Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 03.02.2024 01 Executado por TRABALHO (administrador) em DESKTOP-SSLIQE0 (LENOVO 81FE) (04-02-2024 05:35:48) Executando a partir de C:\Users\TRABALHO\Desktop\FRST64.exe Perfis Carregados: TRABALHO Plataforma: Microsoft Windows 11 Home Single Language Versão 23H2 22631.3085 (X64) Idioma: Português (Brasil) Navegador padrão: Opera Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2019-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2019-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrição <==== ATENÇÃO HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Run: [MicrosoftEdgeAutoLaunch_50410CDD4A9F1DAE2FAEDE25E7E7B27B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788840 2024-02-01] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-12] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37277648 2024-01-29] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Run: [AF_uuid_2426960] => 867ea0d9-ea16-4584-88a1-b4a73e69f7a3*SystemValue.f32*ÿÿÿJþ,÷*e***’*aü* (Nenhum Arquivo) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Run: [AF_counter_2426960] => 3 (Nenhum Arquivo) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\TRABALHO\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [66107808 2024-02-04] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\TRABALHO\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Nenhum Arquivo) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\RunOnce: [Uninstall 24.010.0114.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TRABALHO\AppData\Local\Microsoft\OneDrive\24.010.0114.0001" [0 2024-02-04] () <==== ATENÇÃO [zero byte Arquivo/Pasta] HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> ==================== Tarefas Agendadas (Whitelisted) ================= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {512B2D13-C03E-4D57-9CA2-4CEC7F43A79A} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1323919425-2868841928-406510748-1001 => MessengerHelper.exe --lassie (Nenhum Arquivo) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Nenhum Arquivo) Task: {149D86C2-871B-4866-9411-3B981EC89C59} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Nenhum Arquivo) Task: {638A0828-D0FC-4E83-AC15-AC26856F0708} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Nenhum Arquivo) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Nenhum Arquivo) Task: {199162E6-0993-4353-A231-A32CC7B2A592} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {46A87619-D840-4844-B57C-E262B6D0F328} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C3135BCB-32E9-48D5-B3A1-F0CE9E4A6A86} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5CCCA5E1-BDFC-4C0F-B9CD-89F123EC8F01} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2CC086DE-6FF5-4514-8A85-770826CCD61E} - System32\Tasks\Opera GX scheduled Autoupdate 1706399164 => C:\Users\TRABALHO\AppData\Local\Programs\Opera GX\launcher.exe [2294176 2024-01-24] (Opera Norway AS -> Opera Software) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 45.179.204.210 45.179.204.212 Tcpip\..\Interfaces\{42041366-6997-4692-9972-5fe7a858278f}: [DhcpNameServer] 45.179.204.210 45.179.204.212 Tcpip\..\Interfaces\{893d0040-60c7-4743-adf3-73110ada85df}: [DhcpNameServer] 45.179.204.210 45.179.204.212 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-04] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-02-04] Edge Extension: (Documentos Google off-line) - C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-27] Edge Extension: (Edge relevant text changes) - C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Chrome: ======= CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-1323919425-2868841928-406510748-1001) Opera GXStable - "C:\Users\TRABALHO\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.) S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-02] (Malwarebytes Inc. -> Malwarebytes) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [13405720 2023-12-27] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Arquivo não assinado] S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl3c3004dc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F9722245-4129-42BF-96A0-F1DBEF9176C8}\MpKslDrv.sys [263560 2024-02-04] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-01-27] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-27] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três meses (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2024-02-04 05:35 - 2024-02-04 05:36 - 000011607 _____ C:\Users\TRABALHO\Desktop\FRST.txt 2024-02-04 05:35 - 2024-02-04 05:36 - 000000000 ____D C:\FRST 2024-02-04 05:33 - 2024-02-04 05:33 - 000010738 _____ C:\Users\TRABALHO\Desktop\ZHPCleaner (R).html 2024-02-04 05:33 - 2024-02-04 05:33 - 000003743 _____ C:\Users\TRABALHO\Desktop\ZHPCleaner (R).txt 2024-02-04 05:23 - 2024-02-04 05:23 - 000010444 _____ C:\Users\TRABALHO\Desktop\ZHPCleaner (S).html 2024-02-04 05:23 - 2024-02-04 05:23 - 000003558 _____ C:\Users\TRABALHO\Desktop\ZHPCleaner (S).txt 2024-02-04 05:18 - 2024-02-04 05:33 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\ZHP 2024-02-04 05:18 - 2024-02-04 05:18 - 000000878 _____ C:\Users\TRABALHO\Desktop\ZHPCleaner.lnk 2024-02-04 05:18 - 2024-02-04 05:18 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\ZHP 2024-02-04 05:14 - 2024-02-04 05:14 - 002389504 _____ (Farbar) C:\Users\TRABALHO\Desktop\FRST64.exe 2024-02-04 05:11 - 2024-02-04 05:11 - 003363488 _____ (Nicolas Coolman) C:\Users\TRABALHO\Desktop\ZHPCleaner.exe 2024-02-04 05:06 - 2024-02-04 05:17 - 000000000 ____D C:\AdwCleaner 2024-02-04 05:06 - 2024-02-04 05:06 - 008797968 _____ (Malwarebytes) C:\Users\TRABALHO\Desktop\adwcleaner.exe 2024-02-04 04:37 - 2024-02-04 04:37 - 000000000 ___HD C:\OneDriveTemp 2024-02-04 04:26 - 2024-02-04 04:26 - 000000000 ____H C:\Users\TRABALHO\Documents\Default.rdp 2024-02-04 04:17 - 2024-02-04 04:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Meta 2024-02-04 03:34 - 2024-02-04 03:34 - 000731272 _____ C:\WINDOWS\system32\prfh0416.dat 2024-02-04 03:34 - 2024-02-04 03:34 - 000146442 _____ C:\WINDOWS\system32\prfc0416.dat 2024-02-04 03:27 - 2024-02-04 03:27 - 000000000 ____D C:\WINDOWS\Panther 2024-02-04 03:18 - 2024-02-04 03:18 - 000000000 ____D C:\Users\TRABALHO\.android 2024-02-04 02:45 - 2024-02-04 02:45 - 000000000 ___RD C:\Users\TRABALHO\Documents\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe!App 2024-02-04 02:19 - 2024-02-04 02:19 - 000000000 ____D C:\Users\TRABALHO\Downloads\Telegram Desktop 2024-02-03 02:40 - 2024-02-03 02:40 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\com.com2us.smon.pc.steam.global.normal 2024-02-03 02:40 - 2023-12-27 16:22 - 013405720 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des 2024-02-03 02:39 - 2024-02-03 20:33 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\SummonersWarSteam 2024-02-03 02:39 - 2024-02-03 02:40 - 000000000 ____D C:\ProgramData\SummonersWarSteam 2024-02-03 02:39 - 2024-02-03 02:39 - 000000016 _____ C:\ProgramData\mntemp 2024-02-03 02:39 - 2024-02-03 02:39 - 000000000 ____D C:\Program Files\Common Files\INCA Shared 2024-02-03 02:36 - 2024-02-03 02:36 - 000000223 _____ C:\Users\TRABALHO\Desktop\Summoners War.url 2024-02-03 01:51 - 2024-02-03 01:51 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-02-03 01:49 - 2024-02-03 01:49 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-02-03 01:25 - 2024-02-04 03:34 - 001682094 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-02-03 01:25 - 2024-02-03 01:25 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2024-02-03 01:23 - 2024-02-04 04:37 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1323919425-2868841928-406510748-1001 2024-02-03 01:23 - 2024-02-04 04:37 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1323919425-2868841928-406510748-1001 2024-02-03 01:23 - 2024-02-04 03:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-02-03 01:23 - 2024-02-03 01:23 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2024-02-03 01:23 - 2024-02-03 01:23 - 000011433 _____ C:\WINDOWS\diagerr.xml 2024-02-03 01:23 - 2024-02-03 01:23 - 000003602 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-02-03 01:23 - 2024-02-03 01:23 - 000003548 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1706399164 2024-02-03 01:23 - 2024-02-03 01:23 - 000003378 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-02-03 01:23 - 2024-02-03 01:23 - 000000020 ___SH C:\Users\TRABALHO\ntuser.ini 2024-02-03 01:20 - 2024-02-03 01:20 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network 2024-02-03 01:20 - 2024-02-03 01:20 - 000000000 ____D C:\ProgramData\Dolby 2024-02-03 01:20 - 2024-02-03 01:20 - 000000000 ____D C:\Program Files\Dolby 2024-02-03 01:19 - 2024-02-03 01:19 - 000000000 ____D C:\WINDOWS\system32\config\BFS 2024-02-03 01:18 - 2024-02-04 03:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-02-03 01:18 - 2024-02-04 03:26 - 000001527 _____ C:\WINDOWS\system32\config\VSMIDK 2024-02-03 01:18 - 2024-02-03 02:11 - 000445920 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-02-03 01:12 - 2024-02-03 01:18 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Crypto 2024-02-03 01:12 - 2024-02-03 01:12 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\SystemCertificates 2024-02-03 01:12 - 2024-02-03 01:12 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Network 2024-02-03 01:10 - 2024-02-03 01:18 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2024-02-03 01:09 - 2024-02-04 03:27 - 000000000 ____D C:\Users\TRABALHO 2024-02-03 01:09 - 2024-02-03 01:25 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows 2024-02-03 01:09 - 2024-02-03 01:23 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Spelling 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Modelos 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Meus Documentos 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Menu Iniciar 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Documents\Minhas