soulblack

Ele deu uma melhorada, mas ainda sinto uma certa lentidão para abrir pastas e programas, acredito que pode ser porque ele é bem fraquinho, só serve pra coisas básicas mesmo.

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 29-05-2023 Executado por black (05-06-2023 00:32:09) Run:1 Executando a partir de C:\Users\black\OneDrive\Área de Trabalho Perfis Carregados: black Modo da Inicialização: Normal ============================================== fixlist Conteúdo: ***************** CreateRestorePoint: CloseProcesses: Task: {0005F073-43F5-49AC-83F5-7C6849AEFD3A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation) Task: {0870F47C-DF65-4B98-975C-A433FD50307F} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [1629424 2018-06-12] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) Task: {0F71158E-9902-4FB5-918F-971ACDF733B5} - System32\Tasks\Samsung\SamsungUpdate\UserModeWorker => C:\Program Files\Samsung\SamsungUpdate\SUUserModeWorker.exe [28832 2019-04-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {1AA23C51-15D3-4FF7-9926-9D925DAF6938} - System32\Tasks\Samsung\SamsungSecurity\SecurityAppMoniter => C:\Program Files (x86)\Samsung\SamsungSecurity\SecurityAppChecker.exe [454384 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {1DEFC34B-9A57-4CCB-B79C-9A8D55C271D5} - System32\Tasks\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-23] (Google LLC -> Google LLC) Task: {20966A91-0728-41AE-944C-7646A5A016E1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Nenhum Arquivo) Task: {29D41907-5DE4-40BA-9981-62E9C08636F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.) Task: {2D2A5AC2-B3E0-400E-B516-F311C0241D03} - System32\Tasks\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-23] (Google LLC -> Google LLC) Task: {306BA4C6-9C9E-4886-AA8E-2BF62F8B015D} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499952 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {32CEB178-A09D-4A96-ACFE-7E577BB852BA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation) Task: {39BA2835-7D88-4621-9227-58E5F4966B78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation) Task: {3BDF1C4C-44C3-4C0F-A863-605E66DF1399} - System32\Tasks\ColorEngine => C:\Program Files\Samsung\ColorEngine\ColorEngine.exe [545440 2018-09-27] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {53F468DA-F0ED-460E-A37B-87BB118A768D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Task: {561F55A2-9AC8-45DF-85F3-628B15C4B11F} - System32\Tasks\HPCustParticipation HP DeskJet 2300 series => C:\Program Files\HP\HP DeskJet 2300 series\Bin\HPCustPartic.exe [6733472 2021-11-06] (HP Inc. -> HP Inc.) Task: {60204B5A-B610-45AD-A9B8-CE847637B688} - System32\Tasks\RtkAudUService64_BG => C:\windows\system32\RtkAudUService64.exe [1080552 2020-02-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {66814970-3FFF-4210-AB1F-52BC1C7F8201} - System32\Tasks\DPICustomized => C:\ProgramData\Samsung\DPICustomizing\FontCustomizing.exe [24736 2018-01-16] (Samsung Electronics CO., LTD. -> ) Task: {710E989A-5348-4442-8981-1A6511B10C4D} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499952 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {71B7E78C-D939-4EFE-9307-5CF8E526B533} - \Samsung\Settings\SettingsHibernateMonitor -> Nenhum Arquivo <==== ATENÇÃO Task: {830B5DC2-5AB5-48A3-ABA4-621C372E2936} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation) Task: {92EB0FBC-3EAF-40B9-A442-910979BF5021} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {A6D63C54-F63F-4E46-AC98-063441F5927C} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2760552 2017-05-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {B276F4B8-B317-4858-B264-89870391D08F} - System32\Tasks\Samsung\Recovery8\BulletUserModeWorker => C:\Program Files\Samsung\Recovery\BulletUserModeWorker.exe [347368 2019-03-20] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {CA9E80C0-B37E-48A1-BB37-6B4E679358E1} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ***************** Ponto de Restauração criado com sucesso. Processos fechados com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0005F073-43F5-49AC-83F5-7C6849AEFD3A}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0005F073-43F5-49AC-83F5-7C6849AEFD3A}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0870F47C-DF65-4B98-975C-A433FD50307F}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0870F47C-DF65-4B98-975C-A433FD50307F}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\SecTimeSync\TimeSyncInit => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SecTimeSync\TimeSyncInit" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0F71158E-9902-4FB5-918F-971ACDF733B5}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F71158E-9902-4FB5-918F-971ACDF733B5}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Samsung\SamsungUpdate\UserModeWorker => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\SamsungUpdate\UserModeWorker" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1AA23C51-15D3-4FF7-9926-9D925DAF6938}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AA23C51-15D3-4FF7-9926-9D925DAF6938}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Samsung\SamsungSecurity\SecurityAppMoniter => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\SamsungSecurity\SecurityAppMoniter" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DEFC34B-9A57-4CCB-B79C-9A8D55C271D5}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DEFC34B-9A57-4CCB-B79C-9A8D55C271D5}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20966A91-0728-41AE-944C-7646A5A016E1}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20966A91-0728-41AE-944C-7646A5A016E1}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{29D41907-5DE4-40BA-9981-62E9C08636F8}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29D41907-5DE4-40BA-9981-62E9C08636F8}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2D2A5AC2-B3E0-400E-B516-F311C0241D03}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D2A5AC2-B3E0-400E-B516-F311C0241D03}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA} => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{306BA4C6-9C9E-4886-AA8E-2BF62F8B015D}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{306BA4C6-9C9E-4886-AA8E-2BF62F8B015D}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginAccountMonitor => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\SamsungSecurity\SamsungSecurityPatternLoginAccountMonitor" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{32CEB178-A09D-4A96-ACFE-7E577BB852BA}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32CEB178-A09D-4A96-ACFE-7E577BB852BA}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates 