Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.01.2024 Ran by Felipe (25-01-2024 18:17:59) Running from C:\Users\Felipe\Downloads Microsoft Windows 11 Home Version 23H2 22631.3085 (X64) (2023-12-13 16:08:53) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrador (S-1-5-21-3633606873-1387218457-3474124247-500 - Administrator - Disabled) Convidado (S-1-5-21-3633606873-1387218457-3474124247-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3633606873-1387218457-3474124247-503 - Limited - Disabled) Felipe (S-1-5-21-3633606873-1387218457-3474124247-1001 - Administrator - Enabled) => C:\Users\Felipe k_mar (S-1-5-21-3633606873-1387218457-3474124247-1005 - Limited - Enabled) => C:\Users\k_mar WDAGUtilityAccount (S-1-5-21-3633606873-1387218457-3474124247-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1046-1033-7760-BC15014EA700}) (Version: 23.008.20470 - Adobe) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.1.0.587 - Adobe Inc.) Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.) Adobe Photoshop (Beta) (HKLM-x32\...\PHSPBETA_25_5) (Version: 25.5.0.2462 - Adobe Inc.) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AIDA64 Extreme v7.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 7.00 - FinalWire Ltd.) AirDroid Cast 1.2.0.0 (HKLM-x32\...\AirDroidCast) (Version: 1.2.0.0 - AirDroid Cast) Application Verifier x64 External Package (DesktopEditions) (HKLM\...\{5A474EB5-D1C5-0286-C683-9AF8E3C05BFC}) (Version: 10.1.22621.2428 - Microsoft) Hidden Application Verifier x64 External Package (OnecoreUAP) (HKLM\...\{F3F523DB-F735-C2BB-9595-EA8CBC07D977}) (Version: 10.1.22621.2428 - Microsoft) Hidden Área de trabalho remota do Google Chrome (HKU\S-1-5-21-3633606873-1387218457-3474124247-1005\...\556c7c938905bb2cd16e9567e0d0bf36) (Version: 1.0 - Google\Chrome) Asana (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\Asana) (Version: 2.1.0 - Asana, Inc.) AssaultCube 1.3.0.2 (HKLM-x32\...\AssaultCube 1.3.0.2) (Version: 1.3.0.2 - Rabid Viper Productions) Assistente de Instalação do Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bitwarden (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 2024.1.0 - Bitwarden Inc.) BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.) Bulk Rename Utility 3.4.3.0 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software) CapCut (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\CapCut) (Version: 3.0.0.1015 - Bytedance Pte. Ltd.) CapCut (HKU\S-1-5-21-3633606873-1387218457-3474124247-1005\...\CapCut) (Version: 2.1.0.405 - Bytedance Pte. Ltd.) CCleaner (HKLM\...\CCleaner) (Version: 6.20 - Piriform) Chrome Remote Desktop Host (HKLM-x32\...\{6A53EDCE-B3CE-4C1C-83FF-D78E08CE6747}) (Version: 121.0.6167.13 - Google LLC) ClickUp 3.3.79 (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\c74c0073-61c4-5f5c-aa1c-6722d538bc46) (Version: 3.3.79 - ClickUp) CPUID HWMonitor 1.45 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.45 - CPUID, Inc.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Directory Opus (HKLM\...\{6CFA061F-1A4C-4569-963F-2ACFC60F5CAD}_is1) (Version: 12.33 - GPSoftware) Discord (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\Discord) (Version: 1.0.9027 - Discord Inc.) Discord (HKU\S-1-5-21-3633606873-1387218457-3474124247-1005\...\Discord) (Version: 1.0.9010 - Discord Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 191.4.4995 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.863.1 - Dropbox, Inc.) Hidden Dynamic Application Loader Host Interface Service (HKLM\...\{AB09B532-2DB4-4EE9-8730-535EC0B89B7D}) (Version: 1.0.0.0 - Intel Corporation) Hidden EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.104.0.5617 - Electronic Arts) Hidden EA app (HKLM-x32\...\{20a8704d-f282-4d39-b57c-177ec90557be}) (Version: 13.104.0.5617 - Electronic Arts) Evernote 10.72.2 (All Users) (HKLM\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.72.2 - Evernote Corporation) Everything 1.4.1.1024 (x64) (HKLM\...\Everything) (Version: 1.4.1.1024 - voidtools) Flow Launcher (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\FlowLauncher) (Version: 1.16.2 - Flow-Launcher Team) Free Download Manager (HKLM\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.20.0.5510 - Softdeluxe) Galeria de Fotos (HKLM-x32\...\{9EE1AE8B-4872-41CA-8C9A-C33D899523E0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Git (HKLM\...\Git_is1) (Version: 2.43.0 - The Git Development Community) GitHub Desktop (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\GitHubDesktop) (Version: 3.3.6 - GitHub, Inc.) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.73.27 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.85 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 85.0.37.0 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden HandBrake 1.6.1 (HKLM-x32\...\HandBrake) (Version: 1.6.1 - ) iCloud Outlook (HKLM\...\{2B18FDBD-1C9F-485B-ADB3-9957F9020D9C}) (Version: 14.2.0.122 - Apple Inc.) Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation) Intel(R) Computing Improvement Program (HKLM\...\{50883721-017E-40C5-9B65-F11F20DE8B45}) (Version: 2.4.07630 - Intel Corporation) Intel(R) Icls (HKLM\...\{FC01E9F8-A0E7-4A06-B691-8A182988D26D}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) LMS (HKLM\...\{1DF85F5D-B1EF-4A61-860C-B8D95918FBEC}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2037.15.0.1840 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{62761A09-444A-4984-BECB-8D06EF5D3D42}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{959B41C8-A569-491E-BFD2-894C59557542}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{DD5E7BEF-882D-4C7C-9F24-1E3FB5A55DD6}) (Version: 1.0.0.0 - Intel Corporation) Hidden IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.3.0.11 - IObit) Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation) Kits Configuration Installer (HKLM-x32\...\{78011ACC-E1CB-4B42-EDC3-91EAED6F933B}) (Version: 10.1.22621.2428 - Microsoft) Hidden Last.fm Desktop Scrobbler (HKLM-x32\...\{B13709CB-85AE-4F45-BFF9-2CB2B7A78F83}) (Version: 3.1.29 - Last.fm) Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains) Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.10.493246 - Logitech) Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.26 (x64) (HKLM\...\{87EBA554-A002-4EF4-A612-4FFD06092B5B}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.26 (x64) (HKLM\...\{D81A418F-966D-4069-B3E8-5EE4843CA862}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.26 (x64) (HKLM\...\{1A02C1B1-05BB-49F7-9DFF-99A66C6877FC}) (Version: 48.104.7000 - Microsoft Corporation) Hidden Microsoft 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 16.0.17126.20132 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.144 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.144 - Microsoft Corporation) Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation) Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\OneDriveSetup.exe) (Version: 24.010.0114.0001 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\Teams) (Version: 1.4.00.22472 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 (HKLM-x32\...\{1de5e707-82da-4db6-b810-5d140cc4cbb3}) (Version: 14.38.33130.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33130 (HKLM-x32\...\{2cfeba4a-21f8-4ea7-9927-c5a5c6f13cc9}) (Version: 14.38.33130.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130 (HKLM\...\{C31777DB-51C1-4B19-9F80-38EF5C1D7C89}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Debug Runtime - 14.38.33130 (HKLM\...\{B07077BC-DE68-4954-A674-B9A6DEBA137D}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130 (HKLM\...\{1CA7421F-A225-4A9C-B320-A36981A2B789}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33130 (HKLM-x32\...\{5CA9AE7B-2EFC-4F02-81CD-32ABE173C755}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Debug Runtime - 14.38.33130 (HKLM-x32\...\{3C623118-1B7E-4D04-AD16-635D453F12C3}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33130 (HKLM-x32\...\{DF1B52DF-C88E-4DDF-956B-6E7A03327F46}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.85.1 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.8.2112.61926 - Microsoft Corporation) Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{C777E5A3-D26A-4F0D-84AC-79ECE7560EA5}) (Version: 3.8.2091.34612 - Microsoft Corporation) Hidden Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{9E0059DE-74E7-49A5-8F2A-C17B5BE58B4C}) (Version: 3.8.2091.34612 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM\...\{5BEE5F3E-4D78-4DE8-A8F3-36D3E9D8868C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM-x32\...\{0eddeab6-01c1-4cf7-83ba-164ea8974c90}) (Version: 3.1.32.31915 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM\...\{3C31CBA1-A0D9-4B95-A807-AD2313D12F47}) (Version: 40.68.31219 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.17 (x64) (HKLM-x32\...\{20d5df4e-006c-4d6d-a0dc-490d009b9786}) (Version: 5.0.17.31219 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM\...\{1F0EB53C-BE30-436A-BC54-FA364227A870}) (Version: 48.104.6996 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.26 (x64) (HKLM-x32\...\{b2476903-b8da-4dcc-903f-378730bb4c48}) (Version: 6.0.26.33205 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.67 - mIRC Co. Ltd.) Movie Maker (HKLM-x32\...\{C05F4139-CB6B-4272-A0BF-861FEB667F27}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 121.0.1 (x64 pt-BR)) (Version: 121.