Músicas 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Documents\Minhas Imagens 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Documents\Meus Vídeos 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Dados de Aplicativos 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Configurações Locais 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\AppData\Local\Histórico 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\AppData\Local\Dados de Aplicativos 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Ambiente de Rede 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Ambiente de Impressão 2024-02-03 01:08 - 2024-02-03 01:10 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2024-02-03 00:59 - 2024-02-03 00:59 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2024-02-03 00:48 - 2024-02-03 00:51 - 000000036 _____ C:\WINDOWS\progress.ini 2024-02-03 00:41 - 2024-02-03 00:41 - 000000000 ____D C:\CLientes IPTV 2024-02-03 00:40 - 2024-02-03 00:48 - 000000000 ___HD C:\$GetCurrent 2024-02-03 00:40 - 2024-02-03 00:48 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant 2024-02-03 00:33 - 2024-02-03 00:33 - 000001360 _____ C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2024-02-03 00:33 - 2024-02-03 00:33 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\PCHealthCheck 2024-02-02 22:00 - 2024-02-02 22:00 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\GOG.com 2024-02-02 21:59 - 2024-02-02 21:59 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA 2024-02-02 21:57 - 2024-02-02 23:17 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\StardewValley 2024-02-02 21:56 - 2024-02-03 02:36 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-02-02 21:56 - 2024-02-02 21:56 - 000000222 _____ C:\Users\TRABALHO\Desktop\Stardew Valley.url 2024-02-02 20:24 - 2024-02-02 20:24 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\LibreOffice 2024-02-02 20:23 - 2024-02-03 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 24.2 2024-02-02 20:23 - 2024-02-02 20:23 - 000001207 _____ C:\Users\Public\Desktop\LibreOffice 24.2.lnk 2024-02-02 20:20 - 2024-02-02 20:21 - 000000000 ____D C:\Program Files\LibreOffice 2024-02-02 20:12 - 2024-02-03 00:41 - 000000000 ____D C:\Users\TRABALHO\Desktop\CLientes IPTV 2024-02-02 02:49 - 2024-02-02 02:56 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Fing 2024-02-02 02:48 - 2024-02-02 02:48 - 000000000 ____D C:\Program Files\RUXIM 2024-02-02 02:47 - 2024-02-02 02:47 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\FingAgent 2024-02-02 02:46 - 2024-02-02 02:56 - 000000000 ____D C:\Program Files\Npcap 2024-02-02 02:46 - 2024-02-02 02:46 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\fing-updater 2024-02-02 02:35 - 2024-02-02 02:35 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\mbam 2024-02-02 02:33 - 2024-02-04 03:27 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Malwarebytes 2024-02-02 02:33 - 2024-02-02 02:33 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-02-02 02:33 - 2024-02-02 02:33 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-02-02 02:32 - 2024-02-02 02:32 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-02-02 02:32 - 2024-02-02 02:32 - 000000000 ____D C:\Program Files\Malwarebytes 2024-02-02 02:17 - 2024-02-02 02:17 - 000000017 _____ C:\Users\TRABALHO\AppData\Local\resmon.resmoncfg 2024-02-02 00:10 - 2024-02-02 00:13 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2024-01-30 12:55 - 2024-02-03 00:41 - 000000000 ____D C:\Users\TRABALHO\Documents\Nova pasta 2024-01-30 00:56 - 2024-02-02 02:39 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\ElevatedDiagnostics 2024-01-29 19:34 - 2024-02-04 03:12 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\purpleiptv 2024-01-29 15:35 - 2024-01-29 15:35 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\NVIDIA Corporation 2024-01-29 15:34 - 2024-02-03 02:39 - 000000000 ____D C:\ProgramData\Package Cache 2024-01-29 15:32 - 2024-01-29 15:32 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2024-01-29 15:32 - 2024-01-29 15:32 - 000001280 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk 2024-01-29 15:32 - 2024-01-29 15:32 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\UnrealEngineLauncher 2024-01-29 15:32 - 2024-01-29 15:32 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\UnrealEngine 2024-01-29 15:32 - 2024-01-29 15:32 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\EpicGamesLauncher 2024-01-29 15:32 - 2024-01-29 15:32 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Epic Games 2024-01-29 15:31 - 2024-01-29 15:35 - 000000000 ____D C:\ProgramData\Epic 2024-01-29 15:31 - 2024-01-29 15:32 - 000000000 ____D C:\Program Files (x86)\Epic Games 2024-01-29 15:27 - 2024-02-04 05:11 - 000000000 ____D C:\Program Files (x86)\Steam 2024-01-29 15:27 - 2024-02-03 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2024-01-29 15:27 - 2024-01-29 15:33 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Steam 