2.0" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39BA2835-7D88-4621-9227-58E5F4966B78}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39BA2835-7D88-4621-9227-58E5F4966B78}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3BDF1C4C-44C3-4C0F-A863-605E66DF1399}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BDF1C4C-44C3-4C0F-A863-605E66DF1399}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\ColorEngine => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ColorEngine" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53F468DA-F0ED-460E-A37B-87BB118A768D}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53F468DA-F0ED-460E-A37B-87BB118A768D}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Performance Monitor => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Performance Monitor" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{561F55A2-9AC8-45DF-85F3-628B15C4B11F}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{561F55A2-9AC8-45DF-85F3-628B15C4B11F}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\HPCustParticipation HP DeskJet 2300 series => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCustParticipation HP DeskJet 2300 series" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{60204B5A-B610-45AD-A9B8-CE847637B688}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60204B5A-B610-45AD-A9B8-CE847637B688}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\RtkAudUService64_BG => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RtkAudUService64_BG" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{66814970-3FFF-4210-AB1F-52BC1C7F8201}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66814970-3FFF-4210-AB1F-52BC1C7F8201}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\DPICustomized => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DPICustomized" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{710E989A-5348-4442-8981-1A6511B10C4D}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{710E989A-5348-4442-8981-1A6511B10C4D}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginMonitor => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\SamsungSecurity\SamsungSecurityPatternLoginMonitor" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71B7E78C-D939-4EFE-9307-5CF8E526B533}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71B7E78C-D939-4EFE-9307-5CF8E526B533}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\Settings\SettingsHibernateMonitor" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{830B5DC2-5AB5-48A3-ABA4-621C372E2936}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{830B5DC2-5AB5-48A3-ABA4-621C372E2936}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates Logon => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates Logon" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92EB0FBC-3EAF-40B9-A442-910979BF5021}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92EB0FBC-3EAF-40B9-A442-910979BF5021}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001 => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6D63C54-F63F-4E46-AC98-063441F5927C}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6D63C54-F63F-4E46-AC98-063441F5927C}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\PowerManagement => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PowerManagement" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B276F4B8-B317-4858-B264-89870391D08F}" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B276F4B8-B317-4858-B264-89870391D08F}" => removido (a) com sucesso. C:\WINDOWS\System32\Tasks\Samsung\Recovery8\BulletUserModeWorker => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Samsung\Recovery8\BulletUserModeWorker" => removido (a) com sucesso. "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA9E80C0-B37E-48A1-BB37-6B4E679358E1}" => não encontrado (a) C:\WINDOWS\System32\Tasks\OneDrive Per-Machine Standalone Update Task => movido com sucesso "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Per-Machine Standalone Update Task" => removido (a) com sucesso. O sistema precisou ser reiniciado. ==== Fim de Fixlog 00:34:03 ====

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-05-2023 Executado por black (administrador) em ERICK (SAMSUNG ELECTRONICS CO., LTD. 550XBE/350XBE) (31-05-2023 23:36:18) Executando a partir de C:\Users\black\OneDrive\Área de Trabalho\FRST64.exe Perfis Carregados: black Plataforma: Microsoft Windows 11 Home Single Language Versão 22H2 22621.1702 (X64) Idioma: Português (Brasil) Navegador padrão: Chrome Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avpui.exe (C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityCmdServer.exe (C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityEventHandler.exe (C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpansionPack.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpansionUI.exe (C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpansionPack.exe ->) (Samsung Electronics CO., LTD. -> Samsung) C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe (C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpansionPack.exe (C:\Program Files\Samsung\SamsungUpdate\SUService.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungUpdate\SUEngine.exe (DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxEM.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13> (explorer.exe ->) (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\black\AppData\Roaming\Telegram Desktop\Telegram.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\SecurityAppChecker.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3f902faa7a5da85d\jhi_service.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_d392adf622e242f6\OneApp.IGCC.WinService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d3bdee8c45641e36\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d3bdee8c45641e36\IntelCpHeciSvc.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncHelper.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe (services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe (services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe (services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Recovery\BulletService.exe (services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungUpdate\SUService.exe (svchost.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7769fb49693b5f65\igfxext.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileCoAuth.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (svchost.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe (svchost.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\ColorEngine\ColorEngine.exe (svchost.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungUpdate\SUUserModeWorker.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [138214768 2022-11-03] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (Nenhum Arquivo) HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Nenhum Arquivo) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2604464 2023-05-24] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\Run: [MicrosoftEdgeAutoLaunch_32C7413498D45B691AF6E54C6F9ACC5E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152208 2023-05-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe [3379096 2017-06-27] (Samsung Electronics CO., LTD. -> Samsung) HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Program Files\Samsung\SamsungSettings\WlanAniControl.exe [3379096 2017-06-27] (Samsung Electronics CO., LTD. -> Samsung) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.90\Installer\chrmstp.exe [2023-05-31] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> ==================== Tarefas Agendadas (Whitelisted) ================= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0005F073-43F5-49AC-83F5-7C6849AEFD3A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation) Task: {0870F47C-DF65-4B98-975C-A433FD50307F} - System32\Tasks\SecTimeSync\TimeSyncInit => C:\Windows\SecTimeSync.exe [1629424 2018-06-12] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) Task: {0F71158E-9902-4FB5-918F-971ACDF733B5} - System32\Tasks\Samsung\SamsungUpdate\UserModeWorker => C:\Program Files\Samsung\SamsungUpdate\SUUserModeWorker.exe [28832 2019-04-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {1AA23C51-15D3-4FF7-9926-9D925DAF6938} - System32\Tasks\Samsung\SamsungSecurity\SecurityAppMoniter => C:\Program Files (x86)\Samsung\SamsungSecurity\SecurityAppChecker.exe [454384 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {1DEFC34B-9A57-4CCB-B79C-9A8D55C271D5} - System32\Tasks\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-23] (Google LLC -> Google LLC) Task: {20966A91-0728-41AE-944C-7646A5A016E1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Nenhum Arquivo) Task: {29D41907-5DE4-40BA-9981-62E9C08636F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.) Task: {2D2A5AC2-B3E0-400E-B516-F311C0241D03} - System32\Tasks\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-23] (Google LLC -> Google LLC) Task: {306BA4C6-9C9E-4886-AA8E-2BF62F8B015D} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginAccountMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499952 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {32CEB178-A09D-4A96-ACFE-7E577BB852BA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation) Task: {39BA2835-7D88-4621-9227-58E5F4966B78} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation) Task: {3BDF1C4C-44C3-4C0F-A863-605E66DF1399} - System32\Tasks\ColorEngine => C:\Program Files\Samsung\ColorEngine\ColorEngine.exe [545440 2018-09-27] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {53F468DA-F0ED-460E-A37B-87BB118A768D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Task: {561F55A2-9AC8-45DF-85F3-628B15C4B11F} - System32\Tasks\HPCustParticipation HP DeskJet 2300 series => C:\Program Files\HP\HP DeskJet 2300 series\Bin\HPCustPartic.exe [6733472 2021-11-06] (HP Inc. -> HP Inc.) Task: {60204B5A-B610-45AD-A9B8-CE847637B688} - System32\Tasks\RtkAudUService64_BG => C:\windows\system32\RtkAudUService64.exe [1080552 2020-02-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {66814970-3FFF-4210-AB1F-52BC1C7F8201} - System32\Tasks\DPICustomized => C:\ProgramData\Samsung\DPICustomizing\FontCustomizing.exe [24736 2018-01-16] (Samsung Electronics CO., LTD. -> ) Task: {710E989A-5348-4442-8981-1A6511B10C4D} - System32\Tasks\Samsung\SamsungSecurity\SamsungSecurityPatternLoginMonitor => C:\Program Files (x86)\Samsung\SamsungSecurity\SMessage.exe [499952 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {71B7E78C-D939-4EFE-9307-5CF8E526B533} - \Samsung\Settings\SettingsHibernateMonitor -> Nenhum Arquivo <==== ATENÇÃO Task: {830B5DC2-5AB5-48A3-ABA4-621C372E2936} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-14] (Microsoft Corporation -> Microsoft Corporation) Task: {92EB0FBC-3EAF-40B9-A442-910979BF5021} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {A6D63C54-F63F-4E46-AC98-063441F5927C} - System32\Tasks\PowerManagement => C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlClient.exe [2760552 2017-05-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {B276F4B8-B317-4858-B264-89870391D08F} - System32\Tasks\Samsung\Recovery8\BulletUserModeWorker => C:\Program Files\Samsung\Recovery\BulletUserModeWorker.exe [347368 2019-03-20] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) Task: {CA9E80C0-B37E-48A1-BB37-6B4E679358E1} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4147632 2023-05-24] (Microsoft Corporation -> Microsoft Corporation) Task: {EB389587-6DF1-4CA8-9B72-D7739F566B3A} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Nenhum Arquivo) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{a0780a34-6e89-45bc-81e0-1ea76649e80b}: [DhcpNameServer] 192.168.100.1 Edge: ======= Edge Profile: C:\Users\black\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-31] Edge Extension: (Kaspersky Protection) - C:\Users\black\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-05-28] Edge Extension: (Edge relevant text changes) - C:\Users\black\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-27] Edge HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-02-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-02-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-02-09] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\black\AppData\Local\Google\Chrome\User Data\Default [2023-05-31] CHR Extension: (Documentos Google off-line) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-23] CHR Extension: (Adblock - No More Ads) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblbcmmhijbfhblohmfjopjjlagmkgem [2023-01-23] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-23] CHR Profile: C:\Users\black\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-10] CHR Profile: C:\Users\black\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-05-23] CHR Extension: (Kaspersky Protection) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-01-23] CHR Extension: (Documentos Google