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 120.0.1 - Mozilla) MSI Development Tools (HKLM-x32\...\{51A41F10-B64A-8F09-6390-DA1F1F7ACA4D}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Node.js (HKLM\...\{A56DECD3-5312-4F1D-B185-9A47DE16BCEC}) (Version: 20.11.0 - Node.js Foundation) Notion 3.1.0 (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\661f0cc6-343a-59cb-a5e8-8f6324cc6998) (Version: 3.1.0 - Notion Labs, Inc) NVIDIA CUDA Toolkit 12.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAToolkit_12.3) (Version: 12.3 - NVIDIA Corporation) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation) NVIDIA Graphics Driver 472.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.12 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation) NVIDIA Nsight Compute 2023.3.1 (HKLM\...\{707ACA6B-6510-4408-86A5-F3C385C72963}) (Version: 23.3.1.0 - NVIDIA Corporation) NVIDIA Nsight Systems 2023.3.3 (HKLM\...\{9793590F-9325-4B93-A76F-6E8DC72C3B62}) (Version: 23.3.3.42 - NVIDIA Corporation) NVIDIA Nsight Visual Studio Edition 2023.3.1.23311 (HKLM\...\{0E8D26AE-1AF1-463E-9709-6009CF76FB4A}) (Version: 23.3.1.23311 - NVIDIA Corporation) NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation) Obsidian (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\bd400747-f0c1-5638-a859-982036102edf) (Version: 1.4.16 - Obsidian) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Photo Common (HKLM-x32\...\{26328768-ACC3-4E7F-A045-E898D4B77D93}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden pomofocus (HKU\S-1-5-21-3633606873-1387218457-3474124247-1005\...\pomofocus) (Version: 1.1.0 - Yuya Uzu) PowerToys (Preview) (HKLM\...\{7523F747-32CE-4E7E-B084-70446E8F306F}) (Version: 0.76.2 - Microsoft Corporation) Hidden PowerToys (Preview) x64 (HKLM-x32\...\{d384e7ea-e136-498d-8d09-aea29a874bf7}) (Version: 0.76.2 - Microsoft Corporation) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) PyCharm Community Edition 2023.3.2 (HKLM-x32\...\PyCharm Community Edition 2023.3.2) (Version: 233.13135.95 - JetBrains s.r.o.) Python 3.10.6 Add to Path (64-bit) (HKLM\...\{541B7582-6B11-4457-ACB7-AAC2058B3229}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Development Libraries (64-bit) (HKLM\...\{07CDAC2C-737C-4D8A-AF42-6BCE111699AE}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Documentation (64-bit) (HKLM\...\{4306E3B9-B285-4747-B84D-9FAF08AA412D}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 pip Bootstrap (64-bit) (HKLM\...\{3983F17E-1088-46F9-BB00-53B888FF3835}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Standard Library (64-bit) (HKLM\...\{C3A057F3-209B-4244-9697-D69031B81AAB}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Tcl/Tk Support (64-bit) (HKLM\...\{A551B92B-102D-45DC-8050-5CE10DE81CD0}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Test Suite (64-bit) (HKLM\...\{1204E654-144E-4FBA-ACA0-558F6E54FC5A}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.10.6 Utility Scripts (64-bit) (HKLM\...\{1D60E386-848D-45D1-BB0A-7E26A3E32011}) (Version: 3.10.6150.0 - Python Software Foundation) Hidden Python 3.12.1 (64-bit) (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\{86e52725-ef45-452f-ac4c-b8958718bfea}) (Version: 3.12.1150.0 - Python Software Foundation) Python 3.12.1 Add to Path (64-bit) (HKLM\...\{946DC818-F8CA-463A-BE16-946EB508BD48}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden Python 3.12.1 Core Interpreter (64-bit) (HKLM\...\{AC82C1A3-9597-40F2-893D-F02F778FBA4D}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden Python 3.12.1 Development Libraries (64-bit) (HKLM\...\{8C53CBDD-4DAF-426F-9478-6C7C2920CDDA}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden Python 3.12.1 Documentation (64-bit) (HKLM\...\{62667662-A580-409C-8044-55B06F774AE2}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden Python 3.12.1 Executables (64-bit) (HKLM\...\{44BC9F9C-15C2-46C1-B88D-3135A9DA555F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden Python 3.12.1 pip Bootstrap (64-bit) (HKLM\...\{1662F43B-2337-4FD8-8CE6-BEA38FC94DD4}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden Python 3.12.1 Standard Library (64-bit) (HKLM\...\{47957EE3-0E23-4075-B825-F202E913670F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden Python 3.12.1 Tcl/Tk Support (64-bit) (HKLM\...\{926CDC62-3AE2-422B-9858-D6EC3BAD473F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden Python 3.12.1 Test Suite (64-bit) (HKLM\...\{E309AE00-4FB1-4817-9172-7E198668375D}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{4C8D4EC3-F620-4CEE-8BAD-B59A3C6815F3}) (Version: 3.12.1150.0 - Python Software Foundation) qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.2 - The qBittorrent project) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.68.815.2023 - Realtek) RetroArch (HKLM-x32\...\RetroArch) (Version: 1.16.0.0 - Libretro) Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.) SDK ARM Additions (HKLM-x32\...\{9A775F73-E14A-17DC-EE7C-ADC5DB46103E}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden SDK ARM Redistributables (HKLM-x32\...\{B640338E-1C6D-FC83-71ED-79201A2D8F82}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Slack (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\slack) (Version: 4.36.138 - Slack Technologies Inc.) Spotify (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\Spotify) (Version: 1.2.29.605.g66a43ceb - Spotify AB) SSDFresh 2024 (HKLM\...\{71149886-0AA3-4F31-81F9-CC90EA0D55EF}_is1) (Version: 13 - Abelssoft) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stremio (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\Stremio) (Version: 4.4.159 - Smart Code Ltd) Stremio (HKU\S-1-5-21-3633606873-1387218457-3474124247-1005\...\Stremio) (Version: 4.4.164 - Smart Code Ltd) Taskade 4.3.3 (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\a1720d3c-2299-5407-b1c5-3f4f5c06c7f5) (Version: 4.3.3 - Taskcade Inc.) Telegram Desktop (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.14.9 - Telegram FZ-LLC) TeraCopy (HKLM\...\{DF5325DF-1F43-4282-85D5-1CA3353E6B13}) (Version: 3.17 - Code Sector) Total Annihilation Kingdoms (HKLM-x32\...\1207658912_is1) (Version: 2.1.0.23 - GOG.com) Universal CRT Extension SDK (HKLM-x32\...\{D9354223-D65D-B82D-8A45-C654FE5989DF}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{704A8CE4-074C-C012-829C-384EE3C446E0}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{208C2133-7739-0FC1-913A-CAEAED979B5F}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{53111380-E427-65A8-C51E-453BA612F5B7}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{904BF14E-2939-4EE9-B3F9-447DACCC775A}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{4A719856-DB30-8192-0451-C764D6E35EE1}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) vcpp_crt.redist.clickonce (HKLM-x32\...\{4BD69DE8-B66B-4BD4-A502-4E50AB081145}) (Version: 14.38.33130 - Microsoft Corporation) Hidden Verificação de integridade do PC Windows (HKLM\...\{BDA76587-4949-46D7-8427-AE49451F93D4}) (Version: 3.2.2110.14001 - Microsoft Corporation) Visual Studio Build Tools 2022 (HKLM-x32\...\438d9b4a) (Version: 17.8.3 - Microsoft Corporation) VS Script Debugging Common (HKLM\...\{D56DC014-C4C1-4330-B32B-D9785DAE7BCB}) (Version: 17.0.125.0 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{3B1E620A-2D84-442A-9E91-3D5B6D4ECAAD}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_communitysharedmsi (HKLM-x32\...\{95F790F1-F8CC-445E-BBCB-C5446EF10C0C}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_communityx64msi (HKLM\...\{9DAFCFF7-0036-4739-A685-5DDF62466E05}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_CoreEditorFonts (HKLM-x32\...\{1851460E-0E63-4117-B5BA-25A2F045801B}) (Version: 17.7.40001 - Microsoft Corporation) vs_filehandler_amd64 (HKLM-x32\...\{F3214775-93E6-4462-AAAD-5ACFB687CED2}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{A749897F-8AD4-4006-B622-7A8CA09FEB2C}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{87A00560-EABF-4423-A876-F564B14F2499}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_githubprotocolhandlermsi (HKLM-x32\...\{4BD007CE-3471-40DA-9479-506CB09B8FBD}) (Version: 17.8.34129 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{9FA430E2-64F6-4DEB-99C0-931F6554FF1E}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_minshellinteropsharedmsi (HKLM-x32\...\{E5AF49C9-6FC6-404A-8562-16BDD6CFA531}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{BFF798BD-0471-42E4-97CB-02C97821787B}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{3A6E1E89-2ED2-4F08-896B-F6F8999AD0F5}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_minshellsharedmsi (HKLM-x32\...\{E3FA95C9-9130-4173-AA94-60A8312A3CFC}) (Version: 17.8.34205 - Microsoft Corporation) Hidden vs_vswebprotocolselectormsi (HKLM-x32\...\{AFF58319-E812-40D5-8C65-5A311B541716}) (Version: 17.8.34129 - Microsoft Corporation) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden WinAppDeploy (HKLM-x32\...\{5F4FC75A-038C-CC63-C7A7-DA1207BC4859}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows App Certification Kit Native Components (HKLM\...\{648C9C65-36D9-D40A-8F77-402335296F97}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{D922571F-B239-D15A-9D27-5C93B866A109}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows App Certification Kit x64 (HKLM-x32\...\{3F86263D-2D86-E0B1-BF08-472032E46A25}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows App Certification Kit x64 (OnecoreUAP) (HKLM-x32\...