Logo Hardware.com.br
duuuh-2
duuuh-2 Zerinho Registrado
3 Mensagens 1 Curtida

Windows apaga programas não Microsoft sozinho.

#1 Por duuuh-2 23/05/2024 - 10:12
Pessoal a um bom tempo venho enfrentando um problema que meu windows simplesmente apaga os programas instalados sozinho por exemplo...

https://imgur.com/a/nzxt-cam-41oymeh
77519

ontem a noite antes de desligar o pc este programa estava instalado e funcionando hoje ao ligar windows ele apareceu essa mensagem ao clicar no app.

o mais estranho que o pendrive é zerado e windows tambem recem baixado e quando instalo mesmo windows no pc de outras pessoas nao ocorre esses problemas !

alguem poderia me ajudar ? eu ja nao sei mais o que fazer

eu gostaria de adicionar uma infomacao adicional eu olhando o log percebi que ocorreu uma etapa de recuperacao no windows. será que ela que esa causando esse problema ?

https://imgur.com/a/recuperacao-4gBT9EC?third_party=1
77520
windows
PH
PH Cyber Highlander Registrado
61.6K Mensagens 10.7K Curtidas
#3 Por PH
23/05/2024 - 12:09
Boa tarde!

Seja bem-vindo ao fórum! wink.png
Tudo bem com você? Espero que sim!

Baixou o Windows de onde? Licença original ou atraves de ativador, os programas do mesmo jeito?

Windows não apaga nenhum software assim, pode ser que o Microsoft Defender ou outro antivírus que utiliza, tenha identificado o arquivo como malicioso.

Siga esse tutorial abaixo e posta os logs aqui.

Problemas com vírus? Saiba como criar um tópico para análise. | Hardware.com.br
Mas aquele que me negar diante dos homens, eu também o negarei diante do meu Pai que está nos céus.

Mateus 10:33
duuuh-2
duuuh-2 Zerinho Registrado
3 Mensagens 1 Curtida
#4 Por duuuh-2
23/05/2024 - 12:35
PH disse:


Fala PH tudo bom ?


é por aqui so pc dando dor de cabeca mesmo rsrs...

Sobre suas perguntas o Windows original baixado pelo proprio site da microsoft utilizando windows media creation tool, e ativado por licenca FPP ! se é algum virus nao sei te dizer eu passei um malwarebytes aqui e ele so achou virus no browser do chrome restante do sistema intacto.

eu vou seguir sua recomendacao e ja posto o log aqui ! o windows defender nao acusa nada !

Atualização: 23/05/2024 14:00

FRST>>>>

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 22.05.2024 01
Executado por duale (administrador) em DUUUH (23-05-2024 13:49:12)
Executando a partir de C:\Users\duale\Downloads\FRST64.exe
Perfis Carregados: duale
Plataforma: Microsoft Windows 11 Pro Versão 23H2 22631.3593 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Microsoft Power BI Desktop\bin\PBIDesktop.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe
(C:\Program Files\NZXT CAM\NZXT CAM.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe <2>
(C:\Program Files\WindowsApps\MSTeams_24102.2223.2870.9480_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.51\msedgewebview2.exe <25>
(Discord Inc. -> Discord Inc.) C:\Users\duale\AppData\Local\Discord\app-1.0.9147\Discord.exe <6>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Power BI Desktop\bin\PBIDesktop.exe
(explorer.exe ->) (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24102.2223.2870.9480_x64__8wekyb3d8bbwe\ms-teams.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_de8e1115ac61e38a\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2419.11.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.10.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKU\S-1-5-21-3759683153-133194237-3245559897-1001\...\Run: [MicrosoftEdgeAutoLaunch_33EE599AAED94D3F16744CDE2956E31D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136896 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3759683153-133194237-3245559897-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3851296 2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3759683153-133194237-3245559897-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [172585856 2024-02-28] (NZXT, Inc. -> NZXT, Inc.)
HKU\S-1-5-21-3759683153-133194237-3245559897-1001\...\Run: [Discord] => C:\Users\duale\AppData\Local\Discord\Update.exe [1526552 2024-05-13] (Discord Inc. -> GitHub)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.76\Installer\chrmstp.exe [2024-05-23] (Google LLC -> Google LLC)

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {512DD087-99F7-49B2-A61A-EC96B69CF1EC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{29914A14-A965-4E24-9DBD-F089C82E3098} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {B07BB783-8760-4E05-B089-2DC44AB948E2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {21A2AF5D-3AAD-4F22-8D6E-70727803EB17} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD65B617-167C-4923-8DB4-792F0ECDA2C6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {910A14CD-F494-42B6-B52C-B301E3B39AAF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309832 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D5B53393-70CF-47AC-A127-3B6CB3AD0C48} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168928 2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Nenhum Arquivo)
Task: {60A92EE2-FF0E-4C17-A7F6-48B621957F1B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B0DEA788-A8C0-4041-AD0D-02F3BFC27D59} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-04-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3FC50EDD-2817-42DC-AD8A-926644065697} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3BD9204-DCAC-40F6-9E2A-5AE479E8F091} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3759683153-133194237-3245559897-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209168 2024-05-23] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{db403f16-390b-4262-8d3b-e64848a430a4}: [DhcpNameServer] 192.168.15.1

