Ir ao conteúdo
  • Cadastre-se

Felipeeeeeee

Membro Júnior
  • Total de itens

    14
  • Cadastrado em

  • Última visita

  • Qualificações

    0%

Reputação

0

Informações gerais

  • Cidade e Estado
    Belo Horizonte/MG
  • Sexo
    Masculino
  1. Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 20-06-2021 Executado por felip (23-06-2021 15:05:00) Run:1 Executando a partir de C:\Users\felip\OneDrive\Área de Trabalho Perfis Carregados: felip Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: C:\Users\felip\AppData\Local\Update C:\Users\felip\AppData\Local\Packages\Update C:\Users\felip\AppData\Local\Mozilla\Update C:\Users\felip\AppData\Local\Microsoft\Update C:\Users\felip\AppData\Local\Janma C:\Users\felip\AppData\Local\Google\Update GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO Task: {0928BCB7-8B6D-40F0-9861-639216FC6677} - System32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe [5133296 2020-04-08] (NVIDIA Corporation -> Nvidia Corporation) Task: {0F9A88AD-53BA-4E06-9EA3-8783A3458C23} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {13A9CA92-862F-449E-BA46-13F37B532F53} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1841AAF2-FDCB-443E-B704-6068C7DDA6FE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {18D0B1F7-FD42-45E9-B36F-F18FE78886F6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1C38EFE3-1906-49BA-9F30-220E9A39F529} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {1F8E7755-51F9-4C85-AB39-E4A8FD139306} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {204F2FE0-91A9-48E7-9D4F-3F719A458C49} - System32\Tasks\UpdateCore0x303 => C:\Users\felip\AppData\Local\Mozilla\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {2138255C-A049-413E-8DAE-981A8D2605EA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2946564D-2D39-4D3D-9EEC-3A656EDF1FD5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {29C0E3DE-2CDB-4BB1-9E6A-43D613734261} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615911494 => C:\Users\felip\AppData\Local\Programs\Opera GX\launcher.exe [1861840 2021-06-10] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\felip\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {29C25E45-FA7E-499E-BD3C-F82319D3840C} - System32\Tasks\Opera GX scheduled Autoupdate 1607473347 => C:\Users\felip\AppData\Local\Programs\Opera GX\launcher.exe [1861840 2021-06-10] (Opera Software AS -> Opera Software) Task: {44B14828-AA9A-4A05-909C-6AD46586AEB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4EDDACA3-753B-4714-B05C-8751809F6519} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {5C6C99B3-3430-4E6E-95AD-3387EC1E4515} - System32\Tasks\UpdateCore0x301 => C:\Users\felip\AppData\Local\Packages\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {63D98729-8A01-4AD1-9F40-120294385E30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {679CC634-EA5C-4E3B-8B5F-4FBEF6CEE5A4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {77E84C17-FEB2-4705-9BFA-867898811816} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {78EEFFB8-9394-473F-AEBA-85D5087FE1E8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {94529F77-DC6A-4A85-9A3D-CA08DD913CE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-19] (Google LLC -> Google LLC) Task: {94E36A01-D878-4646-B2B5-296A93FA1D54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {98C73B4D-191E-4DC8-822E-E8ADE381319C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Task: {A5F0E1E0-FAF0-4DCB-9316-53BFE9106672} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A6BC8198-85E5-4AB3-B9BE-12ECC6C42498} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {C4669F48-8E21-44FF-A2F5-755B7B6FF304} - System32\Tasks\UpdateCore0x300 => C:\Users\felip\AppData\Local\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {CCE75AE7-2772-439D-AA94-7C0F54AA6795} - System32\Tasks\UpdateCore0x302 => C:\Users\felip\AppData\Local\Google\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {D881014A-7493-4500-A2D8-393D36E3BDCF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DBABFA16-DAC9-4473-8586-269ABCD623C9} - System32\Tasks\UpdateCore0x304 => C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {DC3F3B93-A2DD-4D24-AC2B-D31B0D490D29} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4524416 2021-06-17] (Microsoft Corporation -> Microsoft Corporation) Task: {E1E10EE5-F043-41BD-B573-3DADC61B9D04} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E98CD4EA-C7AE-4FAB-A235-80455E8586A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Task: {FD0BBD48-21CC-40FC-9C29-AAA8EADEC26A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-19] (Google LLC -> Google LLC) PowerShell: $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "µTorrent"} PowerShell: $app.Uninstall() AlternateDataStreams: C:\WINDOWS\System32:tdsrinu.gfc [5882] AlternateDataStreams: C:\Users\felip\Dados de Aplicativos:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\felip\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: CreateRestorePoint: ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. C:\Users\felip\AppData\Local\Update => movido com sucesso C:\Users\felip\AppData\Local\Packages\Update => movido com sucesso C:\Users\felip\AppData\Local\Mozilla\Update => movido com sucesso C:\Users\felip\AppData\Local\Microsoft\Update => movido com sucesso C:\Users\felip\AppData\Local\Janma => movido com sucesso C:\Users\felip\AppData\Local\Google\Update => movido com sucesso C:\WINDOWS\system32\GroupPolicy\Machine => movido com sucesso C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido com sucesso C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido com sucesso C:\ProgramData\NTUSER.pol => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0928BCB7-8B6D-40F0-9861-639216FC6677}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0928BCB7-8B6D-40F0-9861-639216FC6677}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0F9A88AD-53BA-4E06-9EA3-8783A3458C23}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F9A88AD-53BA-4E06-9EA3-8783A3458C23}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13A9CA92-862F-449E-BA46-13F37B532F53}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13A9CA92-862F-449E-BA46-13F37B532F53}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1841AAF2-FDCB-443E-B704-6068C7DDA6FE}" => não encontrado (a) C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18D0B1F7-FD42-45E9-B36F-F18FE78886F6}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18D0B1F7-FD42-45E9-B36F-F18FE78886F6}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1C38EFE3-1906-49BA-9F30-220E9A39F529}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C38EFE3-1906-49BA-9F30-220E9A39F529}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F8E7755-51F9-4C85-AB39-E4A8FD139306}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F8E7755-51F9-4C85-AB39-E4A8FD139306}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{204F2FE0-91A9-48E7-9D4F-3F719A458C49}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{204F2FE0-91A9-48E7-9D4F-3F719A458C49}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\UpdateCore0x303 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdateCore0x303" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2138255C-A049-413E-8DAE-981A8D2605EA}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2138255C-A049-413E-8DAE-981A8D2605EA}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2946564D-2D39-4D3D-9EEC-3A656EDF1FD5}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2946564D-2D39-4D3D-9EEC-3A656EDF1FD5}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{29C0E3DE-2CDB-4BB1-9E6A-43D613734261}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29C0E3DE-2CDB-4BB1-9E6A-43D613734261}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Opera GX scheduled assistant Autoupdate 1615911494 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera GX scheduled assistant Autoupdate 1615911494" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{29C25E45-FA7E-499E-BD3C-F82319D3840C}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29C25E45-FA7E-499E-BD3C-F82319D3840C}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Opera GX scheduled Autoupdate 1607473347 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera GX scheduled Autoupdate 1607473347" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44B14828-AA9A-4A05-909C-6AD46586AEB9}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44B14828-AA9A-4A05-909C-6AD46586AEB9}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Verification" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EDDACA3-753B-4714-B05C-8751809F6519}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EDDACA3-753B-4714-B05C-8751809F6519}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C6C99B3-3430-4E6E-95AD-3387EC1E4515}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C6C99B3-3430-4E6E-95AD-3387EC1E4515}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\UpdateCore0x301 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdateCore0x301" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63D98729-8A01-4AD1-9F40-120294385E30}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63D98729-8A01-4AD1-9F40-120294385E30}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{679CC634-EA5C-4E3B-8B5F-4FBEF6CEE5A4}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{679CC634-EA5C-4E3B-8B5F-4FBEF6CEE5A4}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77E84C17-FEB2-4705-9BFA-867898811816}" => não encontrado (a) C:\WINDOWS\System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78EEFFB8-9394-473F-AEBA-85D5087FE1E8}" => não encontrado (a) C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates Logon => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates Logon" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{94529F77-DC6A-4A85-9A3D-CA08DD913CE7}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94529F77-DC6A-4A85-9A3D-CA08DD913CE7}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94E36A01-D878-4646-B2B5-296A93FA1D54}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94E36A01-D878-4646-B2B5-296A93FA1D54}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98C73B4D-191E-4DC8-822E-E8ADE381319C}" => não encontrado (a) C:\WINDOWS\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentLogOn2016" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5F0E1E0-FAF0-4DCB-9316-53BFE9106672}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5F0E1E0-FAF0-4DCB-9316-53BFE9106672}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6BC8198-85E5-4AB3-B9BE-12ECC6C42498}" => não encontrado (a) C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates 2.0" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C4669F48-8E21-44FF-A2F5-755B7B6FF304}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4669F48-8E21-44FF-A2F5-755B7B6FF304}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\UpdateCore0x300 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdateCore0x300" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CCE75AE7-2772-439D-AA94-7C0F54AA6795}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCE75AE7-2772-439D-AA94-7C0F54AA6795}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\UpdateCore0x302 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdateCore0x302" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D881014A-7493-4500-A2D8-393D36E3BDCF}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D881014A-7493-4500-A2D8-393D36E3BDCF}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DBABFA16-DAC9-4473-8586-269ABCD623C9}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DBABFA16-DAC9-4473-8586-269ABCD623C9}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\UpdateCore0x304 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UpdateCore0x304" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC3F3B93-A2DD-4D24-AC2B-D31B0D490D29}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC3F3B93-A2DD-4D24-AC2B-D31B0D490D29}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\OneDrive Per-Machine Standalone Update Task => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Per-Machine Standalone Update Task" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1E10EE5-F043-41BD-B573-3DADC61B9D04}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1E10EE5-F043-41BD-B573-3DADC61B9D04}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E98CD4EA-C7AE-4FAB-A235-80455E8586A9}" => não encontrado (a) C:\WINDOWS\System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\OfficeTelemetryAgentFallBack2016" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD0BBD48-21CC-40FC-9C29-AAA8EADEC26A}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD0BBD48-21CC-40FC-9C29-AAA8EADEC26A}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso. ========= $app = Get-WmiObject -Class Win32_Product -ComputerName . | Where-Object -FilterScript {$_.Name -eq "µTorrent"} ========= ========= Fim de Powershell: ========= ========= $app.Uninstall() ========= Não é possível chamar um método em uma expressão de valor nulo. No C:\FRST\tmp.ps1:1 caractere:1 + $app.Uninstall() + ~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (:) [], RuntimeException + FullyQualifiedErrorId : InvokeMethodOnNull ========= Fim de Powershell: ========= C:\WINDOWS\System32 => ":tdsrinu.gfc" ADS removido (a) com sucesso. C:\Users\felip\Dados de Aplicativos => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removido (a) com sucesso. "C:\Users\felip\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS não encontrado (a). ========= ipconfig /flushdns ========= Configura‡Æo de IP do Windows Libera‡Æo do Cache do DNS Resolver bem-sucedida. ========= Fim de CMD: ========= ========= RemoveProxy: ========= "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. "HKU\S-1-5-21-4088500517-2565616627-243635623-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso. "HKU\S-1-5-21-4088500517-2565616627-243635623-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso. ========= Fim de RemoveProxy: ========= Ponto de Restauração criado com sucesso. =========== EmptyTemp: ========== BITS transfer queue => 10510336 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43590928 B Java, Flash, Steam htmlcache => 314407793 B Windows/system/drivers => 17516668 B Edge => 159870 B Chrome => 598833376 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 38895 B systemprofile32 => 46364754 B LocalService => 46373100 B NetworkService => 46871368 B felip => 56259571 B RecycleBin => 4632068063 B EmptyTemp: => 5.4 GB de dados temporários Removidos. ================================ O sistema precisou ser reiniciado. ==== Fim de Fixlog 15:06:00 ====
  2. Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 20-06-2021 Executado por felip (21-06-2021 14:48:25) Executando a partir de C:\Users\felip\Downloads Windows 10 Pro Versão 20H2 19042.1052 (X64) (2020-11-06 06:43:20) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-4088500517-2565616627-243635623-500 - Administrator - Disabled) Convidado (S-1-5-21-4088500517-2565616627-243635623-501 - Limited - Disabled) DefaultAccount (S-1-5-21-4088500517-2565616627-243635623-503 - Limited - Disabled) felip (S-1-5-21-4088500517-2565616627-243635623-1001 - Administrator - Enabled) => C:\Users\felip WDAGUtilityAccount (S-1-5-21-4088500517-2565616627-243635623-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated) Adobe Photoshop (Prerelease) (HKLM-x32\...\PHSP_22_0) (Version: 22.0.0.1012 - Adobe Inc.) Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blitz (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.14.21 - Blitz, Inc.) Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.) CPUID HWMonitor 1.44 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.44 - CPUID, Inc.) Discord (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) EA Desktop (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.97.4936 - Electronic Arts) Hidden EA Desktop (HKLM-x32\...\{665a8009-f578-4f43-bd58-d5d9dadde75b}) (Version: 12.0.97.4936 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{5C101FC6-6A4B-43AF-A03C-A0776244700A}) (Version: 1.1.293.0 - Epic Games, Inc.) FIFA 21 (HKLM-x32\...\{A918ACE7-A83B-41F4-8746-AEF8DC821879}) (Version: 1.0.70.18952 - Electronic Arts) FiveM (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\CitizenFX_FiveM) (Version: - Cfx.re) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.106 - Google LLC) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hearthstone Deck Tracker (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\HearthstoneDeckTracker) (Version: 1.14.0 - HearthSim) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) League of Legends PBE (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Microsoft .NET Framework 4.7.2 SDK (HKLM-x32\...\{F42C96C1-746B-442A-B58C-9F0FD5F3AB8A}) (Version: 4.7.03081 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 Targeting Pack (ENU) (HKLM-x32\...\{B517DBD3-B542-4FC8-9957-FFB2C3E65D1D}) (Version: 4.7.03062 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.54 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.54 - Microsoft Corporation) Microsoft Excel 2019 - pt-br (HKLM\...\Excel2019Retail - pt-br) (Version: 16.0.14026.20270 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProPlus2019Retail - pt-br) (Version: 16.0.14026.20270 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.099.0516.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) NVIDIA Driver de áudio HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA Driver de gráficos 466.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.63 - NVIDIA Corporation) NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation) NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation) NVIDIA NVIDIA RTX Voice Driver 1.0.0.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_RTXVoice.Driver) (Version: 1.0.0.2 - NVIDIA Corporation) NVIDIA RTX Voice Application (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_RTXVoice) (Version: 0.5.12.6 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 5.73 - LG Electronics Inc) Opera GX Stable 75.0.3969.285 (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Opera GX 75.0.3969.285) (Version: 75.0.3969.285 - Opera Software) Oracle VM VirtualBox 6.1.16 (HKLM\...\{8979282D-1F43-4810-B819-AA1B06F2C085}) (Version: 6.1.16 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.100.48178 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Pantum M6550NW Series (HKLM\...\Pantum M6550NW Series) (Version: 5.1.1.23 - Zhuhai Pantum Electronics Co.,Ltd.) Paradox Launcher v2 (HKLM\...\{986898D9-7C26-4E7F-814C-9B5472FA3209}) (Version: 2.0.0.0 - Paradox Interactive) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.36.344 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stremio (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Stremio) (Version: 4.4.137 - Smart Code Ltd) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.0 - Ubisoft) UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) Wise Auto Shutdown 1.7.7 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.7.7 - WiseCleaner.com, Inc.) X-Mouse Button Control 2.19.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.19.2 - Highresolution Enterprises) XSplit VCam (HKLM\...\{965DEB72-7BFC-4E60-A632-03666F9ED238}) (Version: 2.3.2105.2001 - XSplit) Hidden XSplit VCam (HKLM\...\XSplit VCam 2.3.2105.2001) (Version: 2.3.2105.2001 - XSplit) Zoom (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\ZoomUMX) (Version: 5.6.7 (1016) - Zoom Video Communications, Inc.) Packages: ========= Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.65.0_x64__pwbj9vvecjh7j [2021-06-17] (Amazon Development Centre (London) Ltd) Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0 [2021-06-11] (Deezer SA) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-13] (HP Inc.) HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.3.0.0_x64__0a78dr3hq0pvt [2021-06-19] (HyperX Gaming) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-20] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-07] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-10-30] (Netflix, Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.13.156.0_x64__43tkc6nmykmb6 [2021-05-26] (Ookla) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-13] (Spotify AB) [Startup Task] WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2121.7.0_x64__cv1g1gvanyjgm [2021-06-13] (WhatsApp Inc.) ==================== Exame Personalizado CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\nvshext.dll [2021-05-31] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2021-05-25 23:53 - 2021-05-25 23:53 - 002662912 ____X () [Arquivo não assinado] C:\Program Files\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0\app\ffmpeg.dll 2021-05-25 23:53 - 2021-05-25 23:53 - 000367616 ____X () [Arquivo não assinado] C:\Program Files\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0\app\libegl.dll 2021-05-25 23:53 - 2021-05-25 23:53 - 006867968 ____X () [Arquivo não assinado] C:\Program Files\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0\app\libglesv2.dll 2021-04-21 23:16 - 2021-03-26 14:57 - 000011264 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\_win32sysloader.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000034816 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Cipher\_raw_aes.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000016384 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Cipher\_raw_aesni.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000013312 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Cipher\_raw_cbc.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000013824 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Cipher\_raw_cfb.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000014336 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Cipher\_raw_ctr.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000011264 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Cipher\_raw_ecb.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000015360 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Cipher\_raw_ocb.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000012288 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Cipher\_raw_ofb.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000015360 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Cipher\_Salsa20.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000015872 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Hash\_BLAKE2s.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000013824 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Hash\_ghash_portable.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000016896 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Hash\_MD5.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000019456 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Hash\_SHA1.