SnowboO

Bom dia a todos. A tempos atrás notei que meu PC estava tendo comportamentos estranhos (Fan da placa de vídeo aumentando sem uso, configuração da BIOS diferente setando o padrão de memória ram a 2133mhz, tela azul ao tentar fazer scan com malwarebytes usando hiren's boot, Malwarebytes premium fazendo scan em segundos) Então resolvi criar um post aqui no fórum relatando os problemas para pedir ajuda, porém recebi uma mensagem de um usuário do fórum mencionando que poderia ser rootkit, e era para tentar alguns métodos, foi então que formatei a máquina e assim perdendo a chance de receber ajuda. Deixei de usar meu PC por receio de espalhar o problema, já que não conseguia resolver e agora comprei um notebook para trabalhar. porém estou preocupado com a possibilidade deste note também ser infectado. Instalei o windows 10 nele e agora atualizei para o 11, só que não consegui fazer pelas atualizações automáticas mesmo aparecendo a opção para atualizar, foi onde me veio a dúvida se não pode ser caso de alguma infecção. Na real não sei nem se este post que estou fazendo é mesmo do clube do hardware, porque meus posts antigos não estão aparecendo. Tenho medo de tudo que estou acessando ser redirecionado para páginas falsas. Entretanto solicito ajuda dos amigos do fórum para tirar essa dúvida que está me tirando o sono a meses. Desde já obrigado. Segue os Scans # ------------------------------- # Malwarebytes AdwCleaner 8.4.1.0 # ------------------------------- # Build: 01-29-2024 # Database: 2023-07-19.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 02-04-2024 # Duration: 00:00:05 # OS: Windows 11 (Build 22631.3085) # Cleaned: 0 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete IFEO [+] Delete Prefetch [+] Delete Tracing Keys [+] Reset BITS [+] Reset Windows Firewall [+] Reset Hosts File [+] Reset IPSec [+] Reset Chromium Policies [+] Reset IE Policies [+] Reset Proxy Settings [+] Reset TCP/IP [+] Reset Winsock [+] Reset Windows Installer ************************* AdwCleaner[S00].txt - [1420 octets] - [04/02/2024 05:17:23] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## # ------------------------------- # Malwarebytes AdwCleaner 8.4.1.0 # ------------------------------- # Build: 01-29-2024 # Database: 2023-07-19.3 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 02-04-2024 # Duration: 00:00:06 # OS: Windows 11 (Build 22631.3085) # Scanned: 32095 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ########## ~ ZHPCleaner v2024.1.26.4 by Nicolas Coolman (2024/01/26) ~ Run by TRABALHO (Administrator) (04/02/2024 05:19:08) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scan ~ Report : C:\Users\TRABALHO\Desktop\ZHPCleaner (S).txt ~ Quarantine : C:\Users\TRABALHO\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 11, 64-bit (Build 22631) ---\\ Alternate Data Stream (ADS). (1) FOUND file ADS: C:\Users\TRABALHO\Desktop\adwcleaner.exe:MBAM.Zone.Identifier =>.SUP.FileADS ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (3) FOUND file: C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\History =>.SUP.BrowserHistoric FOUND folder: C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache FOUND folder: C:\Users\TRABALHO\AppData\Local\Opera Software\Opera GX Stable\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache ---\\ Hosts file (1) ~ The hosts file is legitimate (40) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (2) FOUND file: C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>ChromiumPreference FOUND folder: C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.SUP.Discord ---\\ Registry ( Key, Value, Data) (6) FOUND value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Discord ["C:\Users\TRABALHO\AppData\Local\Discord\Update.ex] =>.SUP.Discord FOUND key: HKEY_USERS\S-1-5-21-1323919425-2868841928-406510748-1001\SOFTWARE\Discord [] =>.SUP.Discord FOUND key: HKEY_USERS\S-1-5-21-1323919425-2868841928-406510748-1001\SOFTWARE\Classes\AppXq0pwa73vfcn2qdexp8cexcc6qk87xh1r [] =>Adware.Navipromo FOUND key: HKEY_USERS\S-1-5-21-1323919425-2868841928-406510748-1001\SOFTWARE\Classes\Discord [URL:Discord Protocol] =>.SUP.Discord FOUND key: HKCU\Software\Discord [] =>.SUP.Discord FOUND key: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Discord [Discord Inc.] =>.SUP.Discord ---\\ Summary of the elements found (6) https://nicolascoolman.eu/2018/01/04/ads-alternate-data-stream/ =>.SUP.FileADS https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserHistoric https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserCache https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/ =>ChromiumPreference https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/ =>.SUP.Discord https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Adware.Navipromo ---\\ Result of repair ~ Any repair made ~ Microsoft Edge OK ~ Microsoft Internet Explorer OK ~ Opera GX Stable OK ---\\ Statistics ~ Items scanned : 91342 ~ Items found : 13 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 10/18 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of search in 00h04mn50s ---\\ Reports (0) ZHPCleaner-[S]-04022024-05_23_58.txt ~ ZHPCleaner v2024.1.26.4 by Nicolas Coolman (2024/01/26) ~ Run by TRABALHO (Administrator) (04/02/2024 05:32:18) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\TRABALHO\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\TRABALHO\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : OK ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 11, 64-bit (Build 22631) ---\\ Alternate Data Stream (ADS). (1) MOVED file ADS: C:\Users\TRABALHO\Desktop\adwcleaner.exe:MBAM.Zone.Identifier =>.SUP.FileADS ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ---\\ Hosts file (1) ~ The hosts file is legitimate (40) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (5) MOVED file: C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\History =>.SUP.BrowserHistoric MOVED file: C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium MOVED folder: C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache MOVED folder: C:\Users\TRABALHO\AppData\Local\Opera Software\Opera GX Stable\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache MOVED folder: C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.SUP.Discord ---\\ Registry ( Key, Value, Data) (6) DELETED key*: HKEY_USERS\S-1-5-21-1323919425-2868841928-406510748-1001\SOFTWARE\Discord [] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-1323919425-2868841928-406510748-1001\SOFTWARE\Classes\AppXq0pwa73vfcn2qdexp8cexcc6qk87xh1r [] =>Adware.Navipromo DELETED key*: HKEY_USERS\S-1-5-21-1323919425-2868841928-406510748-1001\SOFTWARE\Classes\Discord [URL:Discord Protocol] =>.SUP.Discord DELETED key**: HKCU\Software\Discord [] =>.SUP.Discord DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Discord [Discord Inc.] =>.SUP.Discord DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Discord ["C:\Users\TRABALHO\AppData\Local\Discord\Update.ex] =>.SUP.Discord ---\\ Summary of the elements found (6) https://nicolascoolman.eu/2018/01/04/ads-alternate-data-stream/ =>.SUP.FileADS https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserHistoric https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserCache https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/ =>.SUP.Discord https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Adware.Navipromo ---\\ Other deletions. (1) ~ Registry Keys Tracing deleted (1) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Microsoft Edge OK ~ Microsoft Internet Explorer OK ~ Opera GX Stable OK ---\\ Statistics ~ Items scanned : 1007 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 10/18 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h00mn46s ---\\ Reports (2) ZHPCleaner-[S]-04022024-05_23_58.txt ZHPCleaner-[R]-04022024-05_33_04.txt Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 03.02.2024 01 Executado por TRABALHO (administrador) em DESKTOP-SSLIQE0 (LENOVO 81FE) (04-02-2024 05:35:48) Executando a partir de C:\Users\TRABALHO\Desktop\FRST64.exe Perfis Carregados: TRABALHO Plataforma: Microsoft Windows 11 Home Single Language Versão 23H2 22631.3085 (X64) Idioma: Português (Brasil) Navegador padrão: Opera Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2019-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2019-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Update: Restrição <==== ATENÇÃO HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Run: [MicrosoftEdgeAutoLaunch_50410CDD4A9F1DAE2FAEDE25E7E7B27B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788840 2024-02-01] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4388200 2024-01-12] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37277648 2024-01-29] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Run: [AF_uuid_2426960] => 867ea0d9-ea16-4584-88a1-b4a73e69f7a3*SystemValue.f32*ÿÿÿJþ,÷*e***’*aü* (Nenhum Arquivo) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Run: [AF_counter_2426960] => 3 (Nenhum Arquivo) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\TRABALHO\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [66107808 2024-02-04] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\TRABALHO\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Nenhum Arquivo) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\RunOnce: [Uninstall 24.010.0114.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TRABALHO\AppData\Local\Microsoft\OneDrive\24.010.0114.0001" [0 2024-02-04] () <==== ATENÇÃO [zero byte Arquivo/Pasta] HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> ==================== Tarefas Agendadas (Whitelisted) ================= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {512B2D13-C03E-4D57-9CA2-4CEC7F43A79A} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-1323919425-2868841928-406510748-1001 => MessengerHelper.exe --lassie (Nenhum Arquivo) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Nenhum Arquivo) Task: {149D86C2-871B-4866-9411-3B981EC89C59} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Nenhum Arquivo) Task: {638A0828-D0FC-4E83-AC15-AC26856F0708} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Nenhum Arquivo) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Nenhum Arquivo) Task: {199162E6-0993-4353-A231-A32CC7B2A592} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {46A87619-D840-4844-B57C-E262B6D0F328} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C3135BCB-32E9-48D5-B3A1-F0CE9E4A6A86} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5CCCA5E1-BDFC-4C0F-B9CD-89F123EC8F01} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2CC086DE-6FF5-4514-8A85-770826CCD61E} - System32\Tasks\Opera GX scheduled Autoupdate 1706399164 => C:\Users\TRABALHO\AppData\Local\Programs\Opera GX\launcher.exe [2294176 2024-01-24] (Opera Norway AS -> Opera Software) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 45.179.204.210 45.179.204.212 Tcpip\..\Interfaces\{42041366-6997-4692-9972-5fe7a858278f}: [DhcpNameServer] 45.179.204.210 45.179.204.212 Tcpip\..\Interfaces\{893d0040-60c7-4743-adf3-73110ada85df}: [DhcpNameServer] 45.179.204.210 45.179.204.212 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-04] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-02-04] Edge Extension: (Documentos Google off-line) - C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-27] Edge Extension: (Edge relevant text changes) - C:\Users\TRABALHO\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-27] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Chrome: ======= CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-1323919425-2868841928-406510748-1001) Opera GXStable - "C:\Users\TRABALHO\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2019-01-21] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.) S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-01-29] (The Document Foundation -> The Document Foundation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-02] (Malwarebytes Inc. -> Malwarebytes) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [13405720 2023-12-27] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-27] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Arquivo não assinado] S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl3c3004dc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F9722245-4129-42BF-96A0-F1DBEF9176C8}\MpKslDrv.sys [263560 2024-02-04] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-01-27] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-27] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três meses (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2024-02-04 05:35 - 2024-02-04 05:36 - 000011607 _____ C:\Users\TRABALHO\Desktop\FRST.txt 2024-02-04 05:35 - 2024-02-04 05:36 - 000000000 ____D C:\FRST 2024-02-04 05:33 - 2024-02-04 05:33 - 000010738 _____ C:\Users\TRABALHO\Desktop\ZHPCleaner (R).html 2024-02-04 05:33 - 2024-02-04 05:33 - 000003743 _____ C:\Users\TRABALHO\Desktop\ZHPCleaner (R).txt 2024-02-04 05:23 - 2024-02-04 05:23 - 000010444 _____ C:\Users\TRABALHO\Desktop\ZHPCleaner (S).html 2024-02-04 05:23 - 2024-02-04 05:23 - 000003558 _____ C:\Users\TRABALHO\Desktop\ZHPCleaner (S).txt 2024-02-04 05:18 - 2024-02-04 05:33 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\ZHP 2024-02-04 05:18 - 2024-02-04 05:18 - 000000878 _____ C:\Users\TRABALHO\Desktop\ZHPCleaner.lnk 2024-02-04 05:18 - 2024-02-04 05:18 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\ZHP 2024-02-04 05:14 - 2024-02-04 05:14 - 002389504 _____ (Farbar) C:\Users\TRABALHO\Desktop\FRST64.exe 2024-02-04 05:11 - 2024-02-04 05:11 - 003363488 _____ (Nicolas Coolman) C:\Users\TRABALHO\Desktop\ZHPCleaner.exe 2024-02-04 05:06 - 2024-02-04 05:17 - 000000000 ____D C:\AdwCleaner 2024-02-04 05:06 - 2024-02-04 05:06 - 008797968 _____ (Malwarebytes) C:\Users\TRABALHO\Desktop\adwcleaner.exe 2024-02-04 04:37 - 2024-02-04 04:37 - 000000000 ___HD C:\OneDriveTemp 2024-02-04 04:26 - 2024-02-04 04:26 - 000000000 ____H C:\Users\TRABALHO\Documents\Default.rdp 2024-02-04 04:17 - 2024-02-04 04:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Meta 2024-02-04 03:34 - 2024-02-04 03:34 - 000731272 _____ C:\WINDOWS\system32\prfh0416.dat 2024-02-04 03:34 - 2024-02-04 03:34 - 000146442 _____ C:\WINDOWS\system32\prfc0416.dat 2024-02-04 03:27 - 2024-02-04 03:27 - 000000000 ____D C:\WINDOWS\Panther 2024-02-04 03:18 - 2024-02-04 03:18 - 000000000 ____D C:\Users\TRABALHO\.android 2024-02-04 02:45 - 2024-02-04 02:45 - 000000000 ___RD C:\Users\TRABALHO\Documents\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe!App 2024-02-04 02:19 - 2024-02-04 02:19 - 000000000 ____D C:\Users\TRABALHO\Downloads\Telegram Desktop 2024-02-03 02:40 - 2024-02-03 02:40 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\com.com2us.smon.pc.steam.global.normal 2024-02-03 02:40 - 2023-12-27 16:22 - 013405720 _____ (INCA Internet Co., Ltd.) C:\WINDOWS\SysWOW64\GameMon.des 2024-02-03 02:39 - 2024-02-03 20:33 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\SummonersWarSteam 2024-02-03 02:39 - 2024-02-03 02:40 - 000000000 ____D C:\ProgramData\SummonersWarSteam 2024-02-03 02:39 - 2024-02-03 02:39 - 000000016 _____ C:\ProgramData\mntemp 2024-02-03 02:39 - 2024-02-03 02:39 - 000000000 ____D C:\Program Files\Common Files\INCA Shared 2024-02-03 02:36 - 2024-02-03 02:36 - 000000223 _____ C:\Users\TRABALHO\Desktop\Summoners War.url 2024-02-03 01:51 - 2024-02-03 01:51 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-02-03 01:49 - 2024-02-03 01:49 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-02-03 01:25 - 2024-02-04 03:34 - 001682094 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-02-03 01:25 - 2024-02-03 01:25 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2024-02-03 01:23 - 2024-02-04 04:37 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1323919425-2868841928-406510748-1001 2024-02-03 01:23 - 2024-02-04 04:37 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1323919425-2868841928-406510748-1001 2024-02-03 01:23 - 2024-02-04 03:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-02-03 01:23 - 2024-02-03 01:23 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2024-02-03 01:23 - 2024-02-03 01:23 - 000011433 _____ C:\WINDOWS\diagerr.xml 2024-02-03 01:23 - 2024-02-03 01:23 - 000003602 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-02-03 01:23 - 2024-02-03 01:23 - 000003548 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1706399164 2024-02-03 01:23 - 2024-02-03 01:23 - 000003378 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-02-03 01:23 - 2024-02-03 01:23 - 000000020 ___SH C:\Users\TRABALHO\ntuser.ini 2024-02-03 01:20 - 2024-02-03 01:20 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network 2024-02-03 01:20 - 2024-02-03 01:20 - 000000000 ____D C:\ProgramData\Dolby 2024-02-03 01:20 - 2024-02-03 01:20 - 000000000 ____D C:\Program Files\Dolby 2024-02-03 01:19 - 2024-02-03 01:19 - 000000000 ____D C:\WINDOWS\system32\config\BFS 2024-02-03 01:18 - 2024-02-04 03:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-02-03 01:18 - 2024-02-04 03:26 - 000001527 _____ C:\WINDOWS\system32\config\VSMIDK 2024-02-03 01:18 - 2024-02-03 02:11 - 000445920 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-02-03 01:12 - 2024-02-03 01:18 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Crypto 2024-02-03 01:12 - 2024-02-03 01:12 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\SystemCertificates 2024-02-03 01:12 - 2024-02-03 01:12 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Network 2024-02-03 01:10 - 2024-02-03 01:18 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2024-02-03 01:09 - 2024-02-04 03:27 - 000000000 ____D C:\Users\TRABALHO 2024-02-03 01:09 - 2024-02-03 01:25 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows 2024-02-03 01:09 - 2024-02-03 01:23 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Spelling 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Modelos 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Meus Documentos 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Menu Iniciar 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Documents\Minhas Músicas 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Documents\Minhas Imagens 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Documents\Meus Vídeos 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Dados de Aplicativos 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Configurações Locais 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\AppData\Local\Histórico 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\AppData\Local\Dados de Aplicativos 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Ambiente de Rede 2024-02-03 01:09 - 2024-02-03 01:09 - 000000000 _SHDL C:\Users\TRABALHO\Ambiente de Impressão 2024-02-03 01:08 - 2024-02-03 01:10 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2024-02-03 00:59 - 2024-02-03 00:59 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2024-02-03 00:48 - 2024-02-03 00:51 - 000000036 _____ C:\WINDOWS\progress.ini 2024-02-03 00:41 - 2024-02-03 00:41 - 000000000 ____D C:\CLientes IPTV 2024-02-03 00:40 - 2024-02-03 00:48 - 000000000 ___HD C:\$GetCurrent 2024-02-03 00:40 - 2024-02-03 00:48 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant 2024-02-03 00:33 - 2024-02-03 00:33 - 000001360 _____ C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2024-02-03 00:33 - 2024-02-03 00:33 