Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2022
Ran by Alex (17-08-2022 20:54:46)
Running from C:\Users\Alex\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X64) (2020-10-22 04:48:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-737693840-413745377-1450863732-500 - Administrator - Disabled)
Alex (S-1-5-21-737693840-413745377-1450863732-1000 - Administrator - Enabled) => C:\Users\Alex
Guest (S-1-5-21-737693840-413745377-1450863732-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-737693840-413745377-1450863732-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Security Cloud (Enabled - Up to date) {F41710F6-65D1-4F66-2B68-CCCF63D4A09E}
FW: Kaspersky Security Cloud (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-737693840-413745377-1450863732-1000\...\uTorrent) (Version: 3.5.5.46348 - BitTorrent Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 8.5.0.2 - Auslogics Labs Pty Ltd)
Binance 1.35.0 (HKLM\...\Binance) (Version: 1.35.0 - BinanceTech)
CCleaner (HKLM\...\CCleaner) (Version: 6.02 - Piriform)
Chk-Back v2.0 (HKLM-x32\...\{916DBF3C-7AA5-4679-AA58-3D6C166BDAAF}) (Version: 2.1.2 - TRC Data Recovery Ltd)
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.13.0.1456 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-737693840-413745377-1450863732-1000\...\Discord) (Version: 1.0.9001 - Discord Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
EaseUS Partition Master (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 2022 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 2022.2 - EaseUS)
Epic Games Launcher (HKLM-x32\...\{5C101FC6-6A4B-43AF-A03C-A0776244700A}) (Version: 1.1.293.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Gamers Club AC Launcher 3.2.79 (HKU\S-1-5-21-737693840-413745377-1450863732-1000\...\79ac4417-2a6e-5545-a41f-fb03b7abc70c) (Version: 3.2.79 - EMAC LAB LTDA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.81 - Google LLC)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.30.326 - SurfRight B.V.)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lindo 2.6.0-beta.17 (HKU\S-1-5-21-737693840-413745377-1450863732-1000\...\50629a2c-ef02-5973-9a80-2ae8396b2abd) (Version: 2.6.0-beta.17 - Prixe)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12527.22197 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.12527.22197 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-737693840-413745377-1450863732-1000\...\OneDriveSetup.exe) (Version: 21.062.0328.0001 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.12527.22197 - Microsoft Corporation)
Microsoft Project Professional 2016 - pt-br (HKLM\...\ProjectProRetail - pt-br) (Version: 16.0.12527.22197 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12527.22197 - Microsoft Corporation)
Microsoft Visio Professional 2016 - pt-br (HKLM\...\VisioProRetail - pt-br) (Version: 16.0.12527.22197 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Nelogica ProfitPro (HKU\S-1-5-21-737693840-413745377-1450863732-1000\...\Profit) (Version: 5.0.1.74 - Nelogica)
NVIDIA GeForce Experience 3.24.0.135 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.135 - NVIDIA Corporation)
NVIDIA Graphics Driver 473.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 473.81 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.22183 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22183 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22183 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12527.22183 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0416-0000-0000000FF1CE}) (Version: 16.0.12527.22183 - Microsoft Corporation) Hidden
Panda USB Vaccine 1.0.1.16 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.34.337 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version:  - TechPowerUp)
Telegram Desktop version 4.0.2 (HKU\S-1-5-21-737693840-413745377-1450863732-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.0.2 - Telegram FZ-LLC)
TP-Link TL-WN821N (HKLM-x32\...\{03468BE2-4451-416D-B045-60F2101122D4}) (Version: 2.1.0 - TP-Link)
Uplay (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Windows Driver Package - Alcor Micro, Corp. (AmUStor) USB  (04/26/2018 2.0.149.10100) (HKLM\...\27B574FE308DEF9FE1AC96B52E9515EFC3BACEE0) (Version: 04/26/2018 2.0.149.10100 - Alcor Micro, Corp.)
Windows Driver Package - AMD (amdkmpfd) System  (03/05/2019 19.20.0.0000) (HKLM\...\C69BF33BF7029AD093B4E0466E880E41AD727716) (Version: 03/05/2019 19.20.0.0000 - AMD)
Windows Driver Package - AOC International (Europe) GmbH Monitor  (09/17/2009 1.0.0.0) (HKLM\...\E83862070794C2A3EAA4BF7958DFD3DD631AB65C) (Version: 09/17/2009 1.0.0.0 - AOC International (Europe) GmbH)
Windows Driver Package - ASUSTeK Computer Inc. (WUDFRd) System  (03/17/2014 1.0.1.0) (HKLM\...\CEAA0A136A2EA631A35523214B7CB7DEDF977631) (Version: 03/17/2014 1.0.1.0 - ASUSTeK Computer Inc.)
Windows Driver Package - Challenger Backup Solutions, LLC (FlashBoot) DiskDrive  (08/11/2013 2.3.72.0) (HKLM\...\CA8BFE662913F62CB908BA31685037C57A7DD973) (Version: 08/11/2013 2.3.72.0 - Challenger Backup Solutions, LLC)
Windows Driver Package - Intel (ICCWDT) System  (09/19/2017 11.7.0.1000) (HKLM\...\2CA4690B617D3955E93E38224A3660C96BE8772E) (Version: 09/19/2017 11.7.0.1000 - Intel)
Windows Driver Package - Intel (MEIx64) System  (03/28/2016 11.0.5.1189) (HKLM\...\63CEF5543DBF9887E6220C5C2F7F85C2D4C726D5) (Version: 03/28/2016 11.0.5.1189 - Intel)
Windows Driver Package - Intel Corporation (iaStorA) SCSIAdapter  (06/26/2013 3.7.3.1002) (HKLM\...\A1130CE180E16078396B979F6EE29D6314F846BA) (Version: 06/26/2013 3.7.3.1002 - Intel Corporation)