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000022016 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Hash\_SHA256.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000013312 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Protocol\_scrypt.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000011264 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Util\_cpuid_c.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000011264 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Crypto\Util\_strxor.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000034816 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Cipher\_raw_aes.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000016384 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Cipher\_raw_aesni.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000013312 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Cipher\_raw_cbc.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000013824 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Cipher\_raw_cfb.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000014336 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Cipher\_raw_ctr.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000054272 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Cipher\_raw_des3.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000011264 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Cipher\_raw_ecb.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000015360 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Cipher\_raw_ocb.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000012288 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Cipher\_raw_ofb.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000015360 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Cipher\_Salsa20.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000015872 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Hash\_BLAKE2s.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000013824 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Hash\_ghash_portable.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000016896 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Hash\_MD5.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000019456 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Hash\_SHA1.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000022016 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Hash\_SHA256.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000013312 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Protocol\_scrypt.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000011264 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Util\_cpuid_c.pyd 2021-04-21 23:16 - 2021-03-26 14:56 - 000011264 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\Cryptodome\Util\_strxor.pyd 2021-04-21 23:16 - 2021-03-26 14:57 - 000011264 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\lz4\_version.pyd 2021-04-21 23:16 - 2021-03-26 14:57 - 000099840 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\lz4\block\_block.pyd 2021-04-21 23:16 - 2021-03-26 15:18 - 000571904 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\pythoncom38.dll 2021-04-21 23:16 - 2021-03-26 15:19 - 000141312 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\pywintypes38.dll 2021-04-21 23:16 - 2021-03-26 14:57 - 000132608 _____ () [Arquivo não assinado] C:\Users\felip\AppData\Local\Microsoft\Update\win32api.pyd 2021-05-29 23:42 - 2019-12-11 20:27 - 074850816 _____ (NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\cublas64_10.dll 2021-05-29 23:42 - 2019-12-11 20:27 - 036055552 _____ (NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\cublasLt64_10.dll 2021-05-29 23:42 - 2020-03-31 02:58 - 422046720 _____ (NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\cudnn64_7.dll 2021-05-29 23:42 - 2019-12-11 19:17 - 115644416 _____ (NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\cufft64_10.dll 2021-05-29 23:42 - 2019-12-11 20:28 - 003407360 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\libcrypto-1_1-x64.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\WINDOWS\System32:tdsrinu.gfc [5882] AlternateDataStreams: C:\Users\felip\Dados de Aplicativos:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\felip\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2021-04-30 23:32 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts 2021-02-20 01:15 - 2021-06-21 14:43 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.18.96.1 Felipe.mshome.net # 2026 6 6 20 17 43 52 408 ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-4088500517-2565616627-243635623-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\felip\OneDrive\Área de Trabalho\All in place\Relogios\wp2742606.jpg DNS Servers: 192.168.18.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. Network Binding: ============= Ethernet 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) vEthernet (Default Switch): VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "XMouseButtonControl" HKLM\...\StartupApproved\Run: => "PTM6500Monitor" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "OnScreen Control" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "EADM" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [UDP Query User{EEDDBD9F-EC3B-45DB-8E13-F0E70008CA85}C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\ccmini\ccmini.exe => Nenhum Arquivo FirewallRules: [TCP Query User{922471AA-3388-4C91-B1B4-00D2687766D7}C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\ccmini\ccmini.exe => Nenhum Arquivo FirewallRules: [UDP Query User{AE17C827-28D7-4B79-8EDA-03A778DFDD37}C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\client.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\client.exe => Nenhum Arquivo FirewallRules: [TCP Query User{28AA747D-8795-41D4-BB89-DCF84076D55A}C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\client.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\client.exe => Nenhum Arquivo FirewallRules: [UDP Query User{BC3426BB-CD85-4451-A899-EF3C4033734D}D:\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe] => (Allow) D:\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe => Nenhum Arquivo FirewallRules: [TCP Query User{C798F71F-8DBD-477F-9497-D9E688DDE4BF}D:\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe] => (Allow) D:\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe => Nenhum Arquivo FirewallRules: [UDP Query User{B73E4A38-B170-4741-8D1A-92BDAE1DE70C}D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [TCP Query User{7721DCAE-FE44-4E2F-BEBB-7C48FED68526}D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [UDP Query User{A379363D-AB0C-4847-8C73-E724A7B045F7}D:\battle.net\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battle.net\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [TCP Query User{5C153230-97E7-4A4C-B875-E2A10F417B79}D:\battle.net\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battle.net\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [{B2084916-10F7-49F3-90F1-13A68EB54E83}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{35EA616D-F1F5-4617-B3A3-F9E0EA501692}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{8E2E693E-DB51-4CB2-8B3E-77FFAA52B881}C:\users\felip\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\felip\appdata\local\microsoft\teams\current\teams.exe => Nenhum Arquivo FirewallRules: [TCP Query User{CCFB93AA-9B6C-4A3B-A599-2274172558D8}C:\users\felip\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\felip\appdata\local\microsoft\teams\current\teams.exe => Nenhum Arquivo FirewallRules: [{7A3C273C-B5C0-414C-97A7-E42F33A35A44}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{C7488E2B-1F81-46E1-B01B-9A5953E70BC6}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{5C4F8AFE-A85A-4AC4-9B53-481174A4886A}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{98008D4D-DAB8-4EA2-9DFB-9FB1E9758E45}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{65FDA587-6D6D-4C20-A2B8-0B30E4BC18BF}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Arquivo não assinado] FirewallRules: [{17512D5F-AED5-48F0-A259-084E35A10931}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Arquivo não assinado] FirewallRules: [{80FA06D9-48B3-453F-8353-84E0F74E6A2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Nenhum Arquivo FirewallRules: [{A1F17CF4-E921-493B-88F5-762A99398192}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Nenhum Arquivo FirewallRules: [{8AE8FA6F-FD9D-45EB-9CAE-B94BDB81BE4F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{E148AFC8-B5D7-4CB9-B6CB-C4AC1A2DDAFC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{184884EC-51DC-4298-8D9A-3F77EB48C79A}] => (Allow) C:\Users\felip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{A405EF13-6D37-44A2-806A-6C0C14BA136E}] => (Allow) C:\Users\felip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{5DAC3723-A9F1-4590-AE2D-A201EC4FCF0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{687263DE-5E2E-44F7-9A59-4A7F83D9F890}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{F4D23077-57DB-4B41-873A-D5369E547B61}C:\users\felip\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\felip\appdata\roaming\twitch studio\bin\twitchstudioagent.exe => Nenhum Arquivo FirewallRules: [UDP Query User{C232EFED-1F5A-45BD-9151-BE28CFE0FFA7}C:\users\felip\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\felip\appdata\roaming\twitch studio\bin\twitchstudioagent.exe => Nenhum Arquivo FirewallRules: [{58DECF0B-1403-4545-8944-B1F037F03DDF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AE398B4B-3DF9-4AEC-871F-816586A782C2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{BECF66BF-FFA8-46F0-B107-A975D6A69867}D:\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) D:\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe => Nenhum Arquivo FirewallRules: [UDP Query User{80B72A5B-82EB-4696-8A69-09C916228BE9}D:\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) D:\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe => Nenhum Arquivo FirewallRules: [TCP Query User{2BBD1CDB-B821-4C8A-B5AC-928723F179E1}C:\users\felip\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\felip\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.) FirewallRules: [UDP Query User{EC4263F9-7941-4A32-A062-BA420ED45286}C:\users\felip\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\felip\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.) FirewallRules: [TCP Query User{ED3C4433-349F-4C82-970A-21DF8EB864D3}D:\battle.net\diablo iii\x64\diablo iii64.exe] => (Allow) D:\battle.net\diablo iii\x64\diablo iii64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{652AF5C1-CB6C-4C76-A0FA-7E95D3D27575}D:\battle.net\diablo iii\x64\diablo iii64.exe] => (Allow) D:\battle.net\diablo iii\x64\diablo iii64.exe => Nenhum Arquivo FirewallRules: [TCP Query User{3D454E1E-1848-44F4-918E-2F362479E42C}D:\battle.net\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{451576DF-7C4B-4250-A9DA-EEB8519E7C9C}D:\battle.net\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => Nenhum Arquivo FirewallRules: [{6355EC35-5BF1-4AF2-B54C-E30B62F52549}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{64DCD743-BFD0-476F-A21A-430B33FA6665}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [TCP Query User{5E57338A-2124-48F7-A0B6-8F9758BA6946}C:\users\felip\appdata\local\programs\opera gx\71.0.3770.449\opera.exe] => (Allow) C:\users\felip\appdata\local\programs\opera gx\71.0.3770.449\opera.exe => Nenhum Arquivo FirewallRules: [UDP Query User{91CF013B-B6B7-432E-89B4-63AE9AADD56A}C:\users\felip\appdata\local\programs\opera gx\71.0.3770.449\opera.exe] => (Allow) C:\users\felip\appdata\local\programs\opera gx\71.0.3770.449\opera.exe => Nenhum Arquivo FirewallRules: [{3F154830-C48D-42E4-8E78-1EB9851CB44C}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{3AEB94CE-C0A2-40F1-944F-54198637E031}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{5191F384-3716-41BB-95BA-859C9F472D40}C:\users\felip\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Block) C:\users\felip\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => Nenhum Arquivo FirewallRules: [UDP Query User{5F152845-539F-46D7-B612-30F55B1CE975}C:\users\felip\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Block) C:\users\felip\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => Nenhum Arquivo FirewallRules: [TCP Query User{943B8E25-ED23-4049-BCBD-FA6D7B4EC86B}D:\battle.net\overwatch\_retail_\overwatch.exe] => (Allow) D:\battle.net\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{1AB4BE67-6C63-44B6-8104-D2D1849928C6}D:\battle.net\overwatch\_retail_\overwatch.exe] => (Allow) D:\battle.net\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{99AE364E-A17F-4FC6-B728-5834138D3F08}D:\battle.net\hearthstone\hearthstone.exe] => (Allow) D:\battle.net\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [UDP Query User{AD529902-3FF4-44B7-AA29-5D17EEB7537F}D:\battle.net\hearthstone\hearthstone.exe] => (Allow) D:\battle.net\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [TCP Query User{13BB8CA7-5992-4A58-9635-E185E1CC1DA4}D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe] => (Block) D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [UDP Query User{C7DD3CF1-FA12-4949-9E1F-3A78DD40E5DD}D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe] => (Block) D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [{423D149D-E957-464F-8434-4C1EE2E3B11D}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{BE74E863-5A02-4F1A-BC42-ECF6A4C393B3}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{8D4CAC12-EF45-418D-85A7-B4BFF81E9B5C}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Arquivo não assinado] FirewallRules: [{31EBE13F-C420-45D6-85C4-DBAA6AACFBC4}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Arquivo não assinado] FirewallRules: [{F22C41C8-FC39-447E-8E16-4FD62DA539E9}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.) FirewallRules: [{EE70605C-5D57-4064-8CBC-09D12CABF80B}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.) FirewallRules: [TCP Query User{233F733E-35DF-44DC-9384-C967C8882D35}D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive) FirewallRules: [UDP Query User{FCBBE4E1-6081-4B7B-9ABD-E5A513125F72}D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive) FirewallRules: [TCP Query User{121F1B40-FD28-4508-BDF2-B01E4D9F94F8}D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [UDP Query User{1439817C-14EA-4CC5-BA68-50753766BD13}D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [TCP Query User{0ABBC66B-BBFC-40F6-AD81-1860191B5C47}C:\users\felip\onedrive\área de trabalho\ \cyber hunter\bin\client.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\*\cyber hunter\bin\client.exe => Nenhum Arquivo FirewallRules: [UDP Query User{466C5CAD-4BC2-4A4A-B9A3-B6733BF48BF5}C:\users\felip\onedrive\área de trabalho\ \cyber hunter\bin\client.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\*\cyber hunter\bin\client.exe => Nenhum Arquivo FirewallRules: [TCP Query User{68743524-C2D5-49D5-B0C5-B868080DE030}C:\users\felip\onedrive\área de trabalho\ \cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\*\cyber hunter\bin\ccmini\ccmini.exe => Nenhum Arquivo FirewallRules: [UDP Query User{E6A65408-15C5-458D-AE97-0A38EC3EB584}C:\users\felip\onedrive\área de trabalho\ \cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\*\cyber hunter\bin\ccmini\ccmini.exe => Nenhum Arquivo FirewallRules: [{EA757B4F-C75F-49FE-9D6F-44F300D4A559}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{2A9F111C-35F5-472B-8970-F41F4D2FC7C8}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{15DC8B80-BFE3-4D16-9B13-BB0A034AF70B}D:\five m\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\five m\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [UDP Query User{FF370F81-74F4-4544-B1C3-CAE7D0A33F59}D:\five m\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\five m\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [TCP Query User{14E61C1E-1F0A-4F25-BBEF-C104C6C8FEFA}C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [UDP Query User{0C4892BD-2DE1-43DE-95A5-36004BA4CDAA}C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [TCP Query User{8B339515-4157-462D-98F4-0BD035BECF64}C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [UDP Query User{D02B8443-DF3F-4519-A159-90E44D83BD3C}C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [TCP Query User{DC198AA9-FBDB-4230-895D-19F96C54F48A}C:\program files (x86)\cyber hunter\bin\client.exe] => (Allow) C:\program files (x86)\cyber hunter\bin\client.exe (NetEase(Hangzhou) Network Co. Ltd. -> Netease) FirewallRules: [UDP Query User{FF20481B-6214-4A4C-AE6E-A1CBB247C71D}C:\program files (x86)\cyber hunter\bin\client.exe] => (Allow) C:\program files (x86)\cyber hunter\bin\client.exe (NetEase(Hangzhou) Network Co. Ltd. -> Netease) FirewallRules: [TCP Query User{4159F9AF-955E-4727-B311-F503C1977215}C:\program files (x86)\cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\cyber hunter\bin\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) FirewallRules: [UDP Query User{C9C147BC-A59E-47EE-8148-F6E307C9BDEE}C:\program files (x86)\cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\cyber hunter\bin\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) FirewallRules: [TCP Query User{972D17C8-DA71-4B2C-BBF0-B68D67828E41}D:\battle.net\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{83992827-BFC9-4DBA-90AC-F1E2DDEEBEA1}D:\battle.net\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => Nenhum Arquivo FirewallRules: [TCP Query User{3E001244-BCA9-4724-A0DB-AE78D3BD157D}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{D53BBB75-A4A1-42F0-90FF-545BF8B31624}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{DE35860B-BB8C-437F-A1D5-A627E733AFA7}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Nenhum Arquivo FirewallRules: [UDP Query User{BF9A019F-F0A2-4836-805B-A9B558D32D1D}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Nenhum Arquivo FirewallRules: [TCP Query User{C37F96C4-D95D-48E9-871D-2278961B3238}D:\battle.net\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\battle.net\call of duty black ops cold war\blackopscoldwar.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D40F82FF-AD06-4221-A6F8-D667E2436CC3}D:\battle.net\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\battle.net\call of duty black ops cold war\blackopscoldwar.exe => Nenhum Arquivo FirewallRules: [{6047A92B-E864-44BF-86E3-6875862C98CD}] => (Allow) D:\Aula Aec\ApowerREC\ApowerREC.exe => Nenhum Arquivo FirewallRules: [{BCDEB2C9-DBD3-45D1-A810-6758D48D0567}] => (Allow) D:\Aula Aec\ApowerREC\ApowerREC.exe => Nenhum Arquivo FirewallRules: [TCP Query User{90785183-7621-4E2A-B34B-2A878F46F2CE}D:\battle.net\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [UDP Query User{071D5128-620B-4802-AAF0-CBB09636A5B2}D:\battle.net\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [{D55BD336-9F76-4BED-BD30-EFD3A9BCF302}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K) FirewallRules: [{88CFD558-2F55-4AEF-A6F7-9C32D14DCB32}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K) FirewallRules: [{C6914C7A-B4A9-46A0-9497-08A3D3E5D8F1}] => (Allow) D:\SteamLibrary\steamapps\common\Comedy Night\Comedy Night.exe () [Arquivo não assinado] FirewallRules: [{66848A61-888A-45D1-A437-B61920D07B63}] => (Allow) D:\SteamLibrary\steamapps\common\Comedy Night\Comedy Night.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{CF141AC2-74A5-4D84-992E-5C87A8F671CD}D:\steamlibrary\steamapps\common\peekaboo\peekaboo\binaries\win64\peekaboo-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\peekaboo\peekaboo\binaries\win64\peekaboo-win64-shipping.exe => Nenhum Arquivo FirewallRules: [UDP Query User{F6F32B0C-59E4-4BFC-9AD1-39DB834D2459}D:\steamlibrary\steamapps\common\peekaboo\peekaboo\binaries\win64\peekaboo-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\peekaboo\peekaboo\binaries\win64\peekaboo-win64-shipping.exe => Nenhum Arquivo FirewallRules: [{B9551F37-100D-4F86-A72A-F273AC4C081D}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{B4792F03-31E8-4D80-9156-D92C1CB88150}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{885ECF15-6B26-43A5-B077-A1D6FF2058A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{40DB3059-13DC-4DF2-A9F3-CA56F1D25276}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DC25854E-4FB7-4A4B-B678-7083FF03525F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{32C2D387-BB98-4A6C-A41C-44B555D449EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{21AD043B-EE2F-456E-8D1B-9BE1506E374D}] => (Allow) D:\SteamLibrary\steamapps\common\Pummel Party\PummelParty.exe () [Arquivo não assinado] FirewallRules: [{DF1858AD-D71B-460F-9D35-5AEEE6803BF4}] => (Allow) D:\SteamLibrary\steamapps\common\Pummel Party\PummelParty.