First of all, I don't write English perfectly, so I will be using a translator for better conversation.
A few days ago my Instagram account started to be notified of suspicious activity and even asked for extra verification to check if it was me trying to connect.
I did an analysis with Malwarebytes and detector 4 PUM.Optional.DisableRMT, I just quarantined them.
Because my machine is in Portuguese, it generated the logs in this language, I don't know if this will affect the analysis.
FRST.txt
Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20-09-2023
Executado por Capile (administrador) em DESKTOP-A6SPOGS (SAMSUNG ELECTRONICS CO., LTD. 300E4M/300E4S/300E4L) (25-09-2023 11:36:50)
Executando a partir de E:\\FRST64.exe
Perfis Carregados: Capile
Plataforma: Microsoft Windows 10 Pro Versão 22H2 19045.3086 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(C:\Program Files (x86)\Icecream Ebook Reader 6\icebookreader.exe ->) (Icecream Apps Ltd -> ) C:\Program Files (x86)\Icecream Ebook Reader 6\icebooksvc.exe
(C:\Program Files (x86)\Icecream Ebook Reader 6\icebooksvc.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(cmd.exe ->) (DATALABS LIMITED -> ) C:\Windows\Windows Driver Foundation (WDF).exe
(Discord Inc. -> Discord Inc.) C:\Users\Capile\AppData\Local\Discord\app-1.0.9018\Discord.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Icecream) [Arquivo não assinado] C:\Program Files (x86)\Icecream Ebook Reader 6\icebookreader.exe
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <34>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(explorer.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) [Arquivo não assinado] C:\Program Files\CCleaner\CCleaner64.exe
(explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Capile\AppData\Roaming\Telegram Desktop\Telegram.exe
(explorer.exe ->) (VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(explorer.exe ->) (XMind Ltd. -> XMind Ltd.) C:\Program Files\XMind\XMind.exe <6>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
==================== Registro (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-08-28] (Adobe Inc. -> )
HKLM\...\Winlogon: [Shell] explorer.exe,wudf.exe wtime.cmd <=== ATENÇÃO
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [4676384 2023-06-27] (Microsoft Windows -> Microsoft Corporation) <=== ATENÇÃO
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall: Restrição <==== ATENÇÃO
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-20\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-06-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) [Arquivo não assinado]
HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\Capile\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2023-09-18] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\MountPoints2: {e2c68067-1445-11ee-a271-9883899502fe} - "H:\OInstall.exe"
HKLM\...\Windows x64\Print Processors\us016PC: C:\Windows\System32\spool\prtprocs\x64\us016pc.dll [61736 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\us016 Langmon: C:\Windows\system32\us016lm.dll [40744 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\Installer\chrmstp.exe [2023-09-22] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
GroupPolicy: Restrição ? <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restrição <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) =================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {60F90D3E-A800-4B59-AF7E-F1B30F8D5151} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2023-09-17] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {A68E588F-AAB1-44DD-87FE-1EF4350F920B} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{80AEBD42-BC51-4E17-A48D-278AF8423A26} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175416 2023-07-14] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {D48A49ED-9C97-48C9-BDC0-A6869B548710} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{F51E693D-0C72-4A22-A687-D763B6949686} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175416 2023-07-14] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {198D99E2-20D2-4C71-8C2D-68D6AF579D72} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {290C911D-8811-4700-8754-817AE0EC5C6B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "bf3a1305-1706-4351-995b-39b508570a8b" --version "6.16.10662" --silent
Task: {7E2115EE-BED1-416C-B8EA-F97B0BAF27D9} - System32\Tasks\CCleanerSkipUAC - Capile => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {89925E09-F2F6-4A3D-B4AC-2E7577CEAAAC} - System32\Tasks\CorelUpdateHelperTask-0CA8F98B83F757EEBF25E6055FD34554 => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3774160 2021-01-21] (Corel Corporation -> Corel Corporation)
Task: {628CC00B-54DC-49C8-9DF6-5E6238B64B0C} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3774160 2021-01-21] (Corel Corporation -> Corel Corporation)
