Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 16-12-2022 Executado por Moskito (20-12-2022 06:35:14) Executando a partir de C:\Users\Moskito\Desktop Microsoft Windows 10 Pro Versão 22H2 19045.2251 (X64) (2022-11-30 03:01:51) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-935897308-2607802411-4247249160-500 - Administrator - Disabled) Convidado (S-1-5-21-935897308-2607802411-4247249160-501 - Limited - Disabled) DefaultAccount (S-1-5-21-935897308-2607802411-4247249160-503 - Limited - Disabled) Moskito (S-1-5-21-935897308-2607802411-4247249160-1001 - Administrator - Enabled) => C:\Users\Moskito WDAGUtilityAccount (S-1-5-21-935897308-2607802411-4247249160-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.11.2 - Advanced Micro Devices, Inc.) Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden Discord (HKU\S-1-5-21-935897308-2607802411-4247249160-1001\...\Discord) (Version: 1.0.9007 - Discord Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.69.0.5326 - Electronic Arts) Hidden EA app (HKLM-x32\...\{1e4d66dd-945a-4901-bc24-d05df39491f7}) (Version: 12.69.0.5326 - Electronic Arts) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC) HL-5450DN (HKLM-x32\...\{7171B206-5C5A-4B7F-B9E1-1F1827FC769F}) (Version: 1.1.7.0 - Brother Industries, Ltd.) Microsoft .NET Host - 6.0.11 (x64) (HKLM\...\{B92B890A-04F2-4880-BA20-20D4364FB263}) (Version: 48.47.50420 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.11 (x64) (HKLM\...\{5E63E49B-C88C-46C5-855C-A7B07C11CDC8}) (Version: 48.47.50420 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.11 (x64) (HKLM\...\{C3DD1448-513A-4DB8-978D-6991562EA63D}) (Version: 48.47.50420 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-935897308-2607802411-4247249160-1001\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM\...\{A39D4115-3A27-4245-AE92-3214B8B21932}) (Version: 48.47.50419 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM-x32\...\{c4846f79-a633-4ae4-92a3-92fdbeb33da2}) (Version: 6.0.11.31823 - Microsoft Corporation) MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD) Pacote de Driver do Windows - Realtek Semiconductor Corp. (RtkBtFilter) Bluetooth (12/12/2019 1.6.1015.3010) (HKLM\...\A251C507301C79B85C3E1CEEAA1B04A16B62832B) (Version: 12/12/2019 1.6.1015.3010 - Realtek Semiconductor Corp.) qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.0 - The qBittorrent project) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1015.1016.1016.191212 - REALTEK Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.) Red Dead Redemption 2 MULTi13 - ElAmigos versão 1311.23 (HKLM-x32\...\{FB7FE500-D70E-46E4-948A-0976F4D20BD2}_is1) (Version: 1311.23 - Rockstar Games) RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder) RyzenMasterSDK (HKLM\...\{85A2A688-4A95-4298-9FEC-F18F42B8EB7E}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 4.00 - GOG.com) Verificação de integridade do PC Windows (HKLM\...\{2403B2D2-1FDC-497D-B181-F53D079FEAAA}) (Version: 3.6.2204.08001 - Microsoft Corporation) ViGEm Bus Driver (HKLM\...\{9C581C76-2D68-40F8-AA6F-94D3C5215C05}) (Version: 1.21.442 - Nefarius Software Solutions e.U.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN) WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH) Packages: ========= Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.19.234.0_x64__dt26b99r8h8gj [2022-11-30] (Realtek Semiconductor Corp) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2022-11-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Arquivo não assinado] ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Users\Moskito\Dados de Aplicativos:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\Moskito\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== SearchScopes: HKU\S-1-5-21-935897308-2607802411-4247249160-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2022-11-29 23:37 - 2022-11-29 23:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-935897308-2607802411-4247249160-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Moskito\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\54q1wuddlex51 (1).jpg DNS Servers: 192.168.15.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{F68A1294-1126-4759-A39F-1DC269C71B77}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E5CEDFA4-E4A2-4383-A498-9A2254DDFFA1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{9A462F70-192A-42C4-AFC2-463F02114383}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C76289F3-5BC0-4F1E-8700-0B391BE156FE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{8D76CEE4-627E-4255-BB60-77671C7B95F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.) FirewallRules: [{6AC1B7AC-B7BD-4807-9B1A-DA913E2C8D03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG CORPORATION -> KRAFTON, Inc.) FirewallRules: [TCP Query User{4D90935F-7F34-40D9-80C5-ABBF66452FB0}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> KRAFTON, Inc.) FirewallRules: [UDP Query User{872C246F-6AE8-4448-B6D5-041BC536148F}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (PUBG CORPORATION -> KRAFTON, Inc.) FirewallRules: [{89CBEC71-32CA-4162-AA9C-C7E8A9A7CA17}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{25F2A00A-2212-4540-8B2D-3A4B15237818}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{4036C45C-85E1-4E50-94C6-BA93DABDA501}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B6504AAC-E58B-4CFB-8FEE-6F7AC327B0F0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{EB372734-0817-47CC-B4B9-EDCA0FAD7F6A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{F030021F-3670-4152-BF89-9595D104712D}D:\steamlibrary\steamapps\common\fifa 22\fifa22.exe] => (Allow) D:\steamlibrary\steamapps\common\fifa 22\fifa22.