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{8F86C27A-9530-44AF-8AD8-71C3FD7F39B9}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_291\bin\javaw.exe FirewallRules: [UDP Query User{FC1E4BA6-1452-4A26-B4FF-1E1B011EED37}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_291\bin\javaw.exe FirewallRules: [TCP Query User{C8B55451-3323-4664-B7D8-D85E6D800312}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe => Nenhum Arquivo FirewallRules: [UDP Query User{A49405A2-45C9-4E01-B3EA-2D085C38F0E6}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe => Nenhum Arquivo FirewallRules: [{31C15A67-8C52-4E96-8AB2-28CE2267BC90}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{0B3FDB5E-4EBC-47CC-BFDD-F006FF029E15}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{025352B4-DEC6-4A87-A492-9006EF94194F}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{2E511F0E-6AD0-4B7A-9FCE-67022986B975}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{1B449379-1C5F-4001-99A6-485070451301}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{74A42FC5-5A12-4097-BCF4-476BB29D839A}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{3FFF4C56-750F-4920-9169-F82BB8D5F6F3}] => (Allow) D:\SteamLibrary\steamapps\common\Clue\Cluedo.exe () [Arquivo não assinado] FirewallRules: [{CC8D2CB5-D47E-4858-B0D2-0AE463ECFE7D}] => (Allow) D:\SteamLibrary\steamapps\common\Clue\Cluedo.exe () [Arquivo não assinado] FirewallRules: [{93C594B0-9F46-46A6-B71B-9DCEB4596715}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6D59DFC3-54DA-4B8D-893E-8AF761E19FC6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4B04CCEC-9F14-4500-A8C7-EAF0F11C7EC4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8B168869-3AA0-493B-ADFF-F24E8D7A96A0}] => (Allow) D:\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{78BD5740-F7FD-4708-886A-D79DC8C36BF4}] => (Allow) D:\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{AA90E01F-4FAE-49D9-A1F8-781BAA38B21F}D:\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [UDP Query User{7335B42F-F838-40CE-A102-B65056C7547D}D:\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{3601314C-0EE0-4FF0-805F-8724D9D20052}C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Stremio (Smart Code OOD) -> Stremio Runtime) FirewallRules: [UDP Query User{9A5D890F-FE1E-4C91-9265-FE2BF692E933}C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Stremio (Smart Code OOD) -> Stremio Runtime) FirewallRules: [{7973C7F4-EEF8-4CBD-8097-0FEB7DF33179}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic and SEGA All Stars Racing\Sonic & SEGA All-Stars Racing.exe () [Arquivo não assinado] FirewallRules: [{C60965E4-764C-40AA-B498-EEC6FE54C18A}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic and SEGA All Stars Racing\Sonic & SEGA All-Stars Racing.exe () [Arquivo não assinado] FirewallRules: [{D3229AAB-1355-43C8-9320-A94EDD44C49E}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic and SEGA All Stars Racing\Config.exe (Sumo Digital Ltd) [Arquivo não assinado] FirewallRules: [{F0DC7EF5-FA97-4A76-B3C1-335BF3536EB4}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic and SEGA All Stars Racing\Config.exe (Sumo Digital Ltd) [Arquivo não assinado] FirewallRules: [TCP Query User{5982195B-5B9C-4B12-8CD3-96A75E488435}C:\users\felip\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Allow) C:\users\felip\appdata\local\programs\opera gx\75.0.3969.282\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{D9955535-6074-4991-A16F-7CB4D114BA84}C:\users\felip\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Allow) C:\users\felip\appdata\local\programs\opera gx\75.0.3969.282\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{A92AE99C-86CC-4B69-9990-AF4B9DB17278}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4675CAA5-2708-48AB-AAF2-FD8403B10EF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BCD83696-DED8-4FCD-A44F-F044869DA4C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{44BEC682-4105-4447-B399-7F8B0A5C6B5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{061FCCB7-86F0-4DF0-86BB-FA082E744C6B}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe (LLC Mail.Ru -> ) FirewallRules: [UDP Query User{FFC7D536-4628-4D6C-9E67-4566FC3018C7}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe (LLC Mail.Ru -> ) FirewallRules: [{17C7D63C-AED4-4859-A22E-3CD59426F915}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{8C3C8D00-DB9F-4F52-BC00-68884E603AED}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{18C597EC-10A4-4ECC-8D3F-D68767F72A74}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FF4A308C-D9A4-4686-B7F7-D8294A613E3F}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{82CDB41E-AC99-4048-9BDB-49FD8667B3B7}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{15E7D62D-A5C6-416B-9D86-A0B62A7BACE9}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5EB6D3E6-B1B9-413F-867C-51712DEEAB7A}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{116576B4-9939-41BD-94E5-256931721C29}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{FE85DC78-7BAD-432E-8A17-83A87C382358}D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi_dx12.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [UDP Query User{957090CB-F5B3-4058-95FC-1FFAA46C62C7}D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi_dx12.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [{BD41A1E0-9C8B-4326-A69D-FCC3368AE742}] => (Allow) C:\Users\felip\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{21BE63E1-82D7-4F9E-9072-957F597DBB80}] => (Allow) C:\Users\felip\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo FirewallRules: [{4DBBBCA6-4136-42CC-9ACF-D305A7ED51F0}] => (Allow) C:\Users\felip\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo FirewallRules: [{317EDA03-32CE-48A1-A797-D35800B8DF80}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{95302570-AA3A-4591-8105-1E966979C77B}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{C3736849-6BBD-4815-B8DF-5B297BA46A4D}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{E2A2B0D5-F564-4AA6-9954-9BFD1EF24A9E}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{BD3FF52F-A5A8-48C2-A4E4-4CAD7D3FB37B}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{B332F722-D6F3-4F6B-B14F-6187209F14AA}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [TCP Query User{9AAC7BC0-CB61-4968-BEA6-B77EFB3BD1F4}C:\program files (x86)\droidcam\droidcamapp.exe] => (Allow) C:\program files (x86)\droidcam\droidcamapp.exe => Nenhum Arquivo FirewallRules: [UDP Query User{6EF351EB-9398-4942-B9D1-8431E115B25C}C:\program files (x86)\droidcam\droidcamapp.exe] => (Allow) C:\program files (x86)\droidcam\droidcamapp.exe => Nenhum Arquivo FirewallRules: [{A0CF4D9E-5C81-4855-8545-92DEDEE30BDA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{46D59681-1F3E-4F7D-8DF2-1BFD2B5B4464}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe () [Arquivo não assinado] FirewallRules: [{6E5A32CA-ACF2-450B-9938-3368D7C57009}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe () [Arquivo não assinado] FirewallRules: [{2ECDA4AD-38E5-41DE-8079-4FD3310B370C}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe () [Arquivo não assinado] FirewallRules: [{CC02C5EE-FA42-4B85-8E8B-6C41DF2C048E}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe () [Arquivo não assinado] FirewallRules: [{FD20F434-2B6C-4400-81FC-583BACDEADFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{EC30648B-C64A-4E8B-8E04-FC153594B0D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{9BA1ADED-F427-4E31-A0AE-CD79823A8ACC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{632EAD56-E8A9-4424-BD89-A894CE72479B}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [Arquivo não assinado] FirewallRules: [{FC62AE22-ABA5-427F-963D-AE1573652627}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [Arquivo não assinado] ==================== Pontos de Restauração ========================= ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (06/21/2021 12:17:31 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: ZA-Scan.exe, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.19041.1023, carimbo de data/hora: 0xcbf6f7d1 Código de exceção: 0xc0000409 Deslocamento da falha: 0x0012a6f2 ID do processo com falha: 0x2d08 Hora de início do aplicativo com falha: 0x01d7664bf4512821 Caminho do aplicativo com falha: C:\Users\felip\OneDrive\Área de Trabalho\ZA-Scan.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: 3546db4a-12da-42c7-9a14-d6bd3f1876bc Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/20/2021 11:54:29 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa steam.exe versão 6.58.86.56 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 32c8 Hora de Início: 01d7662c977a753e Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files (x86)\Steam\steam.exe ID do Relatório: fe38abb5-1bd3-4049-aa03-4aa48e6adc1d Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Top level window is idle Error: (06/20/2021 11:39:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Blitz.exe, versão: 1.14.21.766, carimbo de data/hora: 0x600b6b52 Nome do módulo com falha: blitz_core.node, versão: 0.0.0.0, carimbo de data/hora: 0x60c2765b Código de exceção: 0xc0000409 Deslocamento da falha: 0x00057d6d ID do processo com falha: 0x2c1c Hora de início do aplicativo com falha: 0x01d7663be7f4e19f Caminho do aplicativo com falha: C:\Users\felip\AppData\Local\Programs\Blitz\Blitz.exe Caminho do módulo com falha: \\?\C:\Users\felip\AppData\Roaming\Blitz\blitz-deps\1.14.21\blitz_core.node ID do Relatório: 4a1bc80e-d87f-47a6-bcee-8edb3b6872b7 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/20/2021 10:22:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Blitz.exe, versão: 1.14.21.766, carimbo de data/hora: 0x600b6b52 Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1023, carimbo de data/hora: 0xf739c3a5 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0005f583 ID do processo com falha: 0x2c1c Hora de início do aplicativo com falha: 0x01d7663be7f4e19f Caminho do aplicativo com falha: C:\Users\felip\AppData\Local\Programs\Blitz\Blitz.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: 7e54b4fd-478d-4841-935e-e71dd48a4fb8 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/20/2021 12:48:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Blitz.exe, versão: 1.14.21.766, carimbo de data/hora: 0x600b6b52 Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1023, carimbo de data/hora: 0xf739c3a5 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0005f583 ID do processo com falha: 0x2dc8 Hora de início do aplicativo com falha: 0x01d7658723404799 Caminho do aplicativo com falha: C:\Users\felip\AppData\Local\Programs\Blitz\Blitz.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: 3188a363-2e90-4e1a-b275-e2d2bb3d9a7e Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/20/2021 12:40:29 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa LeagueClientUx.exe versão 11.12.379.4946 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 644 Hora de Início: 01d7657f80621cbd Hora de Término: 10 Caminho do Aplicativo: D:\Riot Games\League of Legends\LeagueClientUx.exe ID do Relatório: 6a560c5e-046f-4467-ac81-049101b59ebe Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Unknown Error: (06/20/2021 12:36:07 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Blitz.exe, versão: 1.14.21.766, carimbo de data/hora: 0x600b6b52 Nome do módulo com falha: blitz_core.node, versão: 0.0.0.0, carimbo de data/hora: 0x60c2765b Código de exceção: 0xc0000409 Deslocamento da falha: 0x00057d6d ID do processo com falha: 0x28ec Hora de início do aplicativo com falha: 0x01d7657fd3a4ac46 Caminho do aplicativo com falha: C:\Users\felip\AppData\Local\Programs\Blitz\Blitz.exe Caminho do módulo com falha: \\?\C:\Users\felip\AppData\Roaming\Blitz\blitz-deps\1.14.21\blitz_core.node ID do Relatório: d6499044-229d-4044-aa99-582b301b86ad Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/19/2021 11:56:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Blitz.exe, versão: 1.14.21.766, carimbo de data/hora: 0x600b6b52 Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1023, carimbo de data/hora: 0xf739c3a5 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0005f583 ID do processo com falha: 0x28ec Hora de início do aplicativo com falha: 0x01d7657fd3a4ac46 Caminho do aplicativo com falha: C:\Users\felip\AppData\Local\Programs\Blitz\Blitz.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: 05e002cd-57cc-4237-8d56-a56549963e1f Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (06/21/2021 02:43:32 PM) (Source: VBoxNetLwf) (EventID: 12) (User: ) Description: O driver detectou um erro interno do driver em \Device\VBoxNetLwf. Error: (06/21/2021 12:18:00 AM) (Source: volsnap) (EventID: 36) (User: ) Description: As cópias de sombra do volume foram anuladas porque o armazenamento de cópia de sombra não pôde crescer devido a um limite imposto pelo usuário. Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Origin Web Helper Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço NVIDIA LocalSystem Container foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço. Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Serviço Clique para Executar do Microsoft Office foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço EABackgroundService foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Adobe Acrobat Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço XSplit VCam Capture Source Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Windows Defender: ================ Date: 2021-06-21 00:18:38 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Nome: Trojan:Win32/Tiggre!rfn Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\felip\AppData\Local\Janma\dcdm.exe; file:_C:\Users\felip\AppData\Local\Microsoft\Update\dcdm.exe; file:_C:\Users\felip\AppData\Local\Mozilla\Update\dcdm.exe; file:_C:\Users\felip\AppData\Local\Packages\Update\dcdm.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: FELIPE\felip Nome do Processo: C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe Versão da Inteligência de Segurança: AV: 1.341.1126.0, AS: 1.341.1126.0, NIS: 1.341.1126.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-21 00:18:37 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Nome: Trojan:Win32/Tiggre!rfn Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\felip\AppData\Local\Janma\dcdm.exe; file:_C:\Users\felip\AppData\Local\Mozilla\Update\dcdm.exe; file:_C:\Users\felip\AppData\Local\Packages\Update\dcdm.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: FELIPE\felip Nome do Processo: C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe Versão da Inteligência de Segurança: AV: 1.341.1126.0, AS: 1.341.1126.0, NIS: 1.341.1126.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-21 00:18:36 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Nome: Trojan:Win32/Tiggre!rfn Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\felip\AppData\Local\Janma\dcdm.exe; file:_C:\Users\felip\AppData\Local\Packages\Update\dcdm.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: FELIPE\felip Nome do Processo: C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe Versão da Inteligência de Segurança: AV: 1.341.1126.0, AS: 1.341.1126.0, NIS: 1.341.1126.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-21 00:18:35 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Nome: Trojan:Win32/Tiggre!rfn Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\felip\AppData\Local\Janma\dcdm.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: FELIPE\felip Nome do Processo: C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe Versão da Inteligência de Segurança: AV: 1.341.1126.0, AS: 1.341.1126.0, NIS: 1.341.1126.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-21 00:17:11 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0 Nome: Trojan:Win32/Wacatac.B!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\felip\AppData\Local\Temp\Rar$DRa8756.25581\Z-Analyse.exe; file:_C:\Users\felip\OneDrive\Área de Trabalho\Z-Analyse.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: FELIPE\felip Nome do Processo: C:\Windows\explorer.exe Versão da Inteligência de Segurança: AV: 1.341.1126.0, AS: 1.341.1126.0, NIS: 1.341.1126.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-03 22:22:39 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: 1.341.8.0 Versão da Inteligência de Segurança anterior: 1.339.1904.0 Fonte da Atualização: Usuário Tipo da Inteligência de Segurança: Anti-spyware Tipo da atualização: Delta Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: 1.1.18200.4 Versão Anterior do Mecanismo: 1.1.18100.6 Código de Erro: 0x80070666 Descrição do Erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. Date: 2021-06-03 22:22:39 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: 1.341.8.0 Versão da Inteligência de Segurança anterior: 1.339.1904.0 Fonte da Atualização: Usuário Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Delta Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: 1.1.18200.4 Versão Anterior do Mecanismo: 1.1.18100.6 Código de Erro: 0x80070666 Descrição do Erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. Date: 2021-06-03 22:22:39 Description: O Microsoft Defender Antivírus encontrou um erro ao tentar atualizar o mecanismo. Nova Versão do Mecanismo: 1.1.18200.4 Versão Anterior do Mecanismo: 1.1.18100.6 Usuário: AUTORIDADE NT\SISTEMA Código do Erro: 0x80070666 Descrição do erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. CodeIntegrity: =============== Date: 2021-06-13 21:06:46 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-06-07 01:18:06 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\WindowManagementAPI.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. 4212 07/24/2019 placa-mãe: ASUSTeK COMPUTER INC. H110M-C/BR Processador: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz Percentagem de memória em uso: 31% RAM física total: 16327.25 MB RAM física disponível: 11105.84 MB Virtual Total: 22471.25 MB Virtual disponível: 13577.11 MB ==================== Drives ================================ Drive () (Fixed) (Total:110.32 GB) (Free:2.41 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] Drive d: () (Fixed) (Total:930.97 GB) (Free:134.86 GB) NTFS \\?\Volume{bc130891-0000-0000-0000-a0941b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{bc130891-0000-0000-0000-90b51b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{bc130891-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: BC130891) Partition 1: (Active) - (Size=110.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=526 MB) - (Type=27) Partition 3: (Not Active) - (Size=523 MB) - (Type=27) Partition 4: (Not Active) - (Size=450 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E6FE6328) Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt =======================
  3. ~ ZHPCleaner v2021.6.20.303 by Nicolas Coolman (2021/06/20) ~ Run by felip (Administrator) (21/06/2021 00:12:32) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\felip\OneDrive\Área de Trabalho\ZHPCleaner (R).txt ~ Quarantine : C:\Users\felip\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : OK ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Pro, 64-bit (Build 19042) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (22) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (5) MOVED file: C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium MOVED folder: C:\Users\felip\AppData\Local\HearthstoneDeckTracker =>Adware¨Pirrit MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HearthstoneDeckTracker =>Adware¨Pirrit MOVED folder: C:\Users\felip\AppData\Local\Google\Update =>Heuristic.Suspect ---\\ Registry ( Key, Value, Data) (0) ~ No malicious or unnecessary items found. ---\\ Summary of the elements found (3) https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Adware¨Pirrit https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect ---\\ Other deletions. (0) ~ Registry Keys Tracing deleted (0) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Internet Explorer OK ---\\ Statistics ~ Items scanned : 1219 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h00mn13s ---\\ Reports (2) ZHPCleaner-[S]-21062021-00_10_12.txt ZHPCleaner-[R]-21062021-00_12_45.txt ZA-Scan V1.0.0.6 Updated 03-May-2018(Online Version) Tool run by felip on 21/06/2021 at 0:17:33,52. Microsoft Windows 10 Pro 10.0.19042 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\felip\OneDrive\Área de Trabalho\ZA-Scan.exe [Z-Analyse Scan] ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\Users\felip\AppData\Local\Temp\ZAScan.exe ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [ClickToRunSvc] - Serviço Clique para Executar do Microsoft Office - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe R2 - [NvContainerLocalSystem] - NVIDIA LocalSystem Container - c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe R2 - [NVDisplay.ContainerLocalSystem] - NVIDIA Display Container LS - c:\windows\system32\driverstore\filerepository\nv_dispi.inf_amd64_1108979a670abe46\display.nvcontainer\nvdisplay.container.exe R2 - [SgrmBroker] - System Guard Runtime Monitor Broker - c:\windows\system32\sgrmbroker.exe R2 - [vmms] - Gerenciamento da Máquina Virtual do Hyper-V - c:\windows\system32\vmms.exe R2 - [WinDefend] - Serviço Microsoft Defender Antivírus - c:\programdata\microsoft\windows defender\platform\4.18.2105.5-0\msmpeng.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [SecurityHealthService] - Serviço de Segurança do Windows - c:\windows\system32\securityhealthservice.exe R3 - [vmcompute] - Serviço de Computação de Host do Hyper-V - c:\windows\system32\vmcompute.exe R3 - [WdNisSvc] - Serviço de Inspeção de Rede do Microsoft Defender Antivírus - c:\programdata\microsoft\windows defender\platform\4.18.2105.5-0\nissrv.exe S2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe S2 - [edgeupdate] - Serviço Microsoft Edge Update (edgeupdate) - c:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe S2 - [gupdate] - Serviço do Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [Origin Web Helper Service] - Origin Web Helper Service - c:\program files (x86)\origin\originwebhelperservice.exe S2 - [sppsvc] - Proteção de Software - c:\windows\system32\sppsvc.exe S2 - [XSpltVidSvc] - XSplit VCam Capture Source Service - d:\service\xspltvidsvc.exe S3 - [ALG] - Serviço Gateway de Camada de Aplicativo - c:\windows\system32\alg.exe S3 - [BEService] - BattlEye Service - c:\program files (x86)\common files\battleye\beservice.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [diagnosticshub.standardcollector.service] - Serviço Coletor de Padrões de Hub de Diagnóstico da Microsoft (R) - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe S3 - [EasyAntiCheat] - EasyAntiCheat - c:\program files (x86)\easyanticheat\easyanticheat.exe S3 - [edgeupdatem] - Serviço Microsoft Edge Update (edgeupdatem) - c:\program files (x86)\microsoft\edgeupdate\microsoftedgeupdate.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FileSyncHelper] - FileSyncHelper - c:\program files\microsoft onedrive\21.099.0516.0003\filesynchelper.