Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 28-12-2023 Executado por PC (administrador) em MAQUINA-SAMUELI (Gigabyte Technology Co., Ltd. A320M-S2H) (29-12-2023 22:15:43) Executando a partir de C:\Users\PC\Downloads\FRST64.exe Perfis Carregados: PC Plataforma: Microsoft Windows 11 Home Versão 22H2 22621.2861 (X64) Idioma: Português (Brasil) Navegador padrão: Opera Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Users\PC\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera GX\105.0.4970.63\opera_crashreporter.exe (C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe ->) (Opera Norway AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera\106.0.4998.19\opera_autoupdate.exe <2> (explorer.exe ->) (CERTIF_NICOLAS_COOLMAN -> Nicolas Coolman) [Arquivo não assinado] C:\Users\PC\Downloads\ZHPCleaner.exe (explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2310.13.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe (explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe <2> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Opera Norway AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera GX\opera.exe <23> (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2349.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Opera Norway AS -> Opera Software) C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe (svchost.exe ->) (Softdeluxe) [Arquivo não assinado] C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Cm108BSound] => C:\Program Files\Redragon Gaming Headset Driver\CPL\FaceLift_x64.exe [2341888 2014-11-09] () [Arquivo não assinado] HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3022640 2023-11-27] (Riot Games, Inc. -> Riot Games, Inc.) HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2089536 2023-07-10] (Famatech Corp. -> Famatech Corp.) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2595344 2023-12-16] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4386664 2023-12-07] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70918144 2023-12-12] (Riot Games, Inc. -> Riot Games, Inc.) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [com.blitz.app] => C:\Users\PC\AppData\Local\Programs\Blitz\Blitz.exe [0 2023-12-29] () <==== ATENÇÃO [zero byte Arquivo/Pasta] HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37180368 2023-12-18] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [981640 2023-12-26] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [Free Download Manager] => C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe [6300672 2023-05-19] (Softdeluxe) [Arquivo não assinado] HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [Spotify] => C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe [30315848 2023-12-12] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2658920 2023-12-12] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [Opera GX Stable] => C:\Users\PC\AppData\Local\Programs\Opera GX\launcher.exe [2296224 2023-12-21] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [Opera GX Browser Assistant] => C:\Users\PC\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\Run: [Opera Stable] => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe [2350496 2023-12-22] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-3956414198-1852685487-3734134944-1000\...\MountPoints2: {5400f56c-8982-11ee-8479-18c04df2884d} - "E:\Ultimate_Edition_Installer.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.130\Installer\chrmstp.exe [2023-12-26] (Google LLC -> Google LLC) ==================== Tarefas Agendadas (Whitelisted) ================= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {A4E3EBEF-D0AC-4DAA-9A4C-58C593F1F5EA} - System32\Tasks\FreeDownloadManagerHelperService => C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe [129536 2023-05-19] (Softdeluxe) [Arquivo não assinado] Task: {51E3B084-1A38-4EE3-AC2E-DDAFD0EE3086} - System32\Tasks\GoogleUpdateTaskMachineCore{B6328745-B059-46A7-91AD-45A3F93B5FAF} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-26] (Google LLC -> Google LLC) Task: {6498F76B-477F-4718-90E7-D8A2D4870943} - System32\Tasks\GoogleUpdateTaskMachineUA{C61F8866-83B2-44C6-BE21-147C10640057} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-26] (Google LLC -> Google LLC) Task: {D384E84B-D4F4-4251-9645-6737A5E36782} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {AB798639-EEF3-4C99-ADAA-927698C88FB2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) Task: {CFB00084-92CC-4526-9B59-99D9A1D74871} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {F29AD30A-BBE0-463E-A666-4E080A676872} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {07470781-79A1-4AA3-B53E-25E1151A7E2C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Nenhum Arquivo) Task: {A3953871-B9D7-4E35-9CDD-6F6DF11009DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D4BD820D-4758-4178-A20A-883495C34639} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5DC142D8-969D-4EFE-B399-A16C725B2794} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {69825534-0297-49C0-B6EB-AFFB8C283E2E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {68C0B37F-47F8-494B-9697-A09E281BDCFB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {AD15E877-2F4B-4EFC-A44B-62B368F9AC2E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {36A48EE7-05C3-451E-83E8-30C9745892FF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4585A3FA-A235-411A-A927-612C80758332} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9DA87DD4-6977-4625-88F5-3170045842F4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D71D6B40-5895-4249-B06C-F20D1FDF97D8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A67CCF3B-3F50-4BFF-9258-9DA1AA22B6E5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {59ED1C84-C1B1-406C-A6E4-39E3E46DFC0E} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9378BD7F-501B-43B1-8661-382A900AA24C} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) Task: {52D624C0-C582-4391-BAE4-0E2376CFD3AB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-16] (Microsoft Corporation -> Microsoft Corporation) Task: {69F2E8A7-E561-4834-986E-55418DDE6EFE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3956414198-1852685487-3734134944-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-12-16] (Microsoft Corporation -> Microsoft Corporation) Task: {B2636CCB-18E1-4D5B-90C8-AE5D44CE0F9D} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1703008161 => C:\Users\PC\AppData\Local\Programs\Opera GX\launcher.exe [2296224 2023-12-21] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PC\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {C9B8D428-9A88-44B2-A982-BA2D9835C801} - System32\Tasks\Opera GX scheduled Autoupdate 1702257299 => C:\Users\PC\AppData\Local\Programs\Opera GX\launcher.exe [2296224 2023-12-21] (Opera Norway AS -> Opera Software) Task: {4F178481-AC77-4547-92FA-EAEF6226E7B5} - System32\Tasks\Opera scheduled Autoupdate 1703606968 => C:\Users\PC\AppData\Local\Programs\Opera\launcher.exe [2350496 2023-12-22] (Opera Norway AS -> Opera Software) Task: {3D30FB78-65A7-484B-BC6F-BE1336B889BF} - System32\Tasks\PC => C:\Windows\system32\cmd.exe [323584 2023-11-15] (Microsoft Windows -> Microsoft Corporation) -> /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v PC /t REG_SZ /d "cmd.exe /c start www.exinariuminix.info" <==== ATENÇÃO Task: {DE2287B4-EF12-48B9-9F3F-5E3C30A6D0F2} - System32\Tasks\WindhawkRunUITask => C:\Program Files\Windhawk\windhawk.exe [762840 2023-09-08] (Michael Maltsev -> Ramen Software) Task: {1CCF9C43-3FF0-4FC2-9626-BEC19619E421} - System32\Tasks\WindhawkUpdateTask => C:\Program Files\Windhawk\windhawk.exe [762840 2023-09-08] (Michael Maltsev -> Ramen Software) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Edge: ======= Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-29] Edge HomePage: Default -> hxxp://www.google.com/ Edge StartupUrls: Default -> "hxxp://www.google.com/" Edge Extension: (Documentos Google off-line) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28] Edge Extension: (Edge relevant text changes) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-24] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2023-12-29] CHR Extension: (Documentos Google off-line) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-26] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-26] Opera: ======= OPR DefaultProfile: Default StartMenuInternet: (HKU\S-1-5-21-3956414198-1852685487-3734134944-1000) Opera GXStable - "C:\Users\PC\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9884424 2023-12-06] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-14] (Microsoft Corporation -> Microsoft Corporation) S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [50807152 2023-11-16] (Electronic Arts, Inc. -> Electronic Arts) S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11385960 2023-12-12] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-11-26] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-05-01] (Epic Games Inc. -> Epic Games, Inc.) S3 FacSvc_Infestation; C:\Users\PC\AppData\Roaming\FAC\Infestation\FacSvc.exe [506968 2023-12-05] (Fredaikis AB -> ) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2023-12-16] (Microsoft Corporation -> Microsoft Corporation) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230360 2023-11-10] (HP Inc. -> HP Inc.) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\Display.NvContainer\NVDisplay.Container.exe [1275424 2023-11-30] (NVIDIA Corporation -> NVIDIA Corporation) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2023-12-16] (Microsoft Corporation -> Microsoft Corporation) S2 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1179712 2023-07-10] (Famatech Corp. -> Famatech Corp.) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2023-09-09] () [Arquivo não assinado] S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [9623432 2023-11-27] (Riot Games, Inc. -> Riot Games, Inc.) S2 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [134752 2023-08-24] (Skutta, Kristjan -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation) S2 Windhawk; C:\Program Files\Windhawk\windhawk.exe [762840 2023-09-08] (Michael Maltsev -> Ramen Software) S2 WindscribeService; C:\Program Files\Windscribe\WindscribeService.exe [1085280 2023-10-17] (Windscribe Limited -> Windscribe Limited) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 108B; C:\Windows\System32\drivers\108B.sys [3730696 2021-12-05] (WDKTestCert jimmy,132371157675211053 -> C-Media Electronics, Inc.) S3 aftap0901; C:\Windows\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project) R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2023-08-28] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2023-05-05] (Microsoft Corporation) [Arquivo não assinado] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2023-05-05] (Microsoft Corporation) [Arquivo não assinado] S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Arquivo não assinado] R3 CMUAC; C:\Windows\System32\drivers\CMUAC.sys [613888 2014-10-09] (C-MEDIA ELECTRONICS INC. -> C-MEDIA) R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation) R3 RvNetMP60; C:\Windows\System32\drivers\RvNetMP60.sys [58288 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Famatech Corp.) R3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [57768 2023-10-17] (Windscribe Limited -> The OpenVPN Project) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22035200 2023-11-27] (Riot Games, Inc. -> Riot Games, Inc.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation) S3 WindscribeSplitTunnel; C:\Windows\system32\DRIVERS\WindscribeSplitTunnel.sys [38152 2023-10-17] (Windscribe Limited -> ) R3 windtun420; C:\Windows\System32\drivers\windtun420.sys [47544 2023-10-17] (Windscribe Limited -> WireGuard LLC) S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-10-17] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-12-29 22:15 - 2023-12-29 22:16 - 000023691 _____ C:\Users\PC\Downloads\FRST.txt 2023-12-29 22:15 - 2023-12-29 22:15 - 000000000 ____D C:\FRST 2023-12-29 22:13 - 2023-12-29 22:13 - 002387456 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe 2023-12-29 22:12 - 2023-12-29 22:12 - 000013353 _____ C:\Users\PC\Desktop\ZHPCleaner (R).html 2023-12-29 22:12 - 2023-12-29 22:12 - 000005657 _____ C:\Users\PC\Desktop\ZHPCleaner (R).txt 2023-12-29 22:08 - 2023-12-29 22:08 - 003363488 _____ (Nicolas Coolman) C:\Users\PC\Downloads\ZHPCleaner (1).exe 2023-12-29 22:06 - 2023-12-29 22:06 - 000013031 _____ C:\Users\PC\Desktop\ZHPCleaner (S).html 2023-12-29 22:06 - 2023-12-29 22:06 - 000005444 _____ C:\Users\PC\Desktop\ZHPCleaner (S).txt 2023-12-29 22:00 - 2023-12-29 22:12 - 000000000 ____D C:\Users\PC\AppData\Roaming\ZHP 2023-12-29 22:00 - 2023-12-29 22:00 - 000000872 _____ C:\Users\PC\Desktop\ZHPCleaner.lnk 2023-12-29 22:00 - 2023-12-29 22:00 - 000000000 ____D C:\Users\PC\AppData\Local\ZHP 2023-12-29 21:56 - 2023-12-29 21:56 - 003363488 _____ (Nicolas Coolman) C:\Users\PC\Downloads\ZHPCleaner.exe 2023-12-29 21:52 - 2023-12-29 21:52 - 000768122 _____ C:\Windows\system32\prfh0416.dat 2023-12-29 21:52 - 2023-12-29 21:52 - 000154250 _____ C:\Windows\system32\prfc0416.dat 2023-12-29 11:39 - 2023-12-29 21:52 - 000000000 ____D C:\AdwCleaner 2023-12-29 11:38 - 2023-12-29 11:38 - 008791352 _____ (Malwarebytes) C:\Users\PC\Downloads\AdwCleaner.exe 2023-12-26 17:05 - 2023-12-26 17:05 - 000000000 ____D C:\Users\PC\Documents\Overwatch 2023-12-26 15:52 - 2023-12-26 15:52 - 000000930 _____ C:\Users\Public\Desktop\Overwatch.lnk 2023-12-26 15:52 - 2023-12-26 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2023-12-26 