Edge:
=======
Edge Profile: C:\Users\duale\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-23]
Edge Extension: (Picture-in-Picture Everywhere) - C:\Users\duale\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmnlinjalaieggoebkmamaphjghpafhn [2024-05-20]
Edge Extension: (MetaMask) - C:\Users\duale\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejbalbakoplchlghecdalmeeeajnimhm [2024-05-20]
Edge Extension: (Documentos Google off-line) - C:\Users\duale\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-20]
Edge Extension: (Chrome Remote Desktop) - C:\Users\duale\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2024-05-20]
Edge Extension: (Edge relevant text changes) - C:\Users\duale\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-20]
Edge Extension: (Bilômetro) - C:\Users\duale\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjfigbdcambkldpnmdigcfpncpeekedd [2024-05-20]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\duale\AppData\Local\Google\Chrome\User Data\Default [2024-05-23]
CHR HomePage: Default -> hxxp://br.search.yahoo.com/?fr=spigot-yhp-gcmac&ilc=12&type=997063
CHR StartupUrls: Default -> "hxxp://www.google.com.br/","hxxp://www.google.com","hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_45&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDzzyCtByCyCyE0DtAtAyEzytB0A0C0AtN0D0Tzu0StCyEtDtCtN1L2XzutAtFtCyDtFtDtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StCtDzytAzztDtD0BtGyDyD0CtCtGyEyEtD0BtGtByCtB0EtGyDyEyDtByDzz0FyCtB0Fzy0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztAyC0FyBzytA0BtGyCtBtDyEtGyEtAyEtBtGzyyCzytBtG0CtCtD0FyD0BtD0BtA0D0C0E2QtN0A0LzuyE%26cr%3D2104400141%26a%3Dwncy_fs_15_45%26os%3DWindows%2B8.1%2BPro"
CHR Extension: (Just Black) - C:\Users\duale\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2024-05-20]
CHR Extension: (Documentos Google off-line) - C:\Users\duale\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-20]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\duale\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2024-05-20]
CHR Extension: (Chrome Remote Desktop) - C:\Users\duale\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2024-05-20]
CHR Extension: (Bilômetro) - C:\Users\duale\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjfigbdcambkldpnmdigcfpncpeekedd [2024-05-20]
CHR Extension: (MetaMask) - C:\Users\duale\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-05-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\duale\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-20]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe [611712 2024-02-28] (NZXT, Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248016 2024-05-09] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncHelper.exe [3508240 2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
R2 logi_lamparray_service; C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe [9903656 2024-04-18] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887344 2024-05-23] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-23] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_de8e1115ac61e38a\Display.NvContainer\NVDisplay.Container.exe [1275440 2024-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.091.0505.0003\OneDriveUpdaterService.exe [3847600 2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-05-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-21] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44576 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATENÇÃO
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 logi_lamparray; C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray.sys [98864 2024-04-18] (Logitech Inc -> Logitech, Inc.)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223184 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt11.sys [234856 2024-05-23] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-05-23] (Malwarebytes Inc. -> Malwarebytes)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21056 2024-05-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601496 2024-05-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três meses (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2024-05-23 13:49 - 2024-05-23 13:49 - 000017349 _____ C:\Users\duale\Downloads\FRST.txt
2024-05-23 13:48 - 2024-05-23 13:49 - 000000000 ____D C:\FRST
2024-05-23 13:47 - 2024-05-23 13:47 - 002395136 _____ (Farbar) C:\Users\duale\Downloads\FRST64.exe
2024-05-23 10:39 - 2024-05-23 13:39 - 000000000 ____D C:\Users\duale\AppData\Local\Malwarebytes
2024-05-23 10:39 - 2024-05-23 10:39 - 000234856 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys
2024-05-23 10:39 - 2024-05-23 10:39 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-05-23 10:38 - 2024-05-23 10:38 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-05-23 10:38 - 2024-05-23 10:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-05-23 10:38 - 2024-05-23 10:38 - 000000000 ____D C:\Program Files\Malwarebytes
2024-05-23 10:33 - 2024-05-23 10:33 - 002589624 _____ (Malwarebytes) C:\Users\duale\Downloads\MBSetup-4.4.exe
2024-05-23 10:30 - 2024-05-23 10:31 - 217171664 _____ (Norman ASA) C:\Users\duale\Downloads\norman-malware-cleaner-2-2012-11-09-en-win.exe
2024-05-23 10:29 - 2024-05-23 10:29 - 000731062 _____ C:\Windows\system32\prfh0416.dat
2024-05-23 10:29 - 2024-05-23 10:29 - 000146232 _____ C:\Windows\system32\prfc0416.dat
2024-05-23 09:37 - 2024-05-23 09:38 - 000000000 ___HD C:\$SysReset
2024-05-22 17:40 - 2024-05-22 17:40 - 109034588 _____ C:\Users\duale\202405221739_NTRP_FM.csv
2024-05-22 17:34 - 2024-05-22 17:34 - 000000000 ____D C:\Users\duale\.ssh
2024-05-22 17:28 - 2024-05-22 17:29 - 000000000 ____D C:\Users\duale\AppData\Roaming\DBeaverData
2024-05-22 17:28 - 2024-05-22 17:28 - 122910664 _____ (DBeaver Corp) C:\Users\duale\Downloads\dbeaver-ce-24.0.5-x86_64-setup.exe
2024-05-22 17:28 - 2024-05-22 17:28 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DBeaver Community
2024-05-22 17:28 - 2024-05-22 17:28 - 000000000 ____D C:\Users\duale\AppData\Local\DBeaver
2024-05-22 16:33 - 2024-05-22 16:33 - 1071430057 _____ C:\Users\duale\Downloads\SST Mensal.pbix
2024-05-22 14:21 - 2024-05-22 14:21 - 000000000 ____D C:\Users\duale\OneDrive\Documentos\Modelos Personalizados do Office
2024-05-22 13:25 - 2024-05-22 13:25 - 436782212 _____ C:\Users\duale\Downloads\Prestadores Hospitalares.pbix
2024-05-22 11:23 - 2024-05-23 12:21 - 688995875 _____ C:\Users\duale\Downloads\CNES Novo Layout.pbix
2024-05-22 09:25 - 2024-05-22 09:25 - 000000000 ____D C:\Users\duale\AppData\Local\PeerDistRepub
2024-05-22 09:10 - 2024-05-23 10:22 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-05-21 15:54 - 2024-05-21 16:01 - 000000000 ____D C:\Users\duale\AppData\Roaming\AnyDesk
2024-05-21 14:58 - 2024-05-21 14:58 - 000952101 _____ C:\Users\duale\Downloads\orcamento_PC_RED.pdf
2024-05-21 14:58 - 2024-05-21 14:58 - 000000000 ____D C:\Users\duale\AppData\LocalLow\Temp
2024-05-21 14:47 - 2024-05-21 14:47 - 000000000 ____D C:\Users\duale\AppData\Local\IsolatedStorage
2024-05-21 14:39 - 2024-05-21 14:40 - 000011842 _____ C:\Users\duale\OneDrive\Documentos\Cronograma demandas TI_Santa Joana.xlsx
2024-05-21 14:20 - 2024-05-21 14:20 - 000000898 _____ C:\Users\duale\Downloads\acessos.txt
2024-05-21 12:21 - 2024-05-21 12:21 - 005328200 _____ (AnyDesk Software GmbH) C:\Users\duale\Downloads\AnyDesk.exe
2024-05-21 11:46 - 2024-05-23 13:24 - 000000000 ____D C:\Users\duale\AppData\Local\Discord
2024-05-21 11:46 - 2024-05-23 12:37 - 000000000 ____D C:\Users\duale\AppData\Roaming\discord
2024-05-21 11:46 - 2024-05-21 11:46 - 112969960 _____ (Discord Inc.) C:\Users\duale\Downloads\DiscordSetup.exe