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [UDP Query User{DD460682-500B-43D4-9CD0-4E6EC62948C5}D:\steamlibrary\steamapps\common\fifa 22\fifa22.exe] => (Allow) D:\steamlibrary\steamapps\common\fifa 22\fifa22.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{8ED82B39-A6AA-45F2-BED7-194C02EECFC6}] => (Allow) LPort=26822 FirewallRules: [{2D0E85F4-E8C6-4A02-B9E0-703B55BB5341}] => (Allow) LPort=32683 FirewallRules: [{29996030-CB43-4E2B-8AF9-EDAFE81F3812}] => (Allow) C:\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado] FirewallRules: [{49DE488A-89FB-41D8-8AEB-707824E55297}] => (Allow) C:\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado] FirewallRules: [{3B308475-175B-47A6-A95C-CF81997BDECC}] => (Allow) D:\games\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [Arquivo não assinado] FirewallRules: [{921C744F-3940-48D7-8977-F18636DCA50C}] => (Allow) D:\games\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [Arquivo não assinado] FirewallRules: [{60748300-E117-479A-9D15-E8E941ABFDFC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{39623BEB-8A6A-472E-A732-29E391294157}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{09FFCA9F-25D5-45EB-B7F5-2BD925D2F11A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F54F8290-EE65-4490-834C-F9467F3B1ACB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2763AA7A-9CE0-4D55-952A-FDB6E2E040DB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{D95A0D25-9A51-4CAB-A700-D77735A9CC0D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Pontos de Restauração ========================= 07-12-2022 13:51:55 Ponto de Verificação Agendado 09-12-2022 01:19:10 DDU Restore Point 09-12-2022 01:24:46 Radeon Installer 14-12-2022 13:33:04 DirectX instalado 20-12-2022 04:09:51 Removed Futuremark SystemInfo ==================== Dispositivos Apresentando Falhas No Gerenciador ============ Name: AMD Crash Defender Description: AMD Crash Defender Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: AMD Service: amdfendrmgr Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (12/20/2022 06:06:18 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: PhoneExperienceHost.exe, versão: 1.22102.229.0, carimbo de data/hora: 0x6377dc84 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.19041.2193, carimbo de data/hora: 0x7f7062e1 Código de exceção: 0xe0434352 Deslocamento da falha: 0x000000000002cd29 ID do processo com falha: 0x2504 Hora de início do aplicativo com falha: 0x01d9145251a33e04 Caminho do aplicativo com falha: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: c64cfbd9-f742-4397-ab0b-954f55e3e0c0 Nome completo do pacote com falha: Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe ID do aplicativo relativo ao pacote com falha: App Error: (12/20/2022 06:06:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: PhoneExperienceHost.exe CoreCLR Version: 6.0.1222.56807 .NET Version: 6.0.12 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileLoadException: Could not load file or assembly 'libnanoapimanaged, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null'. Acesso negado. File name: 'libnanoapimanaged, Version=0.0.0.0, Culture=neutral, PublicKeyToken=null' at YourPhone.AppProxyConnection.IoC..ctor(Func`1 yppPlatform, Func`1 appProxyShoulderTap) at YourPhone.AppProxyConnection.COM.Host..ctor(Func`1 yppPlatform, Func`1 appProxyShoulderTap) at YourPhone.ScreenMirroring.Managed.RemotingModule.<>c.b__0_0(IServiceProvider sp) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitFactory(FactoryCallSite factoryCallSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitRootCache(ServiceCallSite callSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.Resolve(ServiceCallSite callSite, ServiceProviderEngineScope scope) at Microsoft.Extensions.DependencyInjection.ServiceProvider.CreateServiceAccessor(Type serviceType) at System.Collections.Concurrent.ConcurrentDictionary`2.GetOrAdd(TKey key, Func`2 valueFactory) at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type serviceType, ServiceProviderEngineScope serviceProviderEngineScope) at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngineScope.GetService(Type serviceType) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetService[T](IServiceProvider provider) at YourPhone.ScreenMirroring.Managed.RemotingModule.<>c.b__0_35(IServiceProvider sp) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitFactory(FactoryCallSite factoryCallSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitRootCache(ServiceCallSite callSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.Resolve(ServiceCallSite callSite, ServiceProviderEngineScope scope) at Microsoft.Extensions.DependencyInjection.ServiceProvider.CreateServiceAccessor(Type serviceType) at System.Collections.Concurrent.ConcurrentDictionary`2.GetOrAdd(TKey key, Func`2 valueFactory) at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type serviceType, ServiceProviderEngineScope serviceProviderEngineScope) at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngineScope.GetService(Type serviceType) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider) at YourPhone.ScreenMirroring.Managed.RemotingModule.<>c.b__0_36(IServiceProvider sp) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitFactory(FactoryCallSite factoryCallSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitRootCache(ServiceCallSite callSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.Resolve(ServiceCallSite callSite, ServiceProviderEngineScope scope) at Microsoft.Extensions.DependencyInjection.ServiceProvider.CreateServiceAccessor(Type serviceType) at System.Collections.Concurrent.ConcurrentDictionary`2.GetOrAdd(TKey key, Func`2 valueFactory) at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type serviceType, ServiceProviderEngineScope serviceProviderEngineScope) at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngineScope.GetService(Type serviceType) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetService[T](IServiceProvider provider) at YourPhone.Notifications.Managed.NotificationsModule.<>c.b__0_24(IServiceProvider sp) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitFactory(FactoryCallSite factoryCallSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitRootCache(ServiceCallSite callSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitIEnumerable(IEnumerableCallSite enumerableCallSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitNoCache(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.Resolve(ServiceCallSite callSite, ServiceProviderEngineScope scope) at Microsoft.Extensions.DependencyInjection.ServiceLookup.DynamicServiceProviderEngine.<>c__DisplayClass2_0.b__0(ServiceProviderEngineScope scope) at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type serviceType, ServiceProviderEngineScope serviceProviderEngineScope) at Microsoft.Extensions.DependencyInjection.ServiceLookup.ServiceProviderEngineScope.GetService(Type serviceType) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetServices[T](IServiceProvider provider) at YourPhone.Bootstrapper.<>c.b__4_21(IServiceProvider sp) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitFactory(FactoryCallSite factoryCallSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSiteMain(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.VisitRootCache(ServiceCallSite callSite, RuntimeResolverContext context) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteVisitor`2.VisitCallSite(ServiceCallSite callSite, TArgument argument) at Microsoft.Extensions.DependencyInjection.ServiceLookup.CallSiteRuntimeResolver.Resolve(ServiceCallSite callSite, ServiceProviderEngineScope scope) at Microsoft.Extensions.DependencyInjection.ServiceProvider.CreateServiceAccessor(Type serviceType) at System.Collections.Concurrent.ConcurrentDictionary`2.GetOrAdd(TKey key, Func`2 valueFactory) at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type serviceType, ServiceProviderEngineScope serviceProviderEngineScope) at Microsoft.Extensions.DependencyInjection.ServiceProvider.GetService(Type serviceType) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService(IServiceProvider provider, Type serviceType) at Microsoft.Extensions.DependencyInjection.ServiceProviderServiceExtensions.GetRequiredService[T](IServiceProvider provider) at YourPhone.App.OnLaunchedAsync(LaunchActivatedEventArgs args) at YourPhone.Utilities.TaskExtensions.<>c.b__6_1(Object state) at System.Threading.QueueUserWorkItemCallbackDefaultContext.Execute() at System.Threading.ThreadPoolWorkQueue.Dispatch() at System.Threading.PortableThreadPool.WorkerThread.WorkerThreadStart() at System.Threading.Thread.StartCallback() Error: (12/18/2022 11:01:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Link2EA.exe, versão: 12.69.0.5326, carimbo de data/hora: 0x6398fbca Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.2130, carimbo de data/hora: 0xb5ced1c6 Código de exceção: 0xc0000374 Deslocamento da falha: 0x00000000000ff6a9 ID do processo com falha: 0x2918 Hora de início do aplicativo com falha: 0x01d9134dda07ed7d Caminho do aplicativo com falha: C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Link2EA.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: 06302ba8-dbcb-4943-b0bc-b57c4d0c23f3 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (12/16/2022 12:13:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em Games (D:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Error: (12/10/2022 12:58:07 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: RDR2.exe, versão: 1.0.1311.23, carimbo de data/hora: 0x5f657794 Nome do módulo com falha: EMP.dll, versão: 0.0.0.0, carimbo de data/hora: 0x5f8f2687 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000037ce7 ID do processo com falha: 0x36d4 Hora de início do aplicativo com falha: 0x01d90c49bfb248cb Caminho do aplicativo com falha: D:\Games\Red Dead Redemption 2\RDR2.exe Caminho do módulo com falha: D:\Games\Red Dead Redemption 2\EMP.dll ID do Relatório: f5607fdc-42e8-4b3c-8316-687d3b46e4b7 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (12/10/2022 12:42:03 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: RDR2.exe, versão: 1.0.1311.23, carimbo de data/hora: 0x5f657794 Nome do módulo com falha: EMP.dll, versão: 0.0.0.0, carimbo de data/hora: 0x5f8f2687 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000037ce7 ID do processo com falha: 0x1b14 Hora de início do aplicativo com falha: 0x01d90c476881d25b Caminho do aplicativo com falha: D:\Games\Red Dead Redemption 2\RDR2.exe Caminho do módulo com falha: D:\Games\Red Dead Redemption 2\EMP.dll ID do Relatório: 517164a4-be0a-463d-8229-f8c616278d28 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (12/09/2022 01:19:10 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado. . Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {1f9d657c-8d45-4bf1-bd45-c55d77c8d89b} Error: (12/08/2022 09:25:10 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em Games (D:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Erros de Sistema: ============= Error: (12/20/2022 06:06:50 AM) (Source: DCOM) (EventID: 10010) (User: PC) Description: O servidor {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} não se registrou no DCOM dentro do tempo limite necessário. Error: (12/20/2022 05:37:00 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Realtek Audio Universal Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (12/20/2022 05:35:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Steam Client Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/20/2022 05:35:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço BrYNSvc foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/20/2022 05:35:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Realtek Bluetooth Device Manager Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/20/2022 05:35:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Realtek Audio Universal Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (12/20/2022 05:35:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço AMD External Events Utility foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/20/2022 05:35:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço AMD Crash Defender Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Windows Defender: ================ Date: 2022-12-20 05:06:59 Description: C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe foi impedido de modificar %userprofile%\Videos pelo Acesso Controlado a Pastas. Hora da detecção: 2022-12-20T08:06:59.653Z Usuário: PC\Moskito Caminho: %userprofile%\Videos Nome do Processo: C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe Versão da Inteligência de Segurança: 1.381.757.0 Versão do Mecanismo: 1.1.19900.2 Versão do Produto: 4.18.2211.5 Date: 2022-12-20 00:48:18 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {B3C3E3E9-20D3-4C43-AFDA-70C2D37099B9} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-12-19 12:50:40 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {D3FB2309-C4B8-4EFF-BB24-AFB0C995C679} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-12-18 00:23:27 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {A720DB71-5595-4D64-84E3-8B1A28F328DE} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2022-12-17 17:59:39 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {24FFCB5E-A25A-4C95-B4A8-7AA29059BA38} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Event[0]: Date: 2022-12-09 01:20:12 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou. Recurso: Em Tempo de Acesso Código do Erro: 0x8007043c Descrição do erro: Não é possível compartilhar este serviço no modo de segurança Motivo: A inteligência de segurança antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema. Date: 2022-12-05 20:23:48 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou. Recurso: Em Tempo de Acesso Código do Erro: 0x8007043c Descrição do erro: Não é possível compartilhar este serviço no modo de segurança Motivo: A inteligência de segurança antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema. Date: 2022-12-05 19:57:57 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou. Recurso: Em Tempo de Acesso Código do Erro: 0x8007043c Descrição do erro: Não é possível compartilhar este serviço no modo de segurança Motivo: A inteligência de segurança antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema. Date: 2022-12-05 01:18:07 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou. Recurso: Em Tempo de Acesso Código do Erro: 0x8007043c Descrição do erro: Não é possível compartilhar este serviço no modo de segurança Motivo: A inteligência de segurança antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema. Date: 2022-12-04 14:17:29 Description: O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou. Recurso: Em Tempo de Acesso Código do Erro: 0x8007043c Descrição do erro: Não é possível compartilhar este serviço no modo de segurança Motivo: A inteligência de segurança antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. P2.60 07/31/2019 placa-mãe: ASRock B450M Steel Legend Processador: AMD Ryzen 5 3600 6-Core Processor Percentagem de memória em uso: 25% RAM física total: 16315.5 MB RAM física disponível: 12151.65 MB Virtual Total: 21179.5 MB Virtual disponível: 14375.91 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:222.94 GB) (Free:94.82 GB) (Model: CT240BX500SSD1) NTFS Drive d: (Games) (Fixed) (Total:931.51 GB) (Free:713.2 GB) (Model: ST1000DM003-1ER162) NTFS \\?\Volume{b2797f1e-75f8-4ce4-b81e-1a816c7024e9}\ (Recuperação) (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS \\?\Volume{eea657bc-1aa1-42d1-80ef-921f9d917ead}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D504A083) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt =======================