off-line) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-23] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\black\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-23] CHR Profile: C:\Users\black\AppData\Local\Google\Chrome\User Data\System Profile [2023-05-30] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.) R2 AVP21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-14] (Microsoft Corporation -> Microsoft Corporation) R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncHelper.exe [3445680 2023-05-24] (Microsoft Corporation -> Microsoft Corporation) S3 klvssbridge64_21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\vssbridge64.exe [501008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.101.0514.0001\OneDriveUpdaterService.exe [3781512 2023-05-24] (Microsoft Corporation -> Microsoft Corporation) S3 Samsung PC Cleaner 2 Service; C:\Program Files\Samsung\Samsung PC Cleaner 2 Service\PCCleaner2Service.exe [1119000 2019-04-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 Samsung Settings Expansion Launcher; C:\Program Files\Samsung\SamsungSettings\SamsungSettingsExpLauncher.exe [226576 2019-02-20] (Samsung Electronics CO., LTD. -> ) R2 SamsungRecoveryService; C:\Program Files\Samsung\Recovery\BulletService.exe [522992 2019-03-20] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 SamsungSecurity Launcher; C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\SamsungSecurityLauncher.exe [2013424 2018-09-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 SamsungUpdateService; C:\Program Files\Samsung\SamsungUpdate\SUService.exe [423584 2019-04-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 SecPowerCtrlService; C:\Program Files (x86)\Samsung\PowerCtrlManager\PowerCtrlService.exe [1652584 2017-05-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [240264 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S1 klbackupdisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klbackupdisk.sys [112936 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 klbackupdisk.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klbackupdisk.sys [122768 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S1 klbackupflt.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klbackupflt.sys [234216 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 klbackupflt.Kaspersky4Win-21-9; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-9\klbackupflt.sys [233320 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S1 kldisk.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kldisk.sys [125736 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 kldisk.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\kldisk.sys [135032 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [53576 2023-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 KLFLT.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klflt.sys [548072 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 KLFLT.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klflt.sys [553096 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klgse.sys [713264 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 klgse.Kaspersky4Win-21-9; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-9\klgse.sys [713264 2023-05-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLHK.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klhk.sys [1826328 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 KLHK.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klhk.sys [1826328 2023-05-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klif.sys [1163544 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 KLIF.Kaspersky4Win-21-9; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-9\klif.sys [1140880 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98552 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klkbdflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klkbdflt.sys [115960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 klkbdflt.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klkbdflt.sys [125336 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 klmouflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klmouflt.sys [113448 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 klmouflt.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klmouflt.sys [124280 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd.Kaspersky4Win-21-13; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-13\klpd.sys [80672 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 klpd.Kaspersky4Win-21-9; C:\WINDOWS\System32\DRIVERS\Kaspersky4Win-21-9\klpd.sys [90472 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klpnpflt.sys [98040 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 klpnpflt.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klpnpflt.sys [107928 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) U0 klupd_Kaspersky4Win-21-13_arkmon; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_arkmon.sys [353896 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) U3 klupd_Kaspersky4Win-21-13_arkmon_884A2DE3; C:\ProgramData\Kaspersky Lab\AVP21.13\Temp\884A2DE375AE76CB792BE5F52BE82064\klupd_Kaspersky4Win-21-13_arkmon.sys [353896 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) U3 klupd_Kaspersky4Win-21-13_klark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klark.sys [350848 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) U0 klupd_Kaspersky4Win-21-13_klbg; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_klbg.sys [179864 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) U3 klupd_Kaspersky4Win-21-13_mark; C:\WINDOWS\System32\Drivers\klupd_Kaspersky4Win-21-13_mark.sys [259440 2023-05-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwfp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwfp.sys [179960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 klwfp.