Task: {3C32FF4E-68FD-4453-AFFC-E857458CBD70} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A41086E-8552-499C-AB19-A8B2F4BF349F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD27B313-0EB1-4F41-8CA9-D93D00A3E2D1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {14C6ECC5-46D6-450A-BEE8-26C0A7C5CBB4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2AB4D4F-A15E-4512-A288-5D52582DC825} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168880 2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1A48EB7-0CF1-49CD-A74B-A104D7330459} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [73656 2023-03-08] (IP Zinukhov Stanislav Igorevich -> www.startisback.com)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 160.20.23.250 160.20.23.251 8.8.8.8
Tcpip\..\Interfaces\{8dba3dd4-20b0-47b5-8ea6-8ce1b672417c}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{8dba3dd4-20b0-47b5-8ea6-8ce1b672417c}: [DhcpNameServer] 160.20.23.250 160.20.23.251 8.8.8.8
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <==== ATENÇÃO
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Capile\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-25]
Edge DownloadDir: Default -> E:\
Edge Extension: (Documentos Google off-line) - C:\Users\Capile\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28]
Edge Extension: (Edge relevant text changes) - C:\Users\Capile\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]
Edge Extension: (uBlock Origin) - C:\Users\Capile\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-09-22]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2022-05-20] []
FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2022-05-20]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx [2022-11-27]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx [2022-11-27]
Brave:
=======
BRA Profile: C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-09-25]
BRA Extension: (Foxit PDF Creator) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2023-07-14]
BRA Extension: (Brave Ad Block Updater (Exception-exceptions (plaintext))) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-09-25]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-09-25]
BRA Extension: (Brave NTP background images) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-09-19]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-09-25]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\bpndlkddhgpmjengabcakadpcabgflca [2023-09-25]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-09-25]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-09-25]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-09-20]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2023-07-14]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-09-25]
BRA Extension: (Brave Ad Block Updater (Adguard Spanish/Portuguese (plaintext))) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\meimhmgfbckapkbbbdaoefgnbppmkodp [2023-09-25]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-09-24]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Capile\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-09-20]
==================== Serviços (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175416 2023-07-14] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175416 2023-07-14] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\brave_vpn_helper.exe [3246104 2023-09-22] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [11059224 2023-09-22] (Brave Software, Inc. -> Brave Software, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4974416 2023-06-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
R2 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287968 2023-09-25] (Malwarebytes Inc. -> Malwarebytes)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336208 2023-06-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\117.1.58.131\elevation_service.exe" [X]
===================== Drivers (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [310672 2023-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
S3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\Windows\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2023-06-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2023-06-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222272 2023-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-09-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [200104 2023-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2023-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181984 2023-09-25] (Malwarebytes Inc. -> Malwarebytes)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S4 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um mês (criados) (Whitelisted) =========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2023-09-25 11:36 - 2023-09-25 11:37 - 000000000 ____D C:\FRST
2023-09-25 10:42 - 2023-09-25 10:49 - 000000000 ____D C:\Users\Capile\AppData\LocalLow\IGDump
2023-09-25 10:13 - 2023-09-25 10:13 - 000000000 ____D C:\Users\Capile\AppData\Local\mbam
2023-09-25 10:12 - 2023-09-25 10:12 - 000181984 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-09-25 10:11 - 2023-09-25 10:13 - 000000000 ____D C:\Users\Capile\AppData\Local\Malwarebytes
2023-09-25 10:11 - 2023-09-25 10:11 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-09-25 10:11 - 2023-09-25 10:11 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-09-25 10:11 - 2023-09-25 10:11 - 000000000 _____ C:\Users\Capile\AppData\Local\installLocal
2023-09-25 10:10 - 2023-09-25 10:10 - 000000079 ___SH C:\Windows\config.json