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [FvSvc] - NVIDIA FrameView SDK service - c:\program files\nvidia corporation\frameviewsdk\nvfvsdksvc_x64.exe S3 - [GoogleChromeElevationService] - Google Chrome Elevation Service (GoogleChromeElevationService) - c:\program files\google\chrome\application\91.0.4472.106\elevation_service.exe S3 - [gupdatem] - Serviço do Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [MBAMService] - Malwarebytes Service - c:\program files\malwarebytes\anti-malware\mbamservice.exe S3 - [MicrosoftEdgeElevationService] - Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - c:\program files (x86)\microsoft\edge\application\91.0.864.54\elevation_service.exe S3 - [MSDTC] - Coordenador de transações distribuídas - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [OneDrive Updater Service] - OneDrive Updater Service - c:\program files\microsoft onedrive\21.099.0516.0003\onedriveupdaterservice.exe S3 - [Origin Client Service] - Origin Client Service - c:\program files (x86)\origin\originclientservice.exe S3 - [ose64] - Office 64 Source Engine - c:\program files\common files\microsoft shared\source engine\ose.exe S3 - [perceptionsimulation] - Serviço de Simulação de Percepção do Windows - c:\windows\system32\perceptionsimulation\perceptionsimulationservice.exe S3 - [PerfHost] - Host de DLL de Contador de Desempenho - c:\windows\syswow64\perfhost.exe S3 - [Rockstar Service] - Rockstar Game Library Service - d:\launcher\rockstarservice.exe S3 - [RpcLocator] - Alocador Remote Procedure Call (RPC) - c:\windows\system32\locator.exe S3 - [Sense] - Serviço Proteção Avançada contra Ameaças do Windows Defender - c:\program files\windows defender advanced threat protection\mssense.exe S3 - [SensorDataService] - Serviço de Dados de Sensor - c:\windows\system32\sensordataservice.exe S3 - [SNMPTRAP] - Interceptação SNMP - c:\windows\system32\snmptrap.exe S3 - [spectrum] - Serviço de Percepção do Windows - c:\windows\system32\spectrum.exe S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe S3 - [TieringEngineService] - Gerenciamento de Camadas de Armazenamento - c:\windows\system32\tieringengineservice.exe S3 - [TrustedInstaller] - Instalador de Módulos do Windows - c:\windows\servicing\trustedinstaller.exe S3 - [VBoxSDS] - VirtualBox system service - c:\program files\oracle\virtualbox\vboxsds.exe S3 - [vds] - Disco Virtual - c:\windows\system32\vds.exe S3 - [VSS] - Cópia de Sombra de Volume - c:\windows\system32\vssvc.exe S3 - [wbengine] - Serviço de Mecanismo de Backup em Nível de Bloco - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - Adaptador de Desempenho WMI - c:\windows\system32\wbem\wmiapsrv.exe S3 - [WMPNetworkSvc] - Serviço de Compartilhamento de Rede do Windows Media Player - c:\program files\windows media player\wmpnetwk.exe S3 - [XSplit_VCam_Updater] - XSplit VCam Updater - d:\xsplit_vcam_updater.exe S3 - [zksvc] - Zakynthos Service - c:\program files\common files\pubg\zksvc.exe S4 - [AppVClient] - Microsoft App-V Client - c:\windows\system32\appvclient.exe S4 - [ssh-agent] - OpenSSH Authentication Agent - c:\windows\system32\openssh\ssh-agent.exe S4 - [UevAgentService] - Serviço de User Experience Virtualization - c:\windows\system32\agentservice.exe S4 - [uhssvc] - Microsoft Update Health Service - c:\program files\microsoft update health tools\uhssvc.exe ==== Drivers(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys R0 - [WdFilter] - Driver de Minifiltro do Microsoft Defender Antivírus - C:\WINDOWS\system32\Drivers\WdFilter.sys R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys R3 - [srv2] - Driver SMB 2.xxx do Servidor - C:\WINDOWS\system32\Drivers\srv2.sys R0 - [ACPI] - Microsoft ACPI Driver - C:\WINDOWS\system32\Drivers\ACPI.sys R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys R0 - [disk] - Driver de disco - C:\WINDOWS\system32\Drivers\disk.sys R0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys R0 - [fvevol] - Driver de Filtro de Criptografia de Unidade de Disco BitLocker - C:\WINDOWS\system32\Drivers\fvevol.sys R0 - [intelpep] - Driver Intel(R) Power Engine Plug-in - C:\WINDOWS\system32\Drivers\intelpep.sys R0 - [iorate] - Driver do Filtro de Taxa de E/S de Disco - C:\WINDOWS\system32\Drivers\iorate.sys R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys R0 - [mountmgr] - Gerenciador de Pontos de Montagem - C:\WINDOWS\system32\Drivers\mountmgr.sys R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys R0 - [MsSecFlt] - Minifiltro do Componente de Eventos de Segurança da Microsoft - C:\WINDOWS\system32\Drivers\MsSecFlt.sys R0 - [NDIS] - Driver do Sistema NDIS - C:\WINDOWS\system32\Drivers\NDIS.sys R0 - [partmgr] - Driver de partição - C:\WINDOWS\system32\Drivers\partmgr.sys R0 - [pci] - PCI Bus Driver - C:\WINDOWS\system32\Drivers\pci.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys R0 - [pdc] - pdc - C:\WINDOWS\system32\Drivers\pdc.sys R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys R0 - [SgrmAgent] - System Guard Runtime Monitor Agent - C:\WINDOWS\system32\Drivers\SgrmAgent.sys R0 - [spaceport] - Driver de Espaços de Armazenamento - C:\WINDOWS\system32\Drivers\spaceport.sys R0 - [storahci] - Driver AHCI SATA Padrão da Microsoft - C:\WINDOWS\system32\Drivers\storahci.sys R0 - [Tcpip] - Driver de Protocolo TCP/IP - C:\WINDOWS\system32\Drivers\Tcpip.sys R0 - [Telemetry] - Serviço de Telemetria Intel(R) - C:\WINDOWS\system32\Drivers\Telemetry.sys [x] R0 - [vdrvroot] - Enumerador de Unidade Virtual Microsoft - C:\WINDOWS\system32\Drivers\vdrvroot.sys R0 - [VMSNPXY] - VmSwitch NIC Proxy Driver - C:\WINDOWS\system32\Drivers\VMSNPXY.sys [x] R0 - [VmsProxy] - VmSwitch Proxy Driver - C:\WINDOWS\system32\Drivers\VmsProxy.sys R0 - [volmgr] - Driver de Gerenciador de Volumes - C:\WINDOWS\system32\Drivers\volmgr.sys R0 - [volmgrx] - Gerenciador de Volume Dinâmico - C:\WINDOWS\system32\Drivers\volmgrx.sys R0 - [volsnap] - Driver de Cópia de Sombra de Volume - C:\WINDOWS\system32\Drivers\volsnap.sys R0 - [volume] - Driver do volume - C:\WINDOWS\system32\Drivers\volume.sys R0 - [Wdf01000] - Serviço de Estruturas de Driver em Modo Kernel - C:\WINDOWS\system32\Drivers\Wdf01000.sys R0 - [WFPLWFS] - Plataforma para Filtros do Microsoft Windows - C:\WINDOWS\system32\Drivers\WFPLWFS.sys R0 - [WindowsTrustedRT] - Windows Trusted Execution Environment Class Extension - C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys R0 - [WindowsTrustedRTProxy] - Serviço de Proteção de Tempo de Execução Confiável do Microsoft Windows - C:\WINDOWS\system32\Drivers\WindowsTrustedRTProxy.sys R1 - [AFD] - Ancillary Function Driver for Winsock - C:\WINDOWS\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys R1 - [tdx] - Driver de Suporte a TDI Herdado de NetIO - C:\WINDOWS\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys S0 - [MbamElam] - MbamElam - C:\WINDOWS\system32\Drivers\MbamElam.sys S0 - [WdBoot] - Driver de Inicialização do Microsoft Defender Antivírus - C:\WINDOWS\system32\Drivers\WdBoot.sys S3 - [atapi] - Canal de IDE - C:\WINDOWS\system32\Drivers\atapi.sys S3 - [Tcpip6] - @todo.dll,-100;Microsoft IPv6 Protocol Driver - C:\WINDOWS\system32\Drivers\Tcpip6.sys [x] ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-4088500517-2565616627-243635623-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "EpicGamesLauncher"="D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent" "Discord"="C:\Users\felip\AppData\Local\Discord\Update.exe --processStart Discord.exe" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "WallpaperEngine"="C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe -silent" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "Opera GX Browser Assistant"="C:\Users\felip\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe CCXProcess"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" "OnScreen Control"="C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EpicGamesLauncher"="D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent" "Discord"="C:\Users\felip\AppData\Local\Discord\Update.exe --processStart Discord.exe" "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "WallpaperEngine"="C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe -silent" "EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart" "Opera GX Browser Assistant"="C:\Users\felip\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "XMouseButtonControl"="C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe /notportable /delay" "PTM6500Monitor"="C:\Program Files\Pantum\ptm6500\PushScan\ptm6500PushMonitor.exe" "SecurityHealth"="%windir%\system32\SecurityHealthSystray.exe " ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe] "C:\WINDOWS\SysNative\tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe] "C:\WINDOWS\SysNative\tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" ["C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"] "C:\WINDOWS\SysNative\tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe] "C:\WINDOWS\SysNative\tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\WINDOWS\SysNative\tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Per-Machine Standalone Update Task" [C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task-S-1-5-21-1702179264-2544747680-625795021-500" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\Opera GX scheduled assistant Autoupdate 1615911494" [C:\Users\felip\AppData\Local\Programs\Opera GX\launcher.exe] "C:\WINDOWS\SysNative\tasks\Opera GX scheduled Autoupdate 1607473347" [C:\Users\felip\AppData\Local\Programs\Opera GX\launcher.exe] "C:\WINDOWS\SysNative\tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" [C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe] "C:\WINDOWS\SysNative\tasks\UpdateCore0x300" [C:\Users\felip\AppData\Local\Update\janma.exe] "C:\WINDOWS\SysNative\tasks\UpdateCore0x301" [C:\Users\felip\AppData\Local\Packages\Update\janma.exe] "C:\WINDOWS\SysNative\tasks\UpdateCore0x302" [C:\Users\felip\AppData\Local\Google\Update\janma.exe] "C:\WINDOWS\SysNative\tasks\UpdateCore0x303" [C:\Users\felip\AppData\Local\Mozilla\Update\janma.exe] "C:\WINDOWS\SysNative\tasks\UpdateCore0x304" [C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe] "C:\WINDOWS\SysNative\tasks\Agent Activation Runtime\S-1-5-21-4088500517-2565616627-243635623-1001" [C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions efaidnbmnnnibpcajpcglclefindmkaj - No path found[] Slides - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Dark Theme for Google Chrome - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo Docs - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Origin - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb uBlockâ‚€ - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm SIH - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl Adobe Acrobat - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj BlockSite - Stay Focused Control Your Time - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh Sheets - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Dark - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom YouTube - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoffpmfcdnncgblkdnobhomnjnkofdm LOOT.Farm helper - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnangbjcpnopeaebpckiljkapfcakl Extension to help with CS:GO trading trade-lock countdown in-browser inspect doppler phases prices float values etc - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaibcgikagnkfgjnibflebpldakfhfih Video Converter - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne Pesquisa do Google - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpjmkngecpnnajkmdhplmeoelenkpgk Chrome Web Store Payments - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm SIH - felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl BlockSite - Stay Focused Control Your Time - felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh Origin - felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh LOOT.Farm helper - felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iljnangbjcpnopeaebpckiljkapfcakl Extension to help with CS:GO trading trade-lock countdown in-browser inspect doppler phases prices float values etc - felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kaibcgikagnkfgjnibflebpldakfhfih Dark - felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog uBlockâ‚€ - felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 F2 - REG:system.ini: UserInit= O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.54\BHO\ie_to_edge_bho.dll O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll ==== EOF on 21/06/2021 at 0:19:34,01 ====================== Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20-06-2021 Executado por felip (administrador) em FELIPE (21-06-2021 14:50:43) Executando a partir de C:\Users\felip\Downloads Perfis Carregados: felip Platform: Windows 10 Pro Versão 20H2 19042.1052 (X64) Idioma: Português (Brasil) Navegador padrão: Chrome Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Deezer SA -> Deezer) D:\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0\app\Deezer.exe <7> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (HyperX Gaming) C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.3.0.0_x64__0a78dr3hq0pvt\Assets\Native\NGenuity2Helper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe <2> (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> Nvidia Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1684216 2020-05-13] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) HKLM\...\Run: [PTM6500Monitor] => C:\Program Files\Pantum\ptm6500\PushScan\ptm6500PushMonitor.exe [270008 2017-07-31] (ZHUHAI PANTUM ELECTRONICS CO.,LTD -> Zhuhai Pantum Electronics Co.,Ltd.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-07-30] (Adobe Inc. -> ) HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1814016 2020-10-09] (LG Electronics Inc.) [Arquivo não assinado] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [EpicGamesLauncher] => D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33223648 2021-06-09] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [Discord] => C:\Users\felip\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4109032 2021-06-08] (Valve -> Valve Corporation) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe [3480672 2021-03-06] (Skutta, Kristjan -> ) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144824 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\felip\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.106\Installer\chrmstp.exe [2021-06-15] (Google LLC -> Google LLC) GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0928BCB7-8B6D-40F0-9861-639216FC6677} - System32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe [5133296 2020-04-08] (NVIDIA Corporation -> Nvidia Corporation) Task: {0F9A88AD-53BA-4E06-9EA3-8783A3458C23} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {13A9CA92-862F-449E-BA46-13F37B532F53} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1841AAF2-FDCB-443E-B704-6068C7DDA6FE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {18D0B1F7-FD42-45E9-B36F-F18FE78886F6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1C38EFE3-1906-49BA-9F30-220E9A39F529} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {1F8E7755-51F9-4C85-AB39-E4A8FD139306} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {204F2FE0-91A9-48E7-9D4F-3F719A458C49} - System32\Tasks\UpdateCore0x303 => C:\Users\felip\AppData\Local\Mozilla\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {2138255C-A049-413E-8DAE-981A8D2605EA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2946564D-2D39-4D3D-9EEC-3A656EDF1FD5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {29C0E3DE-2CDB-4BB1-9E6A-43D613734261} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615911494 => C:\Users\felip\AppData\Local\Programs\Opera GX\launcher.exe [1861840 2021-06-10] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\felip\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {29C25E45-FA7E-499E-BD3C-F82319D3840C} - System32\Tasks\Opera GX scheduled Autoupdate 1607473347 => C:\Users\felip\AppData\Local\Programs\Opera GX\launcher.exe [1861840 2021-06-10] (Opera Software AS -> Opera Software) Task: {44B14828-AA9A-4A05-909C-6AD46586AEB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4EDDACA3-753B-4714-B05C-8751809F6519} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {5C6C99B3-3430-4E6E-95AD-3387EC1E4515} - System32\Tasks\UpdateCore0x301 => C:\Users\felip\AppData\Local\Packages\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {63D98729-8A01-4AD1-9F40-120294385E30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {679CC634-EA5C-4E3B-8B5F-4FBEF6CEE5A4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {77E84C17-FEB2-4705-9BFA-867898811816} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {78EEFFB8-9394-473F-AEBA-85D5087FE1E8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {94529F77-DC6A-4A85-9A3D-CA08DD913CE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-19] (Google LLC -> Google LLC) Task: {94E36A01-D878-4646-B2B5-296A93FA1D54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {98C73B4D-191E-4DC8-822E-E8ADE381319C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Task: {A5F0E1E0-FAF0-4DCB-9316-53BFE9106672} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A6BC8198-85E5-4AB3-B9BE-12ECC6C42498} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {C4669F48-8E21-44FF-A2F5-755B7B6FF304} - System32\Tasks\UpdateCore0x300 => C:\Users\felip\AppData\Local\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {CCE75AE7-2772-439D-AA94-7C0F54AA6795} - System32\Tasks\UpdateCore0x302 => C:\Users\felip\AppData\Local\Google\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {D881014A-7493-4500-A2D8-393D36E3BDCF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DBABFA16-DAC9-4473-8586-269ABCD623C9} - System32\Tasks\UpdateCore0x304 => C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {DC3F3B93-A2DD-4D24-AC2B-D31B0D490D29} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4524416 2021-06-17] (Microsoft Corporation -> Microsoft Corporation) Task: {E1E10EE5-F043-41BD-B573-3DADC61B9D04} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E98CD4EA-C7AE-4FAB-A235-80455E8586A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Task: {FD0BBD48-21CC-40FC-9C29-AAA8EADEC26A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-19] (Google LLC -> Google LLC) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\..\Interfaces\{21bda249-924e-4b85-9ade-38c06fcefab5}: [DhcpNameServer] 192.168.18.1 Tcpip\..\Interfaces\{421104c1-1b8e-4675-a49a-1c157cd4b6d8}: [DhcpNameServer] 192.168.42.129 Edge: ======= Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)] Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)] Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)] Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)] Edge DefaultProfile: Default Edge Profile: C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-21] Edge HomePage: Default -> hxxp://google.com/ Edge StartupUrls: Default -> "hxxps://www.twitch.tv/doutora","hxxps://www.twitch.tv/johnpittertv" Edge Extension: (Steam Inventory Helper) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2021-04-24] Edge Extension: (BlockSite - Stay Focused & Control Your Time) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2021-03-05] Edge Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-03-05] Edge Extension: (LOOT.Farm helper) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iljnangbjcpnopeaebpckiljkapfcakl [2020-10-19] Edge Extension: (CSGO Trader - Steam Trading Enhancer) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kaibcgikagnkfgjnibflebpldakfhfih [2021-04-24] Edge Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-05-09] Edge Extension: (uBlock Origin) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2021-05-09] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default [2021-06-21] CHR HomePage: Default -> hxxp://google.com/ CHR StartupUrls: Default -> "hxxps://www.twitch.tv/johnpittertv","hxxps://www.twitch.tv/doutora" CHR Extension: (Apresentações) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-19] CHR Extension: (Tema escuro para o Google Chrome) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2020-10-19] CHR Extension: (Documentos) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-19] CHR Extension: (Google Drive) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19] CHR Extension: (YouTube) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-19] CHR Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19] CHR Extension: (uBlock Origin) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-08] CHR Extension: (Steam Inventory Helper) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2021-06-12] CHR Extension: (Adobe Acrobat) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-04-30] CHR Extension: (BlockSite - Stay Focused & Control Your Time) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2021-06-17] CHR Extension: (Planilhas) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-19] CHR Extension: (Documentos Google off-line) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17] CHR Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-02] CHR Extension: (YouTube) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoffpmfcdnncgblkdnobhomnjnkofdm [2020-10-19] CHR Extension: (LOOT.Farm helper) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnangbjcpnopeaebpckiljkapfcakl [2020-10-19] CHR Extension: (CSGO Trader - Steam Trading Enhancer) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaibcgikagnkfgjnibflebpldakfhfih [2021-04-23] CHR Extension: (Conversor de vídeo) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2020-10-19] CHR Extension: (Pesquisa do Google) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpjmkngecpnnajkmdhplmeoelenkpgk [2021-06-02] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (Chrome Media Router) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-4088500517-2565616627-243635623-1001) Opera GXStable - "C:\Users\felip\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-02-12] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation) S2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9709976 2021-06-18] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2021-04-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncHelper.exe [3660152 2021-06-17] (Microsoft Corporation -> Microsoft Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-21] (Malwarebytes Inc -> Malwarebytes) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.099.0516.0003\OneDriveUpdaterService.exe [4261248 2021-06-17] (Microsoft Corporation -> Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2547344 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3487384 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts) S3 Rockstar Service; D:\Launcher\RockstarService.exe [1676696 2021-03-21] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Uncheater\ucldr_battlegrounds_gl.exe [6969856 2021-02-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) S3 XSplit_VCam_Updater; D:\XSplit_VCam_Updater.exe [3194032 2021-05-20] (SplitmediaLabs Limited -> XSplit) S2 XSpltVidSvc; D:\service\XSpltVidSvc.exe [259248 2021-05-20] (SplitmediaLabs Limited -> SplitmediaLabs Limited) S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [7023744 2021-02-12] (PUBG CORPORATION -> PUBG Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps) S3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-21] (Malwarebytes Inc -> Malwarebytes) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [41008 2021-03-30] (McAfee, LLC. -> The OpenVPN Project) S3 UniFairy_x64; C:\WINDOWS\system32\drivers\UniFairy_x64.sys [4777952 2021-04-27] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) R1 unirsdt; C:\WINDOWS\system32\drivers\unirsdt.sys [3314472 2021-04-28] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [2742720 2021-02-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [121864 2021-03-16] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-06-21 14:48 - 2021-06-21 14:50 - 000086081 _____ C:\Users\felip\Downloads\Addition.txt 2021-06-21 14:46 - 2021-06-21 14:51 - 000028418 _____ C:\Users\felip\Downloads\FRST.txt 2021-06-21 14:46 - 2021-06-21 14:51 - 000000000 ____D C:\FRST 2021-06-21 14:45 - 2021-06-21 14:45 - 002300416 _____ (Farbar) C:\Users\felip\Downloads\FRST64.exe 2021-06-21 00:19 - 2021-06-21 00:19 - 000022793 _____ C:\ZA-Scan.txt 2021-06-21 00:17 - 2021-06-21 00:17 - 000000000 ____D C:\zoek_backup 2021-06-21 00:16 - 2021-06-21 00:16 - 006102389 _____ C:\Users\felip\Downloads\zoek.zip 2021-06-20 23:59 - 2021-06-21 00:12 - 000000000 ____D C:\Users\felip\AppData\Roaming\ZHP 2021-06-20 23:59 - 2021-06-20 23:59 - 000000000 ____D C:\Users\felip\AppData\Local\ZHP 2021-06-19 23:52 - 2021-06-19 