14:14 - 2023-12-26 15:55 - 000000000 ____D C:\Program Files (x86)\Overwatch 2023-12-26 13:09 - 2023-12-26 13:09 - 000004192 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1703606968 2023-12-26 13:09 - 2023-12-26 13:09 - 000001394 _____ C:\Users\PC\Desktop\Navegador Opera.lnk 2023-12-26 13:09 - 2023-12-26 13:09 - 000001394 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk 2023-12-26 13:08 - 2023-12-29 13:18 - 000000000 ____D C:\Program Files (x86)\Panda Security 2023-12-26 13:08 - 2023-12-29 11:43 - 000000000 ____D C:\ProgramData\Panda Security 2023-12-23 15:01 - 2023-12-23 15:01 - 003354624 _____ C:\Users\PC\AppData\Roaming\emp.bin 2023-12-21 12:43 - 2023-12-21 12:43 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Statespace 2023-12-21 12:30 - 2023-12-21 12:30 - 000000222 _____ C:\Users\PC\Desktop\Aimlabs.url 2023-12-20 13:03 - 2023-12-20 13:03 - 013504619 _____ C:\Users\PC\Downloads\Vídeo sem título ‐ Feito com o Clipchamp (7) (1).mp4 2023-12-19 21:55 - 2023-12-22 21:01 - 000001360 _____ C:\Users\PC\Desktop\RE4 Remake.lnk 2023-12-19 14:49 - 2023-12-19 14:49 - 000004448 _____ C:\Windows\system32\Tasks\Opera GX scheduled assistant Autoupdate 1703008161 2023-12-18 20:14 - 2023-12-18 20:14 - 000000000 ____D C:\Users\Public\Documents\EMPRESS 2023-12-18 16:13 - 2023-12-18 20:15 - 000000000 ____D C:\Users\PC\Downloads\Resident.Evil.4.(2023)-InsaneRamZes 2023-12-18 16:13 - 2023-12-18 16:13 - 001286439 _____ C:\Users\PC\Desktop\BlueStacks-Support.7z 2023-12-18 11:29 - 2023-12-18 11:29 - 000002155 _____ C:\Users\PC\Desktop\Free Fire.lnk 2023-12-18 11:14 - 2023-12-18 11:14 - 000000000 ____D C:\Users\PC\AppData\Local\BlueStacksSetup 2023-12-18 11:13 - 2023-12-29 18:11 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk 2023-12-18 11:13 - 2023-12-29 18:11 - 000001930 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultra Ego FPS.lnk 2023-12-18 11:13 - 2023-12-18 11:14 - 000000000 ____D C:\Program Files\BlueStacks 2023-12-18 11:13 - 2023-12-18 11:13 - 000002073 _____ C:\Users\Public\Desktop\BlueStacks Multi-Instance Manager.lnk 2023-12-18 11:13 - 2023-12-18 11:13 - 000001918 _____ C:\Users\Public\Desktop\Ultra Ego FPS.lnk 2023-12-18 11:13 - 2023-12-18 11:13 - 000000000 ____D C:\ProgramData\BlueStacks 2023-12-18 11:11 - 2023-12-18 11:12 - 1629113489 _____ C:\Users\PC\Downloads\BS Ultra Ego Version Final Beta 1x.rar 2023-12-18 01:06 - 2023-12-18 01:06 - 000000000 ____D C:\Users\PC\Desktop\limpar residuos 2023-12-18 00:43 - 2023-12-18 00:43 - 000000872 _____ C:\Users\PC\Desktop\Mem Reduct.lnk 2023-12-18 00:43 - 2023-12-18 00:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mem Reduct 2023-12-18 00:43 - 2023-12-18 00:43 - 000000000 ____D C:\Users\PC\AppData\Roaming\Henry++ 2023-12-18 00:43 - 2023-12-18 00:43 - 000000000 ____D C:\Program Files\Mem Reduct 2023-12-17 01:09 - 2023-12-17 01:09 - 000000000 ____D C:\Windows\InboxApps 2023-12-16 18:53 - 2023-12-16 18:54 - 000000000 ___HD C:\$WinREAgent 2023-12-16 01:22 - 2023-12-29 18:11 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2023-12-13 23:25 - 2023-12-13 23:26 - 000000000 ____D C:\Users\PC\Documents\NFS Carbon 2023-12-13 23:21 - 2023-12-13 23:21 - 000000000 ____D C:\Program Files (x86)\Mr DJ 2023-12-13 15:38 - 2023-12-16 01:23 - 000000000 ____D C:\Users\PC\AppData\Roaming\Notepad++ 2023-12-13 15:38 - 2023-12-16 01:22 - 000000000 ____D C:\Program Files\Notepad++ 2023-12-13 00:14 - 2023-12-13 00:14 - 000001627 _____ C:\Users\Public\Desktop\VALORANT.lnk 2023-12-13 00:14 - 2023-12-13 00:14 - 000000000 ____D C:\Program Files\Riot Vanguard 2023-12-12 16:40 - 2023-12-12 16:40 - 000002086 _____ C:\Users\PC\Desktop\AJ139 PRO Gaming Mouse.lnk 2023-12-12 16:40 - 2023-12-12 16:40 - 000000000 ____D C:\Users\PC\Documents\AJAZZ_ AJ139 PRO No light (Dual Mode)_ PAW3395_ Mouse Drive (2) 2023-12-12 16:40 - 2023-12-12 16:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AJAZZ 2023-12-12 16:40 - 2023-12-12 16:40 - 000000000 ____D C:\Program Files (x86)\AJAZZ 2023-12-12 15:38 - 2023-12-16 00:31 - 000000000 ____D C:\Users\PC\Downloads\AJAZZ_ AJ139 PRO No light (Dual Mode)_ PAW3395_ Mouse Drive (2) 2023-12-12 13:46 - 2023-12-12 16:58 - 000000000 ____D C:\Users\PC\AppData\Local\JM03 2023-12-10 23:55 - 2023-12-10 23:55 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio 2023-12-10 23:55 - 2023-12-10 23:55 - 000000000 ____D C:\Program Files (x86)\GameVicio 2023-12-10 23:13 - 2023-12-10 23:17 - 000000000 ____D C:\Users\PC\Documents\NFS Most Wanted 2023-12-10 22:58 - 2023-12-10 22:58 - 000001358 _____ C:\Users\Public\Desktop\Need for Speed Most Wanted 2005.lnk 2023-12-10 22:58 - 2023-12-10 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed Most Wanted 2005 2023-12-10 22:57 - 2005-10-31 20:06 - 000240264 ___RH C:\Windows\SysWOW64\1482 2023-12-10 22:57 - 2005-10-06 00:00 - 000000720 ___RH C:\Windows\SysWOW64\1483 2023-12-10 22:56 - 2005-10-19 00:01 - 000040534 ___RH C:\Windows\SysWOW64\1481 2023-12-10 22:55 - 2023-12-16 01:41 - 000000000 ____D C:\Program Files (x86)\Need for Speed Most Wanted 2005 2023-12-10 22:15 - 2023-12-21 23:03 - 000004200 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1702257299 2023-12-10 22:15 - 2023-12-21 23:03 - 000001429 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk 2023-12-10 22:15 - 2023-12-10 22:15 - 000001423 _____ C:\Users\PC\Desktop\Navegador Opera GX.lnk 2023-12-08 17:18 - 2023-11-30 06:11 - 001246288 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2023-12-08 17:18 - 2023-11-30 06:11 - 001246288 _____ C:\Windows\SysWOW64\vulkan-1.dll 2023-12-08 17:18 - 2023-11-30 06:11 - 000850512 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2023-12-08 17:18 - 2023-11-30 06:11 - 000850512 _____ C:\Windows\system32\vulkaninfo.exe 2023-12-08 17:18 - 2023-11-30 06:11 - 000731216 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-12-08 17:18 - 2023-11-30 06:11 - 000731216 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2023-12-08 17:18 - 2023-11-30 06:10 - 001487472 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2023-12-08 17:18 - 2023-11-30 06:10 - 001423960 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2023-12-08 17:18 - 2023-11-30 06:10 - 001423960 _____ C:\Windows\system32\vulkan-1.dll 2023-12-08 17:18 - 2023-11-30 06:10 - 001226760 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2023-12-08 17:18 - 2023-11-30 06:07 - 001541152 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2023-12-08 17:18 - 2023-11-30 06:07 - 001198192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2023-12-08 17:18 - 2023-11-30 06:07 - 000958496 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2023-12-08 17:18 - 2023-11-30 06:07 - 000670240 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll 2023-12-08 17:18 - 2023-11-30 06:07 - 000505376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll 2023-12-08 17:18 - 2023-11-30 06:06 - 001624712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2023-12-08 17:18 - 2023-11-30 06:06 - 000810096 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2023-12-08 17:18 - 2023-11-30 06:06 - 000774280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2023-12-08 17:18 - 2023-11-30 06:05 - 015095840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2023-12-08 17:18 - 2023-11-30 06:05 - 012375584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2023-12-08 17:18 - 2023-11-30 06:05 - 006461960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2023-12-08 17:18 - 2023-11-30 06:05 - 005862408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll 2023-12-08 17:18 - 2023-11-30 06:05 - 005860472 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2023-12-08 17:18 - 2023-11-30 06:05 - 003619848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2023-12-08 17:18 - 2023-11-30 06:05 - 000853640 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2023-12-08 17:18 - 2023-11-30 06:05 - 000459912 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2023-12-08 17:18 - 2023-11-30 06:04 - 006745776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2023-12-08 17:18 - 2023-11-29 20:05 - 000113947 _____ C:\Windows\system32\nvinfo.pb 2023-12-07 17:35 - 2023-12-07 17:35 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2023-12-06 15:12 - 2023-12-08 15:05 - 000000000 ____D C:\Users\PC\Documents\DayZ 2023-12-06 15:12 - 2023-12-06 15:12 - 000000000 ____D C:\Users\PC\AppData\Roaming\SmartSteamEmu 2023-12-06 14:25 - 2023-12-16 10:47 - 000000000 ____D C:\Users\PC\AppData\Local\DayZ 2023-12-06 10:49 - 2023-12-06 10:49 - 000000000 ____D C:\Users\PC\.android 2023-12-06 10:48 - 2023-12-06 10:48 - 000000000 ____D C:\Users\PC\Downloads\BSTweaker51610 2023-12-05 22:00 - 2023-12-05 22:00 - 000000000 ____D C:\Games 2023-12-05 15:58 - 2023-12-05 15:58 - 000000000 ____D C:\Users\PC\Documents\FredaikisAB 2023-12-05 15:58 - 2023-12-05 15:58 - 000000000 ____D C:\Users\PC\AppData\Roaming\FAC 2023-12-05 15:58 - 2023-12-05 15:58 - 000000000 ____D C:\Users\PC\AppData\Local\FredaikisAB 2023-12-05 15:58 - 2023-12-05 15:58 - 000000000 ____D C:\Users\PC\AppData\Local\CrashRpt 2023-12-04 22:00 - 