2023-09-25 10:10 - 2023-09-25 10:10 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-09-25 10:10 - 2023-09-25 10:10 - 000000000 ____D C:\Program Files\Malwarebytes
2023-09-25 10:10 - 2023-09-05 05:33 - 002132904 ___SH C:\Windows\Windows Driver Foundation (WDF).exe
2023-09-25 10:10 - 2023-03-29 07:40 - 000307200 _____ (Microsoft Corporation) C:\Windows\Windows Driver Foundаtion (WDF).exe
2023-09-25 10:10 - 2012-10-13 08:59 - 000000116 ___SH C:\Windows\wtime.cmd
2023-09-25 10:10 - 2008-10-07 08:45 - 000004096 ___SH () C:\Windows\wudf.exe
2023-09-25 10:09 - 2023-09-25 10:09 - 000000000 __SHD C:\ProgramData\tl
2023-09-25 10:09 - 2023-09-25 10:09 - 000000000 ____D C:\Users\Capile\AppData\Local\mbamtray
2023-09-25 10:08 - 2023-09-25 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2023-09-25 10:08 - 2023-09-25 10:08 - 000000000 ____D C:\Program Files (x86)\7-Zip
2023-09-25 09:52 - 2023-09-25 09:52 - 000000000 ____D C:\Users\Capile\Downloads\Malwarebytes Premium 4.6.3.282_By.Eddy
2023-09-21 18:05 - 2023-09-21 18:05 - 000002133 _____ C:\Users\Capile\Desktop\Fitify.lnk
2023-09-21 11:46 - 2023-09-21 11:46 - 000000000 ____D C:\Users\Capile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2023-09-21 11:44 - 2023-09-21 11:44 - 000000000 ____D C:\Users\Capile\Downloads\Fitify Pro v1.56.1_By.Eddy
2023-09-20 22:28 - 2023-09-20 22:43 - 000000000 ____D C:\Users\Capile\AppData\Roaming\Wondershare
2023-09-20 22:28 - 2023-09-20 22:43 - 000000000 ____D C:\Users\Capile\AppData\Roaming\TransferSupport
2023-09-20 22:28 - 2023-09-20 22:43 - 000000000 ____D C:\Users\Capile\AppData\Local\Wondershare
2023-09-20 21:26 - 2023-09-20 21:26 - 126271047 _____ C:\Users\Capile\Desktop\Lightroom-Premium-v8.5.2_build_608052000-Mod.apk
2023-09-20 14:57 - 2023-09-20 14:57 - 000002045 _____ C:\Users\Capile\Desktop\Xmind.lnk
2023-09-19 14:59 - 2023-09-19 14:59 - 012792793 _____ C:\Users\Capile\Desktop\Antiotário Vol. 1, 2 e 3 - Rafael Aires.pdf
2023-09-19 10:31 - 2023-09-19 10:31 - 000002077 _____ C:\Users\Capile\Desktop\ClashofClans.lnk
2023-09-19 10:25 - 2023-09-19 10:25 - 000000000 ____D C:\Users\Capile\AppData\Local\HD-Player
2023-09-19 10:22 - 2023-09-24 15:09 - 000000000 ____D C:\Users\Capile\AppData\Local\BlueStacks X
2023-09-19 10:22 - 2023-09-19 10:22 - 000000000 ____D C:\Users\Capile\AppData\Local\BSXCache
2023-09-19 10:21 - 2023-09-23 16:06 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-09-19 10:21 - 2023-09-19 10:21 - 000006906 _____ C:\Users\Capile\-1.14-windows.xml
2023-09-19 10:21 - 2023-09-19 10:21 - 000003938 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2023-09-19 10:20 - 2023-09-24 15:26 - 000000000 ____D C:\Users\Capile\AppData\Roaming\bluestacks-services
2023-09-19 10:20 - 2023-09-24 13:41 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2023-09-19 10:20 - 2023-09-19 10:20 - 000002443 _____ C:\Users\Capile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueStacks Services.lnk
2023-09-19 10:20 - 2023-09-19 10:20 - 000000000 ____D C:\Users\Capile\AppData\Local\bluestacks-services-updater
2023-09-19 10:20 - 2023-09-19 10:20 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2023-09-19 10:19 - 2023-09-19 10:19 - 000002000 _____ C:\Users\Public\Desktop\BlueStacks X.lnk
2023-09-19 10:19 - 2023-09-19 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks X
2023-09-19 10:19 - 2023-09-19 10:19 - 000000000 ____D C:\Program Files (x86)\BlueStacks X
2023-09-19 10:18 - 2023-09-19 10:20 - 000000000 ____D C:\Users\Capile\AppData\Local\Bluestacks
2023-09-19 10:18 - 2023-09-19 10:18 - 000000000 ____D C:\Users\Public\BlueStacks
2023-09-16 13:11 - 2023-09-21 16:38 - 000000000 ____D C:\Program Files (x86)\Strogino CS Portal
2023-09-12 14:20 - 2023-09-12 14:20 - 006034083 _____ C:\Users\Capile\Desktop\Livro ADMFLIX_ Giovanna Carranza.pdf
2023-09-12 12:49 - 2023-09-12 12:49 - 044699242 _____ C:\Users\Capile\Desktop\XMind_Mind_Map_v23.07_18218_Patched_by_youarefinished_src.apk
2023-09-12 10:17 - 2023-09-12 10:17 - 000493099 _____ C:\Users\Capile\Desktop\Stories Instagram estudo biblíco religioso moderno nude e marrom.mp4
2023-09-10 22:18 - 2023-09-10 22:18 - 000000000 ____D C:\Users\Capile\AppData\LocalLow\Innersloth
2023-09-10 16:17 - 2023-09-10 16:14 - 084455871 _____ C:\Users\Capile\Desktop\Passeio 0709.mp4
2023-09-04 08:23 - 2023-09-04 08:23 - 173214631 _____ C:\Users\Capile\Desktop\holyrics 9.hbac
2023-09-01 08:00 - 2023-09-01 08:00 - 004290829 _____ C:\Users\Capile\Desktop\Visitantes Adonai.psd
2023-08-31 21:12 - 2023-08-31 21:13 - 005478562 _____ C:\Users\Capile\Desktop\Visitantes Adonai.pdf
2023-08-30 10:28 - 2023-08-30 10:28 - 003052162 _____ C:\Users\Capile\Desktop\PXL_20230804_203724079-denoise-faceai-sharpen.jpeg
2023-08-30 10:08 - 2023-08-30 10:08 - 000000000 ____D C:\ProgramData\Topaz Labs LLC
2023-08-30 10:08 - 2023-08-30 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Photo AI
2023-08-30 10:08 - 2023-08-30 10:08 - 000000000 ____D C:\Program Files\Topaz Labs LLC
2023-08-30 10:02 - 2023-08-30 10:04 - 000000000 ____D C:\Users\Capile\Downloads\Topaz.Photo.AI.v1.5.3-paulonline
2023-08-29 14:19 - 2023-09-21 11:46 - 000002245 _____ C:\Users\Capile\Desktop\Itaú.lnk
2023-08-29 14:19 - 2023-09-21 11:46 - 000000000 ____D C:\Users\Capile\AppData\Local\Aplicativo Itau