2024-05-21 11:46 - 2024-05-21 11:46 - 000002249 _____ C:\Users\duale\OneDrive\Área de Trabalho\Discord.lnk
2024-05-21 11:46 - 2024-05-21 11:46 - 000000000 ____D C:\Users\duale\AppData\Roaming\NVIDIA
2024-05-21 11:46 - 2024-05-21 11:46 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2024-05-21 11:46 - 2024-05-21 11:46 - 000000000 ____D C:\Users\duale\AppData\Local\SquirrelTemp
2024-05-21 11:43 - 2024-05-22 14:26 - 000002378 ____H C:\Users\duale\OneDrive\Documentos\Default.rdp
2024-05-21 10:37 - 2024-05-21 10:37 - 000046589 _____ C:\Users\duale\OneDrive\Documentos\20240420_20240519 RCL Eduardo_old.xlsx
2024-05-21 10:21 - 2024-05-21 10:21 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\UProof
2024-05-21 10:20 - 2024-05-21 10:38 - 000047253 _____ C:\Users\duale\OneDrive\Documentos\20240420_20240519 RCL Eduardo.xlsx
2024-05-21 10:20 - 2024-05-21 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Power BI Desktop
2024-05-21 10:19 - 2024-05-21 10:20 - 000000000 ____D C:\Program Files\Microsoft Power BI Desktop
2024-05-21 10:17 - 2024-05-22 14:21 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\Excel
2024-05-21 10:17 - 2024-05-21 10:26 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\Office
2024-05-21 10:17 - 2024-05-21 10:17 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\AddIns
2024-05-21 09:55 - 2024-05-21 09:55 - 000000000 ____D C:\Users\duale\AppData\Local\Backup
2024-05-21 09:39 - 2024-05-23 09:29 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-05-21 09:39 - 2024-05-23 09:29 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-21 09:39 - 2024-05-21 09:39 - 000000000 ___RD C:\Users\Default\OneDrive
2024-05-21 09:37 - 2024-05-21 09:37 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2024-05-21 09:37 - 2024-05-21 09:37 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2024-05-21 09:37 - 2024-05-21 09:37 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-05-21 09:37 - 2024-05-21 09:37 - 000002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2024-05-21 09:37 - 2024-05-21 09:37 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-05-21 09:37 - 2024-05-21 09:37 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2024-05-21 09:37 - 2024-05-21 09:37 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2024-05-21 09:37 - 2024-05-21 09:37 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2024-05-21 09:37 - 2024-05-21 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office
2024-05-21 09:37 - 2024-05-21 09:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-05-21 09:36 - 2024-05-21 09:57 - 000000000 ____D C:\Users\duale\AppData\Local\Comms
2024-05-21 09:36 - 2024-05-21 09:36 - 172976462 _____ C:\Users\duale\Downloads\MSTeams-x64.msix
2024-05-21 09:34 - 2024-05-21 09:37 - 000000000 ____D C:\Program Files\Microsoft Office
2024-05-21 09:34 - 2024-05-21 09:34 - 000000000 ____D C:\Program Files\Microsoft Office 15
2024-05-21 09:30 - 2024-05-21 09:31 - 000000000 ____D C:\Windows\SysWOW64\DDFs
2024-05-20 22:36 - 2024-05-20 22:36 - 000000000 ____D C:\Users\duale\AppData\LocalLow\NVIDIA
2024-05-20 22:34 - 2024-05-07 22:52 - 002031376 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-05-20 22:34 - 2024-05-07 22:52 - 002031376 _____ C:\Windows\system32\vulkaninfo.exe
2024-05-20 22:34 - 2024-05-07 22:52 - 001578872 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-05-20 22:34 - 2024-05-07 22:52 - 001578872 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-05-20 22:34 - 2024-05-07 22:52 - 001445240 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-05-20 22:34 - 2024-05-07 22:52 - 001445240 _____ C:\Windows\system32\vulkan-1.dll
2024-05-20 22:34 - 2024-05-07 22:52 - 001295224 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-05-20 22:34 - 2024-05-07 22:52 - 001295224 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-05-20 22:34 - 2024-05-07 22:49 - 000669824 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-05-20 22:34 - 2024-05-07 22:49 - 000505368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-05-20 22:34 - 2024-05-07 22:48 - 002174080 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-05-20 22:34 - 2024-05-07 22:48 - 001626240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-05-20 22:34 - 2024-05-07 22:48 - 001543728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-05-20 22:34 - 2024-05-07 22:48 - 001199640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-05-20 22:34 - 2024-05-07 22:48 - 001024128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-05-20 22:34 - 2024-05-07 22:48 - 000842392 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-05-20 22:34 - 2024-05-07 22:48 - 000787592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-05-20 22:34 - 2024-05-07 22:47 - 016034328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-05-20 22:34 - 2024-05-07 22:47 - 012929672 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-05-20 22:34 - 2024-05-07 22:47 - 006780544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-05-20 22:34 - 2024-05-07 22:47 - 003721352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-05-20 22:34 - 2024-05-07 22:47 - 000459392 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-05-20 22:34 - 2024-05-07 22:46 - 005913648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-05-20 22:34 - 2024-05-07 22:46 - 005772936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-05-20 22:33 - 2024-05-07 22:46 - 000853544 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-05-20 22:33 - 2024-05-07 22:45 - 006034632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-05-20 22:33 - 2024-05-07 12:35 - 000119466 _____ C:\Windows\system32\nvinfo.pb
2024-05-20 22:32 - 2024-05-20 22:32 - 000024320 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-20 22:31 - 2024-05-20 22:31 - 000024320 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-05-20 22:30 - 2024-05-23 10:24 - 000000000 ____D C:\Users\duale\AppData\Roaming\NZXT CAM
2024-05-20 22:30 - 2024-05-23 10:21 - 000001796 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NZXT CAM.lnk
2024-05-20 22:30 - 2024-05-23 10:21 - 000000000 ____D C:\Program Files\NZXT CAM
2024-05-20 22:30 - 2024-05-22 09:13 - 000000000 ____D C:\Users\duale\AppData\Local\NVIDIA Corporation
2024-05-20 22:30 - 2024-05-22 09:13 - 000000000 ____D C:\Users\duale\AppData\Local\NVIDIA
2024-05-20 22:30 - 2024-05-20 22:30 - 000000000 ____D C:\Users\duale\AppData\Local\VirtualStore
2024-05-20 22:30 - 2024-05-20 22:30 - 000000000 ____D C:\Users\duale\AppData\Local\nzxt cam-updater
2024-05-20 22:30 - 2024-05-20 22:30 - 000000000 ____D C:\Users\duale\AppData\Local\CEF
2024-05-20 22:30 - 2024-05-20 22:30 - 000000000 ____D C:\Users\duale\ansel
2024-05-20 22:29 - 2024-05-22 09:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-05-20 22:29 - 2024-05-21 10:19 - 000000000 ____D C:\ProgramData\Package Cache
2024-05-20 22:29 - 2024-05-20 22:29 - 001496448 _____ C:\Users\duale\Downloads\NZXT-CAM-Setup.exe
2024-05-20 22:29 - 2024-05-20 22:29 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-20 22:29 - 2024-05-20 22:29 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-20 22:29 - 2024-04-10 06:33 - 000086568 _____ C:\Windows\system32\FvSDK_x64.dll
2024-05-20 22:29 - 2024-04-10 06:33 - 000075304 _____ C:\Windows\SysWOW64\FvSDK_x86.dll
2024-05-20 22:28 - 2024-05-20 22:28 - 131658568 _____ (NVIDIA Corporation) C:\Users\duale\Downloads\GeForce_Experience_v3.28.0.412.exe
2024-05-20 22:27 - 2024-05-20 22:29 - 000000000 ___HD C:\$WinREAgent
2024-05-20 22:26 - 2024-05-20 22:26 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-05-20 22:25 - 2024-05-23 09:37 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\MMC