2024-01-29 15:27 - 2024-01-29 15:27 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk 2024-01-29 15:27 - 2024-01-29 15:27 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\CEF 2024-01-29 13:42 - 2024-02-02 23:30 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\discord 2024-01-29 13:42 - 2024-02-02 22:56 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Discord 2024-01-29 13:42 - 2024-02-02 21:49 - 000002242 _____ C:\Users\TRABALHO\Desktop\Discord.lnk 2024-01-29 13:42 - 2024-01-29 13:42 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\SquirrelTemp 2024-01-29 12:47 - 2024-01-29 12:47 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\cache 2024-01-29 12:42 - 2024-02-04 03:34 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Telegram Desktop 2024-01-29 12:42 - 2024-02-03 01:18 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2024-01-29 12:42 - 2024-01-29 12:42 - 000001041 _____ C:\Users\TRABALHO\Desktop\Telegram.lnk 2024-01-27 21:44 - 2024-01-27 21:44 - 000000000 ____D C:\ProgramData\PLUG 2024-01-27 20:52 - 2024-02-04 03:19 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\D3DSCache 2024-01-27 20:52 - 2024-02-03 01:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2024-01-27 20:51 - 2020-03-29 23:48 - 000464832 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDUninstall.exe 2024-01-27 20:51 - 2019-05-09 19:49 - 000185232 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2_I2C.sys 2024-01-27 20:47 - 2024-02-04 03:27 - 000000000 __SHD C:\Users\TRABALHO\IntelGraphicsProfiles 2024-01-27 20:47 - 2024-01-27 21:45 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Intel 2024-01-27 20:47 - 2024-01-27 20:47 - 000000000 ____D C:\ProgramData\Intel 2024-01-27 20:46 - 2024-01-27 20:46 - 000001447 _____ C:\Users\TRABALHO\Desktop\Navegador Opera GX.lnk 2024-01-27 20:46 - 2024-01-27 20:46 - 000001437 _____ C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk 2024-01-27 20:46 - 2024-01-27 20:46 - 000000000 ____D C:\Users\TRABALHO\AppData\LocalLow\Intel 2024-01-27 20:46 - 2024-01-27 20:46 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Opera Software 2024-01-27 20:44 - 2022-08-31 20:15 - 000048896 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Drivers\AcpiVpc.sys 2024-01-27 20:44 - 2020-10-12 07:15 - 000338432 _____ (Intel Corporation) C:\WINDOWS\system32\JHI64.dll 2024-01-27 20:44 - 2020-10-12 07:15 - 000322560 _____ (Intel Corporation) C:\WINDOWS\system32\TEEManagement64.dll 2024-01-27 20:44 - 2020-10-12 07:15 - 000273408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\JHI.dll 2024-01-27 20:44 - 2020-10-12 07:15 - 000260608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\TEEManagement.dll 2024-01-27 20:42 - 2024-01-27 20:42 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Opera Software 2024-01-27 20:41 - 2024-02-04 03:27 - 000000000 ____D C:\Intel 2024-01-27 20:41 - 2024-01-27 20:41 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2024-01-27 20:40 - 2024-01-27 20:40 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\OneDrive 2024-01-27 20:38 - 2021-01-25 08:44 - 001790200 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-01-27 20:38 - 2021-01-25 08:44 - 001790200 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-01-27 20:38 - 2021-01-25 08:44 - 001386232 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-01-27 20:38 - 2021-01-25 08:44 - 001386232 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-01-27 20:38 - 2021-01-25 08:44 - 001096288 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 001096288 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000949344 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000949344 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000306000 _____ C:\WINDOWS\system32\libmfxhw64.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000254528 _____ C:\WINDOWS\SysWOW64\libmfxhw32.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000171472 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000146760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll 2024-01-27 20:37 - 2024-02-03 01:18 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-01-27 20:34 - 2024-02-04 04:11 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\PlaceholderTileLogoFolder 2024-01-27 20:33 - 2020-03-29 23:48 - 001269184 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCtrl.exe 2024-01-27 20:33 - 2020-03-29 23:48 - 000743872 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys 2024-01-27 20:33 - 2020-03-29 23:48 - 000642496 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCmds.dll 2024-01-27 20:33 - 2020-03-29 23:48 - 000509376 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\ETDApix.dll 2024-01-27 20:33 - 2020-03-29 23:48 - 000470976 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDFavorite.dll 2024-01-27 20:33 - 2020-03-29 23:48 - 000464832 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDUn_inst.exe 2024-01-27 20:33 - 2020-03-29 23:48 - 000431040 