2023-08-29 13:49 - 2023-08-29 15:56 - 000001456 _____ C:\Users\Capile\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2023-08-29 09:51 - 2023-08-29 09:51 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2023-08-28 20:13 - 2023-08-29 08:45 - 000000000 ____D C:\Users\Capile\Desktop\Photoshop pack imagens
2023-08-28 15:11 - 2023-08-28 15:11 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2023.lnk
2023-08-28 15:04 - 2023-08-28 15:50 - 000000000 ____D C:\Users\Capile\Documents\Fiddler2
2023-08-28 15:04 - 2023-08-28 15:04 - 000002301 _____ C:\Users\Capile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler ScriptEditor.lnk
2023-08-28 15:04 - 2023-08-28 15:04 - 000002161 _____ C:\Users\Capile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler Classic.lnk
2023-08-28 15:04 - 2023-08-28 15:04 - 000000000 ____D C:\Users\Capile\AppData\Local\Progress_Software_Corpora
2023-08-28 14:19 - 2023-08-28 14:19 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2023-08-28 13:57 - 2023-08-28 13:57 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-08-28 13:23 - 2023-08-28 13:23 - 000000000 ____D C:\ProgramData\Piriform
2023-08-28 13:23 - 2023-08-28 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2023-08-28 13:23 - 2023-08-28 13:23 - 000000000 ____D C:\Program Files\Recuva
2023-08-28 13:22 - 2023-09-23 16:05 - 000000000 ____D C:\Program Files\CCleaner
2023-08-28 13:22 - 2023-09-21 15:51 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-08-28 13:22 - 2023-09-15 15:38 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-08-28 13:22 - 2023-09-14 09:15 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-08-28 13:22 - 2023-08-28 13:22 - 000002908 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Capile
2023-08-28 13:22 - 2023-08-28 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-08-28 13:20 - 2023-08-28 13:20 - 000000000 ____D C:\Users\Capile\Downloads\CCleaner Professional Plus 6.11_By.Eddy
2023-08-28 13:07 - 2023-08-28 13:08 - 000000000 ____D C:\Users\Capile\Downloads\Adobe Photoshop 2021 v22.5.9.1101
2023-08-27 13:46 - 2023-08-27 13:46 - 000002290 __RSH C:\ProgramData\ntuser.pol
2023-08-27 10:53 - 2023-08-27 10:53 - 001083930 _____ C:\Users\Capile\Desktop\conjunto-de-icones-de-midia-social-com-logotipos-do-facebook-instagram-twitter-tiktok-e-youtube.zip
2023-08-27 10:20 - 2023-08-27 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Move Transition
2023-08-26 22:19 - 2023-08-30 21:44 - 000088095 _____ C:\Users\Capile\AppData\Roaming\last.vmix
2023-08-26 22:13 - 2023-08-26 22:13 - 000000000 ____D C:\Users\Capile\AppData\Local\GTDesigner
2023-08-26 22:12 - 2023-08-26 22:12 - 000000000 ____D C:\Users\Capile\Documents\vMixStorage
2023-08-26 22:12 - 2023-08-26 22:12 - 000000000 ____D C:\Users\Capile\AppData\Local\StudioCoast_Pty_Ltd
2023-08-26 22:12 - 2023-08-26 22:12 - 000000000 ____D C:\ProgramData\vMixNDIHelper
2023-08-26 22:11 - 2023-08-26 22:11 - 000000000 ____D C:\Users\Capile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2023-08-26 22:11 - 2023-08-26 22:11 - 000000000 ____D C:\Program Files (x86)\Haali
==================== Um mês (modificados) ==================
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2023-09-25 11:05 - 2023-06-26 11:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-25 10:44 - 2023-06-27 21:45 - 000000000 ____D C:\Users\Capile\AppData\Roaming\discord
2023-09-25 10:44 - 2023-06-27 21:45 - 000000000 ____D C:\Users\Capile\AppData\Local\Discord
2023-09-25 10:12 - 2023-06-26 15:44 - 000000000 ____D C:\Users\Capile\AppData\Roaming\qBittorrent
2023-09-25 10:11 - 2019-12-07 05:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-09-25 10:06 - 2023-04-25 00:07 - 000000000 ____D C:\Windows\SystemTemp
2023-09-24 23:31 - 2023-06-26 11:12 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-24 21:30 - 2023-06-27 07:53 - 000000000 ____D C:\Users\Capile\AppData\Roaming\vlc
2023-09-24 19:11 - 2023-08-15 09:24 - 000003338 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTask-0CA8F98B83F757EEBF25E6055FD34554
2023-09-24 16:32 - 2023-06-26 18:52 - 000000000 ____D C:\Users\Capile\AppData\Roaming\Telegram Desktop
2023-09-24 12:00 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-23 16:09 - 2023-06-26 11:18 - 001741820 _____ C:\Windows\system32\PerfStringBackup.INI
2023-09-23 16:09 - 2019-12-07 10:54 - 000752602 _____ C:\Windows\system32\prfh0416.dat
2023-09-23 16:09 - 2019-12-07 10:54 - 000148716 _____ C:\Windows\system32\prfc0416.dat
2023-09-23 16:09 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2023-09-23 16:05 - 2023-06-26 12:27 - 000000000 __SHD C:\Users\Capile\IntelGraphicsProfiles
2023-09-23 16:04 - 2023-06-26 12:27 - 000000000 ____D C:\Intel
2023-09-23 16:04 - 2023-06-26 11:12 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-23 16:04 - 2023-06-26 11:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-23 07:23 - 2019-12-07 05:03 - 000065536 _____ C:\Windows\system32\config\BBI
2023-09-23 07:22 - 2023-06-28 15:38 - 005906121 _____ C:\Users\Capile\Desktop\Planilha do Aprovado.xlsm
2023-09-23 07:22 - 2023-06-26 13:44 - 000000000 ____D C:\Users\Capile\AppData\Roaming\Microsoft\Excel
2023-09-22 20:59 - 2023-07-24 11:29 - 000000000 ____D C:\Users\Capile\.holyrics