2024-05-20 22:25 - 2024-05-23 09:28 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-20 22:25 - 2024-05-20 22:26 - 000000000 ____D C:\Windows\system32\MRT
2024-05-20 22:25 - 2024-05-20 22:25 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
2024-05-20 22:25 - 2024-05-20 22:25 - 000000000 ____D C:\Users\duale\AppData\Local\Google
2024-05-20 22:25 - 2024-05-20 22:25 - 000000000 ____D C:\Program Files\Google
2024-05-20 22:25 - 2024-05-20 22:25 - 000000000 ____D C:\Program Files (x86)\Google
2024-05-20 22:23 - 2024-05-20 22:23 - 000000000 ____D C:\Users\duale\AppData\Local\OneDrive
2024-05-20 22:17 - 2024-05-23 09:29 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3759683153-133194237-3245559897-1001
2024-05-20 22:17 - 2024-05-21 09:39 - 000000000 ___RD C:\Users\duale\OneDrive
2024-05-20 22:17 - 2024-05-20 22:17 - 000000000 ___HD C:\OneDriveTemp
2024-05-20 22:17 - 2024-05-20 22:17 - 000000000 ____D C:\Users\duale\OneDrive\Documentos\Power BI Desktop
2024-05-20 22:17 - 2024-05-20 22:17 - 000000000 ____D C:\Users\duale\OneDrive\Documentos\League of Legends
2024-05-20 22:17 - 2012-05-22 20:12 - 000000172 ____R C:\Users\duale\OneDrive\Documentos\Pessoal (Web).url
2024-05-20 22:16 - 2024-05-20 22:16 - 000000000 ____D C:\Users\duale\AppData\Local\Publishers
2024-05-20 22:16 - 2024-05-20 22:16 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-05-20 22:15 - 2024-05-23 10:26 - 000000000 ____D C:\Users\duale\AppData\Local\D3DSCache
2024-05-20 22:15 - 2024-05-22 16:26 - 000000000 ____D C:\Users\duale\AppData\Local\Packages
2024-05-20 22:15 - 2024-05-20 22:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-05-20 22:15 - 2024-05-20 22:15 - 000000000 ____D C:\Users\duale\AppData\Roaming\Adobe
2024-05-20 22:14 - 2024-05-21 09:32 - 000000000 ____D C:\Users\duale\AppData\Local\ConnectedDevicesPlatform
2024-05-20 22:14 - 2024-05-20 22:14 - 000000000 ___SD C:\Users\duale\AppData\Roaming\Microsoft\Crypto
2024-05-20 22:14 - 2024-05-20 22:14 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\Vault
2024-05-20 22:13 - 2024-05-23 10:29 - 001682102 _____ C:\Windows\system32\PerfStringBackup.INI
2024-05-20 22:12 - 2024-05-23 10:22 - 000000000 ____D C:\ProgramData\NVIDIA
2024-05-20 22:12 - 2024-05-22 17:43 - 000000000 ____D C:\Users\duale
2024-05-20 22:12 - 2024-05-22 09:13 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-05-20 22:12 - 2024-05-22 09:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-05-20 22:12 - 2024-05-21 11:33 - 000000000 ____D C:\Users\duale\AppData\Local\PlaceholderTileLogoFolder
2024-05-20 22:12 - 2024-05-20 22:36 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2024-05-20 22:12 - 2024-05-20 22:24 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\Spelling
2024-05-20 22:12 - 2024-05-20 22:15 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\Windows
2024-05-20 22:12 - 2024-05-20 22:12 - 000000020 ___SH C:\Users\duale\ntuser.ini
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 _SHDL C:\Users\duale\Modelos
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 _SHDL C:\Users\duale\Meus Documentos
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 _SHDL C:\Users\duale\Menu Iniciar
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 _SHDL C:\Users\duale\Dados de Aplicativos
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 _SHDL C:\Users\duale\Configurações Locais
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 _SHDL C:\Users\duale\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 _SHDL C:\Users\duale\AppData\Local\Histórico
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 _SHDL C:\Users\duale\AppData\Local\Dados de Aplicativos
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 _SHDL C:\Users\duale\Ambiente de Rede
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 _SHDL C:\Users\duale\Ambiente de Impressão
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 ___SD C:\Users\duale\AppData\Roaming\Microsoft\SystemCertificates
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 ___SD C:\Users\duale\AppData\Roaming\Microsoft\Protect
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 ___SD C:\Users\duale\AppData\Roaming\Microsoft\Credentials
2024-05-20 22:12 - 2024-05-20 22:12 - 000000000 ____D C:\Users\duale\AppData\Roaming\Microsoft\Network
2024-05-20 22:11 - 2024-05-07 22:49 - 001045528 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-05-20 22:11 - 2024-05-07 22:45 - 006948672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-05-20 22:11 - 2024-05-07 12:35 - 000121880 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2024-05-20 22:11 - 2020-11-30 08:47 - 000670616 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2024-05-20 22:11 - 2020-11-30 08:47 - 000556440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2024-05-20 22:11 - 2020-11-30 08:47 - 000047240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2024-05-20 22:07 - 2024-05-20 22:07 - 000000000 ____D C:\Windows\CSC
2024-05-20 22:06 - 2024-05-22 09:24 - 000000000 ____D C:\ProgramData\Packages
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Usuário Padrão
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Todos os Usuários
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Default\Modelos
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Default\Meus Documentos
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Default\Menu Iniciar
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Default\Dados de Aplicativos
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Default\Configurações Locais
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Default\Ambiente de Rede
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Users\Default\Ambiente de Impressão
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\ProgramData\Modelos
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\ProgramData\Menu Iniciar
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\ProgramData\Documentos
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\ProgramData\Dados de Aplicativos
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Program Files\Common Files\Sistema
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Program Files\Arquivos Comuns
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Documents and Settings
2024-05-20 22:05 - 2024-05-20 22:05 - 000000000 _SHDL C:\Arquivos de Programas
2024-05-20 22:03 - 2024-05-23 10:22 - 000012288 ___SH C:\DumpStack.log.tmp
2024-05-20 22:03 - 2024-05-23 10:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-05-20 22:03 - 2024-05-22 09:09 - 000474776 _____ C:\Windows\system32\FNTCACHE.DAT
2024-05-20 22:03 - 2024-05-21 09:42 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-05-20 22:03 - 2024-05-21 09:32 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-05-20 22:03 - 2024-05-20 22:12 - 000003674 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-20 22:03 - 2024-05-20 22:12 - 000003550 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-20 22:03 - 2024-05-20 22:07 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-20 22:03 - 2024-05-20 22:03 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-05-20 22:03 - 2024-05-20 22:03 - 000000000 ____D C:\Windows\system32\config\BFS
2024-05-20 22:03 - 2024-05-20 22:03 - 000000000 ____D C:\Windows\ServiceProfiles
2024-05-20 22:02 - 2024-05-23 10:56 - 000000000 ____D C:\Windows\Panther
2024-02-27 18:29 - 2024-02-27 18:29 - 000880424 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\Drivers\RtkBtfilter.sys
2024-02-27 18:22 - 2024-02-27 18:22 - 000042620 _____ C:\Windows\rtl8761b_mp_chip_bt40_fw_asic_rom_patch_new
2024-02-27 18:22 - 2024-02-27 18:22 - 000005440 _____ C:\Windows\PidVid_List