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\klwfp.sys [187768 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\klwtp.sys [415480 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps.Kaspersky4Win-21-13; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-13\kneps.sys [340264 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R4 kneps.Kaspersky4Win-21-9; C:\WINDOWS\system32\DRIVERS\Kaspersky4Win-21-9\kneps.sys [351640 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 mxtBootBridge; C:\WINDOWS\System32\drivers\mxtBootBridge.sys [66560 2018-06-26] (Solomon Systech Limited -> Atmel Corporation) R3 SamsungEventController; C:\WINDOWS\System32\drivers\SamsungEventController.sys [28456 2019-06-13] (WDKTestCert dotol,132048634660548123 -> Samsung) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-05-31 23:34 - 2023-05-31 23:37 - 000000000 ____D C:\FRST 2023-05-29 16:30 - 2023-05-29 16:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\Kaspersky4Win-21-13 2023-05-28 14:34 - 2023-05-28 14:35 - 006921625 _____ C:\Users\black\Downloads\76843485-conceitos-basicos-e1664229528.pdf 2023-05-28 13:31 - 2023-05-28 13:31 - 000000000 ____D C:\Users\black\AppData\Roaming\com.adobe.dunamis 2023-05-28 13:31 - 2023-05-28 13:31 - 000000000 ____D C:\Users\black\AppData\LocalLow\Adobe 2023-05-28 13:31 - 2023-05-28 13:31 - 000000000 ____D C:\Users\black\AppData\Local\SolidDocuments 2023-05-28 13:31 - 2023-05-28 13:31 - 000000000 ____D C:\Users\black\.ms-ad 2023-05-28 13:17 - 2023-05-30 00:51 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-05-28 13:15 - 2023-05-30 00:50 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-05-28 13:13 - 2023-05-28 13:13 - 000000000 ____D C:\Program Files\Adobe 2023-05-28 13:10 - 2023-05-28 13:13 - 000000000 ____D C:\Program Files\Common Files\Adobe 2023-05-28 13:09 - 2023-05-28 13:31 - 000000000 ____D C:\ProgramData\Adobe 2023-05-28 13:06 - 2023-05-28 13:31 - 000000000 ____D C:\Users\black\AppData\Local\Adobe 2023-05-25 20:33 - 2023-05-25 20:33 - 000000000 ____D C:\ProgramData\Honeygain 2023-05-25 20:28 - 2023-05-25 20:28 - 000000000 ____D C:\Users\black\AppData\Local\Honeygain 2023-05-25 20:27 - 2023-05-25 20:27 - 000000000 ____D C:\Users\black\AppData\Local\Sentry 2023-05-25 20:27 - 2023-05-25 20:27 - 000000000 ____D C:\Users\black\AppData\Local\IsolatedStorage 2023-05-25 20:23 - 2023-05-25 20:23 - 019106784 _____ (Honeygain) C:\Users\black\Downloads\Honeygain_install.exe 2023-05-23 21:15 - 2023-05-23 22:40 - 000000000 ____D C:\Users\black\AppData\Roaming\ZHP 2023-05-23 21:15 - 2023-05-23 21:15 - 000000000 ____D C:\Users\black\AppData\Local\ZHP 2023-05-23 20:52 - 2023-05-23 20:56 - 000000000 ____D C:\AdwCleaner 2023-05-23 20:50 - 2023-05-23 20:51 - 008791352 _____ (Malwarebytes) C:\Users\black\Downloads\adwcleaner_8.4.0.exe 2023-05-23 16:20 - 2023-05-23 16:20 - 000000000 ____D C:\Users\black\OneDrive\Documentos\Originals 2023-05-23 16:19 - 2023-05-31 00:33 - 000027648 ____H C:\Users\black\OneDrive\Documentos\photothumb.db 2023-05-20 14:43 - 2023-05-20 14:43 - 000769822 _____ C:\WINDOWS\system32\prfh0416.dat 2023-05-20 14:43 - 2023-05-20 14:43 - 000154934 _____ C:\WINDOWS\system32\prfc0416.dat 2023-05-20 14:42 - 2023-05-31 06:43 - 000000000 ____D C:\Users\black\AppData\Local\CrashDumps 2023-05-20 13:55 - 2023-05-20 13:55 - 000000000 ____D C:\Users\black\AppData\Local\mbam 2023-05-20 13:50 - 2023-05-20 13:50 - 002638680 _____ (Malwarebytes) C:\Users\black\Downloads\MBSetup-D8A2919F.exe 2023-05-11 17:08 - 2023-05-30 12:08 - 000000000 ____D C:\Users\black\OneDrive\Documentos\Backup pendrive 2023-05-11 13:39 - 2023-05-11 13:40 - 120246083 _____ C:\Users\black\Downloads\KineMaster_PREMIUM - v7.0.0.29940.GP_Tekmods.com.apk 2023-05-09 21:08 - 2023-05-09 21:08 - 000000000 ___HD C:\$WinREAgent 2023-05-09 09:44 - 2023-05-09 09:44 - 000000000 ____D C:\Users\black\AppData\Roaming\Microsoft\QuickStyles 2023-05-07 17:16 - 2023-05-07 17:16 - 000000000 ____D C:\Users\black\Downloads\rompackByByakkoKa 2023-05-07 17:14 - 2023-05-07 17:14 - 000132764 _____ C:\Users\black\Downloads\rompackByByakkoKa.zip 2023-05-06 16:47 - 2023-05-20 13:35 - 000000000 ____D C:\Users\black\AppData\Roaming\obs-studio 2023-05-06 16:47 - 2023-05-06 16:47 - 000000000 ____D C:\ProgramData\obs-studio-hook 2023-05-06 16:47 - 2023-05-06 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio 2023-05-06 16:45 - 2023-05-06 16:47 - 000000000 ____D C:\Program Files\obs-studio 2023-05-06 16:21 - 2023-05-11 17:49 - 000000000 ____D C:\Users\black\AppData\Roaming\fightcade-nativefier-b096d2 2023-05-05 23:16 - 2023-05-05 23:16 - 000001066 _____ C:\Users\black\AppData\Roaming\Microsoft\Windows\Start Menu\Fightcade2.lnk 2023-05-05 23:05 - 2023-05-05 23:16 - 000000000 ____D C:\Users\black\OneDrive\Documentos\Fightcade 2023-05-04 23:12 - 2023-05-04 23:24 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2023-05-04 23:12 - 2023-05-04 23:18 - 000000000 ___HD C:\WINDOWS\msdownld.tmp 2023-05-03 14:00 - 2023-05-03 14:02 - 028137595 _____ C:\Users\black\Downloads\Balanço-P-GF.jpg.zip 2023-05-01 12:34 - 2023-05-01 12:35 - 000000000 ____D C:\Users\black\AppData\Roaming\Microsoft\MMC ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-05-31 23:30 - 2023-01-21 15:55 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-05-31 22:58 - 2023-01-23 13:48 - 000000000 ____D C:\Program Files (x86)\Google 2023-05-31 20:07 - 2023-01-23 13:49 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-05-31 19:59 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-05-31 15:47 - 2023-01-26 15:37 - 000000000 ____D C:\Users\black\AppData\Roaming\Telegram Desktop 2023-05-30 22:43 - 2023-01-21 15:55 - 000000000 ___HD C:\Program Files\WindowsApps 2023-05-30 22:43 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-05-30 16:35 - 2023-01-22 14:29 - 000000000 ____D C:\Program Files\Common Files\AV 2023-05-30 12:07 - 2023-01-26 15:40 - 000000000 ____D C:\Users\black\Downloads\Telegram Desktop 2023-05-29 16:39 - 2023-04-01 19:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\Kaspersky4Win-21-9 2023-05-29 16:39 - 2023-01-22 15:08 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2023-05-29 16:39 - 2023-01-22 14:00 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2023-05-29 16:32 - 2023-01-22 15:09 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky.lnk 2023-05-29 16:31 - 2023-01-21 15:53 - 000000000 ____D C:\WINDOWS\INF 2023-05-29 16:29 - 2023-01-21 15:55 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-05-29 01:15 - 2023-02-13 11:49 - 000000000 ____D C:\Users\black\AppData\Roaming\Microsoft\Word 2023-05-29 01:14 - 2023-01-21 22:05 - 000000000 ____D C:\Users\black\AppData\Local\Packages 2023-05-28 13:31 - 2023-01-21 22:05 - 000000000 ____D C:\Users\black\AppData\Roaming\Adobe 2023-05-28 13:31 - 2023-01-21 22:01 - 000000000 ____D C:\Users\black 2023-05-27 06:58 - 2023-01-21 06:15 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-05-25 09:06 - 2023-01-21 06:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-05-24 22:38 - 2023-01-21 22:09 - 000000000 ___RD C:\Users\black\OneDrive 2023-05-24 22:37 - 2023-02-09 13:56 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-05-24 22:37 - 2023-02-09 13:56 