23:52 - 000000000 ____D C:\WINDOWS\Panther 2021-06-19 01:07 - 2021-06-19 01:07 - 000000000 ____D C:\Users\felip\AppData\Roaming\Injustice 2021-06-17 00:27 - 2021-06-18 01:16 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2021-06-14 00:10 - 2021-06-14 00:10 - 000000000 ____D C:\Users\felip\OneDrive\Documentos\XSplit 2021-06-14 00:10 - 2021-06-14 00:10 - 000000000 ____D C:\ProgramData\Caphyon 2021-06-14 00:09 - 2021-06-14 00:09 - 000000000 ____D C:\Users\felip\AppData\Roaming\XSplit 2021-06-14 00:09 - 2021-06-14 00:09 - 000000000 ____D C:\Users\felip\AppData\Local\XSplit 2021-06-14 00:09 - 2021-06-14 00:09 - 000000000 ____D C:\ProgramData\XSplit 2021-06-14 00:09 - 2021-06-14 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit 2021-06-14 00:01 - 2021-06-14 00:01 - 000000000 ____D C:\Users\felip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2021-06-14 00:00 - 2021-06-14 00:01 - 000000000 ____D C:\Users\felip\AppData\Roaming\Zoom 2021-06-11 23:31 - 2021-06-11 23:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-06-11 23:31 - 2021-06-11 23:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-06-11 23:31 - 2021-06-11 23:31 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-06-11 23:31 - 2021-06-11 23:31 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-06-11 23:31 - 2021-06-11 23:31 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-06-11 23:31 - 2021-06-11 23:31 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-06-11 23:31 - 2021-06-11 23:31 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-06-11 23:31 - 2021-06-11 23:31 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-06-11 23:31 - 2021-06-11 23:31 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-06-11 23:31 - 2021-06-11 23:31 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-06-11 23:31 - 2021-06-11 23:31 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-06-11 23:31 - 2021-06-11 23:31 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-06-11 23:30 - 2021-06-11 23:30 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-06-11 23:30 - 2021-06-11 23:30 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-06-11 23:30 - 2021-06-11 23:30 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-06-11 23:30 - 2021-06-11 23:30 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-06-11 23:30 - 2021-06-11 23:30 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-06-11 23:30 - 2021-06-11 23:30 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-06-09 22:38 - 2021-05-31 13:15 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-06-09 22:38 - 2021-05-31 13:15 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-06-09 22:38 - 2021-05-31 13:15 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-06-09 22:38 - 2021-05-31 13:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-06-09 22:38 - 2021-05-31 13:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-06-09 22:38 - 2021-05-31 13:15 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-06-09 22:38 - 2021-05-31 13:15 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-06-09 22:38 - 2021-05-31 13:15 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-06-09 22:38 - 2021-05-31 13:15 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-06-09 22:38 - 2021-05-31 13:15 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 001514784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 001166096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 000715536 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-06-09 22:38 - 2021-05-31 13:11 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 000626960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 000575760 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 000563984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 008317200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 002106160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-06-09 22:38 - 2021-05-31 13:09 - 004795152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-06-09 22:38 - 2021-05-31 13:09 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-06-09 22:38 - 2021-05-31 13:08 - 006159160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-06-09 22:38 - 2021-05-27 20:01 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb 2021-06-06 14:14 - 2021-06-06 14:14 - 000000000 ____D C:\Users\felip\AppData\Local\EALaunchHelper 2021-06-06 02:00 - 2021-06-06 02:00 - 000000000 ____D C:\Users\felip\AppData\Roaming\2K Sports 2021-06-06 02:00 - 2021-06-06 02:00 - 000000000 ____D C:\ProgramData\2K Sports 2021-06-04 22:14 - 2021-06-04 22:14 - 000000000 ____D C:\Users\felip\AppData\Roaming\stremio 2021-06-04 22:13 - 2021-06-04 22:13 - 000000000 ____D C:\Users\felip\AppData\Local\Smart Code ltd 2021-06-04 22:11 - 2021-06-04 22:11 - 000000000 ____D C:\Users\felip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stremio 2021-06-02 15:25 - 2021-06-02 15:27 - 000000000 ____D C:\Users\felip\OneDrive\Documentos\FIFA 21 2021-06-02 15:15 - 2021-06-02 15:15 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller 2021-06-02 13:14 - 2021-06-02 13:14 - 000000000 ____D C:\Users\felip\AppData\Local\Epic Games 2021-06-01 23:05 - 2021-06-01 23:05 - 000000000 ____D C:\Users\felip\OneDrive\Documentos\Electronic Arts 2021-06-01 23:04 - 2014-09-16 18:45 - 000447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll 2021-06-01 22:53 - 2021-06-01 22:53 - 000000000 ____D C:\Users\felip\AppData\Local\EADesktop 2021-06-01 22:51 - 2021-06-01 22:51 - 000000000 ____D C:\Users\felip\AppData\Local\Electronic Arts 2021-06-01 22:51 - 2021-06-01 22:51 - 000000000 ____D C:\Users\felip\AppData\Local\EAConnect_microsoft 2021-06-01 22:47 - 2021-06-18 23:29 - 000000000 ____D C:\Program Files\EA Games 2021-06-01 22:47 - 2021-06-01 22:55 - 000000000 ____D C:\ProgramData\EA Desktop 2021-06-01 22:47 - 2021-06-01 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA 2021-06-01 22:47 - 2021-06-01 22:47 - 000000000 ____D C:\Program Files\Electronic Arts 2021-05-30 11:36 - 2021-05-30 11:36 - 000000000 ____D C:\Users\felip\.config 2021-05-29 23:42 - 2021-05-29 23:42 - 000003650 _____ C:\WINDOWS\system32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-29 23:42 - 2020-03-12 10:58 - 000177896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrtxaudcap64v.dll 2021-05-29 23:42 - 2020-03-12 10:58 - 000155024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvrtxaudcap32v.dll 2021-05-29 23:41 - 2021-05-29 23:41 - 000000000 ____D C:\temp 2021-05-29 23:41 - 2020-03-12 10:58 - 000054504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvrtxvad64v.sys 2021-05-28 23:21 - 2021-05-28 23:21 - 000000000 ____D C:\Users\felip\AppData\LocalLow\Hologryph 2021-05-28 00:30 - 2021-06-02 21:19 - 000000000 ____D C:\AdwCleaner 2021-05-28 00:30 - 2021-05-28 00:30 - 008534696 _____ (Malwarebytes) C:\Users\felip\Downloads\adwcleaner_8.2.exe 2021-05-27 23:16 - 2021-06-20 22:22 - 000000032 _____ C:\Users\felip\AppData\Roaming\.machineId 2021-05-26 01:38 - 2021-05-26 01:38 - 000000000 ____D C:\Users\felip\AppData\Roaming\Skype 2021-05-24 15:43 - 2021-05-24 15:43 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-05-24 15:43 - 2021-05-24 15:43 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-05-24 15:43 - 2021-05-24 15:43 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-05-24 15:42 - 2021-05-24 15:42 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-05-24 15:42 - 2021-05-24 15:42 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-05-24 15:42 - 2021-05-24 15:42 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-05-24 15:42 - 2021-05-24 15:42 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-05-24 15:42 - 2021-05-24 15:42 - 000014848 _____ C:\WINDOWS\system32\hnsproxy.dll 2021-05-24 15:42 - 2021-05-24 15:42 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-05-23 21:10 - 2021-05-13 07:38 - 000037656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2021-05-23 21:09 - 2021-05-31 13:10 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-06-21 14:50 - 2021-04-21 23:16 - 000004688 _____ C:\WINDOWS\system32\Tasks\UpdateCore0x300 2021-06-21 14:48 - 2021-04-21 23:16 - 000004728 _____ C:\WINDOWS\system32\Tasks\UpdateCore0x304 2021-06-21 14:46 - 2021-04-21 23:16 - 000004720 _____ C:\WINDOWS\system32\Tasks\UpdateCore0x303 2021-06-21 14:46 - 2020-10-19 13:53 - 000000000 ____D C:\ProgramData\NVIDIA 2021-06-21 14:44 - 2021-04-21 23:16 - 000004724 _____ C:\WINDOWS\system32\Tasks\UpdateCore0x301 2021-06-21 14:44 - 2021-04-21 23:16 - 000004716 _____ C:\WINDOWS\system32\Tasks\UpdateCore0x302 2021-06-21 14:43 - 2021-02-20 01:15 - 000000435 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2021-06-21 00:46 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-06-21 00:19 - 2021-04-21 23:16 - 000000000 ____D C:\Users\felip\AppData\Local\Janma 2021-06-21 00:17 - 2021-04-21 23:16 - 000000000 ____D C:\Users\felip\AppData\Local\Update 2021-06-21 00:17 - 2020-10-20 00:08 - 000000000 ____D C:\Users\felip\AppData\Local\CrashDumps 2021-06-21 00:16 - 2020-10-19 13:26 - 000000000 ____D C:\Users\felip\AppData\Local\Google 2021-06-20 23:56 - 2020-10-19 14:06 - 000000000 ____D C:\Users\felip\AppData\Roaming\discord 2021-06-20 23:48 - 2020-10-19 14:33 - 000000000 ____D C:\Program Files (x86)\Steam 2021-06-20 23:39 - 2020-10-19 22:16 - 000000000 ____D C:\Users\felip\AppData\Roaming\Blitz 2021-06-20 23:32 - 2020-10-19 14:05 - 000000000 ____D C:\Users\felip\AppData\Local\Discord 2021-06-20 23:13 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-06-20 22:21 - 2020-10-19 13:45 - 000000000 ____D C:\ProgramData\Riot Games 2021-06-20 20:33 - 2020-09-27 07:59 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-06-20 20:33 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-06-19 23:59 - 2020-11-06 03:45 - 001741824 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-06-19 23:59 - 2019-12-07 11:53 - 000752436 _____ C:\WINDOWS\system32\prfh0416.dat 2021-06-19 23:59 - 2019-12-07 11:53 - 000148550 _____ C:\WINDOWS\system32\prfc0416.dat 2021-06-19 23:59 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2021-06-19 23:52 - 2020-09-27 07:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-06-19 23:52 - 2019-12-07 06:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-06-19 23:42 - 2020-10-19 13:23 - 000000000 ____D C:\Users\felip\AppData\Local\D3DSCache 2021-06-17 00:29 - 2020-11-20 14:18 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2021-06-17 00:29 - 2020-11-20 14:18 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-06-17 00:29 - 2020-10-19 13:12 - 000000000 ___RD C:\Users\felip\OneDrive 2021-06-16 21:54 - 2020-10-22 12:09 - 000000000 ____D C:\Users\felip\AppData\Local\log 2021-06-16 21:54 - 2020-10-19 22:16 - 000002245 _____ C:\Users\felip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk 2021-06-16 21:54 - 2020-10-19 22:16 - 000000000 ____D C:\Users\felip\AppData\Local\blitz-updater 2021-06-15 22:47 - 2020-10-19 13:26 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-06-14 14:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-06-14 14:50 - 2020-12-08 21:22 - 000004170 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1607473347 2021-06-14 14:50 - 2020-12-08 21:22 - 000001434 _____ C:\Users\felip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk 2021-06-13 22:36 - 2020-11-06 03:39 - 000000000 ____D C:\Users\felip 2021-06-13 21:04 - 2020-09-27 07:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-06-13 05:24 - 2021-02-21 11:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-06-12 20:34 - 2020-10-19 16:24 - 000000000 ____D C:\Program Files\Microsoft Office 2021-06-12 20:27 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-06-12 01:10 - 2020-09-27 07:56 - 000449096 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-06-12 01:09 - 2021-02-20 00:59 - 000000000 ____D C:\Program Files\Hyper-V 2021-06-12 01:09 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-06-12 00:25 - 2020-09-27 07:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-06-11 23:34 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-06-11 23:31 - 2020-10-19 13:00 - 000414020 __RSH C:\bootmgr 2021-06-11 23:19 - 2020-10-31 12:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-06-11 23:19 - 2020-10-19 15:12 - 000000000 ___HD C:\$WinREAgent 2021-06-11 01:14 - 2020-10-31 12:13 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-06-09 23:06 - 2021-04-30 23:06 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-06-09 22:42 - 2020-10-19 13:53 - 000000000 ____D C:\Users\felip\AppData\Local\NVIDIA 2021-06-07 16:06 - 2020-10-30 20:23 - 000000000 ____D C:\Users\felip\AppData\Roaming\CC 2021-06-07 16:04 - 2021-01-18 17:43 - 000000000 ____D C:\Program Files (x86)\Cyber Hunter 2021-06-06 13:27 - 2020-11-30 19:09 - 000000000 ____D C:\Users\felip\AppData\Local\Ubisoft Game Launcher 2021-06-06 12:31 - 2020-10-19 16:38 - 000000000 ____D C:\Users\felip\AppData\Local\Battle.net 2021-06-06 12:30 - 2020-10-19 13:10 - 000000000 ____D C:\Users\felip\AppData\Local\Packages 2021-06-06 12:28 - 2021-05-11 11:06 - 000000000 ____D C:\ProgramData\SketchUp 2021-06-06 12:23 - 2020-11-07 23:43 - 000000000 ____D C:\Program Files\Common Files\Twitch 2021-06-04 22:55 - 2021-01-14 15:59 - 000000000 ____D C:\Program Files (x86)\Origin 2021-06-04 22:14 - 2020-11-23 14:02 - 000000000 ____D C:\Users\felip\AppData\Local\cache 2021-06-02 15:14 - 2020-10-19 13:53 - 000000000 ____D C:\ProgramData\Package Cache 2021-06-02 13:13 - 2021-01-11 13:33 - 000000000 ____D C:\Users\felip\OneDrive\Documentos\My Games 2021-06-02 13:10 - 2021-04-18 16:09 - 000000000 ____D C:\Users\felip\AppData\Roaming\T2GP Launcher 2021-06-02 13:10 - 2021-04-18 16:09 - 000000000 ____D C:\Users\felip\AppData\Local\T2GP Launcher 2021-06-02 00:45 - 2020-11-06 00:48 - 000000000 ____D C:\Users\felip\.VirtualBox 2021-06-02 00:42 - 2020-11-06 00:48 - 000000000 ____D C:\ProgramData\VirtualBox 2021-05-31 13:10 - 2021-04-29 23:55 - 000656176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-05-31 13:08 - 2020-10-29 20:09 - 007212232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-05-30 03:37 - 2021-04-30 23:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-05-29 23:42 - 2020-10-19 13:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2021-05-29 23:42 - 2020-10-19 13:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-05-29 23:42 - 2020-10-19 13:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-05-28 23:20 - 2020-10-19 13:13 - 000000000 ____D C:\Users\felip\AppData\Local\PlaceholderTileLogoFolder 2021-05-28 23:20 - 2020-09-27 08:00 - 000000000 ____D C:\ProgramData\Packages 2021-05-27 22:11 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-05-25 07:48 - 2021-02-21 11:23 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll 2021-05-25 02:21 - 2020-12-12 02:21 - 000000000 ____D C:\Users\felip\AppData\LocalLow\Mozilla 2021-05-24 15:59 - 2019-12-07 11:54 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-05-24 15:44 - 2019-12-07 11:56 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll ==================== Arquivos na raiz de alguns diretórios ======== 2021-05-27 23:16 - 2021-06-20 22:22 - 000000032 _____ () C:\Users\felip\AppData\Roaming\.machineId ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ======================== Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20-06-2021 Executado por felip (administrador) em FELIPE (21-06-2021 14:46:18) Executando a partir de C:\Users\felip\Downloads Perfis Carregados: felip Platform: Windows 10 Pro Versão 20H2 19042.1052 (X64) Idioma: Português (Brasil) Navegador padrão: Chrome Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Deezer SA -> Deezer) D:\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0\app\Deezer.exe <6> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (HyperX Gaming) C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.3.0.0_x64__0a78dr3hq0pvt\Assets\Native\NGenuity2Helper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> Nvidia Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\NVDisplay.Container.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Skutta, Kristjan -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8838400 2016-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1684216 2020-05-13] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) HKLM\...\Run: [PTM6500Monitor] => C:\Program Files\Pantum\ptm6500\PushScan\ptm6500PushMonitor.exe [270008 2017-07-31] (ZHUHAI PANTUM ELECTRONICS CO.,LTD -> Zhuhai Pantum Electronics Co.,Ltd.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-07-30] (Adobe Inc. -> ) HKLM-x32\...\Run: [OnScreen Control] => C:\Program Files (x86)\LG Electronics\OnScreen Control\bin\OnScreenStartUpApp.exe [1814016 2020-10-09] (LG Electronics Inc.) [Arquivo não assinado] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [EpicGamesLauncher] => D:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33223648 2021-06-09] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [Discord] => C:\Users\felip\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4109032 2021-06-08] (Valve -> Valve Corporation) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper64.exe [3480672 2021-03-06] (Skutta, Kristjan -> ) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144824 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\felip\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.106\Installer\chrmstp.exe [2021-06-15] (Google LLC -> Google LLC) GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0928BCB7-8B6D-40F0-9861-639216FC6677} - System32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\NVIDIA RTX Voice.exe [5133296 2020-04-08] (NVIDIA Corporation -> Nvidia Corporation) Task: {0F9A88AD-53BA-4E06-9EA3-8783A3458C23} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {13A9CA92-862F-449E-BA46-13F37B532F53} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1841AAF2-FDCB-443E-B704-6068C7DDA6FE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {18D0B1F7-FD42-45E9-B36F-F18FE78886F6} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1C38EFE3-1906-49BA-9F30-220E9A39F529} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {1F8E7755-51F9-4C85-AB39-E4A8FD139306} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {204F2FE0-91A9-48E7-9D4F-3F719A458C49} - System32\Tasks\UpdateCore0x303 => C:\Users\felip\AppData\Local\Mozilla\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {2138255C-A049-413E-8DAE-981A8D2605EA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2946564D-2D39-4D3D-9EEC-3A656EDF1FD5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {29C0E3DE-2CDB-4BB1-9E6A-43D613734261} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615911494 => C:\Users\felip\AppData\Local\Programs\Opera GX\launcher.exe [1861840 2021-06-10] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\felip\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {29C25E45-FA7E-499E-BD3C-F82319D3840C} - System32\Tasks\Opera GX scheduled Autoupdate 1607473347 => C:\Users\felip\AppData\Local\Programs\Opera GX\launcher.exe [1861840 2021-06-10] (Opera Software AS -> Opera Software) Task: {44B14828-AA9A-4A05-909C-6AD46586AEB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4EDDACA3-753B-4714-B05C-8751809F6519} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {5C6C99B3-3430-4E6E-95AD-3387EC1E4515} - System32\Tasks\UpdateCore0x301 => C:\Users\felip\AppData\Local\Packages\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {63D98729-8A01-4AD1-9F40-120294385E30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {679CC634-EA5C-4E3B-8B5F-4FBEF6CEE5A4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {77E84C17-FEB2-4705-9BFA-867898811816} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {78EEFFB8-9394-473F-AEBA-85D5087FE1E8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147272 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {94529F77-DC6A-4A85-9A3D-CA08DD913CE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-19] (Google LLC -> Google LLC) Task: {94E36A01-D878-4646-B2B5-296A93FA1D54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {98C73B4D-191E-4DC8-822E-E8ADE381319C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Task: {A5F0E1E0-FAF0-4DCB-9316-53BFE9106672} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A6BC8198-85E5-4AB3-B9BE-12ECC6C42498} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-12] (Microsoft Corporation -> Microsoft Corporation) Task: {C4669F48-8E21-44FF-A2F5-755B7B6FF304} - System32\Tasks\UpdateCore0x300 => C:\Users\felip\AppData\Local\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {CCE75AE7-2772-439D-AA94-7C0F54AA6795} - System32\Tasks\UpdateCore0x302 => C:\Users\felip\AppData\Local\Google\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {D881014A-7493-4500-A2D8-393D36E3BDCF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DBABFA16-DAC9-4473-8586-269ABCD623C9} - System32\Tasks\UpdateCore0x304 => C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe [74567856 2021-03-28] (LGN Software -> ) [Arquivo não assinado] Task: {DC3F3B93-A2DD-4D24-AC2B-D31B0D490D29} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4524416 2021-06-17] (Microsoft Corporation -> Microsoft Corporation) Task: {E1E10EE5-F043-41BD-B573-3DADC61B9D04} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E98CD4EA-C7AE-4FAB-A235-80455E8586A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5275568 2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Task: {FD0BBD48-21CC-40FC-9C29-AAA8EADEC26A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-19] (Google LLC -> Google LLC) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\..\Interfaces\{21bda249-924e-4b85-9ade-38c06fcefab5}: [DhcpNameServer] 192.168.18.1 Tcpip\..