLC) Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 22.001.20085 - Adobe) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.) Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2_1) (Version: 23.2.1.303 - Adobe Inc.) Advanced Renamer (HKLM\...\Advanced Renamer_is1) (Version: 3.88 - Hulubulu Software) AIDA64 (HKLM-x32\...\AIDA64_is1) (Version: 6.70.6000 - ) Amazon Kindle (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\Amazon Kindle) (Version: 1.17.1.44183 - Amazon) Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.) Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team) AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden Bandwidth Monitor v3.4 build 757 (HKLM-x32\...\{A92AB371-E1AC-478B-B4C1-62984CFB7396}_is1) (Version: - BWMONITOR.COM) BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.8.101.1001 - BlueStack Systems, Inc.) BlueStacks X (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\BlueStacks X) (Version: 0.16.3.1 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 103.1.40.109 - Brave Software Inc) calibre (HKLM-x32\...\{D3CF17E8-ECE2-4B16-86D3-1C6B2F94BF8C}) (Version: 5.44.0 - Kovid Goyal) CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP) CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.) Cisco Webex Meetings (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\ActiveTouchMeetingClient) (Version: 42.2.4 - Cisco Webex LLC) CPUID CPU-Z 2.01 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.01 - CPUID, Inc.) CPUID HWMonitor 1.45 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.45 - CPUID, Inc.) CrystalDiskInfo 8.13.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.13.2 - Crystal Dew World) CrystalDiskMark 8.0.4 (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4 - Crystal Dew World) CyberLink PowerDVD 21 (HKLM-x32\...\{9BD348A7-CED8-4814-963B-B611CB925176}) (Version: 21.0.2019.62 - CyberLink Corp.) Desinstalar Impressora EPSON L395 Series (HKLM\...\EPSON L395 Series) (Version: - Seiko Epson Corporation) Dynamic Application Loader Host Interface Service (HKLM\...\{5509B79F-D323-4265-941C-C4402A915A38}) (Version: 1.0.0.0 - Intel Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{4A5076AD-020F-4BCE-B558-47C82911061F}) (Version: 1.3.23.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.) Epson Easy Photo Print 2 (HKLM-x32\...\{922E2D91-9314-45AA-9AEF-E585F93B59A9}) (Version: 2.6.1.0 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{E244A764-EDD0-46B0-8689-661F6B28D9E5}) (Version: 3.10.0069 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{AA6AE72A-371E-4454-9066-3D02BB4BC4E9}) (Version: 3.3.1.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.) Epson Software Updater (HKLM-x32\...\{14898485-6509-496B-8C30-D5DB8C1C8639}) (Version: 4.6.3 - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{0CB4EF8E-EE5B-49F6-8376-A702C222D6DA}) (Version: 3.1.3.0 - SEIKO EPSON Corporation) f.lux (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\Flux) (Version: - f.lux Software LLC) FFmpeg v2.2.2 for Audacity - 64bit (HKLM\...\FFmpeg for Audacity_is1) (Version: - ) Fireflies Screensaver (remove only) (HKLM-x32\...\Fireflies) (Version: - ) foobar2000 v1.6.10 (HKLM-x32\...\foobar2000) (Version: 1.6.10 - Peter Pawlowski) Foxit PDF Editor (HKLM-x32\...\{E4EE2646-3FF1-11EC-ADC0-54BF64A63C26}) (Version: 11.2.0.53415 - Foxit Software Inc.) Free JPG To PDF Converter 3.0 (HKLM-x32\...\Free JPG To PDF Converter_is1) (Version: 3.0 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC) Google Chrome Canary (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\Google Chrome SxS) (Version: 105.0.5160.0 - Google LLC) Google Earth Pro (HKLM\...\{DE181B35-ACEF-4DB0-86D9-731D5767ABB1}) (Version: 7.3.4.8642 - Google) Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden HandBrake 1.5.1 (HKLM-x32\...\HandBrake) (Version: 1.5.1 - ) IMAX Hubble Screen Saver (HKLM-x32\...\IMAX Hubble) (Version: - ) Intel Driver && Support Assistant (HKLM-x32\...\{975595A4-33B3-40A7-9D08-27777A4C54DC}) (Version: 22.4.26.9 - Intel) Hidden Intel(R) Chipset Device Software (HKLM\...\{06D713D6-9845-436D-B857-5BF2596B4554}) (Version: 10.1.18634.8254 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{99926fb7-5da9-4101-b79f-eec3674ca64b}) (Version: 10.1.18634.8254 - Intel(R) Corporation) Intel(R) Graphics Driver Software (HKLM-x32\...