\{BDA3738A-D502-AF73-6A94-0171A7DB4B81}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows Desktop Extension SDK (HKLM-x32\...\{B1E8EFCC-4E2B-6DA6-F191-DF4459450977}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows Desktop Extension SDK Contracts (HKLM-x32\...\{B962947B-6813-E422-0335-0E16A1AE9C8C}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows IoT Extension SDK (HKLM-x32\...\{C2F1807D-A27A-27D9-B3D1-FE6D9CA07400}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows IoT Extension SDK Contracts (HKLM-x32\...\{0691FD23-6422-7B90-0240-79EDD86E915E}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\{52E9FAF6-B202-4002-B182-E5DD7A4DD68D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (HKLM-x32\...\{03635152-A76A-4A40-B276-73363CDAB2A9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Mobile Extension SDK (HKLM-x32\...\{2840C7DF-4C48-D428-190B-C55216FA5D18}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows Mobile Extension SDK Contracts (HKLM-x32\...\{0FA075FB-0B62-B034-A7C5-7AFBF2672E58}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows PC Health Check (HKLM\...\{014B7442-C784-45D3-A152-F7D2C651F28A}) (Version: 3.3.2110.22002 - Microsoft Corporation) Windows SDK (HKLM-x32\...\{27DC2F96-F8D4-EDCA-622E-3E992A211162}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK AddOn (HKLM-x32\...\{5AC9D20F-F065-4ECB-A0A4-EEFAB6A34832}) (Version: 10.1.0.0 - Microsoft Corporation) Windows SDK ARM Desktop Tools (HKLM-x32\...\{72CCFAE8-689D-8295-9888-A946BE1FED3C}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Headers arm (HKLM-x32\...\{55A272AC-100B-6619-626E-D834BC327CA4}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Headers arm64 (HKLM-x32\...\{5AC213BA-8ECF-007A-A0EA-1606ACE7ECBD}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Headers x64 (HKLM-x32\...\{3535F430-8CA2-3DFC-FE8C-D51A38A9B927}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Headers x86 (HKLM-x32\...\{4DD3AE3B-F93F-D45F-7184-FC2ADDFB237F}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Libs arm (HKLM-x32\...\{9BB649A5-F070-C1CD-D040-AE4235CB678C}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Libs arm64 (HKLM-x32\...\{31320686-A411-579B-9ADA-84777C674D5E}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Libs x64 (HKLM-x32\...\{65DD2C8F-27BA-8813-3D06-D8128B3B8C69}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Libs x86 (HKLM-x32\...\{3EB560AE-9D49-26F2-BFAA-C4C754452088}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Tools arm64 (HKLM-x32\...\{AF0D415D-C5E2-D855-F1AF-1A3F346FD48C}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Tools x64 (HKLM-x32\...\{EE4A1306-0134-663C-A17C-AA6A6F7A33FC}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Desktop Tools x86 (HKLM-x32\...\{A4E8F93C-8364-74D4-62E7-0E9B40AFF3EC}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK DirectX x64 Remote (HKLM\...\{D18079F9-8326-7F70-9944-387F3D191724}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK DirectX x86 Remote (HKLM-x32\...\{91ADA8D2-CDFF-3453-E8DD-795895717C8D}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK EULA (HKLM-x32\...\{7520C851-321C-30E7-0372-74CC71E40113}) (Version: 10.1.22621.2428 - Microsoft Corporations) Hidden Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{D3586BE4-6DD8-B5F4-333E-7EE377AE3B21}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps (HKLM-x32\...\{946926FF-865F-1491-CEBE-175C3AF2FCC8}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{8A2DD8E4-C9BD-64DF-1BE3-1DB72F621896}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{32ED2CB1-40A7-9254-3BE6-D4009C0EC10A}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{6D937291-8DF8-992B-06F6-7DDE18A06D4E}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{75DA5538-2137-E81A-1DCD-2B81C22887D1}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{C280E518-8C15-A1D3-CB03-6D5A00C2A819}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{91A67D35-3C2C-20E9-3625-AC0876020FF6}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{9ED2D357-B1E2-D306-52E4-2526A71CD595}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{A75EEBB1-353E-C491-09E3-D6B3A8E149A4}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{7B652E06-9945-0DF8-938A-6BB2549C0492}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Redistributables (HKLM-x32\...\{C706D214-FA38-2B79-9365-6809C3C9FC09}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows SDK Signing Tools (HKLM-x32\...\{5F0294C3-76AF-83E7-861E-70BD5F6F2E41}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows Software Development Kit - Windows 10.0.22621.2428 (HKLM-x32\...\{7645bd51-e95b-48cd-bf4b-0e9ab7ef33b0}) (Version: 10.1.22621.2428 - Microsoft Corporation) Windows Subsystem for Linux Update (HKLM\...\{F8474A47-8B5D-4466-ACE3-78EAB3BF21A8}) (Version: 5.10.102.1 - Microsoft Corporation) Windows Subsystem for Linux WSLg Preview (HKLM\...\{3CBDE512-7510-4F90-B1C0-7C4EB9DD7C26}) (Version: 1.0.27 - Microsoft Corporation) Windows Team Extension SDK (HKLM-x32\...\{C227C4D5-7D54-0ABD-9C16-BE4B8D5113CC}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden Windows Team Extension SDK Contracts (HKLM-x32\...\{56F3A9D4-5082-CF05-AA9E-2366AB250FB6}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - en-us (HKLM-x32\...\{739DB497-0F3F-2ABE-56A3-4C8CBDD8ACC0}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7A962B9F-0BA5-4B68-4C62-98C8DFE17A0A}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{3312EC0A-5F6F-E83C-5CDD-67CFFD0A489E}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{54337550-BD5A-895C-2670-BEDFE96999B9}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{6F3CF1C4-3A51-2B7C-1449-65910EFB941E}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{A1ED4759-F0F6-F183-3B4D-A7A1B98A491D}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{4859787A-6307-39F5-0D09-136EA53D4F6C}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{09F93B80-312B-57AF-2FE5-FEDFA971BA50}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BF8A95DE-1CDB-1C60-0CB5-3A733083EAFC}) (Version: 10.1.22621.2428 - Microsoft Corporation) Hidden WinToHDD (HKLM\...\WinToHDD_is1) (Version: 6.2 - Hasleo Software.) WizTree v4.16 (HKLM\...\WizTree_is1) (Version: 4.16 - Antibody Software) Zoom (HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\ZoomUMX) (Version: 5.16.10 (26186) - Zoom Video Communications, Inc.) Zoom (HKU\S-1-5-21-3633606873-1387218457-3474124247-1005\...\ZoomUMX) (Version: 5.16.5 (24296) - Zoom Video Communications, Inc.) Packages: ========= Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-01-04] () Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2024-01-10] (Adobe Systems Incorporated) AppleInc.iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.122.0_x64__nzyj5cx40ttqa [2023-12-24] (Apple Inc.) [Startup Task] Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.900.374.0_x64__8wekyb3d8bbwe [2024-01-11] (Microsoft Corporation) Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-01-23] (Dropbox Inc.) Facebook -> C:\Program Files\WindowsApps\adsmanager.facebook.com-2D7EAD8F_1.0.0.1_neutral__1kzaxnw324s9j [2024-01-23] (adsmanager.facebook.com) Facebook -> C:\Program Files\WindowsApps\adsmanager.facebook.com-BDA2046C_1.0.0.0_neutral__1kzaxnw324s9j [2024-01-23] (adsmanager.facebook.com) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_151.3.1092.0_x64__v10z8vjag6ke6 [2024-01-25] (HP Inc.) Ink.Handwriting.Main.pt-BR.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.pt-BR.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-01-19] (Microsoft Corporation) Ink.Handwriting.pt-BR.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.pt-BR.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-01-19] (Microsoft Corporation) Ink.Handwriting.pt-BR.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.pt-BR.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2024-01-19] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-12-24] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-12-24] (Microsoft Corporation) [MS Ad] Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2311.21003.0_x64__8wekyb3d8bbwe [2024-01-05] (Microsoft Corporation) [Startup Task] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-12-24] (Microsoft Corp.) Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-10] (Microsoft Corporation) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-12-27] (NVIDIA Corp.) Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2312.164.0_x64__8wekyb3d8bbwe [2023-12-24] (Microsoft Corporation) [Startup Task] PowerToys ImageResizer Context Menu -> C:\Program Files\PowerToys [2024-01-07] (Microsoft) PowerToys PowerRename Context Menu -> C:\Program Files\PowerToys\WinUI3Apps [2024-01-07] (Microsoft) QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.7.3.0_neutral__egxr34yet59cg [2024-01-07] (Paddy Xu) [Startup Task] Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-01-25] (Adobe Systems Incorporated) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.253.0_x64__dt26b99r8h8gj [2023-12-24] (Realtek Semiconductor Corp) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-12-24] (Microsoft Studios) [MS Ad] Trello -> C:\Program Files\WindowsApps\45273LiamForsyth.PawsforTrello_2.14.5.0_x64__7pb5ddty8z1pa [2024-01-17] (Trello, Inc.) Twitter -> C:\Program Files\WindowsApps\twitter.com-135FFC0D_1.0.0.1_neutral__9wdrbcd1pw7ja [2024-01-23] (twitter.com) Twitter -> C:\Program Files\WindowsApps\twitter.com-EF1E79A9_1.0.0.0_neutral__9wdrbcd1pw7ja [2024-01-23] (twitter.com) WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.3.0_x64__cv1g1gvanyjgm [2024-01-24] (WhatsApp Inc.) [Startup Task] Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-01-24] (Microsoft Corporation) Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2310.2310.17002.0_x64__8wekyb3d8bbwe [2023-12-27] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{04271989-C4D2-8765-05B2-87B71725AF97} -> [OneDrive - Nanda Mac] => C:\Users\Felipe\OneDrive - Nanda Mac [2023-12-19 10:07] CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Felipe\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21140.