\Interfaces\{421104c1-1b8e-4675-a49a-1c157cd4b6d8}: [DhcpNameServer] 192.168.42.129 Edge: ======= Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)] Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)] Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)] Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)] Edge DefaultProfile: Default Edge Profile: C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-21] Edge HomePage: Default -> hxxp://google.com/ Edge StartupUrls: Default -> "hxxps://www.twitch.tv/doutora","hxxps://www.twitch.tv/johnpittertv" Edge Extension: (Steam Inventory Helper) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2021-04-24] Edge Extension: (BlockSite - Stay Focused & Control Your Time) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2021-03-05] Edge Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-03-05] Edge Extension: (LOOT.Farm helper) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iljnangbjcpnopeaebpckiljkapfcakl [2020-10-19] Edge Extension: (CSGO Trader - Steam Trading Enhancer) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kaibcgikagnkfgjnibflebpldakfhfih [2021-04-24] Edge Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-05-09] Edge Extension: (uBlock Origin) - C:\Users\felip\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2021-05-09] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default [2021-06-21] CHR HomePage: Default -> hxxp://google.com/ CHR StartupUrls: Default -> "hxxps://www.twitch.tv/johnpittertv","hxxps://www.twitch.tv/doutora" CHR Extension: (Apresentações) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-19] CHR Extension: (Tema escuro para o Google Chrome) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2020-10-19] CHR Extension: (Documentos) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-19] CHR Extension: (Google Drive) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19] CHR Extension: (YouTube) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-19] CHR Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19] CHR Extension: (uBlock Origin) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-08] CHR Extension: (Steam Inventory Helper) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2021-06-12] CHR Extension: (Adobe Acrobat) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-04-30] CHR Extension: (BlockSite - Stay Focused & Control Your Time) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2021-06-17] CHR Extension: (Planilhas) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-19] CHR Extension: (Documentos Google off-line) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-17] CHR Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-02] CHR Extension: (YouTube) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoffpmfcdnncgblkdnobhomnjnkofdm [2020-10-19] CHR Extension: (LOOT.Farm helper) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnangbjcpnopeaebpckiljkapfcakl [2020-10-19] CHR Extension: (CSGO Trader - Steam Trading Enhancer) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaibcgikagnkfgjnibflebpldakfhfih [2021-04-23] CHR Extension: (Conversor de vídeo) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2020-10-19] CHR Extension: (Pesquisa do Google) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpjmkngecpnnajkmdhplmeoelenkpgk [2021-06-02] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (Chrome Media Router) - C:\Users\felip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-4088500517-2565616627-243635623-1001) Opera GXStable - "C:\Users\felip\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8894752 2021-02-12] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation) S2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9709976 2021-06-18] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2021-04-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncHelper.exe [3660152 2021-06-17] (Microsoft Corporation -> Microsoft Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-21] (Malwarebytes Inc -> Malwarebytes) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.099.0516.0003\OneDriveUpdaterService.exe [4261248 2021-06-17] (Microsoft Corporation -> Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2547344 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3487384 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts) S3 Rockstar Service; D:\Launcher\RockstarService.exe [1676696 2021-03-21] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Uncheater\ucldr_battlegrounds_gl.exe [6969856 2021-02-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation) S3 XSplit_VCam_Updater; D:\XSplit_VCam_Updater.exe [3194032 2021-05-20] (SplitmediaLabs Limited -> XSplit) S2 XSpltVidSvc; D:\service\XSpltVidSvc.exe [259248 2021-05-20] (SplitmediaLabs Limited -> SplitmediaLabs Limited) S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [7023744 2021-02-12] (PUBG CORPORATION -> PUBG Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps) S3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-21] (Malwarebytes Inc -> Malwarebytes) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [41008 2021-03-30] (McAfee, LLC. -> The OpenVPN Project) S3 UniFairy_x64; C:\WINDOWS\system32\drivers\UniFairy_x64.sys [4777952 2021-04-27] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) R1 unirsdt; C:\WINDOWS\system32\drivers\unirsdt.sys [3314472 2021-04-28] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [2742720 2021-02-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R3 XSpltVid; C:\WINDOWS\system32\DRIVERS\XSpltVid.sys [121864 2021-03-16] (Microsoft Windows Hardware Compatibility Publisher -> SplitmediaLabs Limited) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-06-21 14:46 - 2021-06-21 14:47 - 000028422 _____ C:\Users\felip\Downloads\FRST.txt 2021-06-21 14:46 - 2021-06-21 14:46 - 000000000 ____D C:\FRST 2021-06-21 14:45 - 2021-06-21 14:45 - 002300416 _____ (Farbar) C:\Users\felip\Downloads\FRST64.exe 2021-06-21 00:19 - 2021-06-21 00:19 - 000022793 _____ C:\ZA-Scan.txt 2021-06-21 00:17 - 2021-06-21 00:17 - 000000000 ____D C:\zoek_backup 2021-06-21 00:16 - 2021-06-21 00:16 - 006102389 _____ C:\Users\felip\Downloads\zoek.zip 2021-06-20 23:59 - 2021-06-21 00:12 - 000000000 ____D C:\Users\felip\AppData\Roaming\ZHP 2021-06-20 23:59 - 2021-06-20 23:59 - 000000000 ____D C:\Users\felip\AppData\Local\ZHP 2021-06-19 23:52 - 2021-06-19 23:52 - 000000000 ____D C:\WINDOWS\Panther 2021-06-19 01:07 - 2021-06-19 01:07 - 000000000 ____D C:\Users\felip\AppData\Roaming\Injustice 2021-06-17 00:27 - 2021-06-18 01:16 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2021-06-14 00:10 - 2021-06-14 00:10 - 000000000 ____D C:\Users\felip\OneDrive\Documentos\XSplit 2021-06-14 00:10 - 2021-06-14 00:10 - 000000000 ____D C:\ProgramData\Caphyon 2021-06-14 00:09 - 2021-06-14 00:09 - 000000000 ____D C:\Users\felip\AppData\Roaming\XSplit 2021-06-14 00:09 - 2021-06-14 00:09 - 000000000 ____D C:\Users\felip\AppData\Local\XSplit 2021-06-14 00:09 - 2021-06-14 00:09 - 000000000 ____D C:\ProgramData\XSplit 2021-06-14 00:09 - 2021-06-14 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit 2021-06-14 00:01 - 2021-06-14 00:01 - 000000000 ____D C:\Users\felip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2021-06-14 00:00 - 2021-06-14 00:01 - 000000000 ____D C:\Users\felip\AppData\Roaming\Zoom 2021-06-11 23:31 - 2021-06-11 23:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-06-11 23:31 - 2021-06-11 23:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-06-11 23:31 - 2021-06-11 23:31 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2021-06-11 23:31 - 2021-06-11 23:31 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-06-11 23:31 - 2021-06-11 23:31 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-06-11 23:31 - 2021-06-11 23:31 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-06-11 23:31 - 2021-06-11 23:31 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-06-11 23:31 - 2021-06-11 23:31 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll 2021-06-11 23:31 - 2021-06-11 23:31 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-06-11 23:31 - 2021-06-11 23:31 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2021-06-11 23:31 - 2021-06-11 23:31 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-06-11 23:31 - 2021-06-11 23:31 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-06-11 23:30 - 2021-06-11 23:30 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll 2021-06-11 23:30 - 2021-06-11 23:30 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll 2021-06-11 23:30 - 2021-06-11 23:30 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2021-06-11 23:30 - 2021-06-11 23:30 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2021-06-11 23:30 - 2021-06-11 23:30 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-06-11 23:30 - 2021-06-11 23:30 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-06-09 22:38 - 2021-05-31 13:15 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2021-06-09 22:38 - 2021-05-31 13:15 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe 2021-06-09 22:38 - 2021-05-31 13:15 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2021-06-09 22:38 - 2021-05-31 13:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2021-06-09 22:38 - 2021-05-31 13:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2021-06-09 22:38 - 2021-05-31 13:15 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2021-06-09 22:38 - 2021-05-31 13:15 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2021-06-09 22:38 - 2021-05-31 13:15 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll 2021-06-09 22:38 - 2021-05-31 13:15 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2021-06-09 22:38 - 2021-05-31 13:15 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 001514784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 001166096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 000715536 _____ C:\WINDOWS\system32\nvofapi64.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2021-06-09 22:38 - 2021-05-31 13:11 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 000626960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 000575760 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2021-06-09 22:38 - 2021-05-31 13:11 - 000563984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 008317200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 002106160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2021-06-09 22:38 - 2021-05-31 13:10 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2021-06-09 22:38 - 2021-05-31 13:09 - 004795152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2021-06-09 22:38 - 2021-05-31 13:09 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2021-06-09 22:38 - 2021-05-31 13:08 - 006159160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2021-06-09 22:38 - 2021-05-27 20:01 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb 2021-06-06 14:14 - 2021-06-06 14:14 - 000000000 ____D C:\Users\felip\AppData\Local\EALaunchHelper 2021-06-06 02:00 - 2021-06-06 02:00 - 000000000 ____D C:\Users\felip\AppData\Roaming\2K Sports 2021-06-06 02:00 - 2021-06-06 02:00 - 000000000 ____D C:\ProgramData\2K Sports 2021-06-04 22:14 - 2021-06-04 22:14 - 000000000 ____D C:\Users\felip\AppData\Roaming\stremio 2021-06-04 22:13 - 2021-06-04 22:13 - 000000000 ____D C:\Users\felip\AppData\Local\Smart Code ltd 2021-06-04 22:11 - 2021-06-04 22:11 - 000000000 ____D C:\Users\felip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stremio 2021-06-02 15:25 - 2021-06-02 15:27 - 000000000 ____D C:\Users\felip\OneDrive\Documentos\FIFA 21 2021-06-02 15:15 - 2021-06-02 15:15 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller 2021-06-02 13:14 - 2021-06-02 13:14 - 000000000 ____D C:\Users\felip\AppData\Local\Epic Games 2021-06-01 23:05 - 2021-06-01 23:05 - 000000000 ____D C:\Users\felip\OneDrive\Documentos\Electronic Arts 2021-06-01 23:04 - 2014-09-16 18:45 - 000447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll 2021-06-01 22:53 - 2021-06-01 22:53 - 000000000 ____D C:\Users\felip\AppData\Local\EADesktop 2021-06-01 22:51 - 2021-06-01 22:51 - 000000000 ____D C:\Users\felip\AppData\Local\Electronic Arts 2021-06-01 22:51 - 2021-06-01 22:51 - 000000000 ____D C:\Users\felip\AppData\Local\EAConnect_microsoft 2021-06-01 22:47 - 2021-06-18 23:29 - 000000000 ____D C:\Program Files\EA Games 2021-06-01 22:47 - 2021-06-01 22:55 - 000000000 ____D C:\ProgramData\EA Desktop 2021-06-01 22:47 - 2021-06-01 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA 2021-06-01 22:47 - 2021-06-01 22:47 - 000000000 ____D C:\Program Files\Electronic Arts 2021-05-30 11:36 - 2021-05-30 11:36 - 000000000 ____D C:\Users\felip\.config 2021-05-29 23:42 - 2021-05-29 23:42 - 000003650 _____ C:\WINDOWS\system32\Tasks\RTXVoice_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2021-05-29 23:42 - 2020-03-12 10:58 - 000177896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrtxaudcap64v.dll 2021-05-29 23:42 - 2020-03-12 10:58 - 000155024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvrtxaudcap32v.dll 2021-05-29 23:41 - 2021-05-29 23:41 - 000000000 ____D C:\temp 2021-05-29 23:41 - 2020-03-12 10:58 - 000054504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvrtxvad64v.sys 2021-05-28 23:21 - 2021-05-28 23:21 - 000000000 ____D C:\Users\felip\AppData\LocalLow\Hologryph 2021-05-28 00:30 - 2021-06-02 21:19 - 000000000 ____D C:\AdwCleaner 2021-05-28 00:30 - 2021-05-28 00:30 - 008534696 _____ (Malwarebytes) C:\Users\felip\Downloads\adwcleaner_8.2.exe 2021-05-27 23:16 - 2021-06-20 22:22 - 000000032 _____ C:\Users\felip\AppData\Roaming\.machineId 2021-05-26 01:38 - 2021-05-26 01:38 - 000000000 ____D C:\Users\felip\AppData\Roaming\Skype 2021-05-24 15:43 - 2021-05-24 15:43 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-05-24 15:43 - 2021-05-24 15:43 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll 2021-05-24 15:43 - 2021-05-24 15:43 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll 2021-05-24 15:42 - 2021-05-24 15:42 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-05-24 15:42 - 2021-05-24 15:42 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-05-24 15:42 - 2021-05-24 15:42 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-05-24 15:42 - 2021-05-24 15:42 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-05-24 15:42 - 2021-05-24 15:42 - 000014848 _____ C:\WINDOWS\system32\hnsproxy.dll 2021-05-24 15:42 - 2021-05-24 15:42 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-05-23 21:10 - 2021-05-13 07:38 - 000037656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll 2021-05-23 21:09 - 2021-05-31 13:10 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-06-21 14:46 - 2021-04-21 23:16 - 000004720 _____ C:\WINDOWS\system32\Tasks\UpdateCore0x303 2021-06-21 14:46 - 2020-10-19 13:53 - 000000000 ____D C:\ProgramData\NVIDIA 2021-06-21 14:44 - 2021-04-21 23:16 - 000004728 _____ C:\WINDOWS\system32\Tasks\UpdateCore0x304 2021-06-21 14:44 - 2021-04-21 23:16 - 000004724 _____ C:\WINDOWS\system32\Tasks\UpdateCore0x301 2021-06-21 14:44 - 2021-04-21 23:16 - 000004716 _____ C:\WINDOWS\system32\Tasks\UpdateCore0x302 2021-06-21 14:44 - 2021-04-21 23:16 - 000004688 _____ C:\WINDOWS\system32\Tasks\UpdateCore0x300 2021-06-21 14:43 - 2021-02-20 01:15 - 000000435 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2021-06-21 00:46 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-06-21 00:19 - 2021-04-21 23:16 - 000000000 ____D C:\Users\felip\AppData\Local\Janma 2021-06-21 00:17 - 2021-04-21 23:16 - 000000000 ____D C:\Users\felip\AppData\Local\Update 2021-06-21 00:17 - 2020-10-20 00:08 - 000000000 ____D C:\Users\felip\AppData\Local\CrashDumps 2021-06-21 00:16 - 2020-10-19 13:26 - 000000000 ____D C:\Users\felip\AppData\Local\Google 2021-06-20 23:56 - 2020-10-19 14:06 - 000000000 ____D C:\Users\felip\AppData\Roaming\discord 2021-06-20 23:48 - 2020-10-19 14:33 - 000000000 ____D C:\Program Files (x86)\Steam 2021-06-20 23:39 - 2020-10-19 22:16 - 000000000 ____D C:\Users\felip\AppData\Roaming\Blitz 2021-06-20 23:32 - 2020-10-19 14:05 - 000000000 ____D C:\Users\felip\AppData\Local\Discord 2021-06-20 23:13 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-06-20 22:21 - 2020-10-19 13:45 - 000000000 ____D C:\ProgramData\Riot Games 2021-06-20 20:33 - 2020-09-27 07:59 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-06-20 20:33 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-06-19 23:59 - 2020-11-06 03:45 - 001741824 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-06-19 23:59 - 2019-12-07 11:53 - 000752436 _____ C:\WINDOWS\system32\prfh0416.dat 2021-06-19 23:59 - 2019-12-07 11:53 - 000148550 _____ C:\WINDOWS\system32\prfc0416.dat 2021-06-19 23:59 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2021-06-19 23:52 - 2020-09-27 07:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-06-19 23:52 - 2019-12-07 06:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-06-19 23:42 - 2020-10-19 13:23 - 000000000 ____D C:\Users\felip\AppData\Local\D3DSCache 2021-06-17 00:29 - 2020-11-20 14:18 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2021-06-17 00:29 - 2020-11-20 14:18 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-06-17 00:29 - 2020-10-19 13:12 - 000000000 ___RD C:\Users\felip\OneDrive 2021-06-16 21:54 - 2020-10-22 12:09 - 000000000 ____D C:\Users\felip\AppData\Local\log 2021-06-16 21:54 - 2020-10-19 22:16 - 000002245 _____ C:\Users\felip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk 2021-06-16 21:54 - 2020-10-19 22:16 - 000000000 ____D C:\Users\felip\AppData\Local\blitz-updater 2021-06-15 22:47 - 2020-10-19 13:26 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-06-14 14:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-06-14 14:50 - 2020-12-08 21:22 - 000004170 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1607473347 2021-06-14 14:50 - 2020-12-08 21:22 - 000001434 _____ C:\Users\felip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk 2021-06-13 22:36 - 2020-11-06 03:39 - 000000000 ____D C:\Users\felip 2021-06-13 21:04 - 2020-09-27 07:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-06-13 05:24 - 2021-02-21 11:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2021-06-12 20:34 - 2020-10-19 16:24 - 000000000 ____D C:\Program Files\Microsoft Office 2021-06-12 20:27 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-06-12 01:10 - 2020-09-27 07:56 - 000449096 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-06-12 01:09 - 2021-02-20 00:59 - 000000000 ____D C:\Program Files\Hyper-V 2021-06-12 01:09 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-06-12 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-06-12 00:25 - 2020-09-27 07:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-06-11 23:34 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-06-11 23:31 - 2020-10-19 13:00 - 000414020 __RSH C:\bootmgr 2021-06-11 23:19 - 2020-10-31 12:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-06-11 23:19 - 2020-10-19 15:12 - 000000000 ___HD C:\$WinREAgent 2021-06-11 01:14 - 2020-10-31 12:13 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-06-09 23:06 - 2021-04-30 23:06 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-06-09 22:42 - 2020-10-19 13:53 - 000000000 ____D C:\Users\felip\AppData\Local\NVIDIA 2021-06-07 16:06 - 2020-10-30 20:23 - 000000000 ____D C:\Users\felip\AppData\Roaming\CC 2021-06-07 16:04 - 2021-01-18 17:43 - 000000000 ____D C:\Program Files (x86)\Cyber Hunter 2021-06-06 13:27 - 2020-11-30 19:09 - 000000000 ____D C:\Users\felip\AppData\Local\Ubisoft Game Launcher 2021-06-06 12:31 - 2020-10-19 16:38 - 000000000 ____D C:\Users\felip\AppData\Local\Battle.net 2021-06-06 12:30 - 2020-10-19 13:10 - 000000000 ____D C:\Users\felip\AppData\Local\Packages 2021-06-06 12:28 - 2021-05-11 11:06 - 000000000 ____D C:\ProgramData\SketchUp 2021-06-06 12:23 - 2020-11-07 23:43 - 000000000 ____D C:\Program Files\Common Files\Twitch 2021-06-04 22:55 - 2021-01-14 15:59 - 000000000 ____D C:\Program Files (x86)\Origin 2021-06-04 22:14 - 2020-11-23 14:02 - 000000000 ____D C:\Users\felip\AppData\Local\cache 2021-06-02 15:14 - 2020-10-19 13:53 - 000000000 ____D C:\ProgramData\Package Cache 2021-06-02 13:13 - 2021-01-11 13:33 - 000000000 ____D C:\Users\felip\OneDrive\Documentos\My Games 2021-06-02 13:10 - 2021-04-18 16:09 - 000000000 ____D C:\Users\felip\AppData\Roaming\T2GP Launcher 2021-06-02 13:10 - 2021-04-18 16:09 - 000000000 ____D C:\Users\felip\AppData\Local\T2GP Launcher 2021-06-02 00:45 - 2020-11-06 00:48 - 000000000 ____D C:\Users\felip\.VirtualBox 2021-06-02 00:42 - 2020-11-06 00:48 - 000000000 ____D C:\ProgramData\VirtualBox 2021-05-31 13:10 - 2021-04-29 23:55 - 000656176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2021-05-31 13:08 - 2020-10-29 20:09 - 007212232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2021-05-30 03:37 - 2021-04-30 23:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-05-29 23:42 - 2020-10-19 13:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2021-05-29 23:42 - 2020-10-19 13:06 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2021-05-29 23:42 - 2020-10-19 13:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2021-05-28 23:20 - 2020-10-19 13:13 - 000000000 ____D C:\Users\felip\AppData\Local\PlaceholderTileLogoFolder 2021-05-28 23:20 - 2020-09-27 08:00 - 000000000 ____D C:\ProgramData\Packages 2021-05-27 22:11 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-05-25 07:48 - 2021-02-21 11:23 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll 2021-05-25 02:21 - 2020-12-12 02:21 - 000000000 ____D C:\Users\felip\AppData\LocalLow\Mozilla 2021-05-24 15:59 - 2019-12-07 11:54 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-05-24 15:59 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-05-24 15:44 - 2019-12-07 11:56 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll ==================== Arquivos na raiz de alguns diretórios ======== 2021-05-27 23:16 - 2021-06-20 22:22 - 000000032 _____ () C:\Users\felip\AppData\Roaming\.machineId ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ======================== # ------------------------------- # Malwarebytes AdwCleaner 8.2.0.0 # ------------------------------- # Build: 03-22-2021 # Database: 2021-05-17.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 06-21-2021 # Duration: 00:00:07 # OS: Windows 10 Pro # Scanned: 31981 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [1405 octets] - [20/06/2021 23:58:16] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ########## Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 20-06-2021 Executado por felip (21-06-2021 14:52:07) Executando a partir de C:\Users\felip\Downloads Windows 10 Pro Versão 20H2 19042.1052 (X64) (2020-11-06 06:43:20) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= Administrador (S-1-5-21-4088500517-2565616627-243635623-500 - Administrator - Disabled) Convidado (S-1-5-21-4088500517-2565616627-243635623-501 - Limited - Disabled) DefaultAccount (S-1-5-21-4088500517-2565616627-243635623-503 - Limited - Disabled) felip (S-1-5-21-4088500517-2565616627-243635623-1001 - Administrator - Enabled) => C:\Users\felip WDAGUtilityAccount (S-1-5-21-4088500517-2565616627-243635623-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) µTorrent (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated) Adobe Photoshop (Prerelease) (HKLM-x32\...\PHSP_22_0) (Version: 22.0.0.1012 - Adobe Inc.) Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23258 - Microsoft Corporation) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blitz (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.14.21 - Blitz, Inc.) Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) CPUID CPU-Z 1.95 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.95 - CPUID, Inc.) CPUID HWMonitor 1.44 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.44 - CPUID, Inc.) Discord (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Discord) (Version: 0.0.309 - Discord Inc.) EA Desktop (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.97.4936 - Electronic Arts) Hidden EA Desktop (HKLM-x32\...