2023-09-22 20:59 - 2023-07-24 11:29 - 000000000 ____D C:\Holyrics
2023-09-22 17:29 - 2023-07-14 20:39 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-09-22 16:57 - 2023-06-26 12:23 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3155716891-1594043046-370496521-1001
2023-09-22 16:57 - 2023-06-26 12:22 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3155716891-1594043046-370496521-1001
2023-09-22 16:57 - 2023-06-26 11:18 - 000002388 _____ C:\Users\Capile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-22 13:41 - 2023-06-26 13:46 - 000000000 ____D C:\Users\Capile\AppData\Roaming\Microsoft\Word
2023-09-20 23:53 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-20 23:53 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2023-09-20 12:08 - 2023-06-26 11:20 - 000000000 ____D C:\Users\Capile\AppData\Local\D3DSCache
2023-09-19 14:21 - 2023-06-26 11:18 - 000000000 ____D C:\Users\Capile\AppData\Local\Packages
2023-09-19 10:21 - 2023-06-26 11:18 - 000000000 ____D C:\Users\Capile
2023-09-18 16:43 - 2023-07-05 20:57 - 000000000 ____D C:\Program Files (x86)\Steam
2023-09-18 16:43 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-09-17 17:17 - 2023-06-28 13:15 - 000001078 _____ C:\Users\Capile\Desktop\Anki.lnk
2023-09-11 12:15 - 2023-06-27 00:42 - 000000000 ____D C:\Users\Capile\Downloads\Telegram Desktop
2023-09-10 22:17 - 2023-07-05 21:06 - 000000000 ____D C:\Users\Capile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-09-10 22:16 - 2023-07-05 21:00 - 000000000 ____D C:\Users\Capile\AppData\Local\Steam
2023-09-05 10:39 - 2023-07-09 19:27 - 000000000 ____D C:\Users\Capile\AppData\Local\ElevatedDiagnostics
2023-09-02 23:50 - 2023-06-26 12:22 - 000000000 ___RD C:\Users\Capile\OneDrive
2023-08-30 21:05 - 2023-08-25 22:38 - 000243086 _____ C:\Users\Capile\Desktop\lower third.psd
2023-08-30 20:59 - 2023-06-26 11:16 - 000000000 ____D C:\ProgramData\Package Cache
2023-08-30 10:49 - 2023-07-26 14:44 - 000000000 ____D C:\Users\Capile\Desktop\Fontes
2023-08-29 13:45 - 2023-07-25 15:19 - 000000000 ____D C:\Users\Capile\AppData\Local\Adobe
2023-08-29 09:54 - 2023-08-24 23:35 - 000000000 ____D C:\Users\Capile\Documents\Adobe
2023-08-29 09:54 - 2023-07-25 15:20 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-08-29 09:54 - 2023-07-25 15:19 - 000000000 ____D C:\ProgramData\Adobe
2023-08-29 09:54 - 2023-06-26 11:18 - 000000000 ____D C:\Users\Capile\AppData\Roaming\Adobe
2023-08-29 09:51 - 2023-07-25 15:20 - 000000000 ____D C:\Program Files\Adobe
2023-08-28 15:12 - 2023-07-25 15:58 - 000000000 ____D C:\Users\Capile\AppData\LocalLow\Adobe
2023-08-28 13:30 - 2023-06-26 11:11 - 000000000 ____D C:\Windows\Panther
2023-08-28 13:12 - 2023-08-24 23:29 - 000000000 ____D C:\Users\Public\Documents\Adobe
2023-08-28 10:05 - 2023-06-26 11:12 - 000383528 _____ C:\Windows\system32\FNTCACHE.DAT
2023-08-27 14:29 - 2023-08-19 17:42 - 000000000 ____D C:\Users\Capile\AppData\Roaming\obs-studio
2023-08-27 10:20 - 2023-08-19 17:41 - 000000000 ____D C:\Program Files\obs-studio
==================== Arquivos na raiz de alguns diretórios ========
2023-08-21 19:58 - 2023-08-22 09:06 - 000000752 _____ () C:\Users\Capile\.cdb33d40-ac80-4678-9c1f-5af87e2e757f.dat
2023-08-26 22:19 - 2023-08-30 21:44 - 000088095 _____ () C:\Users\Capile\AppData\Roaming\last.vmix
2023-08-29 13:49 - 2023-08-29 15:56 - 000001456 _____ () C:\Users\Capile\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2023-09-25 10:11 - 2023-09-25 10:11 - 000000000 _____ () C:\Users\Capile\AppData\Local\installLocal
2023-06-28 12:43 - 2023-06-28 12:43 - 000007597 _____ () C:\Users\Capile\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Não há correção automática para arquivos que não passaram na verificação.)
==================== Fim de FRST.txt ========================
Addition.txt
Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 20-09-2023
Executado por Capile (25-09-2023 11:41:01)
Executando a partir de E:\
Microsoft Windows 10 Pro Versão 22H2 19045.3086 (X64) (2023-06-26 15:16:43)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
(Se uma entrada for incluída na fixlist, será removida.)
Administrador (S-1-5-21-3155716891-1594043046-370496521-500 - Administrator - Disabled)
Capile (S-1-5-21-3155716891-1594043046-370496521-1001 - Administrator - Enabled) => C:\Users\Capile
Convidado (S-1-5-21-3155716891-1594043046-370496521-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3155716891-1594043046-370496521-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3155716891-1594043046-370496521-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
7-Zip 22.01 (HKLM-x32\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_12_4) (Version: 12.4 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_7) (Version: 24.7.0.643 - Adobe Inc.)
Anki (HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\Anki) (Version: 2.1.65 - )
Aplicativo Itaú (HKLM-x32\...\{6936C6A8-B005-4390-92C6-7092D57C681A}) (Version: 1.0.184 - Banco Itaú)
Audacity 3.3.3 (HKLM\...\Audacity_is1) (Version: 3.3.3 - Audacity Team)
BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.13.100.1019 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\BlueStacksServices) (Version: 3.0.1 - now.gg, Inc.)