\{0703311b-31d5-4c17-9668-c48dee4b7749}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{34663e82-6c5e-4b48-b1b1-fee1881dc39b}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{34989299-2d34-4a1b-baa2-4de4fafbb4d0}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{7e58df71-ff1c-43fd-a618-5511b76c0dd9}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{8850e5d7-7f46-4a65-8f61-90533664733c}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) Graphics Driver Software (HKLM-x32\...\{c49f9463-8ca3-4422-82b0-c06c7a9640ed}) (Version: 3.11.1.0 - Intel) Hidden Intel(R) LMS (HKLM\...\{EBE07B2C-43AB-4FA7-9783-D07C6A1124DE}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2105.15.0.2155 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{39479C27-85A6-40FF-BEFC-1F27F824F303}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{BC46A079-3405-414F-8157-B7C1FC40AAA3}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{469E67E3-F4BD-4EC7-B5F2-81CF63A1A25C}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Network Connections 26.2.0.1 (HKLM\...\{AC44C09E-6D45-4F0F-8749-C3DF69A55FDE}) (Version: 26.2.0.1 - Intel) Hidden Intel(R) Network Connections 26.2.0.1 (HKLM\...\PROSetDX) (Version: 26.2.0.1 - Intel) Intel® Driver & Support Assistant (HKLM-x32\...\{ee77e23b-6afb-4277-9298-9576093d573f}) (Version: 22.4.26.9 - Intel) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: 6.40.11 - Tonec Inc.) Iridium Browser (HKLM\...\{01777018-E609-4821-A07F-07D317CC766A}) (Version: 96.0.0 - The Iridium Authors) iTunes (HKLM\...\{51E78C79-92F0-48B2-8A9A-3A5C0A7DD3F2}) (Version: 12.6.5.3 - Apple Inc.) Java 8 Update 333 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180333F0}) (Version: 8.0.3330.2 - Oracle Corporation) JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH) K-Lite Mega Codec Pack 17.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.0.5 - KLCP) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Libgen Desktop 1.4.1 (64-bit) (HKLM\...\{88846ABC-26D2-4038-B51A-94A0920E73D2}) (Version: 1.4.1 - Libgen Apps) Lingvanex Translator (HKLM\...\{E89DF4A5-063F-4688-8862-5B7AAC961B0A}) (Version: 1.1.139.0 - Lingvanex) Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo) Loquendo TTS 7 Felipe Multimedia High Quality (HKLM-x32\...\{A1614B8B-E966-4512-BEA9-13A4779983FF}) (Version: 7.3.0 - Loquendo) Loquendo TTS 7 Fernanda Multimedia High Quality (HKLM-x32\...\{975D7450-C0A7-4AD7-8903-3957B0F92B42}) (Version: 7.3.0 - Loquendo) Loquendo TTS 7 Portuguese (HKLM-x32\...\{C278A74A-707D-49B5-B847-651B4B80EDED}) (Version: 7.4.0 - Loquendo) MAGIX Speed burnR (HKLM\...\{87DA727F-D65B-4B1A-B1AD-C37DD4FD1EC3}) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Speed burnR (HKLM-x32\...\MX.{87DA727F-D65B-4B1A-B1AD-C37DD4FD1EC3}) (Version: 7.0.2.6 - MAGIX Software GmbH) MakeMKV v1.16.7 (HKLM-x32\...\MakeMKV) (Version: v1.16.7 - GuinpinSoft inc) Manual Epson L395 (HKLM-x32\...\UsersGuideManual Epson L395_is1) (Version: 1.0 - Epson America, Inc.) Maxthon (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\Maxthon) (Version: 6.1.3.2020 - The Maxthon Authors) MediaHuman YouTube to MP3 Converter 3.9.9.68 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.68 - MediaHuman) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Metal Gear Solid 1 (HKLM-x32\...\Metal Gear Solid 1) (Version: - ) Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.6 (x64) (HKLM\...\{F48FB46C-3334-47AA-98ED-D5A47DED33F1}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.6 (x64) (HKLM\...\{089493D9-430B-4210-8A47-8F611288F461}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.6 (x64) (HKLM\...\{00478901-CD97-4A20-8FF3-3276865A2B44}) (Version: 48.27.42327 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.44 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.44 - Microsoft Corporation) Microsoft Office LTSC Standard 2021 - en-us (HKLM\...\Standard2021Volume - en-us) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Office LTSC Standard 2021 - en-us.proof (HKLM\...\Standard2021Volume - en-us.proof) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Office LTSC Standard 2021 - pt-br (HKLM\...