\{665a8009-f578-4f43-bd58-d5d9dadde75b}) (Version: 12.0.97.4936 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{5C101FC6-6A4B-43AF-A03C-A0776244700A}) (Version: 1.1.293.0 - Epic Games, Inc.) FIFA 21 (HKLM-x32\...\{A918ACE7-A83B-41F4-8746-AEF8DC821879}) (Version: 1.0.70.18952 - Electronic Arts) FiveM (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\CitizenFX_FiveM) (Version: - Cfx.re) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.106 - Google LLC) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hearthstone Deck Tracker (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\HearthstoneDeckTracker) (Version: 1.14.0 - HearthSim) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc) League of Legends PBE (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Riot Game league_of_legends.pbe) (Version: - Riot Games, Inc) Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes) Microsoft .NET Framework 4.7.2 SDK (HKLM-x32\...\{F42C96C1-746B-442A-B58C-9F0FD5F3AB8A}) (Version: 4.7.03081 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 Targeting Pack (ENU) (HKLM-x32\...\{B517DBD3-B542-4FC8-9957-FFB2C3E65D1D}) (Version: 4.7.03062 - Microsoft Corporation) Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.54 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.54 - Microsoft Corporation) Microsoft Excel 2019 - pt-br (HKLM\...\Excel2019Retail - pt-br) (Version: 16.0.14026.20270 - Microsoft Corporation) Microsoft Office Professional Plus 2019 - pt-br (HKLM\...\ProPlus2019Retail - pt-br) (Version: 16.0.14026.20270 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.099.0516.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) NVIDIA Driver de áudio HD 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA Driver de gráficos 466.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.63 - NVIDIA Corporation) NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation) NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation) NVIDIA NVIDIA RTX Voice Driver 1.0.0.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_RTXVoice.Driver) (Version: 1.0.0.2 - NVIDIA Corporation) NVIDIA RTX Voice Application (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_RTXVoice) (Version: 0.5.12.6 - NVIDIA Corporation) NVIDIA Software do sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20270 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden OnScreen Control (HKLM-x32\...\{E5C1B339-0E4E-49A5-859E-5E1DE1938706}) (Version: 5.73 - LG Electronics Inc) Opera GX Stable 75.0.3969.285 (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Opera GX 75.0.3969.285) (Version: 75.0.3969.285 - Opera Software) Oracle VM VirtualBox 6.1.16 (HKLM\...\{8979282D-1F43-4810-B819-AA1B06F2C085}) (Version: 6.1.16 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.100.48178 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) Pantum M6550NW Series (HKLM\...\Pantum M6550NW Series) (Version: 5.1.1.23 - Zhuhai Pantum Electronics Co.,Ltd.) Paradox Launcher v2 (HKLM\...\{986898D9-7C26-4E7F-814C-9B5472FA3209}) (Version: 2.0.0.0 - Paradox Interactive) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7841 - Realtek Semiconductor Corp.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.36.344 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.9 - Rockstar Games) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stremio (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\Stremio) (Version: 4.4.137 - Smart Code Ltd) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.0 - Ubisoft) UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH) Wise Auto Shutdown 1.7.7 (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 1.7.7 - WiseCleaner.com, Inc.) X-Mouse Button Control 2.19.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.19.2 - Highresolution Enterprises) XSplit VCam (HKLM\...\{965DEB72-7BFC-4E60-A632-03666F9ED238}) (Version: 2.3.2105.2001 - XSplit) Hidden XSplit VCam (HKLM\...\XSplit VCam 2.3.2105.2001) (Version: 2.3.2105.2001 - XSplit) Zoom (HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\ZoomUMX) (Version: 5.6.7 (1016) - Zoom Video Communications, Inc.) Packages: ========= Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.65.0_x64__pwbj9vvecjh7j [2021-06-17] (Amazon Development Centre (London) Ltd) Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0 [2021-06-11] (Deezer SA) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-13] (HP Inc.) HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.3.0.0_x64__0a78dr3hq0pvt [2021-06-19] (HyperX Gaming) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-20] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-20] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-07] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-10-30] (Netflix, Inc.) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.13.156.0_x64__43tkc6nmykmb6 [2021-05-26] (Ookla) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-13] (Spotify AB) [Startup Task] WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2121.7.0_x64__cv1g1gvanyjgm [2021-06-13] (WhatsApp Inc.) ==================== Exame Personalizado CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.099.0516.0003\FileSyncShell64.dll [2021-06-17] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\nvshext.dll [2021-05-31] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2021-05-25 23:53 - 2021-05-25 23:53 - 002662912 ____X () [Arquivo não assinado] C:\Program Files\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0\app\ffmpeg.dll 2021-05-25 23:53 - 2021-05-25 23:53 - 000367616 ____X () [Arquivo não assinado] C:\Program Files\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0\app\libegl.dll 2021-05-25 23:53 - 2021-05-25 23:53 - 006867968 ____X () [Arquivo não assinado] C:\Program Files\WindowsApps\Deezer.62021768415AF_5.20.0.0_x86__q7m17pa7q8kj0\app\libglesv2.dll 2021-05-29 23:42 - 2019-12-11 20:27 - 074850816 _____ (NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\cublas64_10.dll 2021-05-29 23:42 - 2019-12-11 20:27 - 036055552 _____ (NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\cublasLt64_10.dll 2021-05-29 23:42 - 2020-03-31 02:58 - 422046720 _____ (NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\cudnn64_7.dll 2021-05-29 23:42 - 2019-12-11 19:17 - 115644416 _____ (NVIDIA Corporation) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\cufft64_10.dll 2021-05-29 23:42 - 2019-12-11 20:28 - 003407360 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files\NVIDIA Corporation\NVIDIA RTX Voice\libcrypto-1_1-x64.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\WINDOWS\System32:tdsrinu.gfc [5882] AlternateDataStreams: C:\Users\felip\Dados de Aplicativos:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\felip\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-04-21] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2021-04-30 23:32 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts 2021-02-20 01:15 - 2021-06-21 14:43 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.18.96.1 Felipe.mshome.net # 2026 6 6 20 17 43 52 408 ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-4088500517-2565616627-243635623-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\felip\OneDrive\Área de Trabalho\All in place\Relogios\wp2742606.jpg DNS Servers: 192.168.18.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. Network Binding: ============= Ethernet 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) vEthernet (Default Switch): VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run: => "XMouseButtonControl" HKLM\...\StartupApproved\Run: => "PTM6500Monitor" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "OnScreen Control" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-4088500517-2565616627-243635623-1001\...\StartupApproved\Run: => "EADM" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [UDP Query User{EEDDBD9F-EC3B-45DB-8E13-F0E70008CA85}C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\ccmini\ccmini.exe => Nenhum Arquivo FirewallRules: [TCP Query User{922471AA-3388-4C91-B1B4-00D2687766D7}C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\ccmini\ccmini.exe => Nenhum Arquivo FirewallRules: [UDP Query User{AE17C827-28D7-4B79-8EDA-03A778DFDD37}C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\client.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\client.exe => Nenhum Arquivo FirewallRules: [TCP Query User{28AA747D-8795-41D4-BB89-DCF84076D55A}C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\client.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\cyber hunter\bin\client.exe => Nenhum Arquivo FirewallRules: [UDP Query User{BC3426BB-CD85-4451-A899-EF3C4033734D}D:\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe] => (Allow) D:\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe => Nenhum Arquivo FirewallRules: [TCP Query User{C798F71F-8DBD-477F-9497-D9E688DDE4BF}D:\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe] => (Allow) D:\red.dead.redemption.2.ultimate.edition.rgl.rip-insaneramzes\red dead redemption 2\rdr2.exe => Nenhum Arquivo FirewallRules: [UDP Query User{B73E4A38-B170-4741-8D1A-92BDAE1DE70C}D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [TCP Query User{7721DCAE-FE44-4E2F-BEBB-7C48FED68526}D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe] => (Allow) D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [UDP Query User{A379363D-AB0C-4847-8C73-E724A7B045F7}D:\battle.net\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battle.net\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [TCP Query User{5C153230-97E7-4A4C-B875-E2A10F417B79}D:\battle.net\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battle.net\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [{B2084916-10F7-49F3-90F1-13A68EB54E83}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{35EA616D-F1F5-4617-B3A3-F9E0EA501692}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{8E2E693E-DB51-4CB2-8B3E-77FFAA52B881}C:\users\felip\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\felip\appdata\local\microsoft\teams\current\teams.exe => Nenhum Arquivo FirewallRules: [TCP Query User{CCFB93AA-9B6C-4A3B-A599-2274172558D8}C:\users\felip\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\felip\appdata\local\microsoft\teams\current\teams.exe => Nenhum Arquivo FirewallRules: [{7A3C273C-B5C0-414C-97A7-E42F33A35A44}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{C7488E2B-1F81-46E1-B01B-9A5953E70BC6}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{5C4F8AFE-A85A-4AC4-9B53-481174A4886A}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{98008D4D-DAB8-4EA2-9DFB-9FB1E9758E45}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) FirewallRules: [{65FDA587-6D6D-4C20-A2B8-0B30E4BC18BF}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Arquivo não assinado] FirewallRules: [{17512D5F-AED5-48F0-A259-084E35A10931}] => (Allow) D:\SteamLibrary\steamapps\common\Among Us\Among Us.exe () [Arquivo não assinado] FirewallRules: [{80FA06D9-48B3-453F-8353-84E0F74E6A2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Nenhum Arquivo FirewallRules: [{A1F17CF4-E921-493B-88F5-762A99398192}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Nenhum Arquivo FirewallRules: [{8AE8FA6F-FD9D-45EB-9CAE-B94BDB81BE4F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{E148AFC8-B5D7-4CB9-B6CB-C4AC1A2DDAFC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{184884EC-51DC-4298-8D9A-3F77EB48C79A}] => (Allow) C:\Users\felip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{A405EF13-6D37-44A2-806A-6C0C14BA136E}] => (Allow) C:\Users\felip\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{5DAC3723-A9F1-4590-AE2D-A201EC4FCF0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{687263DE-5E2E-44F7-9A59-4A7F83D9F890}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{F4D23077-57DB-4B41-873A-D5369E547B61}C:\users\felip\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\felip\appdata\roaming\twitch studio\bin\twitchstudioagent.exe => Nenhum Arquivo FirewallRules: [UDP Query User{C232EFED-1F5A-45BD-9151-BE28CFE0FFA7}C:\users\felip\appdata\roaming\twitch studio\bin\twitchstudioagent.exe] => (Allow) C:\users\felip\appdata\roaming\twitch studio\bin\twitchstudioagent.exe => Nenhum Arquivo FirewallRules: [{58DECF0B-1403-4545-8944-B1F037F03DDF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AE398B4B-3DF9-4AEC-871F-816586A782C2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{BECF66BF-FFA8-46F0-B107-A975D6A69867}D:\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) D:\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe => Nenhum Arquivo FirewallRules: [UDP Query User{80B72A5B-82EB-4696-8A69-09C916228BE9}D:\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe] => (Allow) D:\steamlibrary\steamapps\common\squad\squadgame\binaries\win64\squadgame.exe => Nenhum Arquivo FirewallRules: [TCP Query User{2BBD1CDB-B821-4C8A-B5AC-928723F179E1}C:\users\felip\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\felip\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.) FirewallRules: [UDP Query User{EC4263F9-7941-4A32-A062-BA420ED45286}C:\users\felip\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\felip\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.) FirewallRules: [TCP Query User{ED3C4433-349F-4C82-970A-21DF8EB864D3}D:\battle.net\diablo iii\x64\diablo iii64.exe] => (Allow) D:\battle.net\diablo iii\x64\diablo iii64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{652AF5C1-CB6C-4C76-A0FA-7E95D3D27575}D:\battle.net\diablo iii\x64\diablo iii64.exe] => (Allow) D:\battle.net\diablo iii\x64\diablo iii64.exe => Nenhum Arquivo FirewallRules: [TCP Query User{3D454E1E-1848-44F4-918E-2F362479E42C}D:\battle.net\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{451576DF-7C4B-4250-A9DA-EEB8519E7C9C}D:\battle.net\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base83086\heroesofthestorm_x64.exe => Nenhum Arquivo FirewallRules: [{6355EC35-5BF1-4AF2-B54C-E30B62F52549}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [{64DCD743-BFD0-476F-A21A-430B33FA6665}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> ) FirewallRules: [TCP Query User{5E57338A-2124-48F7-A0B6-8F9758BA6946}C:\users\felip\appdata\local\programs\opera gx\71.0.3770.449\opera.exe] => (Allow) C:\users\felip\appdata\local\programs\opera gx\71.0.3770.449\opera.exe => Nenhum Arquivo FirewallRules: [UDP Query User{91CF013B-B6B7-432E-89B4-63AE9AADD56A}C:\users\felip\appdata\local\programs\opera gx\71.0.3770.449\opera.exe] => (Allow) C:\users\felip\appdata\local\programs\opera gx\71.0.3770.449\opera.exe => Nenhum Arquivo FirewallRules: [{3F154830-C48D-42E4-8E78-1EB9851CB44C}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{3AEB94CE-C0A2-40F1-944F-54198637E031}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\InsurgencyEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{5191F384-3716-41BB-95BA-859C9F472D40}C:\users\felip\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Block) C:\users\felip\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => Nenhum Arquivo FirewallRules: [UDP Query User{5F152845-539F-46D7-B612-30F55B1CE975}C:\users\felip\appdata\local\programs\opera gx\71.0.3770.456\opera.exe] => (Block) C:\users\felip\appdata\local\programs\opera gx\71.0.3770.456\opera.exe => Nenhum Arquivo FirewallRules: [TCP Query User{943B8E25-ED23-4049-BCBD-FA6D7B4EC86B}D:\battle.net\overwatch\_retail_\overwatch.exe] => (Allow) D:\battle.net\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [UDP Query User{1AB4BE67-6C63-44B6-8104-D2D1849928C6}D:\battle.net\overwatch\_retail_\overwatch.exe] => (Allow) D:\battle.net\overwatch\_retail_\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [TCP Query User{99AE364E-A17F-4FC6-B728-5834138D3F08}D:\battle.net\hearthstone\hearthstone.exe] => (Allow) D:\battle.net\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [UDP Query User{AD529902-3FF4-44B7-AA29-5D17EEB7537F}D:\battle.net\hearthstone\hearthstone.exe] => (Allow) D:\battle.net\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> ) FirewallRules: [TCP Query User{13BB8CA7-5992-4A58-9635-E185E1CC1DA4}D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe] => (Block) D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [UDP Query User{C7DD3CF1-FA12-4949-9E1F-3A78DD40E5DD}D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe] => (Block) D:\felip\documents\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [{423D149D-E957-464F-8434-4C1EE2E3B11D}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{BE74E863-5A02-4F1A-BC42-ECF6A4C393B3}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{8D4CAC12-EF45-418D-85A7-B4BFF81E9B5C}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Arquivo não assinado] FirewallRules: [{31EBE13F-C420-45D6-85C4-DBAA6AACFBC4}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [Arquivo não assinado] FirewallRules: [{F22C41C8-FC39-447E-8E16-4FD62DA539E9}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.) FirewallRules: [{EE70605C-5D57-4064-8CBC-09D12CABF80B}] => (Allow) D:\SteamLibrary\steamapps\common\sandstorm\Insurgency.exe (New World Interactive LLC -> Epic Games, Inc.) FirewallRules: [TCP Query User{233F733E-35DF-44DC-9384-C967C8882D35}D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive) FirewallRules: [UDP Query User{FCBBE4E1-6081-4B7B-9ABD-E5A513125F72}D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\sandstorm\insurgency\binaries\win64\insurgencyclient-win64-shipping.exe (New World Interactive LLC -> New World Interactive) FirewallRules: [TCP Query User{121F1B40-FD28-4508-BDF2-B01E4D9F94F8}D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [UDP Query User{1439817C-14EA-4CC5-BA68-50753766BD13}D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [TCP Query User{0ABBC66B-BBFC-40F6-AD81-1860191B5C47}C:\users\felip\onedrive\área de trabalho\ \cyber hunter\bin\client.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\*\cyber hunter\bin\client.exe => Nenhum Arquivo FirewallRules: [UDP Query User{466C5CAD-4BC2-4A4A-B9A3-B6733BF48BF5}C:\users\felip\onedrive\área de trabalho\ \cyber hunter\bin\client.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\*\cyber hunter\bin\client.exe => Nenhum Arquivo FirewallRules: [TCP Query User{68743524-C2D5-49D5-B0C5-B868080DE030}C:\users\felip\onedrive\área de trabalho\ \cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\*\cyber hunter\bin\ccmini\ccmini.exe => Nenhum Arquivo FirewallRules: [UDP Query User{E6A65408-15C5-458D-AE97-0A38EC3EB584}C:\users\felip\onedrive\área de trabalho\ \cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\users\felip\onedrive\área de trabalho\*\cyber hunter\bin\ccmini\ccmini.exe => Nenhum Arquivo FirewallRules: [{EA757B4F-C75F-49FE-9D6F-44F300D4A559}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{2A9F111C-35F5-472B-8970-F41F4D2FC7C8}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{15DC8B80-BFE3-4D16-9B13-BB0A034AF70B}D:\five m\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\five m\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [UDP Query User{FF370F81-74F4-4544-B1C3-CAE7D0A33F59}D:\five m\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) D:\five m\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [TCP Query User{14E61C1E-1F0A-4F25-BBEF-C104C6C8FEFA}C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [UDP Query User{0C4892BD-2DE1-43DE-95A5-36004BA4CDAA}C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [TCP Query User{8B339515-4157-462D-98F4-0BD035BECF64}C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [UDP Query User{D02B8443-DF3F-4519-A159-90E44D83BD3C}C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\felip\appdata\local\fivem\fivem.app\cache\subprocess\fivem_b2189_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [Arquivo não assinado] FirewallRules: [TCP Query User{DC198AA9-FBDB-4230-895D-19F96C54F48A}C:\program files (x86)\cyber hunter\bin\client.exe] => (Allow) C:\program files (x86)\cyber hunter\bin\client.exe (NetEase(Hangzhou) Network Co. Ltd. -> Netease) FirewallRules: [UDP Query User{FF20481B-6214-4A4C-AE6E-A1CBB247C71D}C:\program files (x86)\cyber hunter\bin\client.exe] => (Allow) C:\program files (x86)\cyber hunter\bin\client.exe (NetEase(Hangzhou) Network Co. Ltd. -> Netease) FirewallRules: [TCP Query User{4159F9AF-955E-4727-B311-F503C1977215}C:\program files (x86)\cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\cyber hunter\bin\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) FirewallRules: [UDP Query User{C9C147BC-A59E-47EE-8148-F6E307C9BDEE}C:\program files (x86)\cyber hunter\bin\ccmini\ccmini.exe] => (Allow) C:\program files (x86)\cyber hunter\bin\ccmini\ccmini.exe (NetEase(Hangzhou) Network Co. Ltd. -> 网易公司) FirewallRules: [TCP Query User{972D17C8-DA71-4B2C-BBF0-B68D67828E41}D:\battle.net\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => Nenhum Arquivo FirewallRules: [UDP Query User{83992827-BFC9-4DBA-90AC-F1E2DDEEBEA1}D:\battle.net\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base83716\heroesofthestorm_x64.exe => Nenhum Arquivo FirewallRules: [TCP Query User{3E001244-BCA9-4724-A0DB-AE78D3BD157D}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{D53BBB75-A4A1-42F0-90FF-545BF8B31624}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{DE35860B-BB8C-437F-A1D5-A627E733AFA7}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Nenhum Arquivo FirewallRules: [UDP Query User{BF9A019F-F0A2-4836-805B-A9B558D32D1D}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => Nenhum Arquivo FirewallRules: [TCP Query User{C37F96C4-D95D-48E9-871D-2278961B3238}D:\battle.net\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\battle.net\call of duty black ops cold war\blackopscoldwar.exe => Nenhum Arquivo FirewallRules: [UDP Query User{D40F82FF-AD06-4221-A6F8-D667E2436CC3}D:\battle.net\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) D:\battle.net\call of duty black ops cold war\blackopscoldwar.exe => Nenhum Arquivo FirewallRules: [{6047A92B-E864-44BF-86E3-6875862C98CD}] => (Allow) D:\Aula Aec\ApowerREC\ApowerREC.exe => Nenhum Arquivo FirewallRules: [{BCDEB2C9-DBD3-45D1-A810-6758D48D0567}] => (Allow) D:\Aula Aec\ApowerREC\ApowerREC.exe => Nenhum Arquivo FirewallRules: [TCP Query User{90785183-7621-4E2A-B34B-2A878F46F2CE}D:\battle.net\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [UDP Query User{071D5128-620B-4802-AAF0-CBB09636A5B2}D:\battle.net\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\heroes of the storm\versions\base84249\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.) FirewallRules: [{D55BD336-9F76-4BED-BD30-EFD3A9BCF302}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K) FirewallRules: [{88CFD558-2F55-4AEF-A6F7-9C32D14DCB32}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K) FirewallRules: [{C6914C7A-B4A9-46A0-9497-08A3D3E5D8F1}] => (Allow) D:\SteamLibrary\steamapps\common\Comedy Night\Comedy Night.exe () [Arquivo não assinado] FirewallRules: [{66848A61-888A-45D1-A437-B61920D07B63}] => (Allow) D:\SteamLibrary\steamapps\common\Comedy Night\Comedy Night.