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\PCHealthCheck 2024-02-02 22:00 - 2024-02-02 22:00 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\GOG.com 2024-02-02 21:59 - 2024-02-02 21:59 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA 2024-02-02 21:57 - 2024-02-02 23:17 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\StardewValley 2024-02-02 21:56 - 2024-02-03 02:36 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-02-02 21:56 - 2024-02-02 21:56 - 000000222 _____ C:\Users\TRABALHO\Desktop\Stardew Valley.url 2024-02-02 20:24 - 2024-02-02 20:24 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\LibreOffice 2024-02-02 20:23 - 2024-02-03 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 24.2 2024-02-02 20:23 - 2024-02-02 20:23 - 000001207 _____ C:\Users\Public\Desktop\LibreOffice 24.2.lnk 2024-02-02 20:20 - 2024-02-02 20:21 - 000000000 ____D C:\Program Files\LibreOffice 2024-02-02 20:12 - 2024-02-03 00:41 - 000000000 ____D C:\Users\TRABALHO\Desktop\CLientes IPTV 2024-02-02 02:49 - 2024-02-02 02:56 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Fing 2024-02-02 02:48 - 2024-02-02 02:48 - 000000000 ____D C:\Program Files\RUXIM 2024-02-02 02:47 - 2024-02-02 02:47 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\FingAgent 2024-02-02 02:46 - 2024-02-02 02:56 - 000000000 ____D C:\Program Files\Npcap 2024-02-02 02:46 - 2024-02-02 02:46 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\fing-updater 2024-02-02 02:35 - 2024-02-02 02:35 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\mbam 2024-02-02 02:33 - 2024-02-04 03:27 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Malwarebytes 2024-02-02 02:33 - 2024-02-02 02:33 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-02-02 02:33 - 2024-02-02 02:33 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-02-02 02:32 - 2024-02-02 02:32 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-02-02 02:32 - 2024-02-02 02:32 - 000000000 ____D C:\Program Files\Malwarebytes 2024-02-02 02:17 - 2024-02-02 02:17 - 000000017 _____ C:\Users\TRABALHO\AppData\Local\resmon.resmoncfg 2024-02-02 00:10 - 2024-02-02 00:13 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2024-01-30 12:55 - 2024-02-03 00:41 - 000000000 ____D C:\Users\TRABALHO\Documents\Nova pasta 2024-01-30 00:56 - 2024-02-02 02:39 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\ElevatedDiagnostics 2024-01-29 19:34 - 2024-02-04 03:12 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\purpleiptv 2024-01-29 15:35 - 2024-01-29 15:35 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\NVIDIA Corporation 2024-01-29 15:34 - 2024-02-03 02:39 - 000000000 ____D C:\ProgramData\Package Cache 2024-01-29 15:32 - 2024-01-29 15:32 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2024-01-29 15:32 - 2024-01-29 15:32 - 000001280 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk 2024-01-29 15:32 - 2024-01-29 15:32 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\UnrealEngineLauncher 2024-01-29 15:32 - 2024-01-29 15:32 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\UnrealEngine 2024-01-29 15:32 - 2024-01-29 15:32 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\EpicGamesLauncher 2024-01-29 15:32 - 2024-01-29 15:32 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Epic Games 2024-01-29 15:31 - 2024-01-29 15:35 - 000000000 ____D C:\ProgramData\Epic 2024-01-29 15:31 - 2024-01-29 15:32 - 000000000 ____D C:\Program Files (x86)\Epic Games 2024-01-29 15:27 - 2024-02-04 05:11 - 000000000 ____D C:\Program Files (x86)\Steam 2024-01-29 15:27 - 2024-02-03 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2024-01-29 15:27 - 2024-01-29 15:33 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Steam 2024-01-29 15:27 - 2024-01-29 15:27 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk 2024-01-29 15:27 - 2024-01-29 15:27 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\CEF 2024-01-29 13:42 - 2024-02-02 23:30 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\discord 2024-01-29 13:42 - 2024-02-02 22:56 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Discord 2024-01-29 13:42 - 2024-02-02 21:49 - 000002242 _____ C:\Users\TRABALHO\Desktop\Discord.lnk 2024-01-29 13:42 - 2024-01-29 13:42 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\SquirrelTemp 2024-01-29 12:47 - 2024-01-29 12:47 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\cache 2024-01-29 12:42 - 2024-02-04 03:34 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Telegram Desktop 2024-01-29 12:42 - 2024-02-03 01:18 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2024-01-29 12:42 - 2024-01-29 12:42 - 000001041 _____ C:\Users\TRABALHO\Desktop\Telegram.lnk 2024-01-27 21:44 - 2024-01-27 21:44 - 000000000 ____D C:\ProgramData\PLUG 2024-01-27 20:52 - 2024-02-04 03:19 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\D3DSCache 2024-01-27 20:52 - 2024-02-03 01:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2024-01-27 20:51 - 2020-03-29 23:48 - 000464832 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDUninstall.exe 2024-01-27 20:51 - 2019-05-09 19:49 - 000185232 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaLPSS2_I2C.sys 2024-01-27 20:47 - 2024-02-04 03:27 - 000000000 __SHD C:\Users\TRABALHO\IntelGraphicsProfiles 2024-01-27 20:47 - 2024-01-27 21:45 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Intel 2024-01-27 20:47 - 2024-01-27 20:47 - 000000000 ____D C:\ProgramData\Intel 2024-01-27 20:46 - 2024-01-27 20:46 - 000001447 _____ C:\Users\TRABALHO\Desktop\Navegador Opera GX.lnk 2024-01-27 20:46 - 2024-01-27 20:46 - 000001437 _____ C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk 2024-01-27 20:46 - 2024-01-27 20:46 - 000000000 ____D C:\Users\TRABALHO\AppData\LocalLow\Intel 2024-01-27 20:46 - 2024-01-27 20:46 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Opera Software 2024-01-27 20:44 - 2022-08-31 20:15 - 000048896 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Drivers\AcpiVpc.sys 2024-01-27 20:44 - 2020-10-12 07:15 - 000338432 _____ (Intel Corporation) C:\WINDOWS\system32\JHI64.dll 2024-01-27 20:44 - 2020-10-12 07:15 - 000322560 _____ (Intel Corporation) C:\WINDOWS\system32\TEEManagement64.dll 2024-01-27 20:44 - 2020-10-12 07:15 - 000273408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\JHI.dll 2024-01-27 20:44 - 2020-10-12 07:15 - 000260608 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\TEEManagement.dll 2024-01-27 20:42 - 2024-01-27 20:42 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Opera Software 2024-01-27 20:41 - 2024-02-04 03:27 - 000000000 ____D C:\Intel 2024-01-27 20:41 - 2024-01-27 20:41 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2024-01-27 20:40 - 2024-01-27 20:40 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\OneDrive 2024-01-27 20:38 - 2021-01-25 08:44 - 001790200 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2024-01-27 20:38 - 2021-01-25 08:44 - 001790200 _____ C:\WINDOWS\system32\vulkaninfo.exe 2024-01-27 20:38 - 2021-01-25 08:44 - 001386232 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-01-27 20:38 - 2021-01-25 08:44 - 001386232 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2024-01-27 20:38 - 2021-01-25 08:44 - 001096288 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 001096288 _____ C:\WINDOWS\system32\vulkan-1.