Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 16-10-2022 Executado por renat (23-10-2022 01:29:22) Executando a partir de C:\temp Microsoft Windows 10 Home Single Language Versão 21H1 19043.2130 (X64) (2020-10-01 05:03:28) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-2400331221-4059026756-1448463897-500 - Administrator - Disabled) Convidado (S-1-5-21-2400331221-4059026756-1448463897-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2400331221-4059026756-1448463897-503 - Limited - Disabled) renat (S-1-5-21-2400331221-4059026756-1448463897-1001 - Administrator - Enabled) => C:\Users\renat WDAGUtilityAccount (S-1-5-21-2400331221-4059026756-1448463897-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D} AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Norton 360 (Disabled - Out of date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0} AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF} AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1} FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4} FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 5KPlayer (HKLM-x32\...\5KPlayer) (Version: 6.9 - DearMob, Inc.) 7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov) ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.01.513.58212 - ABBYY) Hidden ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY) abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.08.2001 - Acer Incorporated) abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated) Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.13 - AnyDesk Software GmbH) Aplicativo da área de trabalho Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 8.5.0.17 - Autodesk) Aplicativo Itaú (HKLM-x32\...\{4B6778AC-BABE-44D4-BDF3-1BA382F7D580}) (Version: 1.0.162 - Banco Itaú) Aplicativos da Autodesk em destaque 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk) Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 8.0.23.0 - Auslogics Labs Pty Ltd) AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk) Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk) Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk) Autodesk AutoCAD 2018.1.2 (HKLM-x32\...\{b501e2dd-1001-0000-0102-2d66c6a91615}) (Version: 22.0.161.0 - Autodesk) Hidden Autodesk AutoCAD 2018.1.2 Update Combo Security Hotfix (HKLM-x32\...\{f4f9ba0b-1001-0000-0102-f66cecb16117}) (Version: 22.0.161.17 - Autodesk) Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk) Autodesk Download Manager (HKLM-x32\...\{82428C7E-8FCE-44E4-9BDD-0C2C8C26F308}) (Version: 6.1.32.0 - Autodesk, Inc.) Autodesk Genuine Service (HKLM\...\{3F9E7D4B-C2ED-48C6-ABB1-F7611724ACD9}) (Version: 5.0.0.134 - Autodesk) Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk) Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk) Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 4.0.0.28 - Autodesk) Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.9.6034 - Avast Software) Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 6.03 - Piriform) CopySpider 1.6.6 (HKLM-x32\...\{5D8A8C41-C834-42C2-94DE-94A4B899BEAB}_is1) (Version: 1.6.6 - CopySpider Software) CrystalDiskInfo 8.16.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.4 - Crystal Dew World) CutePDF Writer 3.2 (HKLM\...\CutePDF Writer Installation) (Version: 3.2 - Acro Software Inc.) Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.) Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software) Download Navigator (HKLM-x32\...\{3A3A3B34-6EA2-4031-8580-D66D29533E89}) (Version: 3.4.0 - SEIKO EPSON CORPORATION) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3019 - Acer Incorporated) EaseUS Partition Master 15.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print 2 (HKLM-x32\...\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2) Epson Easy Photo Print Plug-in for Windows Live Photo Gallery (HKLM-x32\...\EEPPPlugIn) (Version: - SEIKO EPSON Corporation) Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (HKLM-x32\...\{7B7044AE-6D1F-456D-B2BA-28BFFFAF3F71}) (Version: 1.00.0000 - SEIKO EPSON Corporation) Hidden Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation) EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION) FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production) Glary Utilities 5.179 (HKLM-x32\...\Glary Utilities 5) (Version: 5.179.0.207 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.102 - Google LLC) Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{4EB05024-F740-48CF-B9B0-62A041E22D5C}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{DD04783C-E206-46DB-97A7-1155B1C76038}) (Version: 11.6.0.1025 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5038 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{EBE12EC7-60DF-41C2-AAC8-0B2586F15C96}) (Version: 15.2.0.1020 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{EC883E72-01ED-4DED-AA46-9162C34A7D4F}) (Version: 30.100.1633.03 - Intel Corporation) Hidden Intel® Trusted Connect Service Client (HKLM\...