Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 11.06.2024 Executado por renan (13-06-2024 23:24:52) Executando a partir de C:\Users\renan\Desktop Microsoft Windows 11 Home Single Language Versão 22H2 22621.3737 (X64) (2023-02-10 01:15:41) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-4140478933-941104255-298867293-500 - Administrator - Disabled) Convidado (S-1-5-21-4140478933-941104255-298867293-501 - Limited - Disabled) DefaultAccount (S-1-5-21-4140478933-941104255-298867293-503 - Limited - Disabled) renan (S-1-5-21-4140478933-941104255-298867293-1001 - Administrator - Enabled) => C:\Users\renan WDAGUtilityAccount (S-1-5-21-4140478933-941104255-298867293-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee (Disabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6} FW: McAfee (Enabled) {33DABA11-0345-2098-851C-6841DCAA8BCD} FW: McAfee (Enabled) {2FDD6819-222E-5E9F-F5E7-E13A2241D502} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) 888poker (HKU\S-1-5-21-4140478933-941104255-298867293-1001\...\888poker) (Version: 1.1.2.79 - 888) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1046-1033-7760-BC15014EA700}) (Version: 24.002.20759 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden Alienware CC Components for AWCC (1.1.22.0) (HKLM\...\Alienware CC Components for AWCC) (Version: 1.1.22.0 - Dell Inc) Alienware OC Controls (HKLM-x32\...\{d5d9f6bc-bc8b-426f-9eb0-007f2316280c}) (Version: 1.3.0.1239 - Dell Inc) Alienware OCControls Service Installer (HKLM\...\{842EE7ED-A2BB-4EB8-AA3C-C0579A398C2A}) (Version: 1.3.0.1239 - DELL Inc) Hidden Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team) dch_setup (HKLM-x32\...\{E5A01D3B-93C1-4619-BE74-41A19012BCA5}) (Version: 1.52.0.0 - peledami) Hidden Dell Digital Delivery Services (HKLM-x32\...\{16AE9E0C-0E0C-4AD6-82B4-D0F8AB94082F}) (Version: 5.0.86.0 - Dell Inc.) Dell Mobile Connect Driver (HKLM\...\{6F9CB82D-BC34-4FC1-B90D-AFFAC5C85E7B}) (Version: 4.1.7498 - Screenovate Technologies Ltd.) Dell Peripheral Manager (HKLM\...\Dell Peripheral Manager) (Version: 1.7.2 - Dell Inc.) Dell SupportAssist (HKLM\...\{A1FC489C-7909-4E08-9685-6C77BA2053DE}) (Version: 4.0.3.61632 - Dell Inc.) Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{39BF0E71-7A16-4A80-BBCE-FBDD2D1CC2D5}) (Version: 5.5.9.18923 - Dell Inc.) Hidden Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{f6a4df94-48f2-459a-8d40-16b1fbed13c5}) (Version: 5.5.9.18923 - Dell Inc.) Dell SupportAssist Remediation (HKLM\...\{398E49A0-84CA-43B5-A926-42EF68619E91}) (Version: 5.5.10.19019 - Dell Inc.) Hidden Dell SupportAssist Remediation (HKLM-x32\...\{3563aa3a-c8ae-48d8-ab19-b1f359265295}) (Version: 5.5.10.19019 - Dell Inc.) Dell Update for Windows Universal (HKLM\...\{183DEF89-F000-4745-81FD-3B43101D5B9F}) (Version: 5.2.0 - Dell Inc.) Dynamic Application Loader Host Interface Service (HKLM\...\{2DF0E6F6-1C0E-4AF3-BD8C-2DBD0A8A770F}) (Version: 1.0.0.0 - Intel Corporation) Hidden FMRTE 21.3.0.29 (HKLM-x32\...\{E57F691B-F2FE-4156-BF7E-339B5EF7EF92}_is1) (Version: 21.3.0.29 - FMRTE) Freemake Video Converter versão 4.1.13 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.13 - Mixbyte Inc.) Fusion Service (HKLM\...\{93D141B9-9B5E-485B-8ED1-97DE741EE768}) (Version: 2.2.14.0 - Dell.Inc) Hidden Fusion Service (HKLM-x32\...\{6e578348-d226-4341-a69f-26274feac293}) (Version: 2.2.14.0 - Dell.Inc) GGPoker (HKLM-x32\...\{66296F1C-465D-432C-BAA9-167012458278}) (Version: 1.0.0.135 - NSUS Ltd.) Goodix Fingerprint Driver (HKLM\...\{60FAB781-18F2-4D2B-A8E7-B3AADD327955}_is1) (Version: 3.0.37.300 - Goodix, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.142 - Google LLC) Hand2Note (HKLM\...\{44813ED3-731B-4E7F-B940-0622BD13C25D}) (Version: 3.3.1.52 - Hand2Note) ICMIZER (HKU\S-1-5-21-4140478933-941104255-298867293-1001\...\98ae6a83-32ab-5b3d-925e-62223f2568a9) (Version: 3.22.3 - ICMIZER Limited) Intel Software Package (HKLM-x32\...\{e1d93543-7ba0-4927-aa7f-09c5fc7f25df}) (Version: 8.7.10600.20700 - Intel) Hidden Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.7.10600.20700 - Intel Corporation) Intel(R) Icls (HKLM\...