BlueStacks X (HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\BlueStacks X) (Version: 10.4.0.1034 - now.gg, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 117.1.58.131 - Autores do Brave)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
Cheat Engine 7.5 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
Corel Graphics - Windows Shell Extension (HKLM\...\_{33DB43C3-E6BE-40AE-AECF-56E9F03E3B4D}) (Version: 23.0.0.362 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{33DB43C3-E6BE-40AE-AECF-56E9F03E3B4D}) (Version: 23.0.362 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C697E994-12BE-4CF3-B9BF-B3FD1659E717}) (Version: 23.0.362 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM (x64) (HKLM\...\{EF56927C-ED92-41B1-8B88-FA225384E2A4}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content BR (x64) (HKLM\...\{3D6825D1-5843-4585-B915-A9F234554C2C}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content CS (x64) (HKLM\...\{CCBA3120-A726-4C64-8986-AF5B6C519FE7}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content CT (x64) (HKLM\...\{EC73C33E-4349-45E7-A08C-8566DF799EC5}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content CZ (x64) (HKLM\...\{289B6A1B-EA8B-4FBE-9CF4-A0FE4E91DD37}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content DE (x64) (HKLM\...\{4F09DBC6-B00A-4E83-886D-94EFAD76A36C}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content EN (x64) (HKLM\...\{DDD18F44-5B1B-44FB-A604-1A4EBDB65FC9}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content ES (x64) (HKLM\...\{176AC6B0-1B9D-4257-94DD-02B006CBC779}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content FR (x64) (HKLM\...\{D6DDBE6D-E2D0-48C1-9DAC-5DB93DA8DA83}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content IT (x64) (HKLM\...\{ED790B20-D67B-465C-B3B9-768547F5E389}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content JP (x64) (HKLM\...\{243F3C09-43FC-447C-98AF-E640955397BB}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content NL (x64) (HKLM\...\{AA0464E0-EBA2-4879-A116-D7FFBC41267E}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content PL (x64) (HKLM\...\{7E5076C4-E945-49BA-AFC6-01577CD06ABA}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content RU (x64) (HKLM\...\{74BEF304-6B74-4196-A4C4-63C6D4BECCB0}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content SV (x64) (HKLM\...\{A397DC31-3A23-4157-8881-A5E4957ABB19}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - IPM Content TR (x64) (HKLM\...\{3B5FBE0B-541B-47FB-89EC-20ECA3E8D97A}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 - Writing Tools (x64) (HKLM\...\{31CD96CF-4A33-4535-A6CC-F419CEAEFD70}) (Version: 23.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2021 (64-Bit) (HKLM\...\_{B9EA48EE-695F-4E90-B89D-F7CE4767B49F}) (Version: 23.0.0.363 - Corel Corporation)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.2.0.2086 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\Discord) (Version: 1.0.9013 - Discord Inc.)
ERA-Bundle 6.2.00 - Voice Changer 1.3.10 64-bit (HKLM\...\{3E8F7EE0-8393-406D-914B-A5D3CB9793D7}_is1) (Version: 6.2.00 - Accusonus, Inc.)
Foxit PDF Editor (HKLM-x32\...\{89bf4e5e-282f-468a-a283-508236fd8b70}) (Version: 12.1.1.15289 - Foxit Software Inc.)
Foxit PDF Editor (HKLM-x32\...\{E2DC771E-A929-11ED-95DC-54BF64A63C26}) (Version: 12.1.1.15289 - Foxit Software Inc.) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Holyrics versão 2.19.2 (HKLM-x32\...\{C54EA71D-44DC-4833-9E9D-24E2ACA9D145}_is1) (Version: 2.19.2 - Lima Giran)
Icecream Ebook Reader 6 versão 6.25 (HKLM-x32\...\{67C22DDD-238A-4587-AC0E-2802AE70CB42}_is1) (Version: 6.25 - Icecream Apps)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{A528513B-DABD-438F-92E4-7B49B8BDE5FF}) (Version: 19.0.117 - Intel Corporation)
Malwarebytes version 4.6.3.282 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.3.282 - Malwarebytes)
MediaHuman YouTube Downloader 3.9.9.82 (HKLM\...\MediaHuman YouTube Downloader_is1) (Version: 3.9.9.82 - LR)
Microsoft .NET Host - 6.0.6 (x64) (HKLM\...\{F48FB46C-3334-47AA-98ED-D5A47DED33F1}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.6 (x64) (HKLM\...\{089493D9-430B-4210-8A47-8F611288F461}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.6 (x64) (HKLM\...\{00478901-CD97-4A20-8FF3-3276865A2B44}) (Version: 48.27.42327 - Microsoft Corporation) Hidden
Microsoft DirectX End-User Runtime (HKLM\...\DirectX End-User Runtime) (Version: 9.29.1974 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{C9830CB8-B443-3DAD-96D6-FC02C0C794F9}) (Version: 117.0.2045.41 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.36 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - pt-br (HKLM\...\ProPlus2021Volume - pt-br) (Version: 16.0.16227.20258 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\OneDriveSetup.exe) (Version: 23.184.0903.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) Portuguese (Brazil) (HKLM\...\{90F60416-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{47C2CCDB-7A04-3797-992B-A84D3E90258F}) (Version: 10.0.60833 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{9D6CE289-E12C-38BB-9999-E2377EC118B7}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{7C931D41-F302-3494-868C-320A4F4DD9F9}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM\...\{B9E46F95-AC34-4943-AFE2-B72EFD56C6C0}) (Version: 48.27.42342 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.6 (x64) (HKLM-x32\...\{aad3b888-fde2-48c0-95c2-2f7a729283fb}) (Version: 6.0.6.31318 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Move Transition version 2.9.4 (HKLM-x32\...\{83443BC3-6FCC-4A35-922E-1FF66F294AA4}}_is1) (Version: 2.9.4 - Exeldro)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16227.20204 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Progress Telerik Fiddler Classic (HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\Fiddler2) (Version: 5.0.20211.51073 - Progress Software Corporation)
PSD Codec by Ardfry Imaging, LLC (32 bit) (HKLM-x32\...\{B622A8BB-C77B-4F03-B512-8B70A6760BD9}) (Version: 1.0.17.0 - Ardfry Imaging, LLC) Hidden
PSD Codec by Ardfry Imaging, LLC (64 bit) (HKLM\...\{72383075-FF31-4B87-BD94-8CFC347A1C19}) (Version: 1.0.17.0 - Ardfry Imaging, LLC) Hidden
PSD CODEC Version 1.7.0.0 (HKLM\...\Ardfry PSD CODEC_is1) (Version: 1.7.0.0 - Ardfry Imaging, LLC)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.4 - The qBittorrent project)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro (HKLM\...\Revo Uninstaller Pro) (Version: 5.1.7 - VS Revo Group)
StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 2.9.19 - startisback.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop (HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.10 - Telegram FZ-LLC)
Topaz Photo AI (HKLM\...\{5B8478BC-8DF6-4D3E-AB7B-95F34A07807A}) (Version: 1.5.3 - Topaz Labs LLC)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.93 - Samsung Electronics CO., LTD.)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.22 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.22.0 - win.rar GmbH)
XMind 11.1.0 (HKLM\...\fbd30ee5-8150-549e-9aed-fd9d444364fb) (Version: 11.1.0 - XMind Ltd.)