==================== Três meses (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2024-05-23 10:56 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SystemTemp
2024-05-23 10:55 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\AppReadiness
2024-05-23 10:55 - 2022-05-07 02:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-23 10:38 - 2022-05-07 02:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-05-23 10:38 - 2022-05-07 02:22 - 000000000 ____D C:\Windows\INF
2024-05-23 10:22 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\ServiceState
2024-05-23 10:22 - 2022-05-07 02:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-05-23 10:19 - 2022-05-07 02:17 - 000000000 ____D C:\Windows\CbsTemp
2024-05-23 09:36 - 2022-05-07 02:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-21 10:36 - 2022-05-07 02:17 - 000000000 ____D C:\Windows\servicing
2024-05-21 09:53 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\appcompat
2024-05-21 09:47 - 2022-05-07 02:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-21 09:42 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Windows Defender
2024-05-21 09:37 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-05-21 09:31 - 2023-12-04 03:29 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\UUS
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SystemResources
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\setup
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\oobe
2024-05-21 09:31 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\migwiz
2024-05-21 09:30 - 2022-05-07 07:41 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2024-05-21 09:30 - 2022-05-07 07:41 - 000000000 ___SD C:\Windows\system32\AppV
2024-05-21 09:30 - 2022-05-07 07:41 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\system32\F12
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\SystemApps
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\Dism
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\DDFs
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\ShellComponents
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\Provisioning
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\BrowserCore
2024-05-21 09:30 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\bcastdvr
2024-05-20 22:25 - 2022-05-07 02:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-05-20 22:24 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2024-05-20 22:07 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\spool
2024-05-20 22:07 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\AppLocker
2024-05-20 22:06 - 2022-05-07 02:24 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2024-05-20 22:05 - 2022-05-07 02:24 - 000000000 ____D C:\Program Files\Windows NT
2024-05-20 22:02 - 2022-05-07 02:24 - 000028672 _____ C:\Windows\system32\config\BCD-Template