\{D404A759-EC9F-4C95-A9FD-2CC8EFF89E03}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2345.5.42.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{DD4C55D7-B644-4274-AEC9-77AAB3FB00F2}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{6204E232-6522-4B6E-B22C-4F0DF7CCA27C}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) ME WMI Provider (HKLM\...\{5C67AF85-8F17-49C9-854F-8E40208ECFBE}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel® Integrated Sensor Solution (HKLM-x32\...\{9e9834fd-84c9-48ce-af83-b764428095d5}) (Version: 3.10.100.4122 - Intel Corporation) Intel® Software Installer (HKLM-x32\...\{bddd55ff-828e-4d3d-90dd-cdcc8076d5ba}) (Version: 22.200.2.1 - Intel Corporation) Hidden IRPF 2023 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\6908-8355-8468-2086) (Version: 1.0 - Receita Federal do Brasil) IRPF 2024 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\1993-5415-4207-7595) (Version: 1.0 - Receita Federal do Brasil) IRPF2022 (HKLM-x32\...\IRPF2022) (Version: 1.8 - Receita Federal do Brasil) ISS_Drivers_x64 (HKLM\...\{AB85BCD8-DF2C-4F8B-9C68-239C04C43873}) (Version: 3.10.100.4122 - Intel Corporation) Hidden Killer Ethernet Performance Driver Suite UWD (HKLM\...\{C5B79744-CB81-4B87-AE19-3261267B6174}) (Version: 34.23.7197 - Rivet Networks) McAfee (HKLM\...\McAfee.WPS) (Version: 1.18.255.1 - McAfee, LLC) Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation) Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation) Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.92 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.92 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft Office Home and Student 2019 - pt-br (HKLM\...\HomeStudent2019Retail - pt-br) (Version: 16.0.17628.20110 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4140478933-941104255-298867293-1001\...\OneDriveSetup.exe) (Version: 24.101.0519.0010 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Hidden Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Hidden Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 (HKLM-x32\...\{1de5e707-82da-4db6-b810-5d140cc4cbb3}) (Version: 14.38.33130.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130 (HKLM\...\{C31777DB-51C1-4B19-9F80-38EF5C1D7C89}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130 (HKLM\...\{1CA7421F-A225-4A9C-B320-A36981A2B789}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation) MPC-HC 2.1.0 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 2.1.0 - MPC-HC Team) NVIDIA Driver de gráficos 552.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 552.12 - NVIDIA Corporation) NVIDIA FrameView SDK 1.2.7704.31296923 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7704.31296923 - NVIDIA Corporation) NVIDIA GeForce Experience 3.24.0.135 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.135 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20102 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars) PokerStars.es (HKLM-x32\...\PokerStars.es) (Version: - PokerStars.es) PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com) POSTFLOPIZER 1.2.1198 (HKU\S-1-5-21-4140478933-941104255-298867293-1001\...\9684b373-7cb0-5b01-a2b7-50f2fce4f93a) (Version: 1.2.1198 - ICMIZER Limited) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9422.1 - Realtek Semiconductor Corp.) RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden Shotcut (HKLM\...\Shotcut) (Version: 21.06.29 - Meltytech, LLC) SLOT POKER PRO (HKLM-x32\...\SLOT POKER PRO) (Version: ${PRODUCT_VERSION} - SLOT POKER PRO) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SupremaPoker 1.1.0 (HKLM-x32\...\{1E33CFBA-44F7-43D4-8406-FD592C106DC2}_is1) (Version: - SupremaPoker) TbtLegacyPlug (HKLM-x32\...\{488D2737-A8BE-4F2A-8A9B-AEFF2DB8833F}) (Version: 18.0.0.0 - peledami) Hidden Telegram Desktop (HKU\S-1-5-21-4140478933-941104255-298867293-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.1.6 - Telegram FZ-LLC) The Staking Machine V7.0 (HKLM-x32\...\The Staking Machine V7.0) (Version: TSM Version 7.0 R1.0.0.37 - Crystal Software) Thunderbolt™ Software (HKLM-x32\...