\Standard2021Volume - pt-br) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Project Professional 2021 - en-us (HKLM\...\ProjectPro2021Volume - en-us) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Project Professional 2021 - en-us.proof (HKLM\...\ProjectPro2021Volume - en-us.proof) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Project Professional 2021 - pt-br (HKLM\...\ProjectPro2021Volume - pt-br) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation) Microsoft Visio LTSC Professional 2021 - en-us (HKLM\...\VisioPro2021Volume - en-us) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Visio LTSC Professional 2021 - en-us.proof (HKLM\...\VisioPro2021Volume - en-us.proof) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Visio LTSC Professional 2021 - pt-br (HKLM\...\VisioPro2021Volume - pt-br) (Version: 16.0.14332.20324 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30037 (HKLM-x32\...\{4b2f3795-f407-415e-88d5-8c8ab322909d}) (Version: 14.29.30037.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30037 (HKLM\...\{529D20E8-132A-4F1A-A25F-9211B8C943AC}) (Version: 14.29.30037 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30037 (HKLM\...\{C874FB5A-1C85-460A-A4A9-CBCC3FAE7880}) (Version: 14.29.30037 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM\...\{B9E46F95-AC34-4943-AFE2-B72EFD56C6C0}) (Version: 48.27.42342 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM-x32\...\{aad3b888-fde2-48c0-95c2-2f7a729283fb}) (Version: 6.0.6.31318 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) MKVToolNix 68.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 68.0.0 - Moritz Bunkus) Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 102.0 (x64 pt-BR)) (Version: 102.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.8.1 - Mozilla) Mp3tag v3.12 (HKLM-x32\...\Mp3tag) (Version: 3.12 - Florian Heidenreich) MPC-BE x64 1.6.3 (HKLM\...\{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1) (Version: 1.6.3 - MPC-BE Team) MSVCRT Redists (HKLM\...\{43E74D8F-99E7-11EC-9A8E-50E549394757}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden MSVCRT Redists (HKLM\...\{FA5695F0-37CB-11EC-8913-00155D984A50}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden MSYS2 64bit (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\{25812ee3-b795-4217-b585-9ec395a5f7e2}) (Version: 20220319 - The MSYS2 Developers) Nefarius Virtual Gamepad Emulation Bus Driver (HKLM\...\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}) (Version: 1.17.333.0 - Nefarius Software Solutions e.U.) NextUp-ScanSoft Raquel Brazilian Portuguese Voice (HKLM-x32\...\{5FAFC823-5E8C-40FB-8238-F2C536B2FB11}) (Version: 4.0.0 - NextUp.com) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.2 - Notepad++ Team) Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Linspire Inc.) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20324 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20324 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.14332.20281 - Microsoft Corporation) Hidden Opera Stable 88.0.4412.53 (HKLM-x32\...\Opera 88.0.4412.53) (Version: 88.0.4412.53 - Opera Software) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: 1.6.0 - PCSX2 Team) PlayerFab (x64) (24/04/2022) (HKLM-x32\...\PlayerFab (x64)) (Version: 7.0.1.0 - DVDFab Software Inc.) Pro Evolution Soccer 5 (HKLM-x32\...\InstallShield_{85C3FA3C-4832-4204-B21E-168E4920936A}) (Version: 1.00.0000 - KONAMI) qBittorrent 4.4.3.1 (HKLM-x32\...\qBittorrent) (Version: 4.4.3.1 - The qBittorrent project) Quake: Enhanced (HKLM-x32\...\Quake: Enhanced_is1) (Version: - ) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9136.1 - Realtek Semiconductor Corp.) REDRAGON Gaming Mouse (HKLM-x32\...\{5F85281F-2C9B-4690-948A-011A8A979CD4}}_is1) (Version: 1.0.40 - REDRAGON ZONE) RetroArch (HKLM-x32\...\RetroArch) (Version: 1.10.0.0 - Libretro) Revo Uninstaller Pro 4.5.0 (HKLM\...\Revo Uninstaller Pro_is1) (Version: 4.5.0 - VS Revo Group) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.58.822.0 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.3.7 - Rockstar Games) Send Anywhere 21.4.211415 (HKLM\...\20db1975-fda0-5740-b262-81be26ba22ab) (Version: 21.4.211415 - Estmob Inc.) SharePoint Client Components (HKLM\...