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Atualização: 23/05/2024 14:02

Addiction>>>>

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 22.05.2024 01
Executado por duale (23-05-2024 13:50:03)
Executando a partir de C:\Users\duale\Downloads
Microsoft Windows 11 Pro Versão 23H2 22631.3593 (X64) (2024-05-21 01:06:54)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================


(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-3759683153-133194237-3245559897-500 - Administrator - Disabled)
Convidado (S-1-5-21-3759683153-133194237-3245559897-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-3759683153-133194237-3245559897-503 - Limited - Disabled)
duale (S-1-5-21-3759683153-133194237-3245559897-1001 - Administrator - Enabled) => C:\Users\duale
WDAGUtilityAccount (S-1-5-21-3759683153-133194237-3245559897-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

DBeaver 24.0.5 (current user) (HKU\S-1-5-21-3759683153-133194237-3245559897-1001\...\DBeaver (current user)) (Version: 24.0.5 - DBeaver Corp)
Discord (HKU\S-1-5-21-3759683153-133194237-3245559897-1001\...\Discord) (Version: 1.0.9147 - Discord Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.76 - Google LLC)
Malwarebytes version 5.1.4.112 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.4.112 - Malwarebytes)
Microsoft 365 Apps para Pequenos e Médios negócios - pt-br (HKLM\...\O365BusinessRetail - pt-br) (Version: 16.0.17531.20152 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.51 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.51 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.091.0505.0003 - Microsoft Corporation)
Microsoft Power BI Desktop (x64) (HKLM\...\{7fc5c127-96a1-46d2-bdae-e7ebdf0205f5}) (Version: 2.129.905.0 - Microsoft Corporation) Hidden
Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{07e1b21b-b277-4edc-8f37-dc535344478f}) (Version: 2.129.905.0 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.13005 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
NVIDIA Driver de áudio HD 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Driver de gráficos 552.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 552.44 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA Software do sistema PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NZXT CAM 4.61.7 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.61.7 - NZXT, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden

Packages:
=========

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2024-05-20] (Microsoft Studios) [MS Ad]
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24102.2223.2870.9480_x64__8wekyb3d8bbwe [2024-05-22] (Microsoft) [Startup Task]
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24042.39.0_x64__cw5n1h2txyewy [2024-05-22] (Microsoft Windows) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-05-20] (NVIDIA Corp.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2419.11.0_x64__cv1g1gvanyjgm [2024-05-23] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-05-21] (Microsoft Windows)