\{fe45c26a-0029-4f1d-9d44-de5ca82f2d7d}) (Version: 1.52.0.0 - Intel(R) Corporation) USB Vibration Joystick (BM) (HKLM-x32\...\{61A994FF-DF9B-4937-9DB9-87EC4FF1B31F}) (Version: 1.00.0000 - ShanWan) Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation) Warsaw 2.44.0.16 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.44.0.16 - Topaz) WebAdvisor da McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.902 - McAfee, LLC) WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) YaPoker version 1.21.61 (HKLM-x32\...\{1B17EB4E-3E9C-4611-B8B5-31C0A00A1F78}_is1) (Version: 1.21.61 - Winning Poker Network, Inc.) Chrome apps: ============ YouTube (HKU\S-1-5-21-4140478933-941104255-298867293-1001\...\0f7785fb0fa59cb96892dd3bde75278c) (Version: 1.0 - Google\Chrome) Packages: ========= Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-15] () Alienware Command Center -> C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.7.3.0_x64__htrsf667h5kn2 [2024-04-30] (Dell Inc) Alienware Control Center -> C:\Program Files\WindowsApps\DellInc.6066037A8FCF7_1.1.36.0_x64__htrsf667h5kn2 [2024-04-14] (Dell Inc) Alienware FX 02 -> C:\Program Files\WindowsApps\DellInc.AlienwareFX02_1.2.34.0_x64__htrsf667h5kn2 [2024-04-14] (Dell Inc) Alienware FX AW20 -> C:\Program Files\WindowsApps\DellInc.Alienware.FXAW20_1.3.4.0_x64__htrsf667h5kn2 [2024-04-14] (Dell Inc) Alienware OC Controls -> C:\Program Files\WindowsApps\DellInc.423703F9C7E0E_1.4.5.0_x64__htrsf667h5kn2 [2024-03-13] (Dell Inc) Alienware Sound Center -> C:\Program Files\WindowsApps\DellInc.AlienwareSoundCenter_1.5.13.0_x64__htrsf667h5kn2 [2022-07-14] (Dell Inc) AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5536.0_x64__8j3eq9eme6ctt [2024-06-13] (INTEL CORP) [Startup Task] AppUp.ThunderboltControlCenter -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.37.0_x64__8j3eq9eme6ctt [2023-10-13] (INTEL CORP) Área de Trabalho Remota -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-06-12] (Microsoft Corporation) Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-08-16] (Microsoft Corporation) Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-23] (Microsoft Corporation) Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.5.5.0_x64__htrsf667h5kn2 [2024-05-17] (Dell Inc) Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.86.0_x64__htrsf667h5kn2 [2024-04-14] (Dell Inc) Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2024-04-14] (Screenovate Technologies) [Startup Task] Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.0.16.0_x64__htrsf667h5kn2 [2024-05-14] (Dell Inc) Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_5.2.64.0_x86__htrsf667h5kn2 [2024-02-24] (Dell Inc) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-06-13] (Disney) Dropbox - promoção -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.24.0_x64__xbfy0k16fey96 [2024-05-26] (Dropbox Inc.) Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.6017.0_x64__8wekyb3d8bbwe [2024-06-11] (Microsoft Corporation) [Startup Task] Gaming Promo -> C:\Program Files\WindowsApps\DellInc.3926769DBC762_1.0.17.0_x64__htrsf667h5kn2 [2021-03-09] (Dell Inc) Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-04-14] (INTEL CORP) Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1423.712.0_x64__rh07ty8m5nkag [2024-01-22] (INTEL CORP) [Startup Task] McAfee -> C:\Program Files\McAfee\wps\1.18.255.1 [2024-05-17] () Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-16] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-16] (Microsoft Corporation) [MS Ad] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-16] (Microsoft Corp.) Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-16] (Microsoft Corporation) MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24051.39.0_x64__cw5n1h2txyewy [2024-05-30] (Microsoft Windows) [Startup Task] Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.7.5.0_x64__bzg06mxvgh4fa [2024-06-09] (V3TApps) Movie Maker - Video Editor PRO -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-PRO_3.7.5.0_x64__bzg06mxvgh4fa [2024-06-09] (V3TApps) My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.6.0_x64__htrsf667h5kn2 [2024-05-23] (Dell Inc) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-25] (NVIDIA Corp.) Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2021-03-09] (Dell Inc) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.39.282.0_x64__dt26b99r8h8gj [2023-06-06] (Realtek Semiconductor Corp) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0 [2024-06-05] (Spotify AB) [Startup Task] WinAppRuntime.Main.1.3 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.3_3000.934.1904.0_x64__8wekyb3d8bbwe [2023-08-16] (Microsoft Corp.) WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1227.1637.0_x64__8wekyb3d8bbwe [2024-05-16] (Microsoft Corp.) WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-11] (Microsoft Corp.) WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.159.55.0_x64__8wekyb3d8bbwe [2024-06-11] (Microsoft Corp.) Windows App Runtime DDLM 3000.882.2207.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x6_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-09-20] (Microsoft Corporation) Windows App Runtime DDLM 3000.882.2207.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.3000.882.2207.0-x8_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-09-20] (Microsoft Corporation) Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-05-03] (Microsoft Corporation) Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2024-05-03] (Microsoft Corporation) Windows App Runtime DDLM 4000.964.11.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x6_4000.964.11.0_x64__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation) Windows App Runtime DDLM 4000.964.11.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.964.11.0-x8_4000.964.11.0_x86__8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation) Windows CoPilot MSIX Pack -> C:\Program Files\WindowsApps\MicrosoftWindows.Client.CoPilot_724.1301.930.5_x64__cw5n1h2txyewy [2024-04-11] (Microsoft Windows) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-06-11] (Microsoft Windows) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) CustomCLSID: HKU\S-1-5-21-4140478933-941104255-298867293-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-4140478933-941104255-298867293-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-4140478933-941104255-298867293-1001_Classes\CLSID\{e69d01c8-b418-4e5b-9206-9545b47257cc}\localserver32 -> C:\Users\renan\AppData\Local\NhNotifSys\awsc\awscns.exe (A-Volute SAS -> A-Volute) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> ) ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.18.255.1\mc-ctxmnu.dll [2024-05-17] (McAfee, LLC -> McAfee, LLC) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> ) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_e4741605e6540d22\nvshext.dll [2024-05-03] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.18.255.1\mc-ctxmnu.dll [2024-05-17] (McAfee, LLC -> McAfee, LLC) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== (As entradas podem ser listadas para serem restauradas ou removidas.) ShortcutWithArgument: C:\Users\renan\Desktop\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=agimnkijcaahngcdmfeangaknmldooml ShortcutWithArgument: C:\Users\renan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=agimnkijcaahngcdmfeangaknmldooml ShortcutWithArgument: C:\Users\renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Trunks - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\Users\renan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" ==================== Módulos Carregados (Whitelisted) ============= 2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [Arquivo não assinado] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll 2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [Arquivo não assinado] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll 2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [Arquivo não assinado] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll 2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll 2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [Arquivo não assinado] [O arquivo está em uso] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll 2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [Arquivo não assinado] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [6226] AlternateDataStreams: C:\WINDOWS\system32\Drivers\wsddfac.sys:X5ZN8aDXs4 [3506] AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [6226] AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [6226] AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [6226] ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mc-fw-host => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mc-fw-host => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-19] (McAfee, LLC -> McAfee, LLC) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-19] (McAfee, LLC -> McAfee, LLC) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-03] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2023-05-05 09:09 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-4140478933-941104255-298867293-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\renan\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\9721857035113903759\133628011103917877.jpg DNS Servers: 200.175.5.139 - 200.175.89.139 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKU\S-1-5-21-4140478933-941104255-298867293-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-4140478933-941104255-298867293-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D21A3207C313279760993974D24FC0BF" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{333CF5BF-5709-4D04-85E6-2BE25AF569BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{11ED5979-0F23-4F64-9D06-4DAF6A450890}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{FB654FE2-FAC3-4FA4-8E7A-AFFB170578FB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E34CADFF-0EB1-4828-8FAF-0A4DC3F741B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{697FCA2E-3DC4-43C5-B2E7-45C32C3765AC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{729437A3-62D1-4320-9E00-B31273C0C72A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{E987D7C6-C29E-4E9D-9E67-62D5FDFA607F}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.) FirewallRules: [{2FD65656-253C-4336-8572-BBB9E765F32D}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.) FirewallRules: [TCP Query User{9AC9DE0B-020E-40DC-896C-43CF6B4381C9}C:\programs\partygaming\ebengine\ggc5\pgwebrenderer.exe] => (Allow) C:\programs\partygaming\ebengine\ggc5\pgwebrenderer.exe (ElectraWorks Limited -> ) [Arquivo não assinado] FirewallRules: [UDP Query User{F5E27F8E-367A-4309-8C03-698CB0CBC30C}C:\programs\partygaming\ebengine\ggc5\pgwebrenderer.exe] => (Allow) C:\programs\partygaming\ebengine\ggc5\pgwebrenderer.exe (ElectraWorks Limited -> ) [Arquivo não assinado] FirewallRules: [TCP Query User{BC81EC14-C666-461B-9A11-DCDCD4042366}C:\users\renan\appdata\roaming\ggpcom\ggnet.exe] => (Allow) C:\users\renan\appdata\roaming\ggpcom\ggnet.exe (NSUS Ltd. -> ) FirewallRules: [UDP Query User{6277A1A6-AAD6-4F8B-85F1-1853500AECC8}C:\users\renan\appdata\roaming\ggpcom\ggnet.exe] => (Allow) C:\users\renan\appdata\roaming\ggpcom\ggnet.exe (NSUS Ltd. -> ) FirewallRules: [{B1789212-76B3-4C1C-AAF3-DD3F9F6247CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{C5805576-DD1C-42A7-A965-8CD49EEF0E08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{8BB66354-8AAB-4C87-ACB4-1EB876FA68E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [{833F68B8-AB35-492F-91A5-71119912D9E1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{182D38E9-662E-4330-A3DB-1F8950E7B87B}C:\users\renan\appdata\roaming\ggpcom\bin\loader\ggnet.exe] => (Allow) C:\users\renan\appdata\roaming\ggpcom\bin\loader\ggnet.exe (NSUS Limited -> ) FirewallRules: [UDP Query User{A9F254E2-42A8-4881-9B03-CAB87BA5DB4A}C:\users\renan\appdata\roaming\ggpcom\bin\loader\ggnet.exe] => (Allow) C:\users\renan\appdata\roaming\ggpcom\bin\loader\ggnet.exe (NSUS Limited -> ) FirewallRules: [TCP Query User{5439FC3E-6AE5-4263-BE55-19943AAFCA1A}C:\arquivos de programas rfb\irpf2024\jre\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2024\jre\bin\javaw.exe FirewallRules: [UDP Query User{01727498-95B1-4AFE-9D26-404B93EAAFDC}C:\arquivos