\{75FE588B-F158-4BB3-A283-A8D18E522A52}) (Version: 1.43.301.1 - Intel Corporation) Hidden Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation) Lexmark Local Printer Settings Utility Desinstalador (HKLM\...\Lexmark Local Printer Settings Utility) (Version: - Lexmark International, Inc.) Lexmark Travel Print (HKLM\...\{7C3078BC-2239-4400-A4B6-22A87955E4E7}) (Version: 1.9.0.0 - Lexmark International, Inc.) Malwarebytes version 4.5.15.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.15.215 - Malwarebytes) Mesa Gráfica Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.31-4 - Wacom Technology Corp.) Microsoft 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.15629.20208 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.27 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.25 - Microsoft Corporation) Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden Microsoft OneDrive (HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\OneDriveSetup.exe) (Version: 22.166.0807.0002 - Microsoft Corporation) Microsoft Project - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.15629.20208 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{B409944C-1493-4B0D-A92C-2CE3C5F5F289}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{0E8D087B-5654-4010-AF4D-DE1250B8C1EB}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24212 (HKLM\...\{F20396E5-D84E-3505-A7A8-7358F0155F6C}) (Version: 14.0.24212 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24212 (HKLM\...\{FAAD7243-0141-3987-AA2F-E56B20F80E41}) (Version: 14.0.24212 - Microsoft Corporation) Hidden Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 x86 Additional Runtime - 14.10.25008 (HKLM-x32\...\{E6222D59-608C-3018-B86B-69BD241ACDE5}) (Version: 14.10.25008 - Microsoft Corporation) Hidden Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.10.25008 (HKLM-x32\...\{C6CDA568-CD91-3CA0-9EDE-DAD98A13D6E1}) (Version: 14.10.25008 - Microsoft Corporation) Hidden Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 104.0.1 (x64 en-US)) (Version: 104.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 104.0.1.8276 - Mozilla) NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden Proteção de Terminal Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.2109.63 - Trusteer) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.11 - Qualcomm Atheros) Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.75 - Qualcomm Atheros) Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.2109.63 - Trusteer) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8569 - Realtek Semiconductor Corp.) scilab-6.1.0 (64-bit) (HKLM\...\scilab-6.1.0 (64-bit)_is1) (Version: - Scilab Enterprises) Software de dispositivo do Chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Spotify Weblink (HKLM-x32\...\{8CADF0CB-E834-4019-9B11-B84E051F2A8E}) (Version: 1.16.1210 - Acer) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden Verificação de integridade do PC Windows (HKLM\...\{2403B2D2-1FDC-497D-B181-F53D079FEAAA}) (Version: 3.6.2204.08001 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1) (Version: 1.1.70.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1-2) (Version: 1.1.70.1 - LunarG, Inc.) Hidden Warsaw 2.32.0.13 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.32.0.13 - Topaz) WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) WizTree v4.08 (HKLM\...\WizTree_is1) (Version: 4.08 - Antibody Software) Zoom (HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\ZoomUMX) (Version: 5.11.1 (6602) - Zoom Video Communications, Inc.) Packages: ========= Acer Collection -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollection_1.1.3013.0_x64__48frkmn4z8aw4 [2020-01-22] (Acer Incorporated) Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2022-10-01] (Amazon.com) Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-01-22] (Autodesk Inc.) Booking.com -> C:\Program Files\WindowsApps\Booking.com_1.0.1606.2210_x64__96rgg7pjt343r [2020-01-22] (CN=Acer Incorporated) Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.24.2.0_x64__kgqvnymyfvs32 [2022-10-01] (king.com) Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.229.500.0_x64__kgqvnymyfvs32 [2022-10-22] (king.com) Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-04] (Microsoft Corporation) Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.15.523.0_x64__rz1tebttyb220 [2022-10-06] (Dolby Laboratories) eBay -> C:\Program