Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 28-12-2023 Executado por PC (29-12-2023 22:16:36) Executando a partir de C:\Users\PC\Downloads Microsoft Windows 11 Home Versão 22H2 22621.2861 (X64) (2023-08-24 18:11:01) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-3956414198-1852685487-3734134944-500 - Administrator - Disabled) Convidado (S-1-5-21-3956414198-1852685487-3734134944-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3956414198-1852685487-3734134944-503 - Limited - Disabled) PC (S-1-5-21-3956414198-1852685487-3734134944-1000 - Administrator - Enabled) => C:\Users\PC WDAGUtilityAccount (S-1-5-21-3956414198-1852685487-3734134944-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov) AJ139 PRO Gaming Mouse (HKLM-x32\...\{59CFE538-3A03-4574-ABB1-8B756834CFEA}_is1) (Version: 1.0 - AJAZZ) Assassin's Creed Syndicate (HKLM-x32\...\Uplay Install 1875) (Version: - Ubisoft) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blitz (HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 2.1.101 - Blitz, Inc.) BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.250.0.1070 - BlueStack Systems, Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.86.0.5599 - Electronic Arts) Hidden EA app (HKLM-x32\...\{e3f2f8c4-e441-4118-a3e4-606dc8871bc0}) (Version: 13.86.0.5599 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{ABE69317-4998-4FE9-BC3E-36AFCD2CBD49}) (Version: 1.3.82.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.) Free Download Manager (HKLM\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.19.1.5263 - Softdeluxe) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.130 - Google LLC) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) Mem Reduct (HKLM\...\memreduct) (Version: 3.3.5 - Henry++) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.91 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.91 - Microsoft Corporation) Microsoft Office Professional Plus 2021 - pt-br (HKLM\...\ProPlus2021Retail - pt-br) (Version: 16.0.17029.20068 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Need for Speed Most Wanted 2005 version 1.3 (HKLM-x32\...\Need for Speed Most Wanted 2005_is1) (Version: 1.3 - EA Games) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.5.8 - Notepad++ Team) NVIDIA Driver de áudio HD 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation) NVIDIA Driver de gráficos 546.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.29 - NVIDIA Corporation) NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation) NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20068 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden Opera GX Stable 105.0.4970.63 (HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Opera GX 105.0.4970.63) (Version: 105.0.4970.63 - Opera Software) Opera Stable 106.0.4998.19 (HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Opera 106.0.4998.19) (Version: 106.0.4998.19 - Opera Software) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Radmin VPN 1.4.1 (HKLM-x32\...\{85043D7E-1488-4ADA-A1F1-45627FFAAFF1}) (Version: 1.4.4642.1 - Famatech) Redragon Gaming Headset Driver (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006620}) (Version: 1.00.0019 - Redragon, Inc.) Riot Client (HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) Roblox Player for PC (HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\roblox-player) (Version: - Roblox Corporation) Spotify (HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Spotify) (Version: 1.2.26.1187.g36b715a1 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 148.1.10975 - Ubisoft) Uninstall Lunar Client (HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 3.1.3 - Moonsworth LLC) VALORANT (HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Riot Game valorant.live) (Version: - Riot Games, Inc) Windhawk v1.3.1 (HKLM-x32\...\Windhawk) (Version: 1.3.1 - Ramen Software) Windscribe (HKLM\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.6.14 - Windscribe Limited) WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH) Packages: ========= Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.800.344.0_x64__8wekyb3d8bbwe [2023-12-16] (Microsoft Corporation) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-12-16] (HP Inc.) Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-12-16] (Microsoft Corp.) Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10829.535.0_x64__8wekyb3d8bbwe [2023-12-17] (Microsoft Corporation) Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-12-17] (Microsoft Corporation) Notepad++ -> C:\Program Files\Notepad++\contextMenu [2023-12-16] (Notepad++) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-12-17] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2023-12-16] (Realtek Semiconductor Corp) TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2023.2.0.0_x64__v826wp6bftszj [2023-12-16] (Charles Milette) [Startup Task] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm [2023-12-16] (WhatsApp Inc.) [Startup Task] Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-12-17] (Microsoft Corporation) WinRAR -> C:\Program Files\WinRAR [2023-08-24] (win.rar GmbH) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Arquivo não assinado] ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2023-12-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\nvshext.dll [2023-11-30] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [Arquivo não assinado] ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2023-09-13 22:17 - 2023-05-19 15:19 - 000037376 _____ (Softdeluxe) [Arquivo não assinado] C:\Program Files\Softdeluxe\Free Download Manager\logger.dll 2023-09-13 22:17 - 2023-05-19 15:25 - 005979824 _____ (The Qt Company Oy -> The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\Softdeluxe\Free Download Manager\Qt5Core.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData:NT [40] AlternateDataStreams: C:\ProgramData:NT2 [732] AlternateDataStreams: C:\Users\All Users:NT [40] AlternateDataStreams: C:\Users\All Users:NT2 [732] AlternateDataStreams: C:\Users\Todos os Usuários:NT [40] AlternateDataStreams: C:\Users\Todos os Usuários:NT2 [732] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:NT [40] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:NT2 [732] AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk:FE00AE19CB [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk:4E42ED6D31 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra Ego FPS.lnk:100E6785F5 [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [3442] AlternateDataStreams: C:\Users\PC\Dados de Aplicativos:NT [40] AlternateDataStreams: C:\Users\PC\Dados de Aplicativos:NT2 [732] AlternateDataStreams: C:\Users\PC\AppData\Roaming:NT [40] AlternateDataStreams: C:\Users\PC\AppData\Roaming:NT2 [732] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6996] ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2022-05-07 02:24 - 2022-05-07 02:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img19.jpg DNS Servers: O Suporte não está conectado à internet. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está desabilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "RadminVPN" HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2" HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\StartupApproved\Run: => "Battle.net" HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\StartupApproved\Run: => "Free Download Manager" HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\StartupApproved\Run: => "RiotClient" HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\StartupApproved\Run: => "Opera GX Stable" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{B1ABF979-3AA2-4A58-834D-9400FC877977}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{779BF7E5-78F2-4ACB-8BCD-8FBD30A14A22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8A348C34-75D5-425B-832C-3B2EC920A1DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{DFCB96E6-7B8D-4A69-85AF-61CFEDD89A2C}C:\users\pc\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{4F0D9541-B818-4678-B816-6C2C9A3E21E3}C:\users\pc\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\pc\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{7FC15D13-F687-4237-8794-7E2DBBA80A5E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{11C426D8-6695-4A74-AB39-4CE12DFC28B0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{B04B4EFC-ABE6-4571-8C9E-989BFE2ED859}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5B0F865F-3DFC-41EC-91B5-CA70AB8149A0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5E75E02C-21CF-4D5C-8A64-43380948188F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{F2235E94-17AB-4A1C-AFA1-062485019D26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [TCP Query User{9FA437D8-0D6A-4D8E-9326-5B65D983CE80}C:\users\pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{B8EC9AA0-20D3-44B6-8A9B-E858CB2AAF2F}C:\users\pc\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pc\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{E98F9871-0C55-43EC-9193-36B5F24C25D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Driver Booster for Steam\DriverBooster.exe (IObit CO., LTD -> IObit) FirewallRules: [{13FE9D67-9546-4287-B099-3863E47506DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Driver Booster for Steam\DriverBooster.exe (IObit CO., LTD -> IObit) FirewallRules: [TCP Query User{217BF190-1F85-4D1F-A7A2-CE915A22ED86}C:\program files (x86)\dodi-repacks\forza horizon 5\forzahorizon5.exe] => (Allow) C:\program files (x86)\dodi-repacks\forza