de programas rfb\irpf2024\jre\bin\javaw.exe] => (Allow) C:\arquivos de programas rfb\irpf2024\jre\bin\javaw.exe FirewallRules: [TCP Query User{63826D09-0275-4461-9CF1-A5F0783AC681}C:\arquivos de programas rfb\irpf2023\jre\bin\javaw.exe] => (Block) C:\arquivos de programas rfb\irpf2023\jre\bin\javaw.exe FirewallRules: [UDP Query User{5872FB60-A71D-439C-88AB-96297FFDBA40}C:\arquivos de programas rfb\irpf2023\jre\bin\javaw.exe] => (Block) C:\arquivos de programas rfb\irpf2023\jre\bin\javaw.exe FirewallRules: [TCP Query User{CA8534C5-262A-4CA2-AC38-F87B6917A8A7}C:\program files (x86)\pokerstars.es\br\pokerstarsbr.exe] => (Allow) C:\program files (x86)\pokerstars.es\br\pokerstarsbr.exe (TSG INTERACTIVE SERVICES LIMITED -> Flutter Entertainment plc) FirewallRules: [UDP Query User{2EE93541-AAE0-489A-8B99-B7B0D8B99F4E}C:\program files (x86)\pokerstars.es\br\pokerstarsbr.exe] => (Allow) C:\program files (x86)\pokerstars.es\br\pokerstarsbr.exe (TSG INTERACTIVE SERVICES LIMITED -> Flutter Entertainment plc) FirewallRules: [{81455FCE-5B6F-469B-8F5A-6BF494CB390A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe () [Arquivo não assinado] FirewallRules: [{3E03B04F-B8EA-442C-870D-FB19710E09D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe () [Arquivo não assinado] FirewallRules: [{08F93E82-EFB1-4384-A232-4FF0245ED3C8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{67F2BFB3-25C8-4926-8B4D-F54792F48330}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{9E1ADC30-38EE-4960-8FBB-EE99F8C5C742}C:\users\renan\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\renan\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC) FirewallRules: [UDP Query User{46B676E3-D5CF-410A-9F4D-049596DE6226}C:\users\renan\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\renan\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC) FirewallRules: [{81F89BF6-1FC3-4860-87D7-C701DFEA2005}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{8BEAC600-ACEB-49CD-BC06-1BF489F4ABE9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{994EE4FC-598E-474A-9DC3-75E731D23D67}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{89C44CC3-D02F-47AD-BB93-3E4C173E9ADB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{D9F32031-B1FD-4794-B3CC-083C2F994DA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{6B95D9CD-1A3C-42D2-A96A-58EC4FFD4363}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{FC34B23D-6A2D-4743-997D-A580A2FCADC6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0D6DDFFF-507F-487B-BEEE-1CD46C387B51}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{8061D577-CEC5-4BAE-BD0F-10A7E18C097F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{C631070D-5017-4BF0-9521-A9F4BB6244BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{96B13D7F-25BD-4958-9414-494495A22D51}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.239.578.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{63FD9015-F65D-443C-94FF-E51D8540DF76}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6292E1B8-7FF8-47BA-BB1A-E2FFC96AE2EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{85F93406-CDAB-4476-81B3-864AC33D2D69}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{47509B89-274F-4E76-8A77-0AF643056E83}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E914B95D-3DD5-4BF5-B86A-53B8B2C58620}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.120.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Pontos de Restauração ========================= 11-06-2024 20:26:15 Windows Update 11-06-2024 20:26:15 Windows Update 13-06-2024 23:18:52 ZHPcleaner ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (06/13/2024 10:48:17 PM) (Source: Freemake Improver) (EventID: 0) (User: ) Description: Serviço não pode ser iniciado. System.IO.FileLoadException: Não foi possível carregar arquivo ou assembly 'Newtonsoft.Json, Version=7.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' ou uma de suas dependências. A definição do manifesto do assembly localizado não corresponde à referência do assembly. (Exceção de HRESULT: 0x80131040) Nome do arquivo: 'Newtonsoft.Json, Version=7.