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000949344 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000949344 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000306000 _____ C:\WINDOWS\system32\libmfxhw64.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000254528 _____ C:\WINDOWS\SysWOW64\libmfxhw32.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000171472 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll 2024-01-27 20:38 - 2021-01-25 08:44 - 000146760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll 2024-01-27 20:37 - 2024-02-03 01:18 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-01-27 20:34 - 2024-02-04 04:11 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\PlaceholderTileLogoFolder 2024-01-27 20:33 - 2020-03-29 23:48 - 001269184 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCtrl.exe 2024-01-27 20:33 - 2020-03-29 23:48 - 000743872 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys 2024-01-27 20:33 - 2020-03-29 23:48 - 000642496 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCmds.dll 2024-01-27 20:33 - 2020-03-29 23:48 - 000509376 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\ETDApix.dll 2024-01-27 20:33 - 2020-03-29 23:48 - 000470976 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDFavorite.dll 2024-01-27 20:33 - 2020-03-29 23:48 - 000464832 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDUn_inst.exe 2024-01-27 20:33 - 2020-03-29 23:48 - 000431040 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\ETDApi.dll 2024-01-27 20:33 - 2020-03-29 23:48 - 000427456 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\LenovoAPI.dll 2024-01-27 20:33 - 2020-03-29 23:48 - 000399296 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCtrlHelper.exe 2024-01-27 20:33 - 2020-03-29 23:48 - 000254912 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDService.exe 2024-01-27 20:33 - 2020-03-29 23:48 - 000134080 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDTouch.exe 2024-01-27 20:32 - 2024-02-03 01:20 - 000527912 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip 2024-01-27 20:32 - 2024-02-03 01:20 - 000000000 ____D C:\WINDOWS\system32\DAX3 2024-01-27 20:32 - 2024-02-03 01:20 - 000000000 ____D C:\WINDOWS\system32\DAX2 2024-01-27 20:32 - 2024-02-03 01:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek 2024-01-27 20:32 - 2024-02-03 01:19 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2024-01-27 20:32 - 2024-02-03 01:10 - 000000000 ____D C:\Program Files\Realtek 2024-01-27 20:32 - 2024-02-01 23:48 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\MMC 2024-01-27 20:32 - 2024-01-27 20:32 - 000000102 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc 2024-01-27 20:32 - 2024-01-27 20:32 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2024-01-27 20:32 - 2024-01-27 20:32 - 000000000 ____D C:\Program Files (x86)\Realtek 2024-01-27 20:31 - 2020-03-29 23:48 - 000030144 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETDHCF.sys 2024-01-27 20:31 - 2019-10-21 07:36 - 007178576 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 007101848 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 006840616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2024-01-27 20:31 - 2019-10-21 07:36 - 005347120 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 004120032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 003819928 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 003677176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2024-01-27 20:31 - 2019-10-21 07:36 - 003340512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 003159880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 002930256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001971472 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001544384 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001372488 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001353424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001259832 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 001159280 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000453376 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000406552 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000378488 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000343808 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000333112 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000278376 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000193112 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000157448 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000139864 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000122424 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000090272 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll 2024-01-27 20:31 - 2019-10-21 07:36 - 000023800 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2024-01-24 09:42 - 2024-01-29 13:33 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Comms 2024-01-23 14:17 - 2024-02-04 04:37 - 000000000 ___RD C:\Users\TRABALHO\OneDrive 2024-01-23 14:15 - 2024-02-04 05:08 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Packages 2024-01-23 14:15 - 2024-02-04 05:08 - 000000000 ____D C:\ProgramData\Packages 2024-01-23 14:15 - 2024-02-04 04:20 - 000000000 ___SD C:\Users\TRABALHO\AppData\Roaming\Microsoft\Credentials 2024-01-23 14:15 - 2024-02-03 01:23 - 000000000 __RHD C:\Users\Public\AccountPictures 2024-01-23 14:15 - 2024-01-30 11:57 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\ConnectedDevicesPlatform 2024-01-23 14:15 - 2024-01-27 20:42 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\Publishers 