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{3BEC068E-2C00-4053-AA01-6152453CC344} -> [iCloud Photos] => C:\Users\Felipe\iCloudPhotos\Photos [2023-12-25 22:04] CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{58DEA9FF-9E5F-42D1-843C-AF77263928D6} -> [iCloud Drive] => C:\Users\Felipe\iCloudDrive [2023-12-20 10:21] CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{5ea9a442-5352-ed6e-d37f-9d511e7e2caa}\localserver32 -> C:\Program Files\PowerToys\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{729B72CD-B72E-4FE9-BCBF-E954B33FE699}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.QoiPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{AD856B15-D25E-4008-AFB7-AFAA55586188}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.QoiThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Felipe\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Felipe\Dropbox [2021-07-25 19:50] CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Program Files\PowerToys\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation) ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2040816 2023-09-16] (GP Software -> GP Software) ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [407024 2023-09-16] (GP Software -> GP Software) ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-01-10] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-01-10] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-01-10] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-01-10] (Adobe Inc. -> ) ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2021-02-03] (TGRMN Software -> Bulk Rename Utility) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers1: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector) ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology) ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2021-02-03] (TGRMN Software -> Bulk Rename Utility) ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2023-12-13] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector) ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2023-12-13] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2023-12-13] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2021-02-03] (TGRMN Software -> Bulk Rename Utility) ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers4: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector) ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology) ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\85.0.37.0\drivefsext.dll [2024-01-23] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll [2023-12-18] (Dropbox, Inc -> Dropbox, Inc.) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\nvshext.dll [2021-09-16] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2023-12-13] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-01-10] (Adobe Inc. -> ) ContextMenuHandlers6: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector) ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology) ContextMenuHandlers1_S-1-5-21-3633606873-1387218457-3474124247-1001: [OpusZip] -> {E9FE4040-3C93-11D4-8006-00201860E88A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2023-09-16] (GP Software -> GP Software) ContextMenuHandlers4_S-1-5-21-3633606873-1387218457-3474124247-1001: [OpusZip] -> {E9FE4040-3C93-11D4-8006-00201860E88A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2023-09-16] (GP Software -> GP Software) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Felipe\AppData\Local\Microsoft\Edge\User Data\Snapshots\114.0.1823.41\Default\Web Applications\_crx__jgeocpdicgmkeemopbanhokmhcgcflmi\Twitter.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi --app-url=hxxps://twitter.com/?utm_source=homescreen&utm_medium=shortcut --app-launch-source=4 ShortcutWithArgument: C:\Users\Felipe\AppData\Local\Microsoft\Edge\User Data\Snapshots\114.0.1823.41\Default\Web Applications\_crx__bdjickkpcmaggbikakcaobmpklmhenkc\Facebook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bdjickkpcmaggbikakcaobmpklmhenkc --app-url=hxxps://adsmanager.facebook.com/?ref=homescreenpwa --app-launch-source=4 ShortcutWithArgument: C:\Users\Felipe\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__jgeocpdicgmkeemopbanhokmhcgcflmi\Twitter.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi --app-url=hxxps://twitter.com/?utm_source=homescreen&utm_medium=shortcut --app-launch-source=4 ShortcutWithArgument: C:\Users\Felipe\AppData\Local\Microsoft\Edge\User Data\Default\Web Applications\_crx__bdjickkpcmaggbikakcaobmpklmhenkc\Facebook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bdjickkpcmaggbikakcaobmpklmhenkc --app-url=hxxps://adsmanager.facebook.com/?ref=homescreenpwa --app-launch-source=4 ShortcutWithArgument: C:\Users\Felipe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Felipe (cidadania4u.com.br) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" ShortcutWithArgument: C:\Users\Felipe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\600fb694c0849943\Felipe (agenciainterup.com.br) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 9" ShortcutWithArgument: C:\Users\Felipe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\Nanda Mac - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6" ShortcutWithArgument: C:\Users\Felipe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Felipe - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3" ==================== Loaded Modules (Whitelisted) ============= 2024-01-07 18:16 - 2024-01-07 18:16 - 000036864 _____ () [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Flow.Launcher.Plugin.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000112640 _____ (Flow Launcher) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Flow.Launcher.Core.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 001008128 _____ (Flow Launcher) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Flow.Launcher.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000100352 _____ (Flow Launcher) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Flow.Launcher.Infrastructure.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000040960 _____ (Flow.Launcher.Plugin.BrowserBookmark) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.BrowserBookmark\Flow.Launcher.Plugin.BrowserBookmark.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000016896 _____ (Flow.Launcher.Plugin.Caculator) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.Caculator\Flow.Launcher.Plugin.Caculator.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000146432 _____ (Flow.Launcher.Plugin.Explorer) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.Explorer\Flow.Launcher.Plugin.Explorer.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000012800 _____ (Flow.Launcher.Plugin.PluginIndicator) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.PluginIndicator\Flow.Launcher.Plugin.PluginIndicator.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000039936 _____ (Flow.Launcher.Plugin.PluginsManager) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.PluginsManager\Flow.Launcher.Plugin.PluginsManager.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000107520 _____ (Flow.Launcher.Plugin.Program) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.Program\Flow.Launcher.Plugin.Program.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000024064 _____ (Flow.Launcher.Plugin.Shell) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.Shell\Flow.Launcher.Plugin.Shell.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000019456 _____ (Flow.Launcher.Plugin.Sys) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.Sys\Flow.Launcher.Plugin.Sys.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000011264 _____ (Flow.Launcher.Plugin.Url) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.Url\Flow.Launcher.Plugin.Url.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000047104 _____ (Flow.Launcher.Plugin.WebSearch) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.WebSearch\Flow.Launcher.Plugin.WebSearch.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000525824 _____ (Flow.Launcher.Plugin.WindowsSettings) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.WindowsSettings\Flow.Launcher.Plugin.WindowsSettings.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000011776 _____ (Flow-Launcher) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.ProcessKiller\Flow.Launcher.Plugin.ProcessKiller.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000022528 _____ (michaelnoonan) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\WindowsInput.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000913920 _____ (ModernWpf) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\ModernWpf.