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\ETDApi.dll 2024-01-27 20:33 - 2020-03-29 23:48 - 000427456 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\LenovoAPI.dll 2024-01-27 20:33 - 2020-03-29 23:48 - 000399296 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCtrlHelper.exe 2024-01-27 20:33 - 2020-03-29 23:48 - 000254912 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDService.exe 2024-01-27 20:33 - 2020-03-29 23:48 - 000134080 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDTouch.exe 2024-01-27 20:32 - 2024-02-03 01:20 - 000527912 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip 2024-01-27 20:32 - 2024-02-03 01:20 - 000000000 ____D C:\WINDOWS\system32\DAX3 2024-01-27 20:32 - 2024-02-03 01:20 - 000000000 ____D C:\WINDOWS\system32\DAX2 2024-01-27 20:32 - 2024-02-03 01:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek 2024-01-27 20:32 - 2024-02-03 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2024-01-27 20:32 - 2024-02-03 01:10 - 000000000 ____D C:\Program Files\Realtek 2024-01-27 20:32 - 2024-02-01 23:48 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\MMC 2024-01-27 20:32 - 2024-01-27 20:32 - 000000102 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc 2024-01-27 20:32 - 2024-01-27 20:32 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2024-01-27 20:32 - 2024-01-27 20:32 - 000000000 ____D C:\Program Files (x86)\Realtek 2024-01-27 20:31 - 2020-03-29 23:48 - 000030144 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETDHCF.sys 2024-01-27 20:31 - 2019-10-21 07:36 - 007178576 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 007101848 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 006840616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2024-01-27 20:31 - 2019-10-21 07:36 - 005347120 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 004120032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 003819928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 003677176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2024-01-27 20:31 - 2019-10-21 07:36 - 003340512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 003159880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 002930256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001971472 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001544384 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001372488 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001353424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001259832 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001159280 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000453376 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000406552 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000378488 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000343808 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000333112 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000278376 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000193112 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000157448 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000139864 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000122424 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000090272 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000023800 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2024-01-24 09:42 - 2024-01-29 13:33 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Comms 2024-01-23 14:17 - 2024-02-04 04:37 - 000000000 ___RD C:\Users\TRABALHO\OneDrive 2024-01-23 14:15 - 2024-02-04 05:08 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Packages 2024-01-23 14:15 - 2024-02-04 05:08 - 000000000 ____D C:\ProgramData\Packages 2024-01-23 14:15 - 2024-02-04 04:20 - 000000000 ___SD C:\Users\TRABALHO\AppData\Roaming\Microsoft\Credentials 2024-01-23 14:15 - 2024-02-03 01:23 - 000000000 __RHD C:\Users\Public\AccountPictures 2024-01-23 14:15 - 2024-01-30 11:57 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\ConnectedDevicesPlatform 2024-01-23 14:15 - 2024-01-27 20:42 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Publishers 2024-01-23 14:15 - 2024-01-23 14:15 - 000000000 ___SD C:\Users\TRABALHO\AppData\Roaming\Microsoft\Protect 2024-01-23 14:15 - 2024-01-23 14:15 - 000000000 ___RD C:\Users\TRABALHO\3D Objects 2024-01-23 14:15 - 2024-01-23 14:15 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Vault 2024-01-23 14:15 - 2024-01-23 14:15 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Adobe 2024-01-23 14:15 - 2024-01-23 14:15 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\VirtualStore 2024-01-23 14:14 - 2024-02-04 04:37 - 000002394 _____ C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-01-23 14:10 - 2024-02-02 00:14 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Usuário Padrão 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Todos os Usuários 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Public\Documents\Minhas