2024-01-23 14:15 - 2024-01-23 14:15 - 000000000 ___SD C:\Users\TRABALHO\AppData\Roaming\Microsoft\Protect 2024-01-23 14:15 - 2024-01-23 14:15 - 000000000 ___RD C:\Users\TRABALHO\3D Objects 2024-01-23 14:15 - 2024-01-23 14:15 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Microsoft\Vault 2024-01-23 14:15 - 2024-01-23 14:15 - 000000000 ____D C:\Users\TRABALHO\AppData\Roaming\Adobe 2024-01-23 14:15 - 2024-01-23 14:15 - 000000000 ____D C:\Users\TRABALHO\AppData\Local\VirtualStore 2024-01-23 14:14 - 2024-02-04 04:37 - 000002394 _____ C:\Users\TRABALHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-01-23 14:10 - 2024-02-02 00:14 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Usuário Padrão 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Todos os Usuários 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Public\Documents\Minhas Músicas 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Public\Documents\Minhas Imagens 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Public\Documents\Meus Vídeos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Modelos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Meus Documentos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Menu Iniciar 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Documents\Minhas Músicas 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Documents\Minhas Imagens 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Documents\Meus Vídeos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Dados de Aplicativos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Configurações Locais 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\AppData\Local\Histórico 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Ambiente de Rede 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Users\Default\Ambiente de Impressão 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\ProgramData\Modelos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\ProgramData\Menu Iniciar 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\ProgramData\Documentos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\ProgramData\Dados de Aplicativos 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Program Files\Common Files\Sistema 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Program Files\Arquivos Comuns 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Documents and Settings 2024-01-23 14:10 - 2024-01-23 14:10 - 000000000 _SHDL C:\Arquivos de Programas 2024-01-23 14:09 - 2024-02-03 01:20 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-01-23 14:09 - 2024-02-03 01:20 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-01-23 14:09 - 2024-01-27 20:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-01-23 14:09 - 2024-01-23 14:09 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2024-01-23 14:08 - 2024-02-04 03:26 - 000012288 ___SH C:\DumpStack.log.tmp 2023-12-03 23:53 - 2024-02-03 02:09 - 000000000 ____D C:\WINDOWS\InboxApps ==================== Três meses (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2024-02-04 05:35 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-02-04 05:27 - 2022-05-07 02:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-02-04 05:27 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-02-04 05:27 - 2022-05-07 02:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-02-04 04:41 - 2022-05-07 02:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-02-04 04:16 - 2022-05-07 02:22 - 000000000 ____D C:\WINDOWS\INF 2024-02-04 01:31 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\NDF 2024-02-03 04:47 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\appcompat 2024-02-03 02:21 - 2022-05-07 02:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2024-02-03 02:09 - 2023-10-01 04:04 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\UUS 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\setup 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\migwiz 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\id-ID 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\et-EE 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\es-MX 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\DDFs 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\Provisioning 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\DiagTrack 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\BrowserCore 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-02-03 02:09 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Common Files\System 2024-02-03 02:09 - 2022-05-07 02:17 - 000000000 ____D C:\WINDOWS\servicing 2024-02-03 02:05 - 2022-05-07 02:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-02-03 01:57 - 2022-05-07 07:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2024-02-03 01:57 - 2022-05-07 02:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2024-02-03 01:57 - 2022-05-07 02:25 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2024-02-03 01:57 - 2022-05-07 02:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2024-02-03 01:57 - 2022-05-07 02:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll 2024-02-03 01:23 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Windows NT 2024-02-03 01:23 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Windows Defender 2024-02-03 01:23 - 2022-05-07 02:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-02-03 01:21 - 2022-05-07 02:24 - 000000000 __RHD C:\Users\Public\Libraries 2024-02-03 01:21 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-02-03 01:19 - 2022-05-07 02:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2024-02-03 01:18 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2024-02-03 01:18 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\system32\spool 2024-02-03 01:18 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-02-03 01:18 - 2022-05-07 02:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-02-03 01:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2024-02-03 01:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2024-02-03 01:18 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\catroot2.old 2024-02-03 01:09 - 2022-05-07 02:24 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows 2024-02-03 01:08 - 2022-05-07 02:28 - 000000000 ____D C:\WINDOWS\Setup 2024-01-23 14:12 - 2019-12-07 11:55 - 000000000 ____D C:\WINDOWS\system32\FxsTmp ==================== Arquivos na raiz de alguns diretórios ======== 2024-02-02 02:17 - 2024-02-02 02:17 - 