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-3759683153-133194237-3245559897-1001_Classes\CLSID\{04271989-C4D2-0845-B508-B46483D44C69} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3759683153-133194237-3245559897-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\duale\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.13005\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-23] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.091.0505.0003\FileSyncShell64.dll [2024-05-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_de8e1115ac61e38a\nvshext.dll [2024-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-05-23] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Atalhos & WMI ========================

==================== Módulos Carregados (Whitelisted) =============

2024-05-21 11:13 - 2024-05-21 11:13 - 018612224 _____ () [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.mshtml\28f3f1d69e1c4b12572866fa74fd062b\Microsoft.mshtml.ni.dll
2024-05-21 11:24 - 2024-05-21 11:24 - 000096768 _____ () [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P5f22447e#\4be5bda7f777ce0734f880b5d35a8a0e\Microsoft.Practices.Prism.PubSubEvents.ni.dll
2024-05-21 11:23 - 2024-05-21 11:23 - 002966016 _____ (J2N) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\J2N\9b05ade922ba5ced43756167a7b4fd29\J2N.ni.dll
2024-05-21 11:24 - 2024-05-21 11:24 - 000113664 _____ (Microsoft) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8007f535#\5479556ae9cca234d66cbc4cfb43b4c3\Microsoft.Web.WebView2.WinForms.ni.dll
2024-05-21 11:24 - 2024-05-21 11:24 - 001893376 _____ (Microsoft) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfa5596bb#\2e1f67dd8977359819c37b3bb85864f8\Microsoft.Web.WebView2.Core.ni.dll
2024-05-21 11:25 - 2024-05-21 11:25 - 000404992 _____ (Microsoft.Identity.Client.NativeInterop) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.I27b3d2ea#\29b85d523a67d1f5908b086594ef7730\Microsoft.Identity.Client.NativeInterop.ni.dll
2024-05-21 11:24 - 2024-05-21 11:24 - 032273408 _____ (Microsoft.Mashup.Client.Desktop.UI) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.M79db2454#\7276fb15de4e2462c4860414558b85d1\Microsoft.Mashup.Client.Desktop.UI.ni.dll
2024-05-21 11:23 - 2024-05-21 11:23 - 000271360 _____ (Microsoft.Mashup.Web.Utilities) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Me9003ddb#\0bc5697e90cd25c1da206fbabdabfabf\Microsoft.Mashup.Web.Utilities.ni.dll
2024-05-21 11:24 - 2024-05-21 11:24 - 000060928 _____ (Microsoft.Mashup.WebViews) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.M1dfc7a6d#\064c98aa2d24a188d00431fee1b86032\Microsoft.Mashup.WebViews.ni.dll
2024-05-21 11:24 - 2024-05-21 11:24 - 000207872 _____ (Microsoft.Mashup.WebViews.App.Common) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.M1a528701#\deb8e44a8e5c25e6416133dc919c3a6c\Microsoft.Mashup.WebViews.App.Common.ni.dll
2024-05-21 11:24 - 2024-05-21 11:24 - 000107520 _____ (Microsoft.Mashup.WebViews.Windows.EdgeChromium) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Me660cb9b#\8291b7958a78b6d03ad9b49a32f2eb2d\Microsoft.Mashup.WebViews.Windows.EdgeChromium.ni.dll
2024-05-21 11:12 - 2024-05-21 11:12 - 003884544 _____ (Newtonsoft) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\33b839d1b7d68746d6cf900a829f229e\Newtonsoft.Json.ni.dll
2024-05-21 11:24 - 2024-05-21 11:24 - 001577984 _____ (The Apache Software Foundation) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Lucene.Net.39c79703#\64cd75443991354729c6e5a1dcfb8964\Lucene.Net.QueryParser.ni.dll
2024-05-21 11:24 - 2024-05-21 11:24 - 009080832 _____ (The Apache Software Foundation) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Lucene.Net.d84edf5f#\386546e39d7bcc2e3ae74fc61709e98f\Lucene.Net.Analysis.Common.ni.dll
2024-05-21 11:23 - 2024-05-21 11:23 - 009700864 _____ (The Apache Software Foundation) [Arquivo não assinado] C:\Windows\assembly\NativeImages_v4.0.30319_64\Lucene.Net\72b9112739d1b688271cda68762163bc\Lucene.Net.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Users\duale\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]

==================== Modo de Segurança (Whitelisted) ==================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-21] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-3759683153-133194237-3245559897-1001\...\sharepoint.com -> hxxps://arquitetosdasaudecombr709-files.sharepoint.com

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2022-05-07 02:24 - 2022-05-07 02:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-3759683153-133194237-3245559897-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\duale\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\7166203906707225407\133609426839589677.jpg
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{39CD2418-E77E-42BB-88D9-0EA0BA1E70F6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0E8F1F6-E352-4076-863B-F3715EE09C37}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D87C80CB-E9A3-44D4-8A77-B8A84B797BA2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{267C107A-ECE3-49CA-A2AE-1201571EE1D9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C318CD43-DAFC-41E7-B05A-28009876DCA2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{31514233-17A0-440A-AF89-EAB88C438014}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24102.2223.2870.9480_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13677BAA-AA56-49FA-8D98-E8DEBF842D4B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24102.2223.2870.9480_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC8653F6-F0FE-4F07-AA67-D8FB2D923E90}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.51\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{03B894D1-FC3D-43D2-ACAD-AC381DB10AE0}C:\users\duale\downloads\anydesk.exe] => (Allow) C:\users\duale\downloads\anydesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{B3A535C6-1189-4354-AF7C-55F2444E8FB0}C:\users\duale\downloads\anydesk.exe] => (Allow) C:\users\duale\downloads\anydesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{DFBB22D7-D50F-406C-A3F0-EABB68B835EA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Pontos de Restauração =========================