2023-12-04 22:00 - 000000371 _____ C:\Users\PC\Desktop\Among Us.url 2023-12-04 22:00 - 2023-12-04 22:00 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Innersloth 2023-12-01 09:58 - 2023-12-18 15:19 - 000000000 ____D C:\Users\PC\Documents\My Games 2023-11-30 21:20 - 2023-11-30 21:21 - 000000000 ____D C:\Users\PC\Documents\GTA San Andreas User Files 2023-11-30 21:19 - 2023-12-18 15:12 - 000000000 ____D C:\Program Files (x86)\MTA San Andreas 1.6 2023-11-30 20:56 - 2023-11-30 20:56 - 000000234 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Syndicate.url 2023-11-30 19:54 - 2023-11-30 19:54 - 000000000 ____D C:\ProgramData\Ubisoft 2023-11-30 19:53 - 2023-11-30 21:03 - 000000000 ____D C:\Users\PC\AppData\Local\Ubisoft Game Launcher 2023-11-30 19:53 - 2023-11-30 19:53 - 000001327 _____ C:\Users\PC\Desktop\Ubisoft Connect.lnk 2023-11-30 19:53 - 2023-11-30 19:53 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2023-11-30 19:53 - 2023-11-30 19:53 - 000000000 ____D C:\Program Files (x86)\Ubisoft 2023-11-29 23:40 - 2023-11-29 23:50 - 000000000 ____D C:\Users\PC\Documents\Euro Truck Simulator 2 2023-11-29 23:06 - 2023-11-29 23:06 - 000000000 __RHD C:\Users\PC\AppData\Roaming\SecuROM ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-12-29 22:15 - 2023-08-26 20:10 - 000000000 ____D C:\Program Files (x86)\Google 2023-12-29 22:15 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SystemTemp 2023-12-29 22:07 - 2022-05-07 02:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-12-29 21:52 - 2023-08-24 16:04 - 000000000 ____D C:\ProgramData\NVIDIA 2023-12-29 21:52 - 2023-08-24 15:15 - 001773040 _____ C:\Windows\system32\PerfStringBackup.INI 2023-12-29 21:52 - 2022-05-07 02:22 - 000000000 ____D C:\Windows\INF 2023-12-29 21:50 - 2023-08-24 15:37 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache 2023-12-29 21:49 - 2023-11-16 15:48 - 000000001 _____ C:\Windows\vgkbootstatus.dat 2023-12-29 21:46 - 2023-08-24 15:09 - 000012288 ___SH C:\DumpStack.log.tmp 2023-12-29 21:46 - 2023-08-24 15:09 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-12-29 21:46 - 2023-08-24 15:09 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-12-29 19:58 - 2022-05-07 02:17 - 000524288 _____ C:\Windows\system32\config\BBI 2023-12-29 18:11 - 2023-09-04 16:11 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2023-12-29 18:11 - 2023-08-28 15:26 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2023-12-29 18:11 - 2023-08-24 15:57 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-12-29 18:11 - 2023-08-24 15:56 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2023-12-29 18:11 - 2023-08-24 15:56 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2023-12-29 18:11 - 2023-08-24 15:56 - 000002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2023-12-29 18:11 - 2023-08-24 15:09 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-12-29 18:10 - 2023-08-24 23:09 - 000000000 ____D C:\ProgramData\Riot Games 2023-12-29 18:02 - 2023-09-08 21:46 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net 2023-12-29 18:02 - 2023-08-24 19:44 - 000000000 ____D C:\Users\PC\AppData\Roaming\discord 2023-12-29 17:19 - 2023-08-24 19:44 - 000000000 ____D C:\Users\PC\AppData\Local\Discord 2023-12-29 16:19 - 2023-10-06 20:05 - 000000000 ____D C:\Users\PC\AppData\Roaming\Blitz 2023-12-29 13:30 - 2023-08-26 20:10 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-12-29 13:30 - 2023-08-24 15:56 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk 2023-12-29 13:30 - 2023-08-24 15:56 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2023-12-29 13:30 - 2023-08-24 15:56 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2023-12-29 13:20 - 2023-08-24 15:56 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2023-12-29 13:18 - 2023-08-24 23:28 - 000000032 _____ C:\Users\PC\AppData\Roaming\.machineId 2023-12-27 10:53 - 2023-10-07 01:26 - 000000000 ____D C:\Users\PC\AppData\Roaming\Spotify 2023-12-27 10:53 - 2023-10-07 01:26 - 000000000 ____D C:\Users\PC\AppData\Local\Spotify 2023-12-26 17:47 - 2023-08-26 20:10 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2023-12-26 17:05 - 2023-09-08 21:46 - 000000000 ____D C:\Users\PC\AppData\Roaming\Battle.net 2023-12-26 14:14 - 2023-09-08 21:46 - 000000000 ____D C:\Users\PC\AppData\Local\Blizzard Entertainment 2023-12-26 14:13 - 2023-09-08 21:49 - 000000000 ____D C:\Program Files (x86)\Call of Duty 2023-12-26 14:13 - 2023-09-08 21:46 - 000000000 ____D C:\Program Files (x86)\Battle.net 2023-12-26 13:17 - 2022-05-07 02:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-12-26 13:17 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\AppReadiness 2023-12-26 13:09 - 2023-08-26 22:16 - 000000000 ____D C:\Windows\system32\MRT 2023-12-26 13:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2023-12-26 13:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\GroupPolicy 2023-12-23 17:34 - 2023-08-24 20:23 - 000000000 ____D C:\Program Files (x86)\Steam 2023-12-22 21:20 - 2023-08-24 15:09 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2023-12-19 19:52 - 2023-08-24 19:44 - 000002216 _____ C:\Users\PC\Desktop\Discord.lnk 2023-12-18 20:21 - 2023-08-25 23:53 - 000000000 ____D C:\Users\PC\AppData\Roaming\qBittorrent 2023-12-18 19:59 - 2023-08-26 06:24 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps 2023-12-18 11:13 - 2023-11-28 19:25 - 000000000 ____D C:\Users\Public\BlueStacks 2023-12-18 11:13 - 2023-11-28 19:25 - 000000000 ____D C:\Users\PC\AppData\Local\Bluestacks 2023-12-17 01:10 - 2023-08-25 21:25 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-12-17 01:10 - 2023-08-24 15:09 - 000474776 _____ C:\Windows\system32\FNTCACHE.DAT 2023-12-17 01:09 - 2023-10-13 14:02 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\UUS 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\Dism 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SystemResources 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\WinMetadata 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\oobe 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\Dism 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\appraiser 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\ShellExperiences 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\ShellComponents 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-12-17 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\bcastdvr 2023-12-17 01:09 - 2022-05-07 02:17 - 000000000 ____D C:\Windows\servicing 2023-12-16 18:57 - 2022-05-07 02:17 - 000000000 ____D C:\Windows\CbsTemp 2023-12-16 18:55 - 2023-08-24 15:12 - 003212800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2023-12-16 11:17 - 2023-08-24 15:37 - 000000000 ____D C:\Users\PC\AppData\Local\Packages 2023-12-16 00:39 - 2023-08-24 15:57 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-12-16 00:39 - 2023-08-24 15:39 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3956414198-1852685487-3734134944-1000 2023-12-16 00:34 - 2023-08-24 15:37 - 000000000 ____D C:\Users\PC 2023-12-16 00:32 - 2023-08-24 16:12 - 000000000 ____D C:\Users\defaultuser100000 2023-12-16 00:32 - 2022-05-07 07:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-12-16 00:32 - 2022-05-07 07:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-12-16 00:32 - 2022-05-07 07:39 - 000000000 ____D C:\Windows\system32\OpenSSH 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\SysWOW64\lxss 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\SysWOW64\F12 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\system32\UNP 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\system32\lxss 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\system32\F12 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\system32\dsc 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ___RD C:\Windows\PrintDialog 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ___HD C:\Windows\ELAMBKUP 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\setup 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\oobe 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\migwiz 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\InstallShield 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\downlevel 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\Com 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\Sysprep 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\ShellExperiences 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\Sgrm 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\setup 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\migwiz 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\icsxml 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\downlevel 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\DDFs 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\Com 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\AdvancedInstallers 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\Media 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\L2Schemas 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\IME 