Packages:
=========
Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5185.0_x64__8j3eq9eme6ctt [2023-09-13] (INTEL CORP) [Startup Task]
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.21.0_neutral__8xx8rvfyw5nnt [2023-07-18] (Instagram)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2023-08-02] (Samsung Electronics Co. Ltd.)
==================== Análise Personalizada CLSID (Whitelisted): ==============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-08-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-08-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-08-28] (Adobe Inc. -> )
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-08-28] (Adobe Inc. -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\ConvertToPDFShellExtension_x64.dll [2022-11-27] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-06-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-06-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-11-22] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-08-28] (Adobe Inc. -> )
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\ConvertToPDFShellExtension_x64.dll [2022-11-27] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-09-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-11-22] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-05-29] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Atalhos & WMI ========================
==================== Módulos Carregados (Whitelisted) =============
2023-09-24 17:36 - 2023-09-24 17:36 - 000145920 _____ () [Arquivo não assinado] \\?\C:\Users\Capile\AppData\Local\Temp\4ffae985-17b9-41e3-b1d2-19da25d6f2d7.tmp.node
2023-06-26 18:44 - 2021-09-24 02:46 - 002823680 _____ () [Arquivo não assinado] C:\Program Files\XMind\ffmpeg.dll
2023-06-26 18:44 - 2021-09-24 02:46 - 000449024 _____ () [Arquivo não assinado] C:\Program Files\XMind\libegl.dll
2023-06-26 18:44 - 2021-09-24 02:46 - 007620096 _____ () [Arquivo não assinado] C:\Program Files\XMind\libglesv2.dll
2023-06-27 08:26 - 2022-12-21 15:35 - 004407880 _____ (curl-for-win Code Signing Authority -> The curl library, hxxps://curl.se/) [Arquivo não assinado] C:\Program Files (x86)\Icecream Ebook Reader 6\libcurl.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Modo de Segurança (Whitelisted) ==================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Associação (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Foxit PDF Editor Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin_x64.dll [2022-11-27] (FOXIT SOFTWARE INC. -> )
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Foxit PDF Editor Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin.dll [2022-11-28] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM - Foxit PDF Editor Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin_x64.dll [2022-11-27] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM-x32 - Foxit PDF Editor Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\IEAddin\IEAddin.dll [2022-11-28] (FOXIT SOFTWARE INC. -> )
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-26] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts Conteúdo: =========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2019-12-07 05:14 - 2023-09-25 10:08 - 000002291 ___SH C:\Windows\system32\drivers\etc\hosts
127.0.0.1 easeus.com
127.0.0.1 www.easeus.com
127.0.0.1 activation.easeus.com
127.0.0.1 easeus.com.cn
127.0.0.1 www.easeus.com.cn
127.0.0.1 track.easeus.com
127.0.0.1 track.easeus.com.cn
127.0.0.1 api.easeus.com
127.0.0.1 update.easeus.com
127.0.0.1 map2.hwcdn.net
127.0.0.1 easeusinfo.us-east-1.log.aliyuncs.com
127.0.0.1 aaa100cd68bbe03f3.awsglobalaccelerator.com
127.0.0.1 uompro.easeus.com
127.0.0.1 order.easeus.com
127.0.0.1 curl.haxx.se
127.0.0.1 buy.easeus.com
127.0.0.1 v2api-uoss.easeus.com
127.0.0.1 23ynjitwt5.adobe.io
127.0.0.1 ic.adobe.io
127.0.0.1 2640.vmix.com
127.0.0.1 vmixcloud.com
127.0.0.1 vmix.com
127.0.0.1 vmix.com.au
127.0.0.1 www.vmix.com
0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com# Piriform Blocker Key Verificator
127.0.0.1 license.piriform.com
127.0.0.1 www.license.piriform.com
==================== Outras Áreas ===========================
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3155716891-1594043046-370496521-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Capile\Documents\wallpaper.png
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (SmartScreenEnabled: Off)
Firewall do Windows está desabilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Se uma entrada for incluída na fixlist, será removida.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKU\S-1-5-21-3155716891-1594043046-370496521-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== Regras do Firewall (Whitelisted) ================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{437DCF15-4F55-4922-8A4F-2BEAB6C408F0}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{E1A166A5-6424-4094-B8E8-C083E79F0BAC}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{7F0FA126-F69B-480C-9931-2026DCFBCB89}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado]
FirewallRules: [{BE6937BD-A9DE-4654-89C0-A000EE8A1D14}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Arquivo não assinado]
FirewallRules: [{BEEED300-633A-4FE6-86D9-1CC9854B6449}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{215FCD74-F419-43D1-B36C-9FE03AECDD77}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{294F9139-5B80-488A-930B-D311C69639E5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{080F24BC-0F9E-4C99-9960-5DB568BF6305}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D0982F25-3A0C-47ED-A666-588DF4C200D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Arquivo não assinado]
FirewallRules: [{904F6376-677C-47EA-A980-AC337563C395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe (Re-Logic) [Arquivo não assinado]
FirewallRules: [{0A1EFF52-A2FA-400F-BC09-90B0805E8CB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe () [Arquivo não assinado]
FirewallRules: [{72AD83D5-EF20-4054-A616-4A61ACECBC26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_dedicated_server_nullrenderer_x64.exe () [Arquivo não assinado]