Windows Driver Package - INTEL System  (01/02/2018 10.1.1.45) (HKLM\...\0D4AE0F267D5306A93014BBB928B728F9E1308A7) (Version: 01/02/2018 10.1.1.45 - INTEL)
Windows Driver Package - INTEL System  (01/02/2018 10.1.1.45) (HKLM\...\C99604D49CEC92257052530F12CE62E6E0E3278D) (Version: 01/02/2018 10.1.1.45 - INTEL)
Windows Driver Package - Intel USB  (07/31/2013 9.4.0.1025) (HKLM\...\4AC0FF1CA4CEC00C49C2C3ED599D94F8680DEA5D) (Version: 07/31/2013 9.4.0.1025 - Intel)
Windows Driver Package - Intel(R) Corporation (iusb3hub) USB  (05/11/2017 5.0.4.43) (HKLM\...\47407E3EF9F5ED68E890504472107508EAE7CE79) (Version: 05/11/2017 5.0.4.43 - Intel(R) Corporation)
Windows Driver Package - Intel(R) Corporation (iusb3xhc) USB  (05/11/2017 5.0.4.43) (HKLM\...\B4FD8F5CD3425CDDD2630FDE3B614FBBC283CD80) (Version: 05/11/2017 5.0.4.43 - Intel(R) Corporation)
Windows Driver Package - KYE Systems Corp. (gKbdfltr) HIDClass  (01/14/2019 10.1.0.7) (HKLM\...\6BCA721010A9572F1974F266E9B84750B8F61F1E) (Version: 01/14/2019 10.1.0.7 - KYE Systems Corp.)
Windows Driver Package - NVIDIA (nvvad_WaveExtensible) MEDIA  (03/14/2019 4.13.0.0) (HKLM\...\688B80BE01DCCA42700D63EBB67C756FF0DA0D25) (Version: 03/14/2019 4.13.0.0 - NVIDIA)
Windows Driver Package - NVIDIA (nvvhci) System  (08/27/2018 3.03.2475.1519) (HKLM\...\8980BA12F223EAE81CF70D2334894E5FDEF0ABCA) (Version: 08/27/2018 3.03.2475.1519 - NVIDIA)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA  (01/15/2019 1.3.38.13) (HKLM\...\BAAC56C8B2D1C27DD41EF9CB18E8EE7A52878F07) (Version: 01/15/2019 1.3.38.13 - NVIDIA Corporation)
Windows Driver Package - Realtek (RTL8167) Net  (08/28/2018 7.122.0828.2018) (HKLM\...\7B100EC40FE83C62207C2950E3A7B047FAAEF754) (Version: 08/28/2018 7.122.0828.2018 - Realtek)
Windows Driver Package - Realtek Semiconductor Corp. (RtlWlanu) Net  (11/06/2018 1030.31.0102.2018) (HKLM\...\B6C96A4E6A77AE25A0C56EDB80DE03AEF1D71682) (Version: 11/06/2018 1030.31.0102.2018 - Realtek Semiconductor Corp.)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-737693840-413745377-1450863732-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-737693840-413745377-1450863732-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-737693840-413745377-1450863732-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-737693840-413745377-1450863732-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-737693840-413745377-1450863732-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-737693840-413745377-1450863732-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-737693840-413745377-1450863732-1000_Classes\CLSID\{272D2E65-05FB-4500-BD7B-5905D5B0A1B8}\localserver32 -> C:\Users\Alex\AppData\Roaming\Nelogica\Profit\profitchart.exe (Nelogica Sistemas de Software Ltda. -> Nelogica)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-08-11] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS Todo Backup\bin\x64\ImageSh.dll [2022-08-01] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-10-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-08-11] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS Todo Backup\bin\x64\ImageSh.dll [2022-08-01] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-10-25] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-08-11] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS Todo Backup\bin\x64\ImageSh.dll [2022-08-01] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2022-07-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2022-08-11] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Cryptoescritorio - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Alex\Application Data:955d2a2f697b1c9b40c63a2dd2b7d393 [394]
AlternateDataStreams: C:\Users\Alex\Application Data:a8f96ed9f548b3497db5ddd233a8b439 [394]
AlternateDataStreams: C:\Users\Alex\Application Data:e091c4005e46e5c1582d345c5f2d1a59 [394]
AlternateDataStreams: C:\Users\Alex\AppData\Roaming:955d2a2f697b1c9b40c63a2dd2b7d393 [394]
AlternateDataStreams: C:\Users\Alex\AppData\Roaming:a8f96ed9f548b3497db5ddd233a8b439 [394]
AlternateDataStreams: C:\Users\Alex\AppData\Roaming:e091c4005e46e5c1582d345c5f2d1a59 [394]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-16] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2022-08-17 12:20 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-737693840-413745377-1450863732-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: CCleanerPerformanceOptimizerService => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: EaseUS Agent => 2
MSCONFIG\Services: EaseUS UPDATE SERVICE => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: IQOptionUpdater => 2
MSCONFIG\Services: KSDE5.3 => 2
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: ucldr_MirTrilogy4_GL => 3
MSCONFIG\startupfolder: C:^Users^Alex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IQTray.lnk => C:\Windows\pss\IQTray.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Alex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Alex\AppData\Local\Discord\Update.exe --processStart Discord.exe
MSCONFIG\startupreg: EpicGamesLauncher => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
MSCONFIG\startupreg: Netmarble Launcher => "C:\Program Files\Netmarble\Netmarble Launcher\Netmarble Launcher.exe"
MSCONFIG\startupreg: NoxMultiPlayer => "C:\Program Files (x86)\Nox\bin\MultiPlayerManager.exe" -startSource:auto_start
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: TrayProcess => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS Todo Backup\bin\TrayProcess.exe" autorun
MSCONFIG\startupreg: ut => "C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: uTorrent => "C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