horizon 5\forzahorizon5.exe => Nenhum Arquivo FirewallRules: [UDP Query User{B99652C8-A105-48D9-A66F-B357C51A2F22}C:\program files (x86)\dodi-repacks\forza horizon 5\forzahorizon5.exe] => (Allow) C:\program files (x86)\dodi-repacks\forza horizon 5\forzahorizon5.exe => Nenhum Arquivo FirewallRules: [TCP Query User{53CF819C-9498-4D5B-A7B0-56B67766698E}C:\users\pc\appdata\local\temp\7zs6e78\enterprisedu.exe] => (Allow) C:\users\pc\appdata\local\temp\7zs6e78\enterprisedu.exe => Nenhum Arquivo FirewallRules: [UDP Query User{BDCB6600-9122-43C1-A374-000088124024}C:\users\pc\appdata\local\temp\7zs6e78\enterprisedu.exe] => (Allow) C:\users\pc\appdata\local\temp\7zs6e78\enterprisedu.exe => Nenhum Arquivo FirewallRules: [TCP Query User{B22F32C1-DD10-422E-9388-D99BA3F50149}C:\users\pc\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe FirewallRules: [UDP Query User{02AEA538-80A2-4B39-8713-3F9AD866FEA8}C:\users\pc\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\4dcd188552ce8876d5e55e1f6d22505109bfa4cb\zulu17.34.19-ca-jre17.0.3-win_x64\bin\javaw.exe FirewallRules: [TCP Query User{D0B2E7A7-3D42-469F-9850-21BA781304F1}C:\users\pc\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\pc\appdata\local\programs\blitz\blitz.exe () <==== ATENÇÃO [zero byte Arquivo/Pasta] FirewallRules: [UDP Query User{A9FFD6DA-84F9-4523-B39D-9D6C6AA6EB37}C:\users\pc\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\pc\appdata\local\programs\blitz\blitz.exe () <==== ATENÇÃO [zero byte Arquivo/Pasta] FirewallRules: [TCP Query User{C93DF297-1AC1-4223-9E3F-D4FA451333E7}C:\program files (x86)\call of duty\_retail_\cod.exe] => (Allow) C:\program files (x86)\call of duty\_retail_\cod.exe => Nenhum Arquivo FirewallRules: [UDP Query User{00DD41E5-CCE6-4D97-BF1C-5604E2761007}C:\program files (x86)\call of duty\_retail_\cod.exe] => (Allow) C:\program files (x86)\call of duty\_retail_\cod.exe => Nenhum Arquivo FirewallRules: [{70D74326-8126-4E67-9D68-077DE20A909D}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Arquivo não assinado] FirewallRules: [{B26224B0-AA26-49FD-A8F1-931E74E6ECC1}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Arquivo não assinado] FirewallRules: [{134FDA16-045A-4C8B-8265-6E948C4572A8}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Arquivo não assinado] FirewallRules: [{76E8D453-786C-4466-B32A-6773471B35F1}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Arquivo não assinado] FirewallRules: [{24F09EFD-C02E-477F-B559-FE226A50058D}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Arquivo não assinado] FirewallRules: [{5A5FEEE0-29D8-4F00-B258-3DF823D9D151}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [Arquivo não assinado] FirewallRules: [TCP Query User{D2CDC1C1-972A-4323-8895-A0EAF0CDD721}C:\users\pc\downloads\mx bikes 18f atualizado 24.08.2023 flima e 07king\mx bikes 18f atualizado 24.08.2023 flima e 07king\mxbikes.exe] => (Allow) C:\users\pc\downloads\mx bikes 18f atualizado 24.08.2023 flima e 07king\mx bikes 18f atualizado 24.08.2023 flima e 07king\mxbikes.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D0211D74-7017-46C9-B0CA-716B0A3DC63A}C:\users\pc\downloads\mx bikes 18f atualizado 24.08.2023 flima e 07king\mx bikes 18f atualizado 24.08.2023 flima e 07king\mxbikes.exe] => (Allow) C:\users\pc\downloads\mx bikes 18f atualizado 24.08.2023 flima e 07king\mx bikes 18f atualizado 24.08.2023 flima e 07king\mxbikes.exe => Nenhum Arquivo FirewallRules: [TCP Query User{8AB131AC-42E6-48EB-A36C-D51FE22038AD}C:\users\pc\desktop\mx bikes 18f atualizado 24.08.2023 flima e 07king\mxbikes.exe] => (Allow) C:\users\pc\desktop\mx bikes 18f atualizado 24.08.2023 flima e 07king\mxbikes.exe => Nenhum Arquivo FirewallRules: [UDP Query User{6DE20FEC-3C08-4691-8AB1-23204636CBDC}C:\users\pc\desktop\mx bikes 18f atualizado 24.08.2023 flima e 07king\mxbikes.exe] => (Allow) C:\users\pc\desktop\mx bikes 18f atualizado 24.08.2023 flima e 07king\mxbikes.exe => Nenhum Arquivo FirewallRules: [{BBE2A375-0782-400B-B35F-96871286623C}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.) FirewallRules: [{A7653A67-849F-4250-80FE-CDC977FD83B3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D6848706-CCD4-4489-BB1C-DE924F983208}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{8B3DAA6B-5B43-479B-90C7-18650D3EEB00}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{F7F0FA8F-40A8-466C-AE04-F572F80D965F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{6A47900A-AB7C-44A2-906A-B8A08E97D01B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{CC2EE94D-5E51-4C79-90D1-5F8166824B05}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{E191D478-BC5E-4D34-8AAB-E3472E8DBDFE}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{B4E76EA6-C41F-455E-9A2D-F7A43A5C6C8A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{98D9B388-2642-4DAC-9D05-459F2BADAEDF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{5588C98A-4C14-4BE7-8B09-6AFA44183DDC}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{4C427266-A2D2-40C4-9511-7F3933B27D90}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{39C21707-F102-4F75-A4ED-0062EDAC8C52}C:\program