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' ---> System.IO.FileLoadException: Não foi possível carregar arquivo ou assembly 'Newtonsoft.Json, Version=6.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' ou uma de suas dependências. A definição do manifesto do assembly localizado não corresponde à referência do assembly. (Exceção de HRESULT: 0x80131040) Nome do arquivo: 'Newtonsoft.Json, Version=6.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' AVI: o log de associações de assembly está desativado. Para ativar o log de falhas de assembly, defina o valor do Registro [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) como 1.... Error: (06/13/2024 07:21:46 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-FHTHFTP) Description: Nome do aplicativo com falha: AWCC.exe, versão: 5.7.3.0, carimbo de data/hora: 0x6622d517 Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.22621.3672, carimbo de data/hora: 0x646c8e47 Código de exceção: 0xc000027b Deslocamento da falha: 0x00000000000ca2d3 ID do processo com falha: 0x0x1ee8 Hora de início do aplicativo com falha: 0x0x1dabde011111fed Caminho do aplicativo com falha: C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.7.3.0_x64__htrsf667h5kn2\AWCC.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll ID do Relatório: 0457e3e2-c2dd-4bcd-ade9-8f4eb5e4d127 Nome completo do pacote com falha: DellInc.AlienwareCommandCenter_5.7.3.0_x64__htrsf667h5kn2 ID do aplicativo relativo ao pacote com falha: App Error: (06/12/2024 10:39:35 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-FHTHFTP) Description: Nome do aplicativo com falha: AWCC.exe, versão: 5.7.3.0, carimbo de data/hora: 0x6622d517 Nome do módulo com falha: twinapi.appcore.dll, versão: 10.0.22621.3672, carimbo de data/hora: 0x646c8e47 Código de exceção: 0xc000027b Deslocamento da falha: 0x00000000000ca2d3 ID do processo com falha: 0x0x3528 Hora de início do aplicativo com falha: 0x0x1dabd3285feb710 Caminho do aplicativo com falha: C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.7.3.0_x64__htrsf667h5kn2\AWCC.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll ID do Relatório: 7f2d79ec-40f7-4ddf-aec3-3134bed5e091 Nome completo do pacote com falha: DellInc.AlienwareCommandCenter_5.7.3.0_x64__htrsf667h5kn2 ID do aplicativo relativo ao pacote com falha: App Error: (06/11/2024 08:04:44 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado..Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {d6bf7e90-6f16-4ead-850a-72251f80b8f0} Error: (06/11/2024 07:35:48 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado..Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante. Operação: Obtendo Dados do Gravador Contexto: Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220} Nome do Gravador: System Writer ID de Instância de Gravador: {d6bf7e90-6f16-4ead-850a-72251f80b8f0} Error: (06/11/2024 06:25:14 PM) (Source: Freemake Improver) (EventID: 0) (User: ) Description: Serviço não pode ser iniciado. System.IO.FileLoadException: Não foi possível carregar arquivo ou assembly 'Newtonsoft.Json, Version=7.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' ou uma de suas dependências. A definição do manifesto do assembly localizado não corresponde à referência do assembly. (Exceção de HRESULT: 0x80131040) Nome do arquivo: 'Newtonsoft.Json, Version=7.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' ---> System.IO.FileLoadException: Não foi possível carregar arquivo ou assembly 'Newtonsoft.Json, Version=6.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' ou uma de suas dependências. A definição do manifesto do assembly localizado não corresponde à referência do assembly. (Exceção de HRESULT: 0x80131040) Nome do arquivo: 'Newtonsoft.Json, Version=6.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' AVI: o log de associações de assembly está desativado. Para ativar o log de falhas de assembly, defina o valor do Registro [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) como 1.... Error: (06/11/2024 05:34:39 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.] Error: (06/11/2024 05:32:07 PM) (Source: Freemake Improver) (EventID: 0) (User: ) Description: Serviço não pode ser iniciado. System.IO.FileLoadException: Não foi possível carregar arquivo ou assembly 'Newtonsoft.Json, Version=7.