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-05-24 22:37 - 2023-01-21 22:09 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3836000981-1062990447-1966762079-1001 2023-05-24 22:36 - 2023-02-09 20:58 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-05-24 11:55 - 2023-01-21 15:33 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2023-05-23 21:08 - 2023-01-21 22:05 - 000000000 __SHD C:\Users\black\IntelGraphicsProfiles 2023-05-23 20:59 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\ServiceState 2023-05-23 20:59 - 2023-01-21 06:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-05-23 20:59 - 2023-01-21 06:14 - 000000000 ____D C:\Intel 2023-05-23 20:58 - 2023-01-22 15:17 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK 2023-05-23 20:58 - 2023-01-21 15:33 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-05-23 20:58 - 2023-01-21 06:12 - 000012288 ___SH C:\DumpStack.log.tmp 2023-05-23 20:56 - 2023-01-21 06:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Samsung 2023-05-23 16:07 - 2023-02-10 13:37 - 000000000 ____D C:\Users\black\AppData\Roaming\Microsoft\Office 2023-05-22 08:37 - 2023-01-21 22:06 - 000000000 ____D C:\Users\black\AppData\Local\D3DSCache 2023-05-20 14:43 - 2023-01-21 06:39 - 001773112 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-05-18 17:05 - 2023-01-23 13:48 - 000003960 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{D87EEF6F-984F-44A6-951F-F1C55B8C2BDA} 2023-05-18 17:05 - 2023-01-23 13:48 - 000003836 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{D6B13CFB-C5E8-421B-9E39-3EAB59E81CDA} 2023-05-14 10:44 - 2023-02-09 13:27 - 000000000 ____D C:\Program Files\Microsoft Office 2023-05-13 01:50 - 2023-01-21 21:22 - 000003750 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{012A788F-BEEA-4DBB-9752-BF03D09A474C} 2023-05-13 01:50 - 2023-01-21 21:21 - 000003626 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{1CFB11E8-0C24-4470-A441-23296C43F2E1} 2023-05-10 23:27 - 2023-01-24 04:09 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-05-10 09:18 - 2023-01-21 06:12 - 000480120 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-05-10 05:57 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\UUS 2023-05-10 05:57 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-05-10 05:57 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-05-10 05:57 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\SystemResources 2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\setup 2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-05-10 05:56 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\Provisioning 2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-05-10 05:55 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-05-09 22:07 - 2023-01-21 15:41 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-05-09 22:05 - 2023-01-21 15:56 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2023-05-09 22:05 - 2023-01-21 15:55 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll 2023-05-09 22:05 - 2023-01-21 15:55 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2023-05-09 22:05 - 2023-01-21 15:55 - 000023775 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2023-05-09 21:39 - 2023-01-21 06:17 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-05-09 20:55 - 2023-01-23 13:12 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-05-09 20:45 - 2023-01-23 13:12 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-05-05 23:16 - 2019-05-15 00:23 - 000000000 ____D C:\ProgramData\Package Cache 2023-05-05 22:53 - 2023-02-09 20:57 - 000000000 ____D C:\Users\black\AppData\Roaming\Microsoft\Teams 2023-05-04 00:15 - 2023-01-21 15:55 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2023-05-03 00:05 - 2019-05-15 11:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-05-02 12:23 - 2023-01-21 06:38 - 000000000 ____D C:\ProgramData\Packages 2023-05-01 23:06 - 2023-04-01 19:13 - 000000000 ____D C:\WINDOWS\Minidump 2023-05-01 23:00 - 2023-04-04 17:33 - 000000000 ____D C:\Users\black\AppData\Roaming\discord 2023-05-01 18:31 - 2023-04-04 17:32 - 000000000 ____D C:\Users\black\AppData\Local\Discord ==================== Arquivos na raiz de alguns diretórios ======== 2019-05-15 00:25 - 2016-07-10 08:08 - 001834672 _____ (Samsung Electronics Co., Ltd.) C:\ProgramData\GammaLUTPatch.exe 2019-05-15 00:26 - 2018-06-12 06:26 - 000514048 _____ (Samsung Electronics Co., Ltd.) C:\ProgramData\Restore3DLUT.exe ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ======================== Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 29-05-2023 Executado por black (31-05-2023 23:42:01) Executando a partir de C:\Users\black\OneDrive\Área de Trabalho Microsoft Windows 11 Home Single Language Versão 22H2 22621.1702 (X64) (2023-01-21 09:37:16) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-3836000981-1062990447-1966762079-500 - Administrator - Disabled) black (S-1-5-21-3836000981-1062990447-1966762079-1001 - Administrator - Enabled) => C:\Users\black Convidado (S-1-5-21-3836000981-1062990447-1966762079-501 - Limited - Disabled) DefaultAccount (S-1-5-21-3836000981-1062990447-1966762079-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3836000981-1062990447-1966762079-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1046-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden ColorEngine (HKLM\...\{0B48E952-494A-408B-8D9D-5F3331F96659}) (Version: 4.7 - Samsung Electronics Co., Ltd.) Estudo de aprimoramento de produto para HP DeskJet 2300 series (HKLM\...\{0D3EBE65-13BB-4D2E-9292-16A27FBB70CB}) (Version: 51.3.4843.21310 - HP Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.90 - Google LLC) HP DeskJet 2300 series Software básico do dispositivo (HKLM\...\{3DDA44A3-BD9E-41D3-A78C-048E9F2C2B5F}) (Version: 51.3.4843.21310 - HP Inc.) HP Dropbox Plugin (HKLM-x32\...\{75B02B98-E7C8-470E-8DF9-7D1C97B9AE48}) (Version: 56.0.472.0 - HP) HP EmailSMTP Plugin (HKLM-x32\...\{0B17F225-E80B-4D8A-9E42-7FDF2AE10FD2}) (Version: 56.0.472.0 - HP) HP FTP Plugin (HKLM-x32\...\{28A0FAD3-A157-4B14-9DBC-D8BD4EC1D523}) (Version: 56.0.472.0 - HP) HP Google Drive Plugin (HKLM-x32\...\{00D1BCEE-6931-46C3-AF7D-0E16722C16E9}) (Version: 56.0.472.0 - HP) HP SFTP Plugin (HKLM-x32\...\{8C92FED7-4D28-4473-A3ED-31E96996C755}) (Version: 56.0.472.0 - HP Inc.) HP SharePoint Plugin (HKLM-x32\...\{5218A0C5-BDE8-4574-AB40-775891F84296}) (Version: 56.0.472.0 - HP) Intel(R) Chipset Device Software (HKLM\...