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000702464 _____ (ModernWpf.Controls) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\ModernWpf.Controls.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000821248 _____ (NLog) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\NLog.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000055296 _____ (NLog) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\NLog.Extensions.Logging.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000051712 _____ (NLog) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\NLog.Web.AspNetCore.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000239616 _____ (smapiot) [File not signed] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\Plugins\Flow.Launcher.Plugin.Caculator\Mages.Core.dll 2024-01-07 18:17 - 2023-12-18 17:48 - 000125440 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadsbatch.dll 2024-01-07 18:17 - 2023-12-18 17:50 - 003092480 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadsbt.dll 2024-01-07 18:17 - 2023-12-18 17:49 - 000112128 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadsjsp.dll 2024-01-07 18:17 - 2023-12-18 17:49 - 000216576 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadsm3u.dll 2024-01-07 18:17 - 2023-12-18 17:49 - 000625152 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadsms.dll 2024-01-07 18:17 - 2023-12-18 17:48 - 000358400 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadswww.dll 2024-01-07 18:17 - 2023-12-18 17:36 - 000045056 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\logger.dll 2024-01-07 18:17 - 2023-12-18 17:38 - 000235008 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\quazip.dll 2024-01-07 18:17 - 2023-12-18 17:47 - 000691200 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\vmsclshared.dll 2024-01-07 18:17 - 2023-12-18 17:39 - 000043520 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\winunivappfeatures.dll 2021-05-12 20:07 - 2021-05-12 20:07 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll 2024-01-07 18:17 - 2023-04-27 19:27 - 002876928 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\libcrypto-1_1-x64.dll 2024-01-07 18:17 - 2023-04-27 19:27 - 000688640 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\libssl-1_1-x64.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000009728 _____ (Thomas Levesque) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\NHotkey.dll 2024-01-07 18:16 - 2024-01-07 18:16 - 000013312 _____ (Thomas Levesque) [File not signed] [File is in use] C:\Users\Felipe\AppData\Local\FlowLauncher\app-1.16.2\NHotkey.Wpf.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322] ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= (If an entry is included in the fixlist, the registry item will be restored to default or removed.) HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\Software\Classes\regfile: <==== ATTENTION HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\Software\Classes\.reg: => <==== ATTENTION HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\Software\Classes\.bat: => <==== ATTENTION HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\Software\Classes\.cmd: => <==== ATTENTION ==================== Internet Explorer (Whitelisted) ========== BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-09] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2022-03-08] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2022-03-08] (Oracle America, Inc. -> Oracle Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-09] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\bancobrasil.com.br -> www.bancobrasil.com.br IE trusted site: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\bb.com.br -> aapj.bb.com.br IE trusted site: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\gastecnologia.com.br -> cloud.gastecnologia.com.br IE trusted site: HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\sharepoint.com -> hxxps://nandamac-files.sharepoint.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-12-07 06:14 - 2024-01-04 22:52 - 000000826 _____ C:\Windows\system32\drivers\etc\hosts 2021-06-29 01:36 - 2021-06-30 16:22 - 000000443 _____ C:\Windows\system32\drivers\etc\hosts.ics 172.27.16.1 DESKTOP-AHNPV80.mshome.net # 2026 6 1 29 19 22 8 108 ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v12.3\bin;C:\Program Files\NVIDIA GPU Computing Toolkit\CUDA\v12.3\libnvvp;D:\Python\Scripts\;D:\Python\;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Git\cmd;C:\Users\Felipe\AppData\Local\Programs\Python\Python312\Scripts\;C:\ProgramData\chocolatey\bin;C:\Program Files\nodejs\;C:\Program Files\NVIDIA Corporation\Nsight Compute 2023.3.1\ HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-3633606873-1387218457-3474124247-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\k_mar\Downloads\1011715.jpg DNS Servers: 192.168.15.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: ) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk" HKLM\...\StartupApproved\Run: => "SecurityHealth" HKLM\...\StartupApproved\Run: => "RtkAudUService" HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "SecurityHealth" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "WinampAgent" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\StartupFolder: => "NoFences.exe" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Opera Browser Assistant" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "GlassWire" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "NimiPlaces" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "GoogleDriveFS" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "ut" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Lync" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_3598036481B262A4AE210A3CE1B03E37" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "icq.desktop" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Skype for Desktop" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Google Update" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Opera GX Stable" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8FEA4787B1A530A853D444356CCEFE13" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "Plex Media Server" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-3633606873-1387218457-3474124247-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-3633606873-1387218457-3474124247-1005\...\StartupApproved\Run: => "GoogleDriveFS" HKU\S-1-5-21-3633606873-1387218457-3474124247-1005\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_CBFA205D00D6038CFB8B9A7D71CF20AE" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{7361C83B-225C-4B71-A043-1E05D21E0AD5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7B3E43D3-9E79-4245-8183-F3591FF192C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{7EA6EC0B-EC31-4FE3-BDD1-3F72778E2A44}] => (Allow) LPort=50053 FirewallRules: [{E76ADAC8-9519-4F32-A87C-8F7C974EB0A5}] => (Allow) LPort=50053 FirewallRules: [{3CCD4C05-5173-4DD0-8BDA-8512CA91DB46}] => (Allow) LPort=53016 FirewallRules: [{1AC1B7FE-15BF-45EF-9C10-A1E863B5C3C7}] => (Allow) LPort=53015 FirewallRules: [{058985BD-2BF9-4519-84FD-0C03670B3690}] => (Allow) LPort=53014 FirewallRules: [{06005099-5599-48BC-931D-1C8AD161C0EE}] => (Allow) LPort=43013 FirewallRules: [{BBA34A5E-E0C1-4443-AAA5-5878EF3AA3A9}] => (Allow) LPort=43012 FirewallRules: [{F0630ED1-7544-4426-BB31-C6E2EC8F170E}] => (Allow) LPort=33011 FirewallRules: [{DDF4180B-6801-4D5D-922F-C04978E4DFFE}] => (Allow) LPort=33010 FirewallRules: [{EB3E523B-87D6-43A3-928A-D1E1C6CBED8C}] => (Allow) LPort=33009 FirewallRules: [{A959578E-F7B2-417F-8CFF-0A173BF5774A}] => (Allow) LPort=23008 FirewallRules: [{49AE1028-61F6-4597-8830-9FF4B442BD0D}] => (Allow) LPort=23007 FirewallRules: [{0DCB1D89-A374-42BB-99F8-D4FB5FFA9BBA}] => (Allow) LPort=53016 FirewallRules: [{B013C422-373F-4C81-A484-D27D173D6135}] => (Allow) LPort=53015 FirewallRules: [{B2DAB6E1-F2D2-4CBD-BD5A-A7BE24FD4A6F}] => (Allow) LPort=53014 FirewallRules: [{592BA09B-449E-47CC-BD9B-B36CD8EFBAA6}] => (Allow) LPort=43013 FirewallRules: [{3B0E9F59-DBB1-47A0-B62A-A9D3DB2CE83D}] => (Allow) LPort=43012 FirewallRules: [{A540A218-1FED-47B3-A08B-332973197490}] => (Allow) LPort=33011 FirewallRules: [{95966CA6-3D59-4247-88B7-36B79F0278A6}] => (Allow) LPort=33010 FirewallRules: [{ACE26188-9568-4CCC-A6E3-4A2F0F685C08}] => (Allow) LPort=33009 FirewallRules: [{176D2E8B-E382-4486-A546-A0D87FFEAFA8}] => (Allow) LPort=23008 FirewallRules: [{0384C997-F057-4722-87A1-5480994F74B5}] => (Allow) LPort=23007 FirewallRules: [{7777D302-B146-4A33-9FA2-F9617CAF9D21}] => (Allow) LPort=57218 FirewallRules: [{D0645466-BA51-422C-B176-3143859C3096}] => (Allow) LPort=57217 FirewallRules: [{7E837A51-9AEB-4939-82AB-26EBCC2CFD77}] => (Allow) LPort=57216 FirewallRules: [{A9AD69D7-5F77-42D9-8171-83138AE47A68}] => (Allow) LPort=57215 FirewallRules: [{041A44F3-279E-47E4-B16D-5E8836887EB9}] => (Allow) LPort=57214 FirewallRules: [{E865E085-3103-4E53-B7FB-7A1661B93D48}] => (Allow) LPort=57213 FirewallRules: [{4E167FFA-FA83-48F7-92EB-805F604123C3}] => (Allow) LPort=57212 FirewallRules: [{85E2AF0F-4080-4403-A576-9426BD5C9602}] => (Allow) LPort=57211 FirewallRules: [{3344FB58-43B5-43EB-B643-C07F3C2A2EDE}] => (Allow) LPort=57210 FirewallRules: [{0A215139-6AB2-42ED-B572-895894E030D0}] => (Allow) LPort=57209 FirewallRules: [{203D8AC9-14D4-467D-B261-D3DFAB1CD949}] => (Allow) LPort=57218 FirewallRules: [{5AD4962F-2B50-43C5-B55F-147E01538C1B}] => (Allow) LPort=57217 FirewallRules: [{3FEF35C6-CA30-4DC9-BBDF-26498C7F2BFE}] => (Allow) LPort=57216 FirewallRules: [{8BAAA766-12FF-40DC-BCE5-078F9BDB2E58}] => (Allow) LPort=57215 FirewallRules: [{E74AAD0B-06C7-4F40-B1AC-AC5BBAEF8B2B}] => (Allow) LPort=57214 FirewallRules: [{7C1AFB5E-A256-46B4-8F68-F75A9D41614A}] => (Allow) LPort=57213 FirewallRules: [{D90992DD-F9E6-4274-BB9A-D8CF2DAA1C58}] => (Allow) LPort=57212 FirewallRules: [{4DDA194B-9706-4379-9D94-5EB632403200}] => (Allow) LPort=57211 FirewallRules: [{CFD0062A-D02D-4B00-9063-3EE60FCD23EC}] => (Allow) LPort=57210 FirewallRules: [{F01EC6B6-F87C-4929-BAB0-DA4AA2BA5728}] => (Allow) LPort=57209 FirewallRules: [{821CF64C-3EE8-44A3-B447-92EFB54AD19E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{076DDC3A-BA2D-4B30-9C1E-2543EBC57F4D}C:\users\k_mar\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\k_mar\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Smart Code OOD -> Stremio Runtime) FirewallRules: [TCP Query User{A506BF86-0BC7-4B5E-911B-5A7467491D52}C:\users\k_mar\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\k_mar\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Smart Code OOD -> Stremio Runtime) FirewallRules: [UDP Query User{4D451C74-92CA-46D2-974C-8A161BF5605D}C:\users\felipe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\felipe\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{EC56E44B-73CD-4649-B2C0-D45F4FC1C427}C:\users\felipe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\felipe\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{B967F347-27F3-4D7E-BB57-C1EE4CA9690D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{4DCB2847-D524-4A82-BBCD-9190D55F780E}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{C9F385EE-ECD8-4CF9-A937-5AF8E9989408}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{B9CC2423-1116-484D-B476-1878C106CB2E}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> ) FirewallRules: [{A1135C4A-FF51-4F75-9F9A-1ECA9BDA602F}] => (Allow) LPort=1900 FirewallRules: [{FA376BB3-2854-4202-B07D-9F69CBB8DA24}] => (Allow) LPort=2869 FirewallRules: [{1515C841-D144-4045-9AB8-909EA84A749B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{036761A7-21B8-49EE-B7D1-8721F86D12E5}C:\users\felipe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\felipe\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{999CB598-308D-484E-9082-74003A4133A3}C:\users\felipe\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\felipe\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5B2AB419-C470-4C3C-9BF5-C28B8F189405}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{E6C00570-FC10-43CC-8975-FC4B7673CB47}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [TCP Query User{44FA9BC1-1E21-4B24-B9B9-1BF7516C4AC0}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{82821187-7AA1-465F-AB64-2759508372D4}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{0970CDFC-0250-460B-92E9-DAA6B638A6E9}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{A4CEDCB7-BEF9-41D8-B095-26143E86FE7E}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{9BDEB9B3-8DB6-494B-9DC4-7C39AF2A92E1}C:\users\felipe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\felipe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{845955E8-3EC9-48F1-97AD-386FE0D6D04E}C:\users\felipe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\felipe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{6775FD04-8D0C-469C-B8F2-12A112A157BD}C:\users\felipe\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\felipe\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Smart Code OOD -> Stremio Runtime) FirewallRules: [UDP Query User{A68017E9-EECA-4806-ADB2-79A58419F555}C:\users\felipe\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\felipe\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Smart Code OOD -> Stremio Runtime) FirewallRules: [{6CD2D0FC-1F49-4D8A-83FC-4FC92A02C560}] => (Allow) C:\Users\Felipe\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{6D87D443-4548-45F4-904C-BE9F759DE578}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{23B97436-6F8F-446E-A89E-25E15B595733}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{4AA0FE11-FA69-4DCF-A15A-61106545453D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{4A2B9DF2-197F-44CF-848C-67D352451C7D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{14D3A94C-2A64-4292-82B7-19B643EF42C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{CD1EDCE5-2979-4FF2-BB8D-6D31CAF55D9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{1A577041-8AD3-4050-8D88-8D2906D7F28B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{11B5042F-7AD2-4FBA-AB28-CE532738B6ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{5BCD9C5C-A1A0-4E86-A17A-3E99BBABF108}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{59E3B492-60F7-4A17-9406-EA4598586B9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{97E1AFF7-23F1-4BCF-8228-79A641C6BD02}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\121.0.6167.13\remoting_host.exe (Google LLC -> Google LLC) FirewallRules: [{D383013F-6175-4F87-836B-CCB0E09256AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{4EA7D07B-509E-4413-8A83-EEAB6DAFEBFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{22DF0E62-6F8D-4175-BF1E-9CE2F5B8417C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{C16D6CEC-AA9F-4771-A5AC-8CBCE3C68AC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{1D8E0DC7-1813-4B5F-91C8-AC7AA8428257}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{45878E0D-B25B-4A6A-B844-44CDBC96A33A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{ED5DC6AA-8ACB-4AC9-9516-808520199F3D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{81097A71-697E-47E7-B8C7-DBE55085B566}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{F5F2F5EE-B7A0-43E0-91C6-0776D91AD011}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{481C25A0-A9BE-4055-8B57-7A8E4059B053}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D8C4B9B4-FF21-49BE-BD40-02D312388004}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{BE64338D-E717-4DB2-A2AE-801974C2E569}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{A62AD7DF-694B-42E4-80BF-00F7AD8ACB59}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{488BA85D-BE4E-4F4F-9532-63E10A2B7A2C}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{0F021FE5-A763-4B28-9D46-67EB4D0FF872}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{C75504F3-63FB-428C-AA88-CAE6F4C7605D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{348B1EB5-FFD1-44F1-8355-D42C7E940281}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{BD8BB734-DCCA-4CC9-879B-D82D54E37809}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{CDF3B676-5624-419A-B731-41AFAF78F335}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{96015C9F-2A4A-49E7-B72C-019FEA64C79D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{35B876F0-1F82-4321-9629-1FFDCC76777B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{23165DE0-F205-40F1-A2D7-EF1E04557CBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe => No File FirewallRules: [{EA6093C2-6461-40FA-A6F4-CE8D9FD00596}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe => No File FirewallRules: [{7CFF485A-9453-430B-84E6-F6FCC7365C9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win64\vrserver.exe => No File FirewallRules: [{4F455E18-21CF-4412-922B-7089723BBE79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win64\vrserver.exe => No File FirewallRules: [{887E59CF-5D83-4A9E-A7DD-4E4BDE599E40}] => (Allow) D:\Games\steamapps\common\GlassWire\GWLauncher.exe (GlassWire -> SecureMix LLC) FirewallRules: [{37B7BB7A-BBA5-478F-B8A7-2D842325B673}] => (Allow) D:\Games\steamapps\common\GlassWire\GWLauncher.exe (GlassWire -> SecureMix LLC) FirewallRules: [{EEA65490-38D8-4FF5-9678-6D6FA2CABB45}] => (Allow) D:\Games\steamapps\common\ShareX\ShareX_Launcher.exe (ShareX Team) [File not signed] FirewallRules: [{BFCF1FA4-0B6A-4525-84FA-A0F2F4298F2E}] => (Allow) D:\Games\steamapps\common\ShareX\ShareX_Launcher.exe (ShareX Team) [File not signed] FirewallRules: [{48EDD1B9-AD52-4C30-88B5-47EE1A279CF4}] => (Allow) D:\Games\steamapps\common\Portal\hl2.exe (Valve Corp. -> ) FirewallRules: [{10B85435-B690-4327-8A8A-9132C453D7D4}] => (Allow) D:\Games\steamapps\common\Portal\hl2.exe (Valve Corp. -> ) FirewallRules: [{55F37844-4583-4479-ACAE-F07EBDCD9872}] => (Allow) D:\Games\steamapps\common\Portal 2\portal2.exe () [File not signed] FirewallRules: [{9597BC6F-F444-41FE-BDF7-021278C4EC9A}] => (Allow) D:\Games\steamapps\common\Portal 2\portal2.exe () [File not signed] FirewallRules: [{FFB902F7-4D76-4AF1-B816-6F901B92A5E9}] => (Allow) D:\Games\steamapps\common\left 4 dead\left4dead.exe () [File not signed] FirewallRules: [{D21DCBF4-D319-412A-8388-893B5954323A}] => (Allow) D:\Games\steamapps\common\left 4 dead\left4dead.exe () [File not signed] FirewallRules: [{1ECF73CE-A799-418E-B7C0-DAB53A749C8B}] => (Allow) D:\Games\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed] FirewallRules: [{B20FFE43-5633-4151-9F97-944C8B63DF5C}] => (Allow) D:\Games\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed] FirewallRules: [{492996ED-94CF-4C80-80E0-65B9E5EEF526}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe (Valve Corp. -> ) FirewallRules: [{3E01CF98-A666-48C9-ACFE-7EE58A83A8AE}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe (Valve Corp. -> ) FirewallRules: [{FA556021-9241-457B-9D2E-21A8918AC764}] => (Allow) D:\Games\steamapps\common\Dead Island\DeadIslandGame.exe (Techland) [File not signed] FirewallRules: [{D7CC9086-DEA2-4432-B676-8C6641C65DC3}] => (Allow) D:\Games\steamapps\common\Dead Island\DeadIslandGame.exe (Techland) [File not signed] FirewallRules: [{706D3242-66F7-43EC-9023-B5FB31398E32}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{5F3426DA-5B14-4D0A-9E26-EB21C9297C01}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{01D71E20-3189-4AD8-A35F-58583B322119}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{D08C3737-8D45-486A-B97E-A53B135A6D70}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [TCP Query User{98587CD7-D0F7-4453-A71C-978E31425CB7}D:\games\total annihilation kingdoms\kingdoms.icd] => (Allow) D:\games\total annihilation kingdoms\kingdoms.icd (Cavedog Entertainment) [File not signed] FirewallRules: [UDP Query User{01D0D2AA-ADA4-44E3-991F-2FE60C6AD5F0}D:\games\total annihilation kingdoms\kingdoms.icd] => (Allow) D:\games\total annihilation kingdoms\kingdoms.icd (Cavedog Entertainment) [File not signed] FirewallRules: [{27670C53-27ED-4FDD-8020-19760CA6B998}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{294D074C-9E38-495B-8D6A-F29B267BC853}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{7D8FEB64-8381-4A60-8FE2-18953447C312}] => (Allow) D:\Games\steamapps\common\Oblivion\OblivionLauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{1249C572-8171-4E9D-86C5-D591769A8D8F}] => (Allow) D:\Games\steamapps\common\Oblivion\OblivionLauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{F359A3B7-B080-4578-934F-7E1E6057DB5F}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{23D2EF23-7EFE-4C73-9BFD-525897F96B84}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe (Bethesda Softworks) [File not signed] FirewallRules: [{07B64248-F4F4-4020-8899-A6312DF344B7}] => (Allow) C:\Program Files\PowerToys\PowerToys.MouseWithoutBorders.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{5521658C-CB34-45E2-9084-925544151EF5}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [{6AAFAA2F-89AD-4FAD-9EF2-AE38368A3608}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [{C5270DAC-8685-45C4-B262-A3F31947FFD4}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [{1A425A2D-E36B-4934-95BF-93B15ED49FC6}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [{1922D68E-C23F-47F3-A227-4AF40F780A6A}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [{EE52ADAB-B1B4-40DE-8733-58322C7171C3}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed] FirewallRules: [TCP Query User{70B578ED-AB9C-4319-9A51-A9BC28184E38}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js) FirewallRules: [UDP Query User{02E32452-962E-45B3-9D91-0E7C53F60A74}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js) FirewallRules: [TCP Query User{B27C9B89-4E53-4E02-8D8F-AC6A0F734170}C:\program files (x86)\airdroid cast\airdroidcast.exe] => (Allow) C:\program files (x86)\airdroid cast\airdroidcast.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio) FirewallRules: [UDP Query User{724E28C4-3ED2-446E-B73E-247FB4BDE561}C:\program files (x86)\airdroid cast\airdroidcast.exe] => (Allow) C:\program files (x86)\airdroid cast\airdroidcast.exe (SAND STUDIO CORPORATION LIMITED -> Sand Studio) FirewallRules: [{63C6DBB1-752E-425D-8CBD-E7646DAA1027}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.144\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{D14EF5A0-50E5-4F3F-B448-B675694C8FC0}C:\program files (x86)\evernote\evernote.exe] => (Allow) C:\program files (x86)\evernote\evernote.exe (Evernote Corporation -> Evernote Corporation) FirewallRules: [UDP Query User{C74FF654-A410-47F3-9482-40AE673927E9}C:\program files (x86)\evernote\evernote.exe] => (Allow) C:\program files (x86)\evernote\evernote.exe (Evernote Corporation -> Evernote Corporation) FirewallRules: [{E774A793-E29F-4A5D-8BF6-E279E2473089}] => (Allow) D:\Games\steamapps\common\Age2HD\Launcher.exe (TODO: ) [File not signed] FirewallRules: [{68772864-1EA5-4905-875A-916ED49C2BAD}] => (Allow) D:\Games\steamapps\common\Age2HD\Launcher.exe (TODO: ) [File not signed] FirewallRules: [{C5FE3AFC-53C7-40D6-8A41-4C86ED1AC9DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: ) [File not signed] FirewallRules: [{8D33A649-6120-436D-AFCF-3F8323FE5EA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: ) [File not signed] FirewallRules: [{AF495FC2-4031-4BC5-B871-12477DCD8978}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [File not signed] FirewallRules: [{E9B22905-C815-4878-925B-97D31179A39A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [File not signed] FirewallRules: [{C7F25477-9953-4F3F-8AA4-B19BCA860D01}] => (Allow) D:\Games\steamapps\common\FSX\fsx.exe (RailSimulator T/A Dovetail -> Microsoft Corp.) FirewallRules: [{88CA967C-F3B4-48C9-B3EB-777ED5C73B3A}] => (Allow) D:\Games\steamapps\common\FSX\fsx.exe (RailSimulator T/A Dovetail -> Microsoft Corp.) FirewallRules: [{AE723709-8219-466D-8598-AADAC435B018}] => (Allow) D:\Games\steamapps\common\Bioshock\Builds\Release\Bioshock.exe () [File not signed] FirewallRules: [{87268E0B-1A44-4C13-BC87-A19018152DC5}] => (Allow) D:\Games\steamapps\common\Bioshock\Builds\Release\Bioshock.exe () [File not signed] FirewallRules: [{FD6E42D6-40B4-489F-B2F5-B096E5134D1F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{FF25B547-A09E-4ECC-B81C-0DB4842D7CD6}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24004.1403.2634.2418_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E9062F17-0D3A-4B16-8B99-01AEA5725AA9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{6D52B446-682F-4B48-8CD7-5B648DC80919}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) FirewallRules: [{3236C4FC-B136-4717-B720-953A01948F04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{F27E4E3F-3BE5-411B-A1B6-F471DAFFB499}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{AA1F2960-E99E-4A03-8375-A70BA2B49C3B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{3348EA3A-E4C3-4F3D-9BE6-4F7DE26D52EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{22E9A216-8283-4463-844D-5186D339A94C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{AE8560E0-481C-45FC-AE48-F6F0E0DBCB8F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{7A3A1049-A34C-4F5A-BF86-0932025F896C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{151B3213-80F2-4308-854B-1846D3CBC6EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{5EAEEBBB-D9BF-4C65-A4B6-5982617F5F13}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{526ADB8C-3FD2-4A77-B7D1-375B6FC06A2C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.229.605.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{283C0525-D797-4588-A63F-64E12CDA5109}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{893979FB-EB42-4F87-AF5E-6B05870BE20E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6417FBF4-F2ED-441C-BB53-15AC7E9310EE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B1973C95-487A-4A61-A1FC-FBFFE98ABCFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.111.3607.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{C7836E49-37CB-40F8-8402-E60F36BB2DD8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (01/25/2024 02:19:59 PM) (Source: Application Error) (EventID: 1000) (User: FELIPESTOKER-WI) Description: Faulting application name: Last.fm Desktop Scrobbler.exe, version: 3.1.29.1, time stamp: 0x5be9c779 Faulting module name: wmp.dll, version: 12.0.22621.2506, time stamp: 0x75c1c8c2 Exception code: 0xc0000005 Fault offset: 0x001349c6 Faulting process ID: 0x0x3f24 Faulting application start time: 0x0x1da4fb2b5cffae3 Faulting application path: C:\Program Files (x86)\Last.fm\Last.fm Desktop Scrobbler\Last.fm Desktop Scrobbler.exe Faulting module path: C:\Windows\system32\wmp.dll Report ID: 60e36c46-cca8-4e21-b1a4-3089f1d8789c Faulting package full name: Faulting package-relative application ID: Error: (01/25/2024 11:42:27 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 Error: (01/25/2024 10:49:20 AM) (Source: Application Error) (EventID: 1000) (User: FELIPESTOKER-WI) Description: Faulting application name: Last.fm Desktop Scrobbler.exe, version: 3.1.29.1, time stamp: 0x5be9c779 Faulting module name: wmp.dll, version: 12.0.22621.2506, time stamp: 0x75c1c8c2 Exception code: 0xc0000005 Fault offset: 0x001349c6 Faulting process ID: 0x0x3a28 Faulting application start time: 0x0x1da4f9548b48484 Faulting application path: C:\Program Files (x86)\Last.fm\Last.fm Desktop Scrobbler\Last.fm Desktop Scrobbler.exe Faulting module path: C:\Windows\system32\wmp.dll Report ID: c3f0b6ae-9852-4515-acf3-cc3225823ef1 Faulting package full name: Faulting package-relative application ID: Error: (01/25/2024 10:45:05 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado.. Error: (01/25/2024 10:45:05 AM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, O sistema está sendo desligado.] Error: (01/24/2024 05:58:55 PM) (Source: System Restore) (EventID: 8193) (User: ) Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv; Description = Windows Update; Error = 0x80070422). Error: (01/24/2024 03:58:05 PM) (Source: Application Error) (EventID: 1000) (User: FELIPESTOKER-WI) Description: Faulting application name: Last.fm Desktop Scrobbler.exe, version: 3.1.29.1, time stamp: 0x5be9c779 Faulting module name: wmp.dll, version: 12.0.22621.2506, time