\{95150004-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4711.1001 - Microsoft Corporation) Sigil 1.8.0 (HKLM\...\Sigil_is1) (Version: 1.8.0 - Sigil-Ebook) Skype versão 8.82 (HKLM-x32\...\Skype_is1) (Version: 8.82 - Skype Technologies S.A.) SOUND FORGE Pro 16.0 Suite (x64) (HKLM\...\{430D1A2E-99E7-11EC-9351-50E549394757}) (Version: 16.0.72 - MAGIX) SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.) Stellarium 0.21.2 (HKLM\...\Stellarium_is1) (Version: 0.21.2 - Stellarium team) Subtitle Edit 3.6.6 (HKLM\...\SubtitleEdit_is1) (Version: 3.6.6.0 - Nikse) Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - ) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.3.3 - Krzysztof Kowalczyk) Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.) Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.) Telegram Desktop version 3.7.3 (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.7.3 - Telegram FZ-LLC) Update Notifier (HKLM\...\{CA4A7F7E-296C-4E14-861D-24517ABADA03}) (Version: 3.0.0.57 - MAGIX Software GmbH) Hidden Update Notifier (HKLM\...\MX.{CA4A7F7E-296C-4E14-861D-24517ABADA03}) (Version: 3.0.0.57 - MAGIX Software GmbH) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VdhCoApp 1.6.3 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper) VEGAS Pro 19.0 (HKLM\...\{E063E530-1D13-11EC-B740-00155D26A171}) (Version: 19.0.381 - VEGAS) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes) VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN) WeMod (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\WeMod) (Version: 8.0.11 - WeMod) WhatsApp (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\WhatsApp) (Version: 2.2222.12 - WhatsApp) WinDirStat 1.1.2 (HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\WinDirStat) (Version: - ) WinMerge 2.16.16.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.16.16.0 - Thingamahoochie Software) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) WordWeb (HKLM-x32\...\WordWeb) (Version: 9 - WordWeb Software) Packages: ========= Adobe Acrobat DC -> C:\Program Files\Adobe\Acrobat DC [2022-07-03] (0) Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-20] (INTEL CORP) [Startup Task] Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.32.3.0_x64__6rarf9sa4v8jt [2022-06-29] (Disney) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-08] (Microsoft Studios) [MS Ad] Mp3tag -> C:\Program Files (x86)\Mp3tag [2022-01-21] (0) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.32.261.0_x64__dt26b99r8h8gj [2022-01-29] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0 [2022-06-23] (Spotify AB) [Startup Task] The Simple Timer -> C:\Program Files\WindowsApps\20876takutana.TheSimpleTimer_1.0.12.0_x64__5drpp4c7vp0fr [2022-03-19] (takutana) WinRAR -> C:\Program Files\WinRAR [2022-04-16] (0) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [Arquivo não assinado] CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\Diego\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\Diego\AppData\Local\Maxthon\Application\6.1.3.2020\notification_helper.exe (Maxthon Technology Co, Ltd. -> Maxthon Ltd.) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\Diego\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\Diego\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Diego\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32 -> => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{D26DAF8A-5153-3B69-DC48-9C659B879181}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => Nenhum Arquivo CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Diego\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-2829915707-2987789524-1347783848-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\Diego\AppData\Local\Google\Chrome SxS\Application\105.0.5160.0\notification_helper.exe (Google LLC -> Google LLC) ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers1: [$PowerDVD21] -> {20B7D826-CC5F-49AB-B080-12E6116A2C2A} => C:\ProgramData\CyberLink\PowerDVD21\OpenWith\PDVD_Shell64.dll [2021-08-19] (CyberLink Corp. -> CyberLink Corp.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-05-29] (Notepad++ -> ) ContextMenuHandlers1: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2020-09-09] (ABBYY Production LLC -> ABBYY Production LLC.) ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\ConvertToPDFShellExtension_x64.dll [2021-11-02] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG) ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG) ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2022-04-19] (Mega Limited -> ) ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Nenhum Arquivo ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2021-10-01] (Takashi Sawanaka -> hxxps://winmerge.org) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-24] (Adobe Inc. -> ) ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.) ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2020-09-09] (ABBYY Production LLC -> ABBYY Production LLC.) ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\ConvertToPDFShellExtension_x64.dll [2021-11-02] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> Nenhum Arquivo ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [55296 2005-01-21] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [Arquivo não assinado] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [Arquivo não assinado] HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [Arquivo não assinado] ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) Shortcut: C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamb 2.1.0.0 beta 2\Yamb - Website.lnk -> hxxp://yamb.unite-video.com ShortcutWithArgument: C:\Users\Diego\Desktop\Google Chrome Canary.lnk -> C:\Users\Diego\AppData\Local\Google\Chrome SxS\Application\chrome.exe (Google LLC) -> --load-extension="C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extension\akqmfdarrbfnqieklrrecicrenkajqnq\7.8.1._0" ShortcutWithArgument: C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk -> C:\Users\Diego\AppData\Local\Google\Chrome SxS\Application\chrome.exe (Google LLC) -> --load-extension="C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extension\akqmfdarrbfnqieklrrecicrenkajqnq\7.8.1._0" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --load-extension="C:\Users\Diego\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extension\edflcordqrioceejnqjqccipnifnfjjk\2.3.2._0" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extension\akqmfdarrbfnqieklrrecicrenkajqnq\7.8.1._0" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --load-extension="C:\Users\Diego\AppData\Local\Microsoft\Edge\User Data\Default\Extension\aiokncckakibkfefmrkdfpjraolemmco\5.3.6._0" ShortcutWithArgument: C:\Users\Public\Desktop\Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc.) -> --incognito --load-extension="C:\Users\Diego\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extension\edflcordqrioceejnqjqccipnifnfjjk\2.3.2._0" ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\Users\Diego\AppData\Local\Google\Chrome\User Data\Default\Extension\akqmfdarrbfnqieklrrecicrenkajqnq\7.8.1._0" ShortcutWithArgument: C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> -inprivate --load-extension="C:\Users\Diego\AppData\Local\Microsoft\Edge\User Data\Default\Extension\aiokncckakibkfefmrkdfpjraolemmco\5.3.6._0" ==================== Módulos Carregados (Whitelisted) ============= 2022-06-16 08:17 - 2022-06-16 08:17 - 005998080 _____ () [Arquivo não assinado] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll 2021-02-01 21:49 - 2021-02-01 21:49 - 000010240 _____ () [Arquivo não assinado] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\pt_br\AcroTray.ptb 2020-02-12 01:40 - 2020-02-12 01:40 - 000147968 _____ () [Arquivo não assinado] C:\Program Files\Send Anywhere\context_handler\x64\snda_context_handler.dll 2022-01-11 20:24 - 2018-05-09 04:45 - 000142336 _____ () [Arquivo não assinado] C:\Users\Diego\AppData\Local\JDownloader 2.0\.install4j\i4jinst.dll 2022-07-04 15:36 - 2022-07-04 15:36 - 004193064 _____ () [Arquivo não assinado] C:\Users\Diego\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-Do9iQmsMdyfO\lib7-Zip-JBinding.dll 2022-03-02 17:56 - 2022-03-02 17:56 - 000021504 _____ (Adobe Systems Inc.) [Arquivo não assinado] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\pt_br\Acrobat Elements\ContextMenuShim64.ptb 2021-12-19 01:56 - 2020-08-17 17:10 - 