\{C04E10F1-EDE0-4CFF-88E6-6267A8C45EE0}) (Version: 10.1.17854.8100 - Intel Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{3479FCE3-F7D2-4980-819A-767941440932}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.0.1072 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{AB0A64ED-7DD5-4524-A157-ED7051AB4F21}) (Version: 17.0.0.1072 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{7217727B-65E1-4E28-A315-122E8AB2B267}) (Version: 30.100.1841.2 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1841.2 - Intel Corporation) Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden Kaspersky (HKLM-x32\...\{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky) Hidden Kaspersky (HKLM-x32\...\InstallWIX_{E396C2E3-5292-33E9-949C-349C23D784D8}) (Version: 21.13.5.506 - Kaspersky) Microsoft .NET Host - 5.0.10 (x86) (HKLM-x32\...\{EEC610D2-6934-4567-A658-092A1429A21A}) (Version: 40.40.30412 - Microsoft Corporation) Hidden Microsoft .NET Host - 6.0.10 (x86) (HKLM-x32\...\{3B28977C-9163-48A5-A08C-C01327E18AE2}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 5.0.10 (x86) (HKLM-x32\...\{29F55E7D-9FB8-4F1D-A233-1F5995CB0FF5}) (Version: 40.40.30412 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.10 (x86) (HKLM-x32\...\{EBD44C5E-F1AF-4955-AEDF-F15D06384A9C}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 5.0.10 (x86) (HKLM-x32\...\{17675144-2D5B-4BA3-AF21-A65F7D824149}) (Version: 40.40.30412 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.10 (x86) (HKLM-x32\...\{98CA5A6B-4ECC-4E6D-BF18-6B20CBB6E5F4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden Microsoft 365 Apps para Grandes Empresas - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.16327.20248 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.57 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.57 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.101.0514.0001 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation) Microsoft você++ redistributables repacked. (HKLM\...\{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft você++ redistributables repacked. (HKLM-x32\...\{62678770-F459-4903-83E3-A2968F6CC242}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{ba8ab6bd-ad21-447e-b617-feee84353247}) (Version: 5.0.10.30418 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.10 (x86) (HKLM-x32\...\{DCE5198A-7449-4F9F-A630-C8363759D0FB}) (Version: 40.40.30418 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{0F3E4057-E2BB-4114-A646-F143DB5CE4C9}) (Version: 48.43.48870 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.10 (x86) (HKLM-x32\...\{9dd24b73-88e0-4f0f-882a-500e00d2bdef}) (Version: 6.0.10.31726 - Microsoft Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.0 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Peak Time Power Manager (HKLM-x32\...\{64D42C63-02D5-4129-A546-42BEC0D5AA77}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10487 - Qualcomm) Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.714 - Qualcomm Atheros) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8673 - Realtek Semiconductor Corp.) Samsung DPI Configuration (HKLM-x32\...\{E76A4AA2-A91E-4887-BF4F-47A763CE1203}) (Version: 1.0.16 - Samsung Electronics Co., Ltd.) Samsung PC Cleaner 2 Service (HKLM\...\{F0AD4757-E8D6-4651-8ED5-C114C2E9EBC0}) (Version: 2.0.4 - Samsung Electronics Co., Ltd.) Samsung Recovery Service (HKLM\...\{A942FE64-54BE-4787-A336-C0674F50A118}) (Version: 8.1.13 - Samsung Electronics Co., Ltd.) Samsung Security (HKLM-x32\...\{2903042E-401D-4E66-9E44-E67FAD87A315}) (Version: 1.00.31 - Samsung Electronics Co., Ltd.) Samsung Settings Expansion Pack (HKLM\...\{681B0715-1C17-4B7B-A82B-2590A734AB99}) (Version: 1.0.45 - Samsung Electronics Co., Ltd.) Samsung Update Service (HKLM\...\{09A7E0ED-CD87-4C2A-B75D-0BD0C9BAA99E}) (Version: 3.0.36 - Samsung Electronics Co., Ltd.) Software de dispositivo do Chipset Intel® (HKLM-x32\...\{32a1f79d-5643-4cfe-92a4-f7a82adf1b78}) (Version: 10.1.17854.8100 - Intel(R) Corporation) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.30767 - Microsoft Corporation) Telegram Desktop (HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.8.1 - Telegram FZ-LLC) WinRAR 6.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.20.0 - win.rar GmbH) Packages: ========= HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.3.1086.0_x64__v10z8vjag6ke6 [2023-05-19] (HP Inc.) Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\appup.intelgraphicscontrolpanel_3.3.0.0_x64__8j3eq9eme6ctt [2023-01-21] (INTEL CORP) Link Sharing -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.1412377A9806A_1.2.14.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2023-05-23] (LinkedIn) Little Artist -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.LittleArtist_1.1.13.0_neutral__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.) Live Message -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.LiveMessage_1.2.2.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.) ms-resource:AppDisplayName -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.873506AC0B4C_2.1.9.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.) ms-resource:AppStoreName -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-01-21] (Microsoft Corporation) ms-resource:DisplayName -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.9.704.0_x64__wyx1vj98g3asy [2023-05-27] (Samsung Electronics Co, Ltd.) ms-resource:PC_APP_DISPLAY_NAME -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.141238E141E93_2.1.34.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.) ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4979.0_x64__8j3eq9eme6ctt [2023-05-26] (INTEL CORP) [Startup Task] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2023-01-21] (Netflix, Inc.) Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_10.0.6613.0_x64__8wekyb3d8bbwe [2023-05-17] (Microsoft Corporation) [Startup Task] Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.178.0_x64__dt26b99r8h8gj [2023-04-20] (Realtek Semiconductor Corp) Samsung Notes -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungNotes_4.3.150.0_x64__wyx1vj98g3asy [2023-01-23] (Samsung Electronics Co, Ltd.) Samsung Recovery -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungRecovery_8.1.46.