12-08-2022 13:51:48 Ponto de verificação por HitmanPro
12-08-2022 13:52:27 Ponto de verificação por HitmanPro
16-08-2022 18:14:18 Windows Update
17-08-2022 12:20:23 Restore Point Created by FRST

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/17/2022 12:33:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: Alex-PC)
Description: Installing the performance counter strings for service .NET Data Provider for Oracle () failed. The first DWORD in the Data section contains the error code.

Error: (08/17/2022 12:20:23 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {26e1f4f6-c10c-4146-83b4-4f5fb5458948}

Error: (08/17/2022 12:03:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/17/2022 09:05:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/16/2022 06:10:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/16/2022 12:03:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (08/15/2022 09:46:25 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (08/15/2022 09:46:25 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (08/17/2022 08:58:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.

Error: (08/17/2022 08:40:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom

Error: (08/17/2022 08:40:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/17/2022 01:28:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom

Error: (08/17/2022 01:28:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\system32\Rtlihvs.dll
Error Code: 126

Error: (08/17/2022 12:20:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (08/17/2022 12:20:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (08/17/2022 12:20:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 6000 milliseconds: Restart the service.


Windows Defender:
================Event[0]:

Date: 2022-05-18 23:00:03.727
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2022-05-18 22:43:44.921
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2022-03-13 15:24:54.123
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2021-06-29 21:35:21.945
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.343.25.0
Previous Signature Version:1.341.1435.0
Update Source:User
Signature Type:AntiSpyware
Update Type:Delta
Current Engine Version:1.1.18300.4
Previous Engine Version:1.1.18200.4
Error code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2021-06-29 21:35:21.944
Description: 
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.18300.4
Previous Engine Version:1.1.18200.4
Update Source:User
Error Code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 1104 02/22/2016
Motherboard: ASUSTeK COMPUTER INC. H81M-K
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 48%
Total physical RAM: 8129.38 MB
Available physical RAM: 4151.47 MB
Total Virtual: 16256.89 MB
Available Virtual: 10205.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.9 GB) (Free:291.68 GB) (Model: ATA ST3500312CS SCSI Disk Device) NTFS
Drive d: () (Fixed) (Total:110.65 GB) (Free:110.56 GB) (Model: ATA KINGSTON SA400S3 SCSI Disk Device) NTFS
Drive f: () (Fixed) (Total:1953.06 GB) (Free:1929.06 GB) (Model: VendorCo ProductCode USB Device) exFAT

\\?\Volume{7c1b464c-140e-11eb-90d0-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.34 GB) (Free:0.1 GB) NTFS
\\?\Volume{7c1b464e-140e-11eb-90d0-806e6f6e6963}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{c35f9417-0355-41de-9d99-3ff5795f6635}\ (Recuperação) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{d9a97ed4-886e-4a74-aa8d-4b24d8207a12}\ () (Fixed) (Total:0.53 GB) (Free:0.09 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: B1D404CF)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=529 MB) - (Type=27)

==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 0C401F2D)

Partition: GPT.

==========================================================
Disk: 2 (Size: 1953.1 GB) (Disk ID: FA2CB833)
Partition 1: (Active) - (Size=1953.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================