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\IdentityCRL 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\DiagTrack 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\BrowserCore 2023-12-16 00:32 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Common Files\System 2023-12-16 00:31 - 2023-10-17 19:14 - 000000000 ____D C:\ProgramData\EA Desktop 2023-12-16 00:31 - 2023-10-06 20:05 - 000000000 ____D C:\Users\PC\AppData\Local\blitz-updater 2023-12-16 00:31 - 2023-09-02 22:52 - 000000000 ____D C:\Users\PC\AppData\Roaming\launcher 2023-12-16 00:31 - 2023-08-28 15:36 - 000000000 ____D C:\Users\PC\AppData\Local\Roblox 2023-12-16 00:31 - 2023-08-28 15:21 - 000000000 ____D C:\ProgramData\IObit 2023-12-16 00:31 - 2023-08-24 22:04 - 000000000 ____D C:\ProgramData\FaceLift 2023-12-16 00:31 - 2023-08-24 15:40 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2023-12-16 00:31 - 2022-05-07 02:25 - 000000000 ____D C:\Windows\system32\Pbr 2023-12-16 00:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SystemApps 2023-12-16 00:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\Help 2023-12-16 00:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\Containers 2023-12-16 00:22 - 2023-09-02 22:52 - 000000000 ____D C:\Users\PC\.lunarclient 2023-12-16 00:22 - 2023-08-24 16:04 - 000000000 ____D C:\Users\PC\AppData\Local\NVIDIA 2023-12-16 00:22 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\registration 2023-12-15 10:54 - 2022-05-07 02:24 - 000000000 ____D C:\ProgramData\USOPrivate 2023-12-14 15:22 - 2023-09-08 21:49 - 000000000 ____D C:\ProgramData\Battle.net_components 2023-12-13 23:21 - 2023-08-28 15:32 - 000000000 ___HD C:\Windows\msdownld.tmp 2023-12-13 23:21 - 2023-08-28 15:31 - 000000000 ____D C:\Windows\SysWOW64\directx 2023-12-13 15:38 - 2023-08-24 15:11 - 000000000 ____D C:\ProgramData\Packages 2023-12-13 10:12 - 2023-09-02 22:53 - 000000000 ____D C:\Users\PC\AppData\Roaming\.minecraft 2023-12-13 00:14 - 2023-08-24 23:09 - 000000000 ____D C:\Riot Games 2023-12-13 00:14 - 2023-08-24 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games 2023-12-12 16:20 - 2023-08-28 15:36 - 000001392 _____ C:\Users\PC\Desktop\Roblox Player.lnk 2023-12-12 16:20 - 2023-08-28 15:36 - 000001220 _____ C:\Users\PC\Desktop\Roblox Studio.lnk 2023-12-12 16:20 - 2023-08-28 15:36 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2023-12-10 21:46 - 2023-08-24 19:40 - 000000000 ____D C:\Users\PC\AppData\Local\Opera Software 2023-12-10 21:45 - 2023-08-24 19:39 - 000000000 ____D C:\Users\PC\AppData\Roaming\Opera Software 2023-12-07 20:31 - 2023-10-06 20:05 - 000002202 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk 2023-12-07 17:35 - 2023-08-24 15:55 - 000000000 ____D C:\Program Files\Microsoft Office 2023-12-07 17:35 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-12-06 15:12 - 2023-11-26 15:42 - 000000000 ____D C:\Users\PC\AppData\Local\BattlEye 2023-12-06 14:26 - 2023-08-24 15:09 - 000000000 ____D C:\Windows\system32\Drivers\wd 2023-12-06 11:41 - 2023-08-25 21:41 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics 2023-12-06 11:06 - 2023-11-28 19:37 - 000006047 _____ C:\Users\PC\-1.14-windows.xml 2023-12-05 15:58 - 2023-08-24 16:04 - 000000000 ____D C:\ProgramData\Package Cache 2023-12-05 15:10 - 2023-08-26 20:10 - 000003960 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{C61F8866-83B2-44C6-BE21-147C10640057} 2023-12-05 15:10 - 2023-08-26 20:10 - 000003836 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{B6328745-B059-46A7-91AD-45A3F93B5FAF} 2023-12-04 22:00 - 2023-10-05 22:39 - 000000000 ____D C:\Program Files\Epic Games 2023-12-04 18:38 - 2023-08-26 14:34 - 000000000 ____D C:\Program Files (x86)\DODI-Repacks 2023-11-30 21:37 - 2023-08-24 15:57 - 000000000 ____D C:\Users\PC\AppData\Local\VirtualStore 2023-11-30 06:06 - 2023-11-28 21:22 - 000996976 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2023-11-30 06:06 - 2023-08-24 19:53 - 002170992 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2023-11-30 06:04 - 2023-08-24 15:39 - 007869664 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll ==================== Arquivos na raiz de alguns diretórios ======== 2023-08-24 23:28 - 2023-12-29 13:18 - 000000032 _____ () C:\Users\PC\AppData\Roaming\.machineId 2023-12-23 15:01 - 2023-12-23 15:01 - 003354624 _____ () C:\Users\PC\AppData\Roaming\emp.bin 2023-11-09 19:59 - 2023-11-09 19:59 - 000000028 _____ () C:\Users\PC\AppData\Local\CapCutConfigure.ini ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================