Files\WindowsApps\eBay_1.0.1606.2210_x64__96rgg7pjt343r [2020-01-22] (CN=Acer Incorporated) Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2022-10-01] (Keeper Security Inc) Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2020-01-22] (AMZN Mobile LLC) March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_6.7.1.0_x86__h6adky7gbf63m [2022-10-04] (Gameloft SE) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-20] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-10-01] (Microsoft Studios) [MS Ad] Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.19.3101.0_x64__8wekyb3d8bbwe [2022-10-04] (Microsoft Studios) Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-22] (MAGIX) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.) O Reino Mágico da Disney -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_7.3.10.0_x86__h6adky7gbf63m [2022-10-13] (Gameloft SE) WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.84.0_x64__qt5r5pa5dyg8m [2022-10-01] (WildTangent Games) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-2400331221-4059026756-1448463897-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2400331221-4059026756-1448463897-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc. -> Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2400331221-4059026756-1448463897-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-26] (Avast Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-26] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk, Inc -> Autodesk) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-26] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2021-12-26] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Auslogics Disk Defrag Shell Context Menu 8.x] -> {CC89327D-D094-89B3-82CB-F989EE26FC51} => C:\Program Files (x86)\Auslogics\Disk Defrag\ShellExtension.ContextMenu.x64.dll [2019-02-21] (Auslogics Labs Pty Ltd -> Auslogi˜cs) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2021-12-26] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-26] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [Auslogics Disk Defrag Shell Context Menu 8.x] -> {CC89327D-D094-89B3-82CB-F989EE26FC51} => C:\Program Files (x86)\Auslogics\Disk Defrag\ShellExtension.ContextMenu.x64.dll [2019-02-21] (Auslogics Labs Pty Ltd -> Auslogi˜cs) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-09-04] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers4: [Auslogics Disk Defrag Shell Context Menu 8.x] -> {CC89327D-D094-89B3-82CB-F989EE26FC51} => C:\Program Files (x86)\Auslogics\Disk Defrag\ShellExtension.ContextMenu.x64.dll [2019-02-21] (Auslogics Labs Pty Ltd -> Auslogi˜cs) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxDTCM.dll [2018-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-26] (Avast Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2021-12-26] (Glarysoft LTD -> Glarysoft Ltd) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-09-04] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2019-03-20 11:06 - 2019-03-20 11:06 - 000212992 _____ () [Arquivo não assinado] C:\WINDOWS\System32\LMabtppm.dll 2022-09-04 02:13 - 2021-11-24 11:00 - 000093696 _____ (Igor Pavlov) [Arquivo não assinado] C:\Program Files\7-Zip\7-zip.dll 2017-10-21 18:14 - 2011-08-30 12:38 - 000558080 _____ (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\WINDOWS\System32\enppmon.dll 2017-10-21 18:14 - 2011-08-01 17:24 - 000252416 _____ (SEIKO EPSON CORPORATION) [Arquivo não assinado] C:\WINDOWS\System32\enpres.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [5362] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2334] AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [5362] AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [5362] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [5362] ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Associação (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.) HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\Software\Classes\.scr: AutoCADScriptFile => ==================== Internet Explorer (Whitelisted) ========== HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE SearchScopes: HKU\S-1-5-21-2400331221-4059026756-1448463897-1001 -> DefaultScope {92E99A73-4530-47F2-A496-3B801B58828F} URL = SearchScopes: HKU\S-1-5-21-2400331221-4059026756-1448463897-1001 -> {92E99A73-4530-47F2-A496-3B801B58828F} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2022-09-04] (Oracle America, Inc. -> Oracle Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-09-04] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-10-01] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2016-07-16 08:47 - 2016-07-16 08:45 - 000000824 ____N C:\WINDOWS\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Firewall do Windows está habilitado. Network Binding: ============= Wi-Fi: Diebold Network Monitor -> nt_wsddntf (enabled) Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled) ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "Autodesk Genuine Service " HKLM\...