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{CF141AC2-74A5-4D84-992E-5C87A8F671CD}D:\steamlibrary\steamapps\common\peekaboo\peekaboo\binaries\win64\peekaboo-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\peekaboo\peekaboo\binaries\win64\peekaboo-win64-shipping.exe => Nenhum Arquivo FirewallRules: [UDP Query User{F6F32B0C-59E4-4BFC-9AD1-39DB834D2459}D:\steamlibrary\steamapps\common\peekaboo\peekaboo\binaries\win64\peekaboo-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\peekaboo\peekaboo\binaries\win64\peekaboo-win64-shipping.exe => Nenhum Arquivo FirewallRules: [{B9551F37-100D-4F86-A72A-F273AC4C081D}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{B4792F03-31E8-4D80-9156-D92C1CB88150}] => (Allow) D:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{885ECF15-6B26-43A5-B077-A1D6FF2058A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{40DB3059-13DC-4DF2-A9F3-CA56F1D25276}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{DC25854E-4FB7-4A4B-B678-7083FF03525F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{32C2D387-BB98-4A6C-A41C-44B555D449EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{21AD043B-EE2F-456E-8D1B-9BE1506E374D}] => (Allow) D:\SteamLibrary\steamapps\common\Pummel Party\PummelParty.exe () [Arquivo não assinado] FirewallRules: [{DF1858AD-D71B-460F-9D35-5AEEE6803BF4}] => (Allow) D:\SteamLibrary\steamapps\common\Pummel Party\PummelParty.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{8F86C27A-9530-44AF-8AD8-71C3FD7F39B9}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_291\bin\javaw.exe FirewallRules: [UDP Query User{FC1E4BA6-1452-4A26-B4FF-1E1B011EED37}C:\program files\java\jre1.8.0_291\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_291\bin\javaw.exe FirewallRules: [TCP Query User{C8B55451-3323-4664-B7D8-D85E6D800312}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe => Nenhum Arquivo FirewallRules: [UDP Query User{A49405A2-45C9-4E01-B3EA-2D085C38F0E6}D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win64\smite.exe => Nenhum Arquivo FirewallRules: [{31C15A67-8C52-4E96-8AB2-28CE2267BC90}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{0B3FDB5E-4EBC-47CC-BFDD-F006FF029E15}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{025352B4-DEC6-4A87-A492-9006EF94194F}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{2E511F0E-6AD0-4B7A-9FCE-67022986B975}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{1B449379-1C5F-4001-99A6-485070451301}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{74A42FC5-5A12-4097-BCF4-476BB29D839A}] => (Allow) D:\Program Files\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => Nenhum Arquivo FirewallRules: [{3FFF4C56-750F-4920-9169-F82BB8D5F6F3}] => (Allow) D:\SteamLibrary\steamapps\common\Clue\Cluedo.exe () [Arquivo não assinado] FirewallRules: [{CC8D2CB5-D47E-4858-B0D2-0AE463ECFE7D}] => (Allow) D:\SteamLibrary\steamapps\common\Clue\Cluedo.exe () [Arquivo não assinado] FirewallRules: [{93C594B0-9F46-46A6-B71B-9DCEB4596715}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{6D59DFC3-54DA-4B8D-893E-8AF761E19FC6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4B04CCEC-9F14-4500-A8C7-EAF0F11C7EC4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8B168869-3AA0-493B-ADFF-F24E8D7A96A0}] => (Allow) D:\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{78BD5740-F7FD-4708-886A-D79DC8C36BF4}] => (Allow) D:\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{AA90E01F-4FAE-49D9-A1F8-781BAA38B21F}D:\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [UDP Query User{7335B42F-F838-40CE-A102-B65056C7547D}D:\fifa 21\fifa21.exe] => (Allow) D:\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{3601314C-0EE0-4FF0-805F-8724D9D20052}C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Stremio (Smart Code OOD) -> Stremio Runtime) FirewallRules: [UDP Query User{9A5D890F-FE1E-4C91-9265-FE2BF692E933}C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\felip\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Stremio (Smart Code OOD) -> Stremio Runtime) FirewallRules: [{7973C7F4-EEF8-4CBD-8097-0FEB7DF33179}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic and SEGA All Stars Racing\Sonic & SEGA All-Stars Racing.exe () [Arquivo não assinado] FirewallRules: [{C60965E4-764C-40AA-B498-EEC6FE54C18A}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic and SEGA All Stars Racing\Sonic & SEGA All-Stars Racing.exe () [Arquivo não assinado] FirewallRules: [{D3229AAB-1355-43C8-9320-A94EDD44C49E}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic and SEGA All Stars Racing\Config.exe (Sumo Digital Ltd) [Arquivo não assinado] FirewallRules: [{F0DC7EF5-FA97-4A76-B3C1-335BF3536EB4}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic and SEGA All Stars Racing\Config.exe (Sumo Digital Ltd) [Arquivo não assinado] FirewallRules: [TCP Query User{5982195B-5B9C-4B12-8CD3-96A75E488435}C:\users\felip\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Allow) C:\users\felip\appdata\local\programs\opera gx\75.0.3969.282\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{D9955535-6074-4991-A16F-7CB4D114BA84}C:\users\felip\appdata\local\programs\opera gx\75.0.3969.282\opera.exe] => (Allow) C:\users\felip\appdata\local\programs\opera gx\75.0.3969.282\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [{A92AE99C-86CC-4B69-9990-AF4B9DB17278}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4675CAA5-2708-48AB-AAF2-FD8403B10EF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BCD83696-DED8-4FCD-A44F-F044869DA4C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{44BEC682-4105-4447-B399-7F8B0A5C6B5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{061FCCB7-86F0-4DF0-86BB-FA082E744C6B}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe (LLC Mail.Ru -> ) FirewallRules: [UDP Query User{FFC7D536-4628-4D6C-9E67-4566FC3018C7}D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) D:\steamlibrary\steamapps\common\warface\gamecenter\gamecenter.exe (LLC Mail.Ru -> ) FirewallRules: [{17C7D63C-AED4-4859-A22E-3CD59426F915}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{8C3C8D00-DB9F-4F52-BC00-68884E603AED}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{18C597EC-10A4-4ECC-8D3F-D68767F72A74}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{FF4A308C-D9A4-4686-B7F7-D8294A613E3F}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{82CDB41E-AC99-4048-9BDB-49FD8667B3B7}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{15E7D62D-A5C6-416B-9D86-A0B62A7BACE9}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{5EB6D3E6-B1B9-413F-867C-51712DEEAB7A}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{116576B4-9939-41BD-94E5-256931721C29}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{FE85DC78-7BAD-432E-8A17-83A87C382358}D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi_dx12.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [UDP Query User{957090CB-F5B3-4058-95FC-1FFAA46C62C7}D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi_dx12.exe] => (Allow) D:\steamlibrary\steamapps\common\sid meier's civilization vi\base\binaries\win64steam\civilizationvi_dx12.exe (Firaxis Games) [Arquivo não assinado] FirewallRules: [{BD41A1E0-9C8B-4326-A69D-FCC3368AE742}] => (Allow) C:\Users\felip\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{21BE63E1-82D7-4F9E-9072-957F597DBB80}] => (Allow) C:\Users\felip\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo FirewallRules: [{4DBBBCA6-4136-42CC-9ACF-D305A7ED51F0}] => (Allow) C:\Users\felip\AppData\Roaming\Zoom\bin\airhost.exe => Nenhum Arquivo FirewallRules: [{317EDA03-32CE-48A1-A797-D35800B8DF80}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{95302570-AA3A-4591-8105-1E966979C77B}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{C3736849-6BBD-4815-B8DF-5B297BA46A4D}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{E2A2B0D5-F564-4AA6-9954-9BFD1EF24A9E}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{BD3FF52F-A5A8-48C2-A4E4-4CAD7D3FB37B}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [{B332F722-D6F3-4F6B-B14F-6187209F14AA}] => (Allow) D:\x64\XSplitVCam.exe (SplitmediaLabs Limited -> SplitmediaLabs) FirewallRules: [TCP Query User{9AAC7BC0-CB61-4968-BEA6-B77EFB3BD1F4}C:\program files (x86)\droidcam\droidcamapp.exe] => (Allow) C:\program files (x86)\droidcam\droidcamapp.exe => Nenhum Arquivo FirewallRules: [UDP Query User{6EF351EB-9398-4942-B9D1-8431E115B25C}C:\program files (x86)\droidcam\droidcamapp.exe] => (Allow) C:\program files (x86)\droidcam\droidcamapp.exe => Nenhum Arquivo FirewallRules: [{A0CF4D9E-5C81-4855-8545-92DEDEE30BDA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{46D59681-1F3E-4F7D-8DF2-1BFD2B5B4464}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe () [Arquivo não assinado] FirewallRules: [{6E5A32CA-ACF2-450B-9938-3368D7C57009}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\Injustice.exe () [Arquivo não assinado] FirewallRules: [{2ECDA4AD-38E5-41DE-8079-4FD3310B370C}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe () [Arquivo não assinado] FirewallRules: [{CC02C5EE-FA42-4B85-8E8B-6C41DF2C048E}] => (Allow) D:\SteamLibrary\steamapps\common\InjusticeGodsAmongUs_UltimateEdition\DiscContentPCG\InjusticeLauncher.exe () [Arquivo não assinado] FirewallRules: [{FD20F434-2B6C-4400-81FC-583BACDEADFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{EC30648B-C64A-4E8B-8E04-FC153594B0D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> ) FirewallRules: [{9BA1ADED-F427-4E31-A0AE-CD79823A8ACC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{632EAD56-E8A9-4424-BD89-A894CE72479B}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [Arquivo não assinado] FirewallRules: [{FC62AE22-ABA5-427F-963D-AE1573652627}] => (Allow) D:\SteamLibrary\steamapps\common\Deceit\bin\win_x64\Deceit.exe (Crytek GmbH) [Arquivo não assinado] ==================== Pontos de Restauração ========================= ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (06/21/2021 12:17:31 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: ZA-Scan.exe, versão: 0.0.0.0, carimbo de data/hora: 0x00000000 Nome do módulo com falha: KERNELBASE.dll, versão: 10.0.19041.1023, carimbo de data/hora: 0xcbf6f7d1 Código de exceção: 0xc0000409 Deslocamento da falha: 0x0012a6f2 ID do processo com falha: 0x2d08 Hora de início do aplicativo com falha: 0x01d7664bf4512821 Caminho do aplicativo com falha: C:\Users\felip\OneDrive\Área de Trabalho\ZA-Scan.exe Caminho do módulo com falha: C:\WINDOWS\System32\KERNELBASE.dll ID do Relatório: 3546db4a-12da-42c7-9a14-d6bd3f1876bc Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/20/2021 11:54:29 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa steam.exe versão 6.58.86.56 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 32c8 Hora de Início: 01d7662c977a753e Hora de Término: 4294967295 Caminho do Aplicativo: C:\Program Files (x86)\Steam\steam.exe ID do Relatório: fe38abb5-1bd3-4049-aa03-4aa48e6adc1d Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Top level window is idle Error: (06/20/2021 11:39:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Blitz.exe, versão: 1.14.21.766, carimbo de data/hora: 0x600b6b52 Nome do módulo com falha: blitz_core.node, versão: 0.0.0.0, carimbo de data/hora: 0x60c2765b Código de exceção: 0xc0000409 Deslocamento da falha: 0x00057d6d ID do processo com falha: 0x2c1c Hora de início do aplicativo com falha: 0x01d7663be7f4e19f Caminho do aplicativo com falha: C:\Users\felip\AppData\Local\Programs\Blitz\Blitz.exe Caminho do módulo com falha: \\?\C:\Users\felip\AppData\Roaming\Blitz\blitz-deps\1.14.21\blitz_core.node ID do Relatório: 4a1bc80e-d87f-47a6-bcee-8edb3b6872b7 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/20/2021 10:22:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Blitz.exe, versão: 1.14.21.766, carimbo de data/hora: 0x600b6b52 Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1023, carimbo de data/hora: 0xf739c3a5 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0005f583 ID do processo com falha: 0x2c1c Hora de início do aplicativo com falha: 0x01d7663be7f4e19f Caminho do aplicativo com falha: C:\Users\felip\AppData\Local\Programs\Blitz\Blitz.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: 7e54b4fd-478d-4841-935e-e71dd48a4fb8 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/20/2021 12:48:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Blitz.exe, versão: 1.14.21.766, carimbo de data/hora: 0x600b6b52 Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1023, carimbo de data/hora: 0xf739c3a5 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0005f583 ID do processo com falha: 0x2dc8 Hora de início do aplicativo com falha: 0x01d7658723404799 Caminho do aplicativo com falha: C:\Users\felip\AppData\Local\Programs\Blitz\Blitz.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: 3188a363-2e90-4e1a-b275-e2d2bb3d9a7e Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/20/2021 12:40:29 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: O programa LeagueClientUx.exe versão 11.12.379.4946 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção. ID do Processo: 644 Hora de Início: 01d7657f80621cbd Hora de Término: 10 Caminho do Aplicativo: D:\Riot Games\League of Legends\LeagueClientUx.exe ID do Relatório: 6a560c5e-046f-4467-ac81-049101b59ebe Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Tipo com falha: Unknown Error: (06/20/2021 12:36:07 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Blitz.exe, versão: 1.14.21.766, carimbo de data/hora: 0x600b6b52 Nome do módulo com falha: blitz_core.node, versão: 0.0.0.0, carimbo de data/hora: 0x60c2765b Código de exceção: 0xc0000409 Deslocamento da falha: 0x00057d6d ID do processo com falha: 0x28ec Hora de início do aplicativo com falha: 0x01d7657fd3a4ac46 Caminho do aplicativo com falha: C:\Users\felip\AppData\Local\Programs\Blitz\Blitz.exe Caminho do módulo com falha: \\?\C:\Users\felip\AppData\Roaming\Blitz\blitz-deps\1.14.21\blitz_core.node ID do Relatório: d6499044-229d-4044-aa99-582b301b86ad Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (06/19/2021 11:56:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: Blitz.exe, versão: 1.14.21.766, carimbo de data/hora: 0x600b6b52 Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.1023, carimbo de data/hora: 0xf739c3a5 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0005f583 ID do processo com falha: 0x28ec Hora de início do aplicativo com falha: 0x01d7657fd3a4ac46 Caminho do aplicativo com falha: C:\Users\felip\AppData\Local\Programs\Blitz\Blitz.exe Caminho do módulo com falha: C:\WINDOWS\SYSTEM32\ntdll.dll ID do Relatório: 05e002cd-57cc-4237-8d56-a56549963e1f Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (06/21/2021 02:43:32 PM) (Source: VBoxNetLwf) (EventID: 12) (User: ) Description: O driver detectou um erro interno do driver em \Device\VBoxNetLwf. Error: (06/21/2021 12:18:00 AM) (Source: volsnap) (EventID: 36) (User: ) Description: As cópias de sombra do volume foram anuladas porque o armazenamento de cópia de sombra não pôde crescer devido a um limite imposto pelo usuário. Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Origin Web Helper Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço NVIDIA LocalSystem Container foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço. Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Serviço Clique para Executar do Microsoft Office foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço EABackgroundService foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Adobe Acrobat Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (06/20/2021 11:56:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço XSplit VCam Capture Source Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Windows Defender: ================ Date: 2021-06-21 00:18:38 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Nome: Trojan:Win32/Tiggre!rfn Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\felip\AppData\Local\Janma\dcdm.exe; file:_C:\Users\felip\AppData\Local\Microsoft\Update\dcdm.exe; file:_C:\Users\felip\AppData\Local\Mozilla\Update\dcdm.exe; file:_C:\Users\felip\AppData\Local\Packages\Update\dcdm.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: FELIPE\felip Nome do Processo: C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe Versão da Inteligência de Segurança: AV: 1.341.1126.0, AS: 1.341.1126.0, NIS: 1.341.1126.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-21 00:18:37 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Nome: Trojan:Win32/Tiggre!rfn Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\felip\AppData\Local\Janma\dcdm.exe; file:_C:\Users\felip\AppData\Local\Mozilla\Update\dcdm.exe; file:_C:\Users\felip\AppData\Local\Packages\Update\dcdm.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: FELIPE\felip Nome do Processo: C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe Versão da Inteligência de Segurança: AV: 1.341.1126.0, AS: 1.341.1126.0, NIS: 1.341.1126.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-21 00:18:36 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Nome: Trojan:Win32/Tiggre!rfn Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\felip\AppData\Local\Janma\dcdm.exe; file:_C:\Users\felip\AppData\Local\Packages\Update\dcdm.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: FELIPE\felip Nome do Processo: C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe Versão da Inteligência de Segurança: AV: 1.341.1126.0, AS: 1.341.1126.0, NIS: 1.341.1126.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-21 00:18:35 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0 Nome: Trojan:Win32/Tiggre!rfn Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\felip\AppData\Local\Janma\dcdm.exe Origem da Detecção: Computador local Tipo da Detecção: Concreto Fonte da Detecção: Proteção em Tempo Real Usuário: FELIPE\felip Nome do Processo: C:\Users\felip\AppData\Local\Microsoft\Update\janma.exe Versão da Inteligência de Segurança: AV: 1.341.1126.0, AS: 1.341.1126.0, NIS: 1.341.1126.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-21 00:17:11 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0 Nome: Trojan:Win32/Wacatac.B!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\felip\AppData\Local\Temp\Rar$DRa8756.25581\Z-Analyse.exe; file:_C:\Users\felip\OneDrive\Área de Trabalho\Z-Analyse.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: FELIPE\felip Nome do Processo: C:\Windows\explorer.exe Versão da Inteligência de Segurança: AV: 1.341.1126.0, AS: 1.341.1126.0, NIS: 1.341.1126.0 Versão do Mecanismo: AM: 1.1.18200.4, NIS: 1.1.18200.4 Date: 2021-06-03 22:22:39 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: 1.341.8.0 Versão da Inteligência de Segurança anterior: 1.339.1904.0 Fonte da Atualização: Usuário Tipo da Inteligência de Segurança: Anti-spyware Tipo da atualização: Delta Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: 1.1.18200.4 Versão Anterior do Mecanismo: 1.1.18100.6 Código de Erro: 0x80070666 Descrição do Erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. Date: 2021-06-03 22:22:39 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: 1.341.8.0 Versão da Inteligência de Segurança anterior: 1.339.1904.0 Fonte da Atualização: Usuário Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Delta Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: 1.1.18200.4 Versão Anterior do Mecanismo: 1.1.18100.6 Código de Erro: 0x80070666 Descrição do Erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. Date: 2021-06-03 22:22:39 Description: O Microsoft Defender Antivírus encontrou um erro ao tentar atualizar o mecanismo. Nova Versão do Mecanismo: 1.1.18200.4 Versão Anterior do Mecanismo: 1.1.18100.6 Usuário: AUTORIDADE NT\SISTEMA Código do Erro: 0x80070666 Descrição do erro: Outra versão deste produto já está instalada. A instalação desta versão não pode continuar. Para configurar ou remover a versão existente deste produto, use 'Adicionar ou remover programas' no Painel de Controle. CodeIntegrity: =============== Date: 2021-06-13 21:06:46 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2021-06-07 01:18:06 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\WindowManagementAPI.dll because the set of per-page image hashes could not be found on the system. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. 4212 07/24/2019 placa-mãe: ASUSTeK COMPUTER INC. H110M-C/BR Processador: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz Percentagem de memória em uso: 40% RAM física total: 16327.25 MB RAM física disponível: 9703.53 MB Virtual Total: 22471.25 MB Virtual disponível: 11441.69 MB ==================== Drives ================================ Drive () (Fixed) (Total:110.32 GB) (Free:2.69 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)] Drive d: () (Fixed) (Total:930.97 GB) (Free:134.85 GB) NTFS \\?\Volume{bc130891-0000-0000-0000-a0941b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{bc130891-0000-0000-0000-90b51b000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS \\?\Volume{bc130891-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: BC130891) Partition 1: (Active) - (Size=110.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=526 MB) - (Type=27) Partition 3: (Not Active) - (Size=523 MB) - (Type=27) Partition 4: (Not Active) - (Size=450 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E6FE6328) Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== Fim de Addition.txt =======================
  4. FRST_21-06-2021 14.53.22.txtFRST_21-06-2021 14.50.34.txtAddition_21-06-2021 14.53.22.txtAddition_21-06-2021 14.50.34.txtZA-Scan.txtAdwCleaner[S01].txtZHPCleaner (R).txt Search.txt
  5. ZA-Scan.txt ZHPCleaner (R).txtZHPCleaner (S).txt Baixei um ''jogo'' grátis do Mario, só percebi na burrice que fiz depois de ter feito. Agora tem um arquivo ''Janma'' abrindo e fechando na minha maquina. Já passei alguns antimalware, aparentemente não acharam nada.
  6. Domingo atarde meu pc começou a travar muito, achei que fosse malware, mas o pc ja esta limpo. Limpei as log e os cache mas continua travando, quase n consigo mexer o mouse.
  7. Boa noite , hoje levei meu pc para formatar e trocar a placa-mãe.Cheguei aqui em casa e vi que tinha 2 HD, meu amigo falou que eles estavam repartido que era só excluir 1 que eles se juntavam. Excluir e agora so tenho 239g de HD , (eu tinha 1 tera) eu perdi o resto da minha memoria ? Se não por favor me ajuda .
  8. adicionado 0 minutos depois continua com o erro
  9. Meu svchost esta usando muito da cpu , vi varios video falando que era o windows update , quando entrei nele estava com esse erro . Já fui em vários sites e vi vários videos , mas nenhum resolve , se algum adm souber pf me ajuda .

Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas comunidades sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×
×
  • Criar novo...

Redes-Wi-Fi-capa-3d-newsletter.png

EBOOK GRÁTIS!

CLIQUE AQUI E BAIXE AGORA MESMO!