files (x86)\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [UDP Query User{83298421-404F-4C10-BC80-0ABEF3933E9C}C:\program files (x86)\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{3E91249B-8BAB-45C7-BD5F-FF66AD7A3652}] => (Allow) C:\Users\PC\AppData\Local\Temp\scoped_dir11936_157028028\hitpaw-video-enhancer.exe => Nenhum Arquivo FirewallRules: [{C178EB74-6AF6-43EB-8B4A-37FC16BD7895}] => (Allow) C:\Users\PC\AppData\Local\Temp\scoped_dir11936_157028028\hitpaw-video-enhancer.exe => Nenhum Arquivo FirewallRules: [{E4393C97-1DFF-408F-A382-896EC35D8A34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{3BB4C804-92A6-4FF0-A63E-FE20306D5465}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> ) FirewallRules: [{BBFE7F53-E000-406F-9121-A51FB27A41B7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{25D69264-BD08-4B3D-B40D-1A8A23E94AA1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E9397B7D-7722-4F20-9C26-0A40D5250809}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{EC664B50-31E9-4C53-88B9-C60D5ED4CFC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{0E4C3289-8022-4FB7-8C8F-B263B887039D}C:\program files (x86)\steam\steamapps\common\newz\infestationlauncher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\newz\infestationlauncher.exe => Nenhum Arquivo FirewallRules: [UDP Query User{F17E3059-B5D8-4EEB-85A3-8579C591A8AA}C:\program files (x86)\steam\steamapps\common\newz\infestationlauncher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\newz\infestationlauncher.exe => Nenhum Arquivo FirewallRules: [TCP Query User{A4CE6A6A-9056-48CA-949E-449DAA1E0727}C:\program files (x86)\steam\steamapps\common\newz\infestation.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\newz\infestation.exe => Nenhum Arquivo FirewallRules: [UDP Query User{25D98689-6E28-4780-BA13-ED9D79DFE093}C:\program files (x86)\steam\steamapps\common\newz\infestation.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\newz\infestation.exe => Nenhum Arquivo FirewallRules: [TCP Query User{77CA5F69-8D18-47A7-A167-5816592C1AB6}C:\users\pc\downloads\launcher\dzarmageddon\dayz_x64.exe] => (Allow) C:\users\pc\downloads\launcher\dzarmageddon\dayz_x64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{06A95837-A732-4100-BE67-53681EEF2BF1}C:\users\pc\downloads\launcher\dzarmageddon\dayz_x64.exe] => (Allow) C:\users\pc\downloads\launcher\dzarmageddon\dayz_x64.exe => Nenhum Arquivo FirewallRules: [TCP Query User{637CDD9B-E49D-476C-856F-79CC5455D007}C:\users\pc\downloads\dzstalker 1.23.157045\dzstalker 1.23.157045\dayz_x64.exe] => (Allow) C:\users\pc\downloads\dzstalker 1.23.157045\dzstalker 1.23.157045\dayz_x64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{1EAB2156-8ACC-4142-842B-D06972C36C2B}C:\users\pc\downloads\dzstalker 1.23.157045\dzstalker 1.23.157045\dayz_x64.exe] => (Allow) C:\users\pc\downloads\dzstalker 1.23.157045\dzstalker 1.23.157045\dayz_x64.exe => Nenhum Arquivo FirewallRules: [TCP Query User{23F236A0-DDFF-4889-A40E-1DA3CC60211D}C:\users\pc\appdata\local\programs\opera\opera.exe] => (Block) C:\users\pc\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [UDP Query User{2BE3179D-D140-4338-8370-A68647DC4735}C:\users\pc\appdata\local\programs\opera\opera.exe] => (Block) C:\users\pc\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{5BF39C96-7639-447B-99D4-1E9F8F973915}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3316.2574.4550_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{3A5F2D60-2E74-4189-B9BE-19508C664D09}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3316.2574.4550_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{F88352D6-6D9C-4AB4-9DB0-9973EF59F5AC}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [UDP Query User{756B82A5-11C8-4663-8D2D-030328D2860D}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games) FirewallRules: [{E4501A97-FD2C-41CA-B676-BCA4F03691E3}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) FirewallRules: [TCP Query User{811F9CD8-7D92-4A02-BD72-DBC883B8AEC0}C:\users\pc\downloads\resident.evil.4.(2023)-insaneramzes\re4.exe] => (Allow) C:\users\pc\downloads\resident.evil.4.(2023)-insaneramzes\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [UDP Query User{BDFB1C44-7538-4364-80E3-724352C39927}C:\users\pc\downloads\resident.evil.4.(2023)-insaneramzes\re4.exe] => (Allow) C:\users\pc\downloads\resident.evil.4.