000090112 _____ (Bernhard Millauer,Uwe Mayer, Konrad Mattheis) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\DS4Windows\WPFLocalizeExtension.dll 2021-12-19 01:56 - 2020-01-29 06:08 - 000013824 _____ (bloomtom) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\DS4Windows\HttpProgress.dll 2021-12-19 12:18 - 2021-12-19 12:18 - 000386048 _____ (Ceiridge) [Arquivo não assinado] C:\Program Files\Ceiridge\ChromeDllInjector\ChromePatcherDll_1639927084.927305.dll 2021-12-19 01:56 - 2021-03-15 21:39 - 001198080 _____ (DotNetProjects) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\DS4Windows\DotNetProjects.Wpf.Extended.Toolkit.dll 2021-12-19 01:56 - 2021-01-28 07:14 - 000334336 _____ (GitHub Community) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\DS4Windows\Microsoft.Win32.TaskScheduler.dll 2021-12-19 01:56 - 2021-01-22 02:48 - 000014848 _____ (hardcodet.net) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\DS4Windows\H.NotifyIcon.dll 2021-12-19 01:56 - 2021-01-22 02:48 - 000037376 _____ (hardcodet.net) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\DS4Windows\Hardcodet.Wpf.TaskbarNotification.dll 2022-02-25 21:03 - 2021-12-26 11:00 - 000093696 _____ (Igor Pavlov) [Arquivo não assinado] C:\Program Files\7-Zip\7-zip.dll 2022-07-04 15:36 - 2022-07-04 15:36 - 000211968 ____N (Java(TM) Native Access (JNA)) [Arquivo não assinado] C:\Users\Diego\AppData\Local\JDownloader 2.0\tmp\jna\jna5584913302839911818.dll 2022-05-28 00:58 - 2022-05-28 00:58 - 003864576 _____ (Newtonsoft) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\083eaf536b76b4c312a197083891c892\Newtonsoft.Json.ni.dll 2021-12-19 01:56 - 2021-03-25 00:05 - 000820736 _____ (NLog) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\DS4Windows\NLog.dll 2021-05-21 07:04 - 2021-05-21 07:04 - 000130048 _____ (Sam Grogan) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll 2016-05-09 09:20 - 2016-05-09 09:20 - 000132096 _____ (Seiko Epson Corporation) [Arquivo não assinado] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll 2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll 2015-12-24 13:40 - 2015-12-24 13:40 - 000500736 ____S (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\Windows\System32\enppmon.dll 2022-06-19 23:58 - 2022-05-21 08:34 - 000814080 _____ (Tabibito Technology) [Arquivo não assinado] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\IcarosPropertyHandler.dll 2021-12-19 01:56 - 2020-08-16 19:22 - 000037376 _____ (Uwe Mayer,Konrad Mattheis,Bernhard Millauer) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\DS4Windows\XAMLMarkupExtensions.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57 [140] ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_333\bin\ssv.dll [2022-06-23] (Oracle America, Inc. -> Oracle Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) BHO: Foxit PDF Editor Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin_x64.dll [2021-11-02] (FOXIT SOFTWARE INC. -> ) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_333\bin\jp2ssv.dll [2022-06-23] (Oracle America, Inc. -> Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Foxit PDF Editor Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin.dll [2021-11-02] (FOXIT SOFTWARE INC. -> ) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Toolbar: HKLM - Foxit PDF Editor Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin_x64.dll [2021-11-02] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Foxit PDF Editor Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin.dll [2021-11-02] (FOXIT SOFTWARE INC. -> ) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Incorporated) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-12-19] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2022-01-13 19:05 - 2022-07-04 14:39 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Calibre2\;C:\Program Files\dotnet\ HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "EPPCCMON" HKLM\...