\StartupApproved\Run32: => "EEventManager" HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App" HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\StartupApproved\StartupFolder: => "Enviar para o OneNote.lnk" HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3589EAC0EA64E8DB89B4D1FC1ACEA683" HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\StartupApproved\Run: => "EPSDNMON" HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000002" HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{532EBC1D-B1C8-4CB8-87E1-021C1D9ABD58}] => (Allow) C:\Lexmark\Lexmark_Travel_Print\install\x64\installgui.exe => Nenhum Arquivo FirewallRules: [{1BA30255-6CA8-4A36-8AEF-69F90181BC9C}] => (Allow) C:\Lexmark\Lexmark_Travel_Print\install\x64\installgui.exe => Nenhum Arquivo FirewallRules: [{99C87660-1499-4AC6-A208-2CFA2018A426}] => (Allow) C:\Lexmark\Lexmark_Travel_Print\install\x64\installgui.exe => Nenhum Arquivo FirewallRules: [{29615BBE-3576-4E45-9CEE-2E5EEED82472}] => (Allow) C:\Lexmark\Lexmark_Travel_Print\install\x64\installgui.exe => Nenhum Arquivo FirewallRules: [{0A060E12-DB65-497C-B846-A0D300252792}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer) FirewallRules: [{138D4ED0-867C-4800-88A9-9179431BB99C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer) FirewallRules: [{59FFA278-161F-4978-A5B3-82A24B266DBD}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer) FirewallRules: [{64BB8422-B485-49F0-98D9-2AC9FA10842D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer) FirewallRules: [{6E6CF011-C74F-451D-9D6D-588013D22EBC}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => Nenhum Arquivo FirewallRules: [{DE67E19E-A7FB-4CE3-BD44-3FE31E1D8F4E}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => Nenhum Arquivo FirewallRules: [{3E69D726-034D-4D53-BD2F-D985D35F37B0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{F55FBD00-553C-45A6-BE45-E265A9003B97}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{2C9EE0EB-4030-4C77-86E6-EAE33434FA43}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{3E9AEDE0-B82E-48D1-8994-C21E0C02C504}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{A7549DCF-0C13-41C5-90B9-318C01551A81}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{00D46EF2-3525-4CDC-9FE9-7E3E31DCD728}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{893711F6-70B2-4EE7-BE9D-6FF5C698C820}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{7F9C0D6B-885F-4D9C-8CFE-36FCCCF668CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4899800B-9D49-4CAB-9341-F93BE9DCD57B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{35C8F3FF-7F1F-4BB6-A3F9-51283B2F9CFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2D661367-76CC-43D3-92E2-66400DF587D9}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) FirewallRules: [{8D2056CA-0C43-415D-B9DC-48BE8DE19E5C}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) FirewallRules: [{A84AE955-43BB-40DB-A7F7-E688A7DACDD7}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe => Nenhum Arquivo FirewallRules: [{C9E88BC8-B0EF-4009-BCAB-046B82F131EB}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe => Nenhum Arquivo FirewallRules: [{6928BCE9-7485-4220-BA4A-14577D64F906}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{3317A9EA-30F1-46BE-B8E3-1B5596F999E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{64D01452-29D1-4EB2-ABAE-11383B5F13F2}] => (Allow) C:\Users\renat\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{B4303F05-8462-4DA6-9AF1-F5CA3B42522C}] => (Allow) C:\Users\renat\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{6E7CFD0E-FC36-468C-92D1-A8A03381B432}] => (Allow) C:\Users\renat\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{A3D9F6BF-91E9-4214-BC13-B40A08B0186D}] => (Allow) C:\Lexmark\Lexmark_LPSU\LPSU\Install\x64\InstallGui.exe => Nenhum Arquivo FirewallRules: [{0F030435-9FF6-4E01-9BEF-0C83E2893268}] => (Allow) C:\Lexmark\Lexmark_LPSU\LPSU\Install\x64\InstallGui.exe => Nenhum Arquivo FirewallRules: [{3AE9EE0B-9AEB-4ABD-B6B3-5AEF1A18295D}] => (Allow) C:\Lexmark\Lexmark_Travel_Print\install\x64\installgui.exe => Nenhum Arquivo FirewallRules: [{BA859CC2-8A68-4F2D-B5A6-531413ED36AF}] => (Allow) C:\Lexmark\Lexmark_Travel_Print\install\x64\installgui.exe => Nenhum Arquivo FirewallRules: [{3AFFF454-52D1-4CD7-999F-764919B00BC1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{ED87EB69-AAE4-4808-B263-00DB454B159C}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob) FirewallRules: [UDP Query User{365C276B-E0AA-4837-8344-10B68F510972}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob) FirewallRules: [TCP Query User{68612DB0-164A-452B-9424-7121D2FE3C76}C:\program files (x86)\dearmob\5kplayer\airplay.