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.) Samsung Settings -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungSettings_1.0.49.0_x64__3c1yjt4zspk6g [2023-05-23] (Samsung Electronics Co. Ltd.) Samsung Update -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungUpdate_3.0.91.0_x64__3c1yjt4zspk6g [2023-05-09] (Samsung Electronics Co. Ltd.) SamsungDeviceCare -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPCCleaner_3.1.11.0_x64__3c1yjt4zspk6g [2023-05-30] (Samsung Electronics Co. Ltd.) ShellEx Package -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64 [2023-05-29] (0) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad] Studio Plus -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.StudioPlus_5.0.8.0_x64__3c1yjt4zspk6g [2023-02-15] (Samsung Electronics Co. Ltd.) WinRAR -> C:\Program Files\WinRAR [2023-02-09] (0) ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-29] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers2: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-29] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-29] (Kaspersky Lab JSC -> AO Kaspersky Lab) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.101.0514.0001\FileSyncShell64.dll [2023-05-24] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers6: [Kaspersky Anti-Virus 21.13] -> {0E70CD47-F3F0-4C43-B347-796CF9B1F06C} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\shellex.dll [2023-05-29] (Kaspersky Lab JSC -> AO Kaspersky Lab) ==================== Codecs (Whitelisted) ==================== ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2017-10-18 07:09 - 2017-10-18 07:09 - 001809920 _____ (SAMSUNG Electronics CO., LTD.) [Arquivo não assinado] C:\Program Files (x86)\Samsung\SamsungSecurity\CmdServer\HookDllUSB.DLL ==================== Alternate Data Streams (Whitelisted) ======== ==================== Modo de Segurança (Whitelisted) ================== (Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung17win10.msn.com/?pc=SMTE HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung17win10.msn.com/?pc=SMTE BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-02-09] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-03] (Microsoft Corporation -> Microsoft Corporation) (Se uma entrada for incluída na fixlist, será removida do Registro.) IE trusted site: HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\sharepoint.com -> hxxps://23tyy7-files.sharepoint.com ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2018-09-15 04:31 - 2018-09-15 04:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\black\Downloads\stretched-1366-768-681016.jpg DNS Servers: 192.168.100.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Firewall do Windows está desabilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_32C7413498D45B691AF6E54C6F9ACC5E" HKU\S-1-5-21-3836000981-1062990447-1966762079-1001\...\StartupApproved\Run: => "Discord" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{4C9FC3AE-69A2-4387-A714-A777F8F192C3}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{178B0794-6D5C-4BF7-9FFC-F1F376F533A2}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{78F79913-73BA-4707-9759-EB83B63444A4}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => Nenhum Arquivo FirewallRules: [{909D4713-D03E-45FE-9827-4B8C035CCD0C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => Nenhum Arquivo FirewallRules: [{8569CB20-6DA0-4304-A677-3E43E043CE9B}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe => Nenhum Arquivo FirewallRules: [{CCB6362C-819D-494E-9EA1-E9EFD8FF01B7}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.5.14.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe => Nenhum Arquivo FirewallRules: [{E5ECB5EB-0504-470E-9DDA-AC9FA6C44E84}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F6E1D8C7-6D51-433E-AE20-83817D11489A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F03A1EEE-51F5-4884-BD42-CAF426547913}] => (Allow) C:\Program Files\HP\HP DeskJet 2300 series\Bin\USBSetup.exe (HP Inc. -> HP Inc.) FirewallRules: [{CC5C22D6-C77E-487B-80F2-51A9193E50AC}] => (Allow) C:\Program Files\HP\HP DeskJet 2300 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.) FirewallRules: [{187ABAA9-ECA6-40B7-BCC6-4B605FA10567}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{786B114C-0E2D-4377-89B5-28646AC219BA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4DD52037-E6F5-4FB5-AC2E-4D6208744209}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D39D7B93-C0A1-4D07-AB88-66CDCF4FA64E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{EFBD6C97-A1F2-4080-A40A-B3E20D51A6D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E34F964E-9D65-435A-B117-4D166CDBD621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BB048195-2FCF-49AC-80E4-69F03C892187}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{E2A600CC-1681-4296-8AA7-3D0A6834C5BF}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.9.704.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> ) FirewallRules: [{D5AB9872-78BA-4A03-981D-793AA9567A05}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.9.704.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> ) FirewallRules: [{F24667FF-B9FD-4544-801C-7CC0C0FD7D63}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.9.704.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> ) FirewallRules: [{CC700757-5A5A-4DDA-89CB-401C14634B46}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_4.9.704.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> ) FirewallRules: [{5BD274B8-A06F-4FD1-9446-592F74058234}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{60EE9F2C-89E6-466C-9917-A5F0ADF1F7E0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Pontos de Restauração ========================= 23-05-2023 22:38:15 ZHPcleaner 25-05-2023 20:24:33 Installed Honeygain ==================== Dispositivos Apresentando Falhas No Gerenciador ============ ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (05/31/2023 06:43:08 AM) (Source: Application Error) (EventID: 1000) (User: ERICK) Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 10.0.22621.1, carimbo de data/hora: 0x004687c2 Nome do módulo com falha: biwinrt.dll, versão: 10.0.22621.1635, carimbo de data/hora: 0xa3e75401 Código de exceção: 0xc000027b Deslocamento da falha: 0x000000000001e9a7 ID do processo com falha: 0x0x6444 Hora de início do aplicativo com falha: 0x0x1d993a44a02b018 Caminho do aplicativo com falha: C:\WINDOWS\system32\backgroundTaskHost.exe Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll ID do Relatório: 41054975-dd9e-4385-b703-ee31f29a05bf Nome completo do pacote com falha: SAMSUNGELECTRONICSCO.LTD.StudioPlus_5.0.8.0_x64__3c1yjt4zspk6g ID do aplicativo relativo ao pacote com falha: App Error: (05/29/2023 07:03:14 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina QueryFullProcessImageNameW. hr = 0x8007001f, Um dispositivo conectado ao sistema não está funcionando. . Operação: Executando Operação Assíncrona Contexto: Estado Atual: DoSnapshotSet Error: (05/29/2023 01:14:52 AM) