Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 18-03-2023
Executado por clare (19-03-2023 22:28:22)
Executando a partir de C:\Users\clare\OneDrive\Área de Trabalho
Microsoft Windows 10 Home Single Language Versão 22H2 19045.2728 (X64) (2020-07-11 18:20:45)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================


(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-868159705-1825106094-3080552626-500 - Administrator - Disabled)
clare (S-1-5-21-868159705-1825106094-3080552626-1001 - Administrator - Enabled) => C:\Users\clare
Convidado (S-1-5-21-868159705-1825106094-3080552626-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-868159705-1825106094-3080552626-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-868159705-1825106094-3080552626-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Acer Jumpstart (HKLM-x32\...\{4335EAF1-21F1-43D3-8F6F-D7E481E6959A}) (Version: 3.3.19180.60 - Acer)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1046-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.14 - philandro Software GmbH)
Blackmagic RAW Common Components (HKLM\...\{8F57BC8F-7DAC-4E4B-BD13-A55B1AC0DF43}) (Version: 1.6 - Blackmagic Design)
CapCut (HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\CapCut) (Version: 1.6.1.298 - Bytedance Pte. Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.65 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 72.0.2.0 - Google LLC)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM\...\{631C57C3-B765-4327-822A-057C34D691CC}) (Version: 10.1.17695.8086 - Intel Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{C5A3E7E0-34F2-4582-A7FF-F335C8ED582B}) (Version: 2.4.09007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{310C6D71-5D6E-41EC-8D57-90A45FAFF6DB}) (Version: 16.8.0.1000 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.0.1000 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{2D79E334-B178-45B9-A2A6-7A60A084C268}) (Version: 16.8.0.1000 - Intel Corporation)
Malwarebytes version 4.5.23.241 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.23.241 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft ASP.NET Core 3.1.10 Targeting Pack (x64) (HKLM\...\{3DCD041B-A4CB-3585-893D-60E7B8D74C37}) (Version: 3.1.10.20560 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 5.0.14 Shared Framework (x64) (HKLM\...\{1DDE3A7E-9E64-38C4-A76B-EEC6CE0EC9C6}) (Version: 5.0.14.22063 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Office Access MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0015-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0016-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-00BA-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0044-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-00A1-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-001A-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0018-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-001F-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-002C-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-0019-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2010 (HKLM\...\{90140000-002A-0416-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-006E-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2010 (HKLM-x32\...\{90140000-001B-0416-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.043.0226.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
NVIDIA Driver de gráficos 531.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.29 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.0 - OBS Project)
PDFCreator (HKLM\...\{1E0CF1C6-D640-4566-8E6F-2C2708422A25}) (Version: 4.4.2 - pdfforge GmbH)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0416-0000-0000000FF1CE}_Office14.PROPLUS_{51C5D139-1A25-4F98-880C-9A1619D2882C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0416-1000-0000000FF1CE}_Office14.PROPLUS_{0852D5D5-CEE8-4D04-8106-93A6DFB09341}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0416-0000-0000000FF1CE}_Office14.PROPLUS_{2F01C7C0-8077-4C14-BC52-0A00190D386D}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0416-0000-0000000FF1CE}_Office14.PROPLUS_{E703A730-E5DD-4E57-81E9-C7BF7A89F00E}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0416-0000-0000000FF1CE}_Office14.PROPLUS_{BDE001D0-D85F-4FB5-9C32-9F5A14A03F0C}) (Version:  - Microsoft) Hidden
Software de dispositivo do Chipset Intel® (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Warsaw 2.34.1.1 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.34.1.1 - Topaz)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.5.0) (HKLM\...\Wondershare Filmora9_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoom (HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\ZoomUMX) (Version: 5.13.7 (12602) - Zoom Video Communications, Inc.)