(2023)-insaneramzes\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{4877E33B-8E6D-4866-8C57-E07163B583E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [Arquivo não assinado] FirewallRules: [{0B5E17F0-97CC-4100-821E-54E74764425C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [Arquivo não assinado] FirewallRules: [{2F6583E8-E9CD-435B-B122-89EEDB52D8D5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.91\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8FA65FB8-6D90-43AE-98F6-83C8BF7AC941}] => (Allow) C:\Users\PC\AppData\Local\Programs\Opera\106.0.4998.19\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [TCP Query User{A06040F4-204E-42A7-8E84-2D268BA8A295}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{E2FD0B65-567C-4EDE-910E-9D341FE8E3F4}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{6D193744-0E65-4E2A-BA60-9CDE85D8A007}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Pontos de Restauração ========================= 29-12-2023 22:09:21 ZHPcleaner ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (12/29/2023 09:46:43 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\MAQUINA-SAMUELI$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 30 Dec 2023 00:46:47 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 31994cfa-ca2a-4716-b99b-0eead6407304 Método: GET(375ms) Estágio: GetCACaps Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (12/29/2023 09:46:43 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para Sistema local via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 30 Dec 2023 00:46:46 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 3ce3b499-e414-450a-b7d6-7b890969e8b9 Método: GET(390ms) Estágio: GetCACaps Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (12/29/2023 09:46:35 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Serviço não pode ser iniciado. System.NullReferenceException: Referência de objeto não definida para uma instância de um objeto. em SetupAfterRebootService.SetupARService.OnStart(String[] args) em System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (12/29/2023 07:59:01 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\MAQUINA-SAMUELI$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 29 Dec 2023 22:59:04 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 3db205d2-6e2c-491c-b535-3290cc8ef15a Método: GET(500ms) Estágio: GetCACaps Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (12/29/2023 07:59:00 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para Sistema local via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 29 Dec 2023 22:59:03 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: f0033a75-e29c-4c39-a1e1-57dc948e3335 Método: GET(407ms) Estágio: GetCACaps Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (12/29/2023 07:58:51 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Serviço não pode ser iniciado. System.NullReferenceException: Referência de objeto não definida para uma instância de um objeto. em SetupAfterRebootService.SetupARService.OnStart(String[] args) em System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (12/29/2023 06:09:42 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\MAQUINA-SAMUELI$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 29 Dec 2023 21:09:45 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 49330b11-18c2-4350-8bf0-fda2d223e487 Método: GET(360ms) Estágio: GetCACaps Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (12/29/2023 06:09:42 PM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para Sistema local via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Fri, 29 Dec 2023 21:09:45 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 5414e0d6-30cc-4748-9bff-09fb1436681a Método: GET(375ms) Estágio: GetCACaps Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Erros de Sistema: ============= Error: (12/29/2023 10:14:42 PM) (Source: Schannel) (EventID: 4108) (User: MAQUINA-SAMUELI) Description: O certificado recebido do servidor remoto não foi validado corretamente. O código de erro é 0x80092013. Falha na solicitação de conexão TLS. Os dados anexados contêm o certificado do servidor. o processo de cliente SSPI está opera_autoupdate (PID: 13132). Error: (12/29/2023 10:14:10 PM) (Source: Schannel) (EventID: 4108) (User: MAQUINA-SAMUELI) Description: O certificado recebido do servidor remoto não foi validado corretamente. O código de erro é 0x80092013. Falha na solicitação de conexão TLS. Os dados anexados contêm o certificado do servidor. o processo de cliente SSPI está opera_autoupdate (PID: 13132). Error: (12/29/2023 10:04:53 PM) (Source: Schannel) (EventID: 4108) (User: MAQUINA-SAMUELI) Description: O certificado recebido do servidor remoto não foi validado corretamente. O código de erro é 0x80092013. Falha na solicitação de conexão TLS. Os dados