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\airplay.exe (Digiarty Software, Inc. -> ) FirewallRules: [UDP Query User{20852B8E-27F0-4242-A599-08472858CB48}C:\program files (x86)\dearmob\5kplayer\airplay.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\airplay.exe (Digiarty Software, Inc. -> ) FirewallRules: [{61E80E86-DA22-450F-9B4D-5F1ABF368D63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{7D8BC95B-ABF8-4EC0-87ED-5DC8E50100AA}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) FirewallRules: [UDP Query User{580E9922-4AD9-4EAC-ADAB-B79FB3233F7A}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) FirewallRules: [{C23EC2B5-7AAC-4E9A-96FA-7B710B7E547E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.25\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{591AE7BD-F885-48B8-BFCE-734DF63E4806}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{87940BF1-4E78-4DA4-BFF7-E8F77D25152A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{DDE90554-C1EC-4027-AB0C-F4712CC7A3D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{95A7B61E-8B78-46CA-9679-71CAA6F08793}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{8D03E6AC-C78D-43DB-9EC0-63BCB4D16A2B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{CE61C5F9-521E-4F7D-9940-F4FCB87CA051}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software) FirewallRules: [{FA3A2F1C-8C30-4235-A14C-43CCC1450594}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{66163AE2-4AFD-49A2-A723-B6AC78483A19}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{DFAF30F2-294A-4A0D-960C-93BA6946A99F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6FF19121-987A-4C8C-BA0A-E98092808F7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{A2DCDD73-F905-4A56-8D7E-2C1FD6F295BC}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{F5496DCF-9015-4473-B8CA-EEED87368792}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{1443674C-7F95-4A92-A6A1-8E2C8E1E78CB}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{2861427C-D746-4CFF-839D-8FF6A168F3FF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{E137C45D-51FB-447D-BE80-FEF272A2098B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) FirewallRules: [{132437EB-1827-4413-AC92-390F80A07FB9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) ==================== Pontos de Restauração ========================= 14-10-2022 01:45:15 Duda 23-10-2022 01:20:11 AdwCleaner_BeforeCleaning_23/10/2022_01:20:11 ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (10/23/2022 12:37:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Nome do módulo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000001a2e6 ID do processo com falha: 0x2bd0 Hora de início do aplicativo com falha: 0x01d8e690b7257310 Caminho do aplicativo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE Caminho do módulo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE ID do Relatório: b9f11fb3-6bf4-4d8e-b2c8-d7a9de06ea92 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (10/22/2022 04:09:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Nome do módulo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000001a2e6 ID do processo com falha: 0x2674 Hora de início do aplicativo com falha: 0x01d8e649d2fc9727 Caminho do aplicativo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE Caminho do módulo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE ID do Relatório: 10717d36-ff93-4412-a939-c0b8790b38f6 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (10/22/2022 03:45:40 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Nome do módulo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000001a2e6 ID do processo com falha: 0xa38 Hora de início do aplicativo com falha: 0x01d8e5e1db1186a2 Caminho do aplicativo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE Caminho do módulo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE ID do Relatório: f0ff6fb3-cea9-4c3b-a78f-0264e67e4460 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (10/16/2022 03:52:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Nome do módulo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000001a2e6 ID do processo com falha: 0x3c4 Hora de início do aplicativo com falha: 0x01d8e190579944cb Caminho do aplicativo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE Caminho do módulo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE ID do Relatório: 3d232cc2-5fc7-44e1-a634-ebd6fe19acb8 