Packages:
=========
Acer Collection S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3040.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated)
Área de Trabalho Remota da Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3005.0_x64__8wekyb3d8bbwe [2023-03-14] (Microsoft Corporation)
Assistência Rápida -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corp.)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated)
ColorNote Bloco de Notas -> C:\Program Files\WindowsApps\DBA41F73.ColorNoteNotepadNotes_1.1.0.20_neutral__3jn8vbmxrzmj2 [2023-03-13] (Social & Mobile, Inc.)
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation)
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-13] (HP Inc.)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.5.3021.0_x86__8wekyb3d8bbwe [2023-03-14] (Microsoft Studios)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2023-03-13] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2023-03-13] (CYBERLINK COM CORP)
Pride 2019 -> C:\Program Files\WindowsApps\Microsoft.Pride2019_9.0.0.0_neutral__8wekyb3d8bbwe [2023-03-13] (Microsoft Corporation)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.158.0_x64__dt26b99r8h8gj [2023-03-13] (Realtek Semiconductor Corp)
Sherlock: Casos ocultos -> C:\Program Files\WindowsApps\828B5831.SherlockHiddenMatch-3Cases_1.29.2902.0_x64__ytsefhwckbdv6 [2023-03-14] (G5 Entertainment AB)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-03-13] (Microsoft Studios) [MS Ad]
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.6.3.0_x64__t4vj0pshhgkwm [2023-03-14] (Telegram Messenger LLP) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3104.0_x64__48frkmn4z8aw4 [2023-03-13] (Acer Incorporated)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm [2023-03-14] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-03-14] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-03-14] (Microsoft Corporation)

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-868159705-1825106094-3080552626-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\clare\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => Nenhum Arquivo
CustomCLSID: HKU\S-1-5-21-868159705-1825106094-3080552626-1001_Classes\CLSID\{E5DF1139-B036-497A-A287-8A93CCD4763C} -> [MEGAsync] => C:\Users\clare\OneDrive\Documentos\MEGAsync [2020-01-03 08:40]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-14] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [Arquivo não assinado] [O arquivo está em uso]
ShellIconOverlayIdentifiers-x32: [
 MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [
 MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [
 MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-01] (Mega Limited -> )
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-01] (Mega Limited -> )
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2021-11-18] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-01] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-01] (Mega Limited -> )
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [Arquivo não assinado] [O arquivo está em uso]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\clare\AppData\Local\MEGAsync\ShellExtX64.dll [2023-03-01] (Mega Limited -> )
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.043.0226.0001\FileSyncShell64.dll [2023-03-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\72.0.2.0\drivefsext.dll [2023-03-14] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvacig.inf_amd64_0141c6d660e4d11a\nvshext.dll [2023-03-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Atalhos & WMI ========================

==================== Módulos Carregados (Whitelisted) =============

2023-03-11 11:59 - 2023-03-11 11:59 - 001530368 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\e_sqlite3.dll
2023-03-14 19:08 - 2023-03-14 19:08 - 105989120 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2023-03-14 19:08 - 2023-03-14 19:08 - 008795648 _____ () [Arquivo não assinado] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2308.6.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Arquivo não assinado] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Arquivo não assinado] c:\windows\system32\hpzipm12.dll
2018-12-03 22:19 - 2018-12-03 22:19 - 000126976 _____ (Intel Corporation) [Arquivo não assinado] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-04-17 15:49 - 2022-07-15 20:06 - 000181248 _____ (pdfforge GmbH) [Arquivo não assinado] C:\WINDOWS\System32\pdfcmon.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aGXs4 [2334]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Application Data:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Application Data:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [8946]
AlternateDataStreams: C:\ProgramData\Temp:9494338C [252]

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-868159705-1825106094-3080552626-1001 -> DefaultScope {02A9CDE3-EC5E-46C9-97A2-9075BFE987E1} URL = 
SearchScopes: HKU\S-1-5-21-868159705-1825106094-3080552626-1001 -> {02A9CDE3-EC5E-46C9-97A2-9075BFE987E1} URL = 
BHO: Sem Nome -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Nenhum Arquivo
Filter: text/xml - Nenhum Valor CLSID

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\sharepoint.com -> hxxps://clareroli-files.sharepoint.com

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2020-08-27 13:53 - 2023-03-19 22:06 - 000000860 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 platform.wondershare.com

2021-08-08 22:50 - 2021-08-08 22:50 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-868159705-1825106094-3080552626-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\clare\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall do Windows está desabilitado.

Network Binding:
=============
Wi-Fi: Diebold Network Monitor -> nt_wsddntf (enabled) 
Ethernet: Diebold Network Monitor -> nt_wsddntf (enabled) 