anexados contêm o certificado do servidor. o processo de cliente SSPI está opera_autoupdate (PID: 13884). Error: (12/29/2023 10:03:26 PM) (Source: Schannel) (EventID: 4108) (User: MAQUINA-SAMUELI) Description: O certificado recebido do servidor remoto não foi validado corretamente. O código de erro é 0x80092013. Falha na solicitação de conexão TLS. Os dados anexados contêm o certificado do servidor. o processo de cliente SSPI está opera_autoupdate (PID: 13884). Error: (12/29/2023 09:54:29 PM) (Source: DCOM) (EventID: 10010) (User: MAQUINA-SAMUELI) Description: O servidor {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} não se registrou no DCOM dentro do tempo limite necessário. Error: (12/29/2023 09:52:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço NVIDIA LocalSystem Container foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço. Error: (12/29/2023 09:52:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço EABackgroundService foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (12/29/2023 09:52:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Microsoft Office Click-to-Run Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Windows Defender: ================ Date: 2023-12-29 13:08:37 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {93AC1458-EDA8-4B43-9311-83395B6F0671} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2023-12-27 20:10:32 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {84707264-B0B2-4D34-A178-994A89A5A6E7} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2023-12-22 14:40:04 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {CD97310F-C1C4-4095-A217-4A287963A33F} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2023-12-21 15:22:45 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {A4F61293-1DB2-4CF4-AE8D-09A79EDA4A37} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2023-12-18 16:41:51 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/crack&threatid=2147734096&enterprise=0 Nome: HackTool:Win32/crack Gravidade: Alto Categoria: Ferramenta Caminho: file:_D:\PROPHET\TestDrive2.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: AUTORIDADE NT\SISTEMA Nome do Processo: C:\Program Files\Riot Vanguard\vgc.exe Versão da Inteligência de Segurança: AV: 1.403.693.0, AS: 1.403.693.0, NIS: 1.403.693.0 Versão do Mecanismo: AM: 1.1.23110.2, NIS: 1.1.23110.2 Event[0] Date: 2023-12-16 00:33:18 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança e tentará reverter para uma versão anterior. Tentativa de Inteligência de Segurança: Atual Código de erro: 0x80070003 Descrição de Erro: O sistema não pode encontrar o caminho especificado. Versão de Inteligência de Segurança: 0.0.0.0;0.0.0.0 Versão do Motor: 0.0.0.0 Date: 2023-08-27 23:10:44 Description: Microsoft Defender Antivírus encontrou um erro ao tentar restaurar um item da quarentena. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/crack&threatid=2147734096&enterprise=0 Nome: HackTool:Win32/crack Gravidade: Alto Categoria: Ferramenta Usuário: MAQUINA-SAMUELI\PC Código de Erro: 0x80508014 Descrição do erro: O item em quarentena não pode ser restaurado. Versão da Inteligência de Segurança: AV: 1.395.1435.0, AS: 1.395.1435.0 Versão do Mecanismo: 1.1.23070.1005 Date: 2023-08-27 23:10:42 Description: Microsoft Defender Antivírus encontrou um erro ao tentar restaurar um item da quarentena. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/crack&threatid=2147734096&enterprise=0 Nome: HackTool:Win32/crack Gravidade: Alto Categoria: Ferramenta Usuário: MAQUINA-SAMUELI\PC Código de Erro: 0x80508014 Descrição do erro: O item em quarentena não pode ser restaurado. Versão da Inteligência de Segurança: AV: 1.395.1435.0, AS: 1.395.1435.0 Versão do Mecanismo: 1.1.23070.1005 CodeIntegrity: =============== Date: 2023-12-29 21:49:50 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Windhawk\Engine\1.3.1\64\windhawk.dll that did not meet the Microsoft signing level requirements. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. F51 04/28/2020 placa-mãe: Gigabyte Technology Co., Ltd. A320M-S2H-CF Processador: AMD Ryzen 5 3500X 6-Core Processor Percentagem de memória em uso: 33% RAM física total: 16335.6 MB RAM física disponível: 10910.79 MB Virtual Total: 22735.6 MB Virtual disponível: 15432.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:953.09 GB) (Free:533.26 GB) (Model: Lexar SSD NM620 1TB) NTFS Drive d: () (Removable) (Total:14.63 GB) (Free:12.92 GB) FAT32 \\?\Volume{fd84c871-7489-40a1-a2ec-a3eeaae39a88}\ () (Fixed) (Total:0.67 GB) (Free:0.08 GB) NTFS \\?\Volume{54eeba88-9013-4537-80d9-71b40e42bc05}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 14.6 GB) (Disk ID: 00000000) Partition: GPT. ==================== Fim de Addition.txt =======================