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (10/15/2022 10:54:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Nome do módulo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000001a2e6 ID do processo com falha: 0x1d10 Hora de início do aplicativo com falha: 0x01d8e1021fba8192 Caminho do aplicativo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE Caminho do módulo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE ID do Relatório: 7f2bef2f-0d57-4148-a68c-8e4800a22c2c Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (10/15/2022 10:15:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Nome do módulo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000001a2e6 ID do processo com falha: 0x2ef8 Hora de início do aplicativo com falha: 0x01d8e0fcb3bf84cc Caminho do aplicativo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE Caminho do módulo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE ID do Relatório: 55caa79a-2274-46be-85bc-adee9d251fcc Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (10/15/2022 08:58:27 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Nome do módulo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000001a2e6 ID do processo com falha: 0x1ae8 Hora de início do aplicativo com falha: 0x01d8e0f1fa2e28ce Caminho do aplicativo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE Caminho do módulo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE ID do Relatório: 50cca9d0-e84e-4da9-ac8b-c6e673eb81a6 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (10/14/2022 05:21:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Nome do módulo com falha: E_YATII4E.EXE, versão: 7.0.2.0, carimbo de data/hora: 0x4f4adcfc Código de exceção: 0xc0000005 Deslocamento da falha: 0x000000000001a2e6 ID do processo com falha: 0xc68 Hora de início do aplicativo com falha: 0x01d8e00a8535fe47 Caminho do aplicativo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE Caminho do módulo com falha: C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE ID do Relatório: 3b227230-5755-4090-aa0a-e4a6fcf36543 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (10/23/2022 01:20:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Serviço Clique para Executar do Microsoft Office foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (10/23/2022 01:20:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Wacom Professional Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (10/23/2022 01:20:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Dynamic Application Loader Host Interface Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (10/23/2022 01:20:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço AtherosSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (10/23/2022 01:20:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço NVIDIA Display Container LS foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 1000 milissegundos: Reiniciar o serviço. Error: (10/23/2022 01:20:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Rapport Management Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 500 milissegundos: Reiniciar o serviço. Error: (10/23/2022 01:20:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) HD Graphics Control Panel Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (10/16/2022 03:31:35 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PV8TKARA) Description: O servidor {3EB3C877-1F16-487C-9050-104DBCD66683} não se registrou no DCOM dentro do tempo limite necessário. Windows Defender: ================ Date: 2022-09-04 01:36:58 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {3554CC78-FE00-4244-81BC-F08C96E8C200} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA  CodeIntegrity: =============== Date: 2022-10-23 01:14:45 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. Date: 2022-10-23 00:36:19 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements. ==================== Informações da Memória =========================== BIOS: Insyde Corp. V1.25 03/03/2017 placa-mãe: Acer Captain_SK Processador: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Percentagem de memória em uso: 52% RAM física total: 8060.22 MB RAM física disponível: 3846.93 MB Virtual Total: 9340.22 MB Virtual disponível: 5486.29 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:100 GB) (Free:30.91 GB) (Model: WD Green 2.5 240GB) NTFS Drive d: (dados) (Fixed) (Total:122.46 GB) (Free:103.45 GB) (Model: WD Green 2.5 240GB) NTFS \\?\Volume{198b2d03-7e84-4586-b853-f763a45c6a4d}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.48 GB) NTFS \\?\Volume{7437abe0-20e8-4333-af04-613e8a062e75}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fim de Addition.txt =======================