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: EaseUS UPDATE SERVICE => 2
MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2
MSCONFIG\Services: HPPrintScanDoctorService => 2
MSCONFIG\Services: PDF Architect 8 => 2
MSCONFIG\Services: PDF Architect 8 Creator => 3
MSCONFIG\Services: PDF Architect 8 Update Service => 3
MSCONFIG\Services: ss_conn_launcher_service => 3
MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2
MSCONFIG\Services: USER_ESRV_SVC_QUEENCREEK => 3
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "WSVCUUpdateHelper.exe"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerProgramData"
HKLM\...\StartupApproved\Run32: => "TeamsMachineUninstallerLocalAppData"
HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\StartupApproved\Run: => "CanvaAutoLaunchAvailabilityCheckAgent"
HKU\S-1-5-21-868159705-1825106094-3080552626-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{70A4D341-86A6-4D61-AA4C-9A5FD3555895}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{711B0503-FD9E-4A7B-98B2-8F1218531686}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{7CF937E2-9E6D-4B29-A252-4A799AD67363}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{2964E9E9-0634-4E79-B5A7-AF2F10AEDE24}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{306D23D0-5FE2-4316-BF4D-C87FBB2EAA0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{572EFC4B-638A-49B9-B6EE-EDD8BE2040E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FF446469-5EFB-40C7-B931-9CB480FA86AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{153D5720-51D2-442F-8FC3-632483165660}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{72F6DA85-CE05-4301-A57B-3E4CDAEC390D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CFC14462-7018-40E1-B847-F9514EA16EA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D2AB5225-CC7D-4E35-9265-8675F05C80FC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E856D362-98F1-4068-B4F2-5E08F9EDCFB7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{B4C15689-E3C5-48E5-9121-977846347BC5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{01A979B5-9AF7-409D-9DA4-C167374C30A9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{90DE60C2-28B9-44DC-9D9D-4B1D3CD52900}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{BBBCE537-B9DA-4B05-A111-CC7EE25455A0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{1E003B5F-B56A-41D0-8840-EB519C633C07}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

==================== Pontos de Restauração =========================

15-03-2023 13:25:47 Instalador de Módulos do Windows
19-03-2023 20:48:59 Driver Booster : Intel(R) UHD Graphics 620

==================== Dispositivos Apresentando Falhas No Gerenciador ============


==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (03/19/2023 10:11:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\clare\Downloads\CapCut_1_5_1_245_capcutpc_0.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.

Error: (03/19/2023 10:04:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\clare\AppData\Local\CapCut\Apps\1.6.1.298\feedbacktool.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.

Error: (03/19/2023 10:01:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\clare\AppData\Local\CapCut\Apps\CapCut.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.

Error: (03/19/2023 09:52:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\clare\AppData\Local\CapCut\Apps\CapCut.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.

Error: (03/19/2023 09:49:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\clare\AppData\Local\CapCut\Apps\CapCut.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.

Error: (03/19/2023 09:47:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Falha na geração de contexto de ativação para "C:\Users\clare\AppData\Local\CapCut\Apps\CapCut.exe". Erro no arquivo de manifesto ou de política "", na linha .
Uma versão de componente exigida pelo aplicativo está em conflito com outra versão de componente já ativa.
Os componentes conflitantes são:
Componente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_60b5254171f9507e.manifest.

Error: (03/19/2023 09:12:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance.  hr = 0x8007045b, O sistema está sendo desligado.
.

Error: (03/19/2023 09:12:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]


Erros de Sistema:
=============
Error: (03/19/2023 10:15:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Content Protection HECI Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (03/19/2023 10:15:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Adobe Acrobat Update Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (03/19/2023 10:15:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Intel(R) Dynamic Application Loader Host Interface Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (03/19/2023 10:15:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço AtherosSvc foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (03/19/2023 10:15:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço RstMwService foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (03/19/2023 10:15:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Qualcomm Atheros WLAN Driver Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).

Error: (03/19/2023 10:15:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Realtek Audio Universal Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.

Error: (03/19/2023 10:15:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço NVIDIA Display Container LS foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço.


Windows Defender:
================
Date: 2023-03-13 22:40:02
Description: 
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUAMarketing:Win32/Comscore&threatid=311418&enterprise=1
Nome: PUAMarketing:Win32/Comscore
Gravidade: Grave
Categoria: Software Potencialmente Indesejado
Caminho: file:_C:\Users\clare\AppData\Local\Temp\is-3I7LB.tmp\rk_setup.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: CLARE\clare
Nome do Processo: C:\Users\clare\AppData\Local\Temp\is-L2AT8.tmp\dvrsetup.tmp
Versão da Inteligência de Segurança: AV: 1.383.1760.0, AS: 1.383.1760.0, NIS: 1.383.1760.0
Versão do Mecanismo: AM: 1.1.20100.6, NIS: 1.1.20100.6