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' ou uma de suas dependências. A definição do manifesto do assembly localizado não corresponde à referência do assembly. (Exceção de HRESULT: 0x80131040) Nome do arquivo: 'Newtonsoft.Json, Version=7.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' ---> System.IO.FileLoadException: Não foi possível carregar arquivo ou assembly 'Newtonsoft.Json, Version=6.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' ou uma de suas dependências. A definição do manifesto do assembly localizado não corresponde à referência do assembly. (Exceção de HRESULT: 0x80131040) Nome do arquivo: 'Newtonsoft.Json, Version=6.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' AVI: o log de associações de assembly está desativado. Para ativar o log de falhas de assembly, defina o valor do Registro [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) como 1.... Erros de Sistema: ============= Error: (06/13/2024 10:58:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Killer Network Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (06/13/2024 10:58:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço McAfee WebAdvisor foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 1 milissegundos: Reiniciar o serviço. Error: (06/13/2024 10:58:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Serviço Clique para Executar do Microsoft Office foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (06/13/2024 10:58:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Fusion Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (06/13/2024 10:58:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Dell Data Vault Collector foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (06/13/2024 10:58:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Dell SupportAssist Remediation foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço. Error: (06/13/2024 10:58:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Dell Digital Delivery Services foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 1000 milissegundos: Reiniciar o serviço. Error: (06/13/2024 10:58:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Dell Data Vault Processor foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. CodeIntegrity: =============== Date: 2024-06-13 23:08:42 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\DellInc.AlienwareSoundCenter\Modules\ScheduledModules\x64\AudioDevProps2.dll that did not meet the Microsoft signing level requirements. Date: 2024-06-13 23:08:41 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\DellInc.AlienwareSoundCenter\Modules\ScheduledModules\x64\NahimicOSD.dll that did not meet the Microsoft signing level requirements. Date: 2024-06-13 23:07:37 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\WPS\1.18.255.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements. ==================== Informações da Memória =========================== BIOS: Dell Inc. 1.29.0 03/07/2024 placa-mãe: Dell Inc. 0J585W Processador: Intel(R) Core(TM) i7-10750H CPU @ 2.60GHz Percentagem de memória em uso: 46% RAM física total: 16145.69 MB RAM física disponível: 8627.68 MB Virtual Total: 21009.69 MB Virtual disponível: 12531.6 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:455.15 GB) (Free:135.06 GB) (Model: IM2P33F3A NVMe ADATA 512GB) NTFS \\?\Volume{339a0fe3-6990-4c64-9b5e-15810061f87e}\ () (Fixed) (Total:1.17 GB) (Free:0.1 GB) NTFS \\?\Volume{5029ff44-c98f-4013-a5f7-66b3766572a2}\ (Image) (Fixed) (Total:18.95 GB) (Free:0.15 GB) NTFS \\?\Volume{2ad4e440-8b93-4338-85de-c938f268f75d}\ (DELLSUPPORT) (Fixed) (Total:1.38 GB) (Free:0.38 GB) NTFS \\?\Volume{39276af6-6f53-4cdb-8c8f-db249786315c}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.06 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 476.9 GB) (Disk ID: 705C56AA) Partition: GPT. ==================== Fim de Addition.txt =======================