\StartupApproved\Run: => "PowerDVD21Agent" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\StartupFolder: => "Lingvanex Translator.lnk" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\StartupFolder: => "REDRAGON Gaming Mouse.lnk" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "CyberlinkPowerPlayerMediaServer_PowerDVD21" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "EPSDNMON" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "5dc33e66718bf8297b3b73b1e4733cd2" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "611dd93a9b5c578be68b17d997792402" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "QMxNetworkSync" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "Google Update" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "Windscribe" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "SendAnywhere" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon" HKU\S-1-5-21-2829915707-2987789524-1347783848-1001\...\StartupApproved\Run: => "4f63842c5ef1a9d4ee3c64ea199dba50" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [TCP Query User{4282B510-EF4F-44A7-B955-C568F4E61DA1}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [UDP Query User{A1957C48-4BA4-43F8-AA7B-43AADABB1A64}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [TCP Query User{CF74C44E-5D71-4B9A-AFA4-3E1CD31568A4}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{EB380E9A-B735-4553-95E6-1033D755E942}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{D0F3054D-E54E-43C3-91BF-B0CB57C1DEEA}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado] FirewallRules: [UDP Query User{C4790934-FC0E-47FA-8450-941D236B7CC3}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado] FirewallRules: [{3BB93525-A283-44B9-935E-E07C4077F87E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Pontos de Restauração ========================= 30-06-2022 13:37:29 Intel® Driver & Support Assistant 03-07-2022 17:07:36 Revo Uninstaller Pro's restore point - Adobe Acrobat DC 03-07-2022 17:28:08 Removed Adobe Acrobat DC. 03-07-2022 22:17:22 AdwCleaner_BeforeCleaning_03/07/2022_22:17:22 ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (07/04/2022 02:41:09 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\WinMerge\WinMergeU.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest. Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest. Error: (07/04/2022 02:40:31 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (07/04/2022 02:40:31 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, A system shutdown is in progress. ] Error: (07/04/2022 02:36:28 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (07/04/2022 02:36:21 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Access is denied. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {6107d93c-b74d-4758-819a-571863968ba9} Error: (07/04/2022 02:27:30 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\WinMerge\WinMergeU.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest. Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest. Error: (07/04/2022 02:27:30 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\WinMerge\WinMergeU.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest. Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest. Error: (07/03/2022 11:22:57 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Falha na geração de contexto de ativação para "C:\Program Files (x86)\WinMerge\WinMergeU.exe". Erro no arquivo de manifesto ou de política "", na linha . Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa. Os componentes conflitantes são: Componente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest. Componente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest. Erros de Sistema: ============= Error: (07/04/2022 07:08:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro: O carregamento deste driver foi bloqueado Error: (07/04/2022 07:08:09 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Diego\AppData\Local\Temp\ehdrv.sys Error: (07/04/2022 07:08:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro: O carregamento deste driver foi bloqueado Error: (07/04/2022 07:08:08 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Diego\AppData\Local\Temp\ehdrv.sys Error: (07/04/2022 07:08:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro: O carregamento deste driver foi bloqueado Error: (07/04/2022 07:08:08 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Diego\AppData\Local\Temp\ehdrv.sys Error: (07/04/2022 07:08:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço eapihdrv devido ao seguinte erro: O carregamento deste driver foi bloqueado Error: (07/04/2022 07:08:08 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Diego\AppData\Local\Temp\ehdrv.sys Windows Defender: ================ Date: 2022-07-04 14:41:22 Description: Microsoft Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:PowerShell/MaleficAms&threatid=2147805219&enterprise=0 Nome: VirTool:PowerShell/MaleficAms Gravidade: Severe Categoria: Tool Caminho: amsi:_\Device\HarddiskVolume3\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Origem da Detecção: Unknown Tipo da Detecção: Concrete Fonte da Detecção: System Usuário: NT AUTHORITY\SYSTEM Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.369.755.0, AS: 1.369.755.0, NIS: 1.369.755.0 Versão do Mecanismo: AM: 1.1.19300.2, NIS: 1.1.19300.2 Date: 2022-07-03 23:32:06 Description: Microsoft Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:PowerShell/MaleficAms&threatid=2147805219&enterprise=0 Nome: VirTool:PowerShell/MaleficAms Gravidade: Severe Categoria: Tool Caminho: amsi:_\Device\HarddiskVolume3\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Origem da Detecção: Unknown Tipo da Detecção: Concrete Fonte da Detecção: System Usuário: NT AUTHORITY\SYSTEM Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.369.723.0, AS: 1.369.723.0, NIS: 1.369.723.0 Versão do Mecanismo: AM: 1.1.19300.2, NIS: 1.1.19300.2 Date: 2022-07-03 22:59:39 Description: Microsoft Defender Antivirus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:PowerShell/MaleficAms&threatid=2147805219&enterprise=0 Nome: VirTool:PowerShell/MaleficAms Gravidade: Severe Categoria: Tool Caminho: amsi:_\Device\HarddiskVolume3\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Origem da Detecção: Unknown Tipo da Detecção: Concrete Fonte da Detecção: System Usuário: NT AUTHORITY\SYSTEM Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.369.723.0, AS: 1.369.723.0, NIS: 1.369.723.0 Versão do Mecanismo: AM: 1.1.19300.2, NIS: 1.1.19300.2 Date: 2022-07-03 22:35:10 Description: O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão. ID do Exame: {1805335D-3F43-4EA8-AB8C-ABEB0D9AD049} Tipo de Exame: Antimalware Parâmetros do Exame: Quick Scan Usuário: NT AUTHORITY\SYSTEM Date: 2022-07-03 22:10:43 Description: O exame do Microsoft Defender Antivirus foi interrompido antes da conclusão. ID do Exame: {9CE9A442-9C3F-4A8E-A1D0-3AA0860DED56} Tipo de Exame: Antimalware Parâmetros do Exame: Quick Scan Usuário: Computador\Diego Event[0] Date: 2022-07-03 19:22:12 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivirus encontrou um erro e falhou. Recurso: On Access Código do Erro: 0x8007043c Descrição do erro: This service cannot be started in Safe Mode Motivo: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. Date: 2022-07-03 17:52:53 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivirus encontrou um erro e falhou. Recurso: On Access Código do Erro: 0x8007043c Descrição do erro: This service cannot be started in Safe Mode Motivo: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. CodeIntegrity: =============== Date: 2022-07-04 20:00:20 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2022-07-04 18:35:29 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Ceiridge\ChromeDllInjector\ChromePatcherDll_1639927084.927305.dll that did not meet the Microsoft signing level requirements. ==================== Informações da Memória =========================== BIOS: American Megatrends International, LLC. 1.40 01/07/2022 placa-mãe: Micro-Star International Co., Ltd. Z590-A PRO (MS-7D09) Processador: 11th Gen Intel(R) Core(TM) i5-11400 @ 2.60GHz Percentagem de memória em uso: 33% RAM física total: 16193.62 MB RAM física disponível: 10699.96 MB Virtual Total: 18625.62 MB Virtual disponível: 12570.19 MB ==================== Drives ================================ Drive c: (WIN11-SSD-WD-1TB) (Fixed) (Total:930.77 GB) (Free:625.57 GB) (Model: WDC WDS100T2B0A-00SM50) NTFS \\?\Volume{755a15aa-edcf-414d-ab38-aab732a0b960}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS \\?\Volume{b87c39f3-6a73-4228-90dc-eb47cf4c908a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ==================== Fim de Addition.txt =======================