Date: 2023-02-24 14:16:44
Description: 
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=1
Nome: HackTool:Win32/AutoKMS
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Windows\KMSEmulator.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: CLARE\clare
Nome do Processo: C:\Users\clare\Downloads\office 2010\Office 2010 Toolkit.exe
Versão da Inteligência de Segurança: AV: 1.381.80.0, AS: 1.381.80.0, NIS: 1.381.80.0
Versão do Mecanismo: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2023-02-24 14:15:19
Description: 
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS.E!MSR&threatid=2147743252&enterprise=1
Nome: HackTool:Win32/AutoKMS.E!MSR
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Users\clare\Downloads\office 2010\Office 2010 Toolkit.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: CLARE\clare
Nome do Processo: C:\Windows\explorer.exe
Versão da Inteligência de Segurança: AV: 1.381.80.0, AS: 1.381.80.0, NIS: 1.381.80.0
Versão do Mecanismo: AM: 1.1.19900.2, NIS: 1.1.19900.2

Date: 2022-08-24 13:29:47
Description: 
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=1
Nome: HackTool:Win32/Keygen
Gravidade: Alto
Categoria: Ferramenta
Caminho: file:_C:\Windows\KMSEmulator.exe
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: CLARE\clare
Nome do Processo: C:\Users\clare\OneDrive\Área de Trabalho\office 2010\office 2010\autenticar office 2010\Office 2010 Toolkit.exe
Versão da Inteligência de Segurança: AV: 1.341.201.0, AS: 1.341.201.0, NIS: 1.341.201.0
Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2022-08-24 13:27:50
Description: 
Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado.
Para obter mais informações, veja a seguir:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=1
Nome: HackTool:Win32/Keygen
Gravidade: Alto
Categoria: Ferramenta
Caminho: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\Windows\KMSEmulator.exe; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22775DAB-9D15-4631-AC94-F458547C1D63}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS
Origem da Detecção: Computador local
Tipo da Detecção: Concreto
Fonte da Detecção: Proteção em Tempo Real
Usuário: CLARE\clare
Nome do Processo: C:\Users\clare\OneDrive\Área de Trabalho\office 2010\office 2010\autenticar office 2010\Office 2010 Toolkit.exe
Versão da Inteligência de Segurança: AV: 1.341.201.0, AS: 1.341.201.0, NIS: 1.341.201.0
Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4
Event[0]:

Date: 2023-03-13 22:27:32
Description: 
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança: 
Versão da Inteligência de Segurança anterior: 1.383.1760.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo: 
Versão Anterior do Mecanismo: 1.1.20100.6
Código de Erro: 0x80070102
Descrição do Erro: O tempo limite de espera foi atingido. 

Date: 2023-01-08 23:34:22
Description: 
O recurso de Proteção em Tempo Real do Microsoft Defender Antivírus encontrou um erro e falhou.
Recurso: Sistema de Inspeção de Rede
Código do Erro: 0x8007041d
Descrição do erro: O serviço não respondeu à requisição de início ou controle em tempo hábil. 
Motivo: O sistema não possui atualizações que são necessárias para executar o Sistema de Inspeção de Rede. Instale as atualizações necessárias e reinicie o dispositivo.

Date: 2022-11-18 23:32:49
Description: 
Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança.
Nova Versão da Inteligência de Segurança: 
Versão da Inteligência de Segurança anterior: 1.375.781.0
Fonte da Atualização: Servidor do Microsoft Update
Tipo da Inteligência de Segurança: Antivírus
Tipo da atualização: Completa
Usuário: AUTORIDADE NT\SISTEMA
Versão Atual do Mecanismo: 
Versão Anterior do Mecanismo: 1.1.19600.3
Código de Erro: 0x8024001e
Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte. 

CodeIntegrity:
===============
Date: 2023-03-19 21:46:24
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\72.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-03-19 17:12:17
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Topaz OFD\Warsaw\wslbdhm64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-03-14 18:12:50
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Topaz OFD\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-03-14 18:12:48
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Topaz OFD\Warsaw\wslbscr64.dll that did not meet the Microsoft signing level requirements.


==================== Informações da Memória =========================== 

BIOS: Insyde Corp. V1.14 05/24/2019
placa-mãe: WL Raticate_WL
Processador: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Percentagem de memória em uso: 30%
RAM física total: 16232.24 MB
RAM física disponível: 11296.7 MB
Virtual Total: 38232.24 MB
Virtual disponível: 33245.28 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:480.98 GB) (Model: WDC WD10SPZX-21Z10T0) NTFS

\\?\Volume{a1ec22da-27c4-433e-aafc-4fcca9655532}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.48 GB) NTFS
\\?\Volume{56eb7a99-f1ba-431f-b0ca-223b99f831c2}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 65632B75)

Partition: GPT.

==================== Fim de Addition.txt =======================