000000017 _____ () C:\Users\TRABALHO\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2024-02-04 05:14 - 2024-02-04 05:14 - 002389504 _____ (Farbar) C:\Users\TRABALHO\Desktop\FRST64.exe 2024-02-04 05:11 - 2024-02-04 05:11 - 003363488 _____ (Nicolas Coolman) C:\Users\TRABALHO\Desktop\ZHPCleaner.exe ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== BCD ================================ Gerenciador de Inicialização de Firmware ---------------------------------------- identificador {fwbootmgr} displayorder {bootmgr} {38ee30e3-ba11-11ee-b30e-85e67bcc19f1} {38ee30e4-ba11-11ee-b30e-85e67bcc19f1} {38ee30e5-ba11-11ee-b30e-85e67bcc19f1} timeout 0 Gerenciador de Inicialização do Windows --------------------------------------- identificador {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale pt-BR inherit {globalsettings} default {current} resumeobject {1eed8d3d-c24b-11ee-a9bc-6432a873510e} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Aplicativo de Firmware (101fffff) --------------------------------- identificador {38ee30e3-ba11-11ee-b30e-85e67bcc19f1} description EFI USB Device Aplicativo de Firmware (101fffff) --------------------------------- identificador {38ee30e4-ba11-11ee-b30e-85e67bcc19f1} description EFI DVD/CDROM Aplicativo de Firmware (101fffff) --------------------------------- identificador {38ee30e5-ba11-11ee-b30e-85e67bcc19f1} description EFI Network Aplicativo de Firmware (101fffff) --------------------------------- identificador {38ee30e6-ba11-11ee-b30e-85e67bcc19f1} description EFI Network 0 for IPv6 (64-1C-67-A5-55-22) Aplicativo de Firmware (101fffff) --------------------------------- identificador {38ee30e7-ba11-11ee-b30e-85e67bcc19f1} device unknown description EFI USB Device (Generic Flash Disk) Carregador de Inicialização do Windows -------------------------------------- identificador {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale pt-BR inherit {bootloadersettings} recoverysequence {1eed8d40-c24b-11ee-a9bc-6432a873510e} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {1eed8d3d-c24b-11ee-a9bc-6432a873510e} nx OptIn bootmenupolicy Standard Carregador de Inicialização do Windows -------------------------------------- identificador {1eed8d40-c24b-11ee-a9bc-6432a873510e} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{1eed8d41-c24b-11ee-a9bc-6432a873510e} path \windows\system32\winload.efi description Windows Recovery Environment locale pt-BR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{1eed8d41-c24b-11ee-a9bc-6432a873510e} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Carregador de Inicialização do Windows -------------------------------------- identificador {38ee30ea-ba11-11ee-b30e-85e67bcc19f1} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{38ee30eb-ba11-11ee-b30e-85e67bcc19f1} path \windows\system32\winload.efi description Windows Recovery Environment locale pt-br inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{38ee30eb-ba11-11ee-b30e-85e67bcc19f1} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Continuar da Hibernação ----------------------- identificador {1eed8d3d-c24b-11ee-a9bc-6432a873510e} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale pt-BR inherit {resumeloadersettings} recoverysequence {1eed8d40-c24b-11ee-a9bc-6432a873510e} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testador de Memória do Windows ------------------------------ identificador {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnóstico de Memória do Windows locale pt-BR inherit {globalsettings} badmemoryaccess Yes Configurações de EMS -------------------- identificador {emssettings} bootems No Configurações do Depurador -------------------------- identificador {dbgsettings} debugtype Local Defeitos de RAM --------------- identificador {badmemory} Configurações Globais --------------------- identificador {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Configurações do Carregador de Inicialização -------------------------------------------- identificador {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Configurações do Hypervisor --------------------------- identificador {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Configurações do Carregador de Retorno -------------------------------------- identificador {resumeloadersettings} inherit {globalsettings} Opções de dispositivo --------------------- identificador {1eed8d41-c24b-11ee-a9bc-6432a873510e} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fim de FRST.txt ======================== Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 03.02.2024 01 Executado por TRABALHO (04-02-2024 05:38:33) Executando a partir de C:\Users\TRABALHO\Desktop Microsoft Windows 11 Home Single Language Versão 23H2 22631.3085 (X64) (2024-02-03 04:23:22) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-1323919425-2868841928-406510748-500 - Administrator - Disabled) Convidado (S-1-5-21-1323919425-2868841928-406510748-501 - Limited - Disabled) DefaultAccount (S-1-5-21-1323919425-2868841928-406510748-503 - Limited - Disabled) TRABALHO (S-1-5-21-1323919425-2868841928-406510748-1001 - Administrator - Enabled) => C:\Users\TRABALHO WDAGUtilityAccount (S-1-5-21-1323919425-2868841928-406510748-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Assistente de Instalação do Windows 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.3630 - Microsoft Corporation) Dolby Audio X2 Windows API SDK (HKLM\...\{F290F786-5F69-48D4-B20B-D21C7DE56EF0}) (Version: 0.8.8.88 - Dolby Laboratories, Inc.) Hidden Epic Games Launcher (HKLM-x32\...\{2F1303E1-450D-4C17-86F8-CBE1F8F1A683}) (Version: 1.3.93.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LibreOffice 24.2.0.3 (HKLM\...\{5A433714-C509-4707-BF0C-410D3FBCE8B3}) (Version: 24.2.0.3 - The Document Foundation) Malwarebytes version 4.6.8.311 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.8.311 - Malwarebytes) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.98 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.98 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\OneDriveSetup.exe) (Version: 24.010.0114.0003 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Opera GX Stable 106.0.4998.61 (HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\Opera GX 106.0.4998.61) (Version: 106.0.4998.61 - Opera Software) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Telegram Desktop (HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.14.13 - Telegram FZ-LLC) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation) Verificação de integridade do PC Windows (HKLM\...