FirewallRules: [{46A203E8-FD5D-49A8-B218-D645B1BBEA84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [Arquivo não assinado]
FirewallRules: [{4DE30669-BC70-43B5-9D92-2FFB07ECEEE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [Arquivo não assinado]
FirewallRules: [{0C475B16-8146-4CE7-81BD-A794FB07E60F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [Arquivo não assinado]
FirewallRules: [{B1EEBF81-BA10-4679-A536-0519985D970C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [Arquivo não assinado]
FirewallRules: [{C422D168-D2D7-4A5E-A706-15A7FB2183F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [Arquivo não assinado]
FirewallRules: [{A3F1F614-404E-464C-AA76-83125619FA1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [Arquivo não assinado]
FirewallRules: [{F8DCD89B-1FE2-4A6A-BCAF-FBDB232CCADD}] => (Block) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{7461442E-CAA6-4B29-9FF0-66B169407451}] => (Allow) C:\Users\Capile\AppData\Local\Programs\Fiddler\Fiddler.exe (Progress Software Corporation -> Progress Software Corporation)
FirewallRules: [{69C7C0E0-7914-45C3-B2F1-808B9DD453A8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2023\Photoshop.exe (Adobe Inc. -> Adobe) [Arquivo não assinado]
FirewallRules: [{A3D62F55-DFC1-4EE6-B98F-137653C11C57}] => (Block) C:\Program Files\Adobe\Adobe Lightroom Classic\Lightroom.exe (Adobe Inc. -> Adobe Inc.) [Arquivo não assinado]
FirewallRules: [{29648D03-FE80-4FA3-8469-05706A87E7BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Arquivo não assinado]
FirewallRules: [{57390532-1D0E-4CFE-B4C4-CB7491D27920}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [Arquivo não assinado]
FirewallRules: [{FA0ED3E6-4469-4414-BFBF-96E4E047561F}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{300DEBBA-2741-4AC6-9D77-B8737C7F4A5B}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [{F0B6D775-ED70-4750-B7D7-BECF16D1896A}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{5BB5191A-1376-4281-9C0D-579D1BBF6F6E}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [{793C6733-7477-4D8B-A0DF-01146AA90E24}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.36\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25111DF7-5169-410B-8BD5-CB2E016C8DEB}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Pontos de Restauração =========================
09-09-2023 08:43:39 Ponto de Verificação Agendado
17-09-2023 11:54:21 Ponto de Verificação Agendado
==================== Dispositivos Apresentando Falhas No Gerenciador ============
Name: Controlador de comunicação PCI simples
Description: Controlador de comunicação PCI simples
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: ========================
Erros em Aplicativos:
==================
Error: (09/25/2023 10:10:10 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: A Central de Segurança não validou o chamador com o erro %1.
Error: (09/23/2023 07:23:25 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.
Error: (09/23/2023 07:23:25 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]
Error: (09/23/2023 07:23:25 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.
Error: (09/23/2023 07:23:25 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]
Error: (09/21/2023 01:25:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.
Error: (09/21/2023 01:25:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado.
]
Error: (09/21/2023 01:25:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.
.
Erros de Sistema:
=============
Error: (09/23/2023 04:04:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço cphs terminou com o erro:
Erro não especificado
Error: (09/23/2023 04:04:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço luafv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (09/21/2023 03:48:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço cphs terminou com o erro:
Erro não especificado
Error: (09/21/2023 03:48:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço luafv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
Error: (09/17/2023 05:17:33 PM) (Source: Ntfs) (EventID: 55) (User: AUTORIDADE NT)
Description: Corrupção detectada na estrutura do sistema de arquivos, no volume F:.
A natureza exata da corrupção é desconhecida. As estruturas do sistema de arquivos precisam ser verificadas offline.
Error: (09/17/2023 05:17:33 PM) (Source: Ntfs) (EventID: 55) (User: AUTORIDADE NT)
Description: Corrupção detectada na estrutura do sistema de arquivos, no volume F:.
A natureza exata da corrupção é desconhecida. As estruturas do sistema de arquivos precisam ser verificadas e corrigidas offline.
Error: (09/15/2023 03:38:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: O serviço cphs terminou com o erro:
Erro não especificado
Error: (09/15/2023 03:38:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço luafv devido ao seguinte erro:
O carregamento deste driver foi bloqueado
==================== Informações da Memória ===========================
BIOS: American Megatrends Inc. P03REF.028.171221.ZW 12/21/2017
placa-mãe: SAMSUNG ELECTRONICS CO., LTD. NP300E4L-KW1BR
Processador: Intel® Core™ i3-6006U CPU @ 2.00GHz
Percentagem de memória em uso: 83%
RAM física total: 8104.04 MB
RAM física disponível: 1310.63 MB
Virtual Total: 9889.47 MB
Virtual disponível: 2194.67 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.76 GB) (Free:105.15 GB) (Model: WALRAM 256GB) NTFS
Drive d: (SSD) (Fixed) (Total:931.51 GB) (Free:89.67 GB) (Model: SSD 1TB) NTFS
Drive e: (HD Henrique) (Fixed) (Total:931.51 GB) (Free:46.92 GB) (Model: ST1000LM 035-1RK172 SCSI Disk Device) NTFS
\\?\Volume{bcc2a0f6-bb60-4b0a-8812-6999980567f4}\ () (Fixed) (Total:0.6 GB) (Free:0.08 GB) NTFS
\\?\Volume{64136401-e21f-49f0-b2d6-bbbe6863b79d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabela de Partições ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 8BC5C658)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 592E0C8A)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 373B9673)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt =======================
Back to top