Músicas 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Public\Documents\Minhas Imagens 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Public\Documents\Meus Vídeos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Modelos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Meus Documentos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Menu Iniciar 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Documents\Minhas Músicas 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Documents\Minhas Imagens 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Documents\Meus Vídeos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Dados de Aplicativos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Configurações Locais 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\AppData\Local\Histórico 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Ambiente de Rede 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Ambiente de Impressão 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\ProgramData\Modelos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\ProgramData\Menu Iniciar 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\ProgramData\Documentos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\ProgramData\Dados de Aplicativos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Program Files\Common Files\Sistema 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Program Files\Arquivos Comuns 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Documents and Settings 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Arquivos de Programas 2024-01-23 14:09 - 2024-02-03 01:20 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-01-23 14:09 - 2024-02-03 01:20 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-01-23 14:09 - 2024-01-27 20:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-01-23 14:09 - 2024-01-23 14:09 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2024-01-23 14:08 - 2024-02-04 03:26 - 000012288 ___SH C:\DumpStack.log.tmp 2023-12-03 23:53 - 2024-02-03 02:09 - 000000000 ____D C:\WINDOWS\InboxApps ==================== Três meses (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2024-02-04 05:35 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-02-04 05:27 - 2022-05-07 02:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-02-04 05:27 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-02-04 05:27 - 2022-05-07 02:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-02-04 04:41 - 2022-05-07 02:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-02-04 04:16 - 2022-05-07 02:22 - 000000000 ____D C:\WINDOWS\INF 2024-02-04 01:31 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\NDF 2024-02-03 04:47 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\appcompat 2024-02-03 02:21 - 2022-05-07 02:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2024-02-03 02:09 - 2023-10-01 04:04 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\UUS 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\setup 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\id-ID 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\et-EE 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\es-MX 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\DDFs 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\Provisioning 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\DiagTrack 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\BrowserCore 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Common Files\System 2024-02-03 02:09 - 2022-05-07 02:17 - 000000000 ____D C:\WINDOWS\servicing 2024-02-03 02:05 - 2022-05-07 02:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-02-03 01:57 - 2022-05-07 07:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2024-02-03 01:57 - 2022-05-07 02:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2024-02-03 01:57 - 2022-05-07 02:25 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2024-02-03 01:57 - 2022-05-07 02:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2024-02-03 01:57 - 2022-05-07 02:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll 2024-02-03 01:23 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Windows NT 2024-02-03 01:23 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Windows Defender 2024-02-03 01:23 - 2022-05-07 02:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-02-03 01:21 - 2022-05-07 02:24 - 000000000 __RHD C:\Users\Public\Libraries 2024-02-03 01:21 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-02-03 01:19 - 2022-05-07 02:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2024-02-03 01:18 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2024-02-03 01:18 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\spool 2024-02-03 01:18 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-02-03 01:18 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-02-03 01:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2024-02-03 01:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2024-02-03 01:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\catroot2.old 2024-02-03 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows 2024-02-03 01:08 - 2022-05-07 02:28 - 000000000 ____D C:\WINDOWS\Setup 2024-01-23 14:12 - 2019-12-07 11:55 - 000000000 ____D C:\WINDOWS\system32\FxsTmp ==================== Arquivos na raiz de alguns diretórios ======== 2024-02-02 02:17 - 2024-02-02 02:17 - 000000017 _____ () C:\Users\TRABALHO\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2024-02-04 05:14 - 2024-02-04 05:14 - 002389504 _____ (Farbar) C:\Users\TRABALHO\Desktop\FRST64.exe 2024-02-04 05:11 - 2024-02-04 05:11 - 003363488 _____ (Nicolas Coolman) C:\Users\TRABALHO\Desktop\ZHPCleaner.exe ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== BCD ================================ Gerenciador de Inicialização de Firmware ---------------------------------------- identificador {fwbootmgr} displayorder {bootmgr} {38ee30e3-ba11-11ee-b30e-85e67bcc19f1} {38ee30e4-ba11-11ee-b30e-85e67bcc19f1} {38ee30e5-ba11-11ee-b30e-85e67bcc19f1} timeout 0 Gerenciador de Inicialização do Windows --------------------------------------- identificador {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale pt-BR inherit {globalsettings} default {current} resumeobject {1eed8d3d-c24b-11ee-a9bc-6432a873510e} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Aplicativo de Firmware (101fffff) --------------------------------- identificador {38ee30e3-ba11-11ee-b30e-85e67bcc19f1} description EFI USB Device Aplicativo de Firmware (101fffff) --------------------------------- identificador {38ee30e4-ba11-11ee-b30e-85e67bcc19f1} description EFI DVD/CDROM Aplicativo de Firmware (101fffff) --------------------------------- identificador {38ee30e5-ba11-11ee-b30e-85e67bcc19f1} description EFI Network Aplicativo de Firmware (101fffff) --------------------------------- identificador {38ee30e6-ba11-11ee-b30e-85e67bcc19f1} description EFI Network 0 for IPv6 (64-1C-67-A5-55-22) Aplicativo de Firmware (101fffff) --------------------------------- identificador {38ee30e7-ba11-11ee-b30e-85e67bcc19f1} device unknown description EFI USB Device (Generic Flash Disk) Carregador de Inicialização do Windows -------------------------------------- identificador {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale pt-BR inherit {bootloadersettings} recoverysequence {1eed8d40-c24b-11ee-a9bc-6432a873510e} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {1eed8d3d-c24b-11ee-a9bc-6432a873510e} nx OptIn bootmenupolicy Standard Carregador de Inicialização do Windows -------------------------------------- identificador {1eed8d40-c24b-11ee-a9bc-6432a873510e} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{1eed8d41-c24b-11ee-a9bc-6432a873510e} path \windows\system32\winload.efi description Windows Recovery Environment locale pt-BR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{1eed8d41-c24b-11ee-a9bc-6432a873510e} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Carregador de Inicialização do Windows -------------------------------------- identificador {38ee30ea-ba11-11ee-b30e-85e67bcc19f1} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{38ee30eb-ba11-11ee-b30e-85e67bcc19f1} path \windows\system32\winload.efi description Windows Recovery Environment locale pt-br inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{38ee30eb-ba11-11ee-b30e-85e67bcc19f1} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Continuar da Hibernação ----------------------- identificador {1eed8d3d-c24b-11ee-a9bc-6432a873510e} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale pt-BR inherit {resumeloadersettings} recoverysequence {1eed8d40-c24b-11ee-a9bc-6432a873510e} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testador de Memória do Windows ------------------------------ identificador {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnóstico de Memória do Windows locale pt-BR inherit {globalsettings} badmemoryaccess Yes Configurações de EMS -------------------- identificador {emssettings} bootems No Configurações do Depurador -------------------------- identificador {dbgsettings} debugtype Local Defeitos de RAM --------------- identificador {badmemory} Configurações Globais --------------------- identificador {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Configurações do Carregador de Inicialização -------------------------------------------- identificador {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Configurações do Hypervisor --------------------------- identificador {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Configurações do Carregador de Retorno -------------------------------------- identificador {resumeloadersettings} inherit {globalsettings} Opções de dispositivo --------------------- identificador {1eed8d41-c24b-11ee-a9bc-6432a873510e} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fim de FRST.txt ========================