\{28DD96C4-D58E-4F60-BC47-5A3E45BA0169}) (Version: 3.7.2204.15001 - Microsoft Corporation) Packages: ========= Centro de comando de gráficos Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5287.0_x64__8j3eq9eme6ctt [2024-01-27] (INTEL CORP) [Startup Task] Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1000.389.0_x64__8wekyb3d8bbwe [2024-02-03] (Microsoft Corporation) Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-02-03] (Microsoft Corp.) Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-03] (Microsoft Corporation) Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-02-03] (Microsoft Corporation) Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.230.1135.0_x64__zpdnekdrzrea0 [2024-02-03] (Spotify AB) [Startup Task] Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_4.14.9.0_x64__t4vj0pshhgkwm [2024-02-04] (Telegram Messenger LLP) [Startup Task] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm [2024-02-04] (WhatsApp Inc.) [Startup Task] Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-03] (Microsoft Corporation) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-02] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-02-02] (Malwarebytes Inc. -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2024-02-04 05:17 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img19.jpg DNS Servers: 45.179.204.210 - 45.179.204.212 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_50410CDD4A9F1DAE2FAEDE25E7E7B27B" HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\StartupApproved\Run: => "AF_uuid_2426960" HKU\S-1-5-21-1323919425-2868841928-406510748-1001\...\StartupApproved\Run: => "AF_counter_2426960" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Pontos de Restauração ========================= 03-02-2024 01:24:16 Instalador de Módulos do Windows 04-02-2024 05:31:58 ZHPcleaner ==================== Dispositivos Apresentando Falhas No Gerenciador ============ Name: Intel(R) Dual Band Wireless-AC 3165 Description: Intel(R) Dual Band Wireless-AC 3165 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Intel Corporation Service: Netwtw04 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (02/04/2024 05:07:49 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1018) (User: DESKTOP-SSLIQE0) Description: Coleta de dados de contador de desempenho desabilitada nesta seção do serviço "Lsa" porque a biblioteca de contadores de desempenho desse serviço gerou um ou mais erros. Os erros que forçaram essa ação foram gravados no log de eventos do aplicativo. Error: (02/04/2024 05:07:49 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: DESKTOP-SSLIQE0) Description: A tentativa de localizar o procedimento Open "OpenLsaPerformanceData" na DLL "C:\Windows\System32\Secur32.dll" para o serviço "Lsa" falhou com o código de erro do Win32 127. Os dados de desempenho desse serviço não estarão disponíveis. Error: (02/04/2024 04:17:30 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1018) (User: DESKTOP-SSLIQE0) Description: Coleta de dados de contador de desempenho desabilitada nesta seção do serviço "Lsa" porque a biblioteca de contadores de desempenho desse serviço gerou um ou mais erros. Os erros que forçaram essa ação foram gravados no log de eventos do aplicativo. Error: (02/04/2024 04:17:30 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: DESKTOP-SSLIQE0) Description: A tentativa de localizar o procedimento Open "OpenLsaPerformanceData" na DLL "C:\Windows\System32\Secur32.dll" para o serviço "Lsa" falhou com o código de erro do Win32 127. Os dados de desempenho desse serviço não estarão disponíveis. Error: (02/04/2024 04:15:25 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1018) (User: DESKTOP-SSLIQE0) Description: Coleta de dados de contador de desempenho desabilitada nesta seção do serviço "Lsa" porque a biblioteca de contadores de desempenho desse serviço gerou um ou mais erros. Os erros que forçaram essa ação foram gravados no log de eventos do aplicativo. Error: (02/04/2024 04:15:25 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: DESKTOP-SSLIQE0) Description: A tentativa de localizar o procedimento Open "OpenLsaPerformanceData" na DLL "C:\Windows\System32\Secur32.dll" para o serviço "Lsa" falhou com o código de erro do Win32 127. Os dados de desempenho desse serviço não estarão disponíveis. Erros de Sistema: ============= Error: (02/04/2024 05:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Dolby DAX2 API Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/04/2024 05:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Steam Client Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/04/2024 05:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Content Protection HECI Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/04/2024 05:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Graphics Command Center Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/04/2024 05:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Storage Middleware Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/04/2024 05:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Dynamic Application Loader Host Interface Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/04/2024 05:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) HD Graphics Control Panel Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (02/04/2024 05:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço ELAN Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). ==================== Informações da Memória =========================== BIOS: LENOVO 8TCN51WW 12/08/2018 placa-mãe: LENOVO LNVNB161216 Processador: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz Percentagem de memória em uso: 30% RAM física total: 12197.22 MB RAM física disponível: 8486.3 MB Virtual Total: 20901.22 MB Virtual disponível: 17487.23 MB ==================== Drives ================================ Drive () (Fixed) (Total:222.68 GB) (Free:156.5 GB) (Model: KINGSTON SA400S37240G) NTFS \\?\Volume{4741ef42-8391-4495-93c1-462e98182f8d}\ () (Fixed) (Total:0.77 GB) (Free:0.07 GB) NTFS \\?\Volume{4e2c36fa-9453-43a4-9d3c-e7fa77db8a6e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 223.6 GB) (Disk ID: 0BC4A28F) Partition: GPT. ==================== Fim de Addition.txt ======================= AdwCleaner[C00].txt AdwCleaner[S00].txt Addition.txt FRST.txt Shortcut.txt ZHPCleaner (R).txt ZHPCleaner (S).txt