==================== Dispositivos Apresentando Falhas No Gerenciador ============


==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (05/23/2024 10:22:41 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT)
Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\DUUUH$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 23 May 2024 13:22:50 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d049edf5-fbda-4de2-bb20-dc1874ec665d

Método: GET(157ms)
Estágio: GetCACaps
Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/23/2024 10:22:41 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT)
Description: Falha na inicialização do registro de certificado SCEP para Sistema local via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 23 May 2024 13:22:50 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 6f4210b9-6660-4c42-afe4-07aff7a66d9a

Método: GET(203ms)
Estágio: GetCACaps
Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/23/2024 09:27:38 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT)
Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\DUUUH$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 23 May 2024 12:27:47 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 719b2b09-b225-4a7a-b2a4-d4ff26a63ca3

Método: GET(172ms)
Estágio: GetCACaps
Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/23/2024 09:27:38 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT)
Description: Falha na inicialização do registro de certificado SCEP para Sistema local via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 23 May 2024 12:27:46 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f189a53f-3df6-4ffa-9cf6-f212a9c96a38

Método: GET(234ms)
Estágio: GetCACaps
Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/22/2024 09:14:04 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT)
Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\DUUUH$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 22 May 2024 12:14:12 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: edffb37b-87f9-4c61-8812-134940740670

Método: GET(156ms)
Estágio: GetCACaps
Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/22/2024 09:14:04 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT)
Description: Falha na inicialização do registro de certificado SCEP para Sistema local via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 22 May 2024 12:14:11 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: c6b1bd69-7ad0-4ad0-a406-fb2b0264eae4

Método: GET(297ms)
Estágio: GetCACaps
Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/22/2024 09:09:48 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT)
Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\DUUUH$ via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 22 May 2024 12:09:56 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 8fb18839-6319-43b0-beb2-8805e2c1d169

Método: GET(156ms)
Estágio: GetCACaps
Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (05/22/2024 09:09:48 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT)
Description: Falha na inicialização do registro de certificado SCEP para Sistema local via https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 22 May 2024 12:09:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 6bb4cb9d-1a48-4709-88e9-83fbe91e02d1

Método: GET(188ms)
Estágio: GetCACaps
Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)


Erros de Sistema:
=============
Error: (05/23/2024 10:22:37 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: AUTORIDADE NT)
Description: A atualização de Inicialização Segura falhou ao atualizar uma variável da Inicialização Segura com o erro -2147020471. Para mais informações, consulte https://go.microsoft.com/fwlink/?linkid=2169931

Error: (05/23/2024 10:21:55 AM) (Source: DCOM) (EventID: 10010) (User: DUUUH)
Description: O servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} não se registrou no DCOM dentro do tempo limite necessário.

Error: (05/23/2024 09:35:31 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: AUTORIDADE NT)
Description: A atualização de Inicialização Segura falhou ao atualizar uma variável da Inicialização Segura com o erro -2147020471. Para mais informações, consulte https://go.microsoft.com/fwlink/?linkid=2169931

Error: (05/23/2024 09:27:35 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: AUTORIDADE NT)
Description: A atualização de Inicialização Segura falhou ao atualizar uma variável da Inicialização Segura com o erro -2147020471. Para mais informações, consulte https://go.microsoft.com/fwlink/?linkid=2169931

Error: (05/22/2024 09:24:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80073d02: 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.

Error: (05/22/2024 09:14:01 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: AUTORIDADE NT)
Description: A atualização de Inicialização Segura falhou ao atualizar uma variável da Inicialização Segura com o erro -2147020471. Para mais informações, consulte https://go.microsoft.com/fwlink/?linkid=2169931

Error: (05/22/2024 09:12:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço NVIDIA Display Container LS foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço.

Error: (05/22/2024 09:12:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço NVIDIA Display Container LS foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 6000 milissegundos: Reiniciar o serviço.


Windows Defender:
================
Date: 2024-05-22 10:50:55
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {BDDA64D2-3C98-431E-B656-841584640CB4}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2024-05-22 09:33:15
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {CBDFD61B-B321-4B55-A410-E110CCCF612E}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

CodeIntegrity:
===============
Date: 2024-05-23 13:48:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Informações da Memória ===========================

BIOS: American Megatrends Inc. P5.60 01/18/2024
placa-mãe: ASRock X570 Pro4
Processador: AMD Ryzen 5 5600X 6-Core Processor
Percentagem de memória em uso: 50%
RAM física total: 32692.12 MB
RAM física disponível: 16241.46 MB
Virtual Total: 37812.12 MB
Virtual disponível: 14000.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.26 GB) (Free:355.98 GB) (Model: KINGSTON SA400S37480G) NTFS
Drive d: (Storage) (Fixed) (Total:931.51 GB) (Free:931.38 GB) (Model: ST1000DM010-2EP102) NTFS

\\?\Volume{daa799cd-cb60-4121-b48c-a432d0f44952}\ () (Fixed) (Total:0.76 GB) (Free:0.08 GB) NTFS
\\?\Volume{786963dc-c356-4820-a233-c1f555dad0c5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0005EDC2)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Fim de Addition.txt =======================
© 1999-2024 Hardware.com.br. Todos os direitos reservados.
Imagem do Modal