stamp: 0x75c1c8c2 Exception code: 0xc0000005 Fault offset: 0x001349c6 Faulting process ID: 0x0x39f8 Faulting application start time: 0x0x1da4ef73f6b9bd3 Faulting application path: C:\Program Files (x86)\Last.fm\Last.fm Desktop Scrobbler\Last.fm Desktop Scrobbler.exe Faulting module path: C:\Windows\system32\wmp.dll Report ID: 48ff4e55-50e7-41ce-9aa8-ec7a2887ac33 Faulting package full name: Faulting package-relative application ID: Error: (01/24/2024 11:42:27 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: ) Description: Event-ID 2 System errors: ============= Error: (01/25/2024 02:29:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (60000 milliseconds) while waiting for the Intel(R) SUR QC Software Asset Manager service to connect. Error: (01/25/2024 02:21:46 PM) (Source: DCOM) (EventID: 10010) (User: FELIPESTOKER-WI) Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout. Error: (01/25/2024 02:19:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (60000 milliseconds) while waiting for the Intel(R) SUR QC Software Asset Manager service to connect. Error: (01/25/2024 02:18:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The GameInput Service service terminated unexpectedly. It has done this 6 time(s). Error: (01/25/2024 02:18:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The GameInput Service service terminated with the following error: The compound file GameInput Service was produced with a newer version of storage. Error: (01/25/2024 02:18:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The GameInput Service service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 1000 milliseconds: Reiniciar o serviço. Error: (01/25/2024 02:18:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The GameInput Service service terminated with the following error: The compound file GameInput Service was produced with a newer version of storage. Error: (01/25/2024 02:18:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The GameInput Service service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 1000 milliseconds: Reiniciar o serviço. Windows Defender: ================ Date: 2024-01-25 14:18:42 Description: Microsoft Defender Antivírus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDropper:PowerShell/Ploty.C&threatid=2147725065&enterprise=0 Name: TrojanDropper:PowerShell/Ploty.C Severity: Grave Category: Instalador de Cavalos de Tróia Path: containerfile:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso; file:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso->pool\main\m\metasploit-framework\metasploit-framework_6.3.4-0kali1_amd64.deb->data.tar.xz->(xz)->./usr/share/doc/metasploit-framework/modules/exploit/multi/http/weblogic_admin_handle_rce.md->[EmbeddedString]#2->[EmbeddedString]->[EmbeddedEnc]->(Base64)->(GZip); file:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso->pool\main\m\metasploit-framework\metasploit-framework_6.3.4-0kali1_amd64.deb->data.tar.xz->(xz)->./usr/share/doc/metasploit-framework/modules/exploit/multi/http/weblogic_admin_handle_rce.md->[EmbeddedString]#3->[EmbeddedString]->[EmbeddedEnc]->(Base64)->(GZip); file:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso->pool\main\m\metasploit-framework\metasploit-framework_6.3.4-0kali1_amd64.deb->data.tar.xz->(xz)->./usr/share/doc/metasploit-framework/modules/exploit/windows/http/advantech_iview_unauth_rce.md->[EmbeddedString]->[E Detection Origin: Computador local Detection Type: Concreto Detection Source: Sistema Process Name: Unknown Security intelligence Version: AV: 1.403.2688.0, AS: 1.403.2688.0, NIS: 1.403.2688.0 Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2024-01-25 14:18:42 Description: Microsoft Defender Antivírus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Meterpreter.A!dll&threatid=2147726023&enterprise=0 Name: HackTool:Win32/Meterpreter.A!dll Severity: Alto Category: Ferramenta Path: containerfile:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso; file:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso->pool\main\m\metasploit-framework\metasploit-framework_6.3.4-0kali1_amd64.deb->data.tar.xz->(xz)->./usr/share/metasploit-framework/data/exploits/CVE-2010-0232/kitrap0d.x86.dll; file:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso->pool\main\m\metasploit-framework\metasploit-framework_6.3.4-0kali1_amd64.deb->data.tar.xz->(xz)->./usr/share/metasploit-framework/data/exploits/CVE-2013-0109/nvidia_nvsvc.x86.dll; file:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso->pool\main\m\metasploit-framework\metasploit-framework_6.3.4-0kali1_amd64.deb->data.tar.xz->(xz)->./usr/share/metasploit-framework/data/exploits/cve-2013-1300/schlamperei.x86.dll; file:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso->pool\main\m\metasploit-framework\metasploit-framework_6.3.4-0kali1_amd64.deb->data.tar.xz->(xz)->./usr/share/metasploit-framework/data Detection Origin: Computador local Detection Type: Concreto Detection Source: Sistema Process Name: Unknown Security intelligence Version: AV: 1.403.2688.0, AS: 1.403.2688.0, NIS: 1.403.2688.0 Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2024-01-25 14:18:42 Description: Microsoft Defender Antivírus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Meterpreter!pz&threatid=2147894924&enterprise=0 Name: Trojan:Win32/Meterpreter!pz Severity: Grave Category: Cavalo de Tróia Path: containerfile:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso; file:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso->pool\non-free\w\windows-binaries\windows-binaries_0.6.10_all.deb->data.tar.xz->(xz)->./usr/share/windows-resources/binaries/radmin.exe Detection Origin: Computador local Detection Type: Concreto Detection Source: Sistema Process Name: Unknown Security intelligence Version: AV: 1.403.2688.0, AS: 1.403.2688.0, NIS: 1.403.2688.0 Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2024-01-25 14:18:42 Description: Microsoft Defender Antivírus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Fgdump!pz&threatid=2147897662&enterprise=0 Name: HackTool:Win32/Fgdump!pz Severity: Alto Category: Ferramenta Path: containerfile:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso; file:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso->pool\non-free\w\windows-binaries\windows-binaries_0.6.10_all.deb->data.tar.xz->(xz)->./usr/share/windows-resources/binaries/fgdump/fgdump.exe Detection Origin: Computador local Detection Type: Concreto Detection Source: Sistema Process Name: Unknown Security intelligence Version: AV: 1.403.2688.0, AS: 1.403.2688.0, NIS: 1.403.2688.0 Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2 Date: 2024-01-25 14:18:42 Description: Microsoft Defender Antivírus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Wincred!pz&threatid=2147897961&enterprise=0 Name: HackTool:Win32/Wincred!pz Severity: Alto Category: Ferramenta Path: containerfile:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso; file:_C:\Users\Felipe\Desktop\kali-linux-2023.1-installer-amd64.iso->pool\non-free\w\wce\wce_1.42-beta-0kali4_all.deb->data.tar.xz->(xz)->./usr/share/windows-resources/wce/wce32.exe Detection Origin: Computador local Detection Type: Concreto Detection Source: Sistema Process Name: Unknown Security intelligence Version: AV: 1.403.2688.0, AS: 1.403.2688.0, NIS: 1.403.2688.0 Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2 Event[0] Date: 2023-12-24 15:28:12 Description: Microsoft Defender Antivírus has encountered an error trying to update security intelligence and will attempt to revert to a previous version. Security intelligence Attempted: Atual Error Code: 0x80070003 Error description: O sistema não pode encontrar o caminho especificado. Security intelligence Version: 0.0.0.0;0.0.0.0 Engine Version: 0.0.0.0 Date: 2023-12-23 17:29:22 Description: Microsoft Defender Antivírus Real-Time Protection feature has encountered an error and failed. Feature: Em Tempo de Acesso Error Code: 0x8007043c Error description: Não é possível compartilhar este serviço no modo de segurança Reason: A inteligência de segurança antimalware parou de funcionar por um motivo desconhecido. Em alguns casos, reiniciar o serviço pode resolver o problema. CodeIntegrity: =============== Date: 2024-01-24 06:03:20 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\GPSoftware\Directory Opus\dopuslib.dll that did not meet the Microsoft signing level requirements. Date: 2023-12-13 20:56:16 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== BIOS: American Megatrends Inc. F2 05/27/2020 Motherboard: Gigabyte Technology Co., Ltd. H410M H Processor: Intel(R) Core(TM) i3-10100F CPU @ 3.60GHz Percentage of memory in use: 66% Total physical RAM: 16314.7 MB Available physical RAM: 5525.8 MB Total Virtual: 22970.7 MB Available Virtual: 8672.49 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:237.25 GB) (Model: KINGSTON SNV2S500G) NTFS Drive d: (HD2) (Fixed) (Total:222.65 GB) (Free:113.36 GB) (Model: KINGSTON SA400S37240G) NTFS \\?\Volume{416511ea-67a0-4903-9c31-5e652410aeda}\ () (Fixed) (Total:0.8 GB) (Free:0.08 GB) NTFS \\?\Volume{dd6d0418-4f64-4eb4-95b6-171b03acfaee}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 \\?\Volume{c14ef513-5cd6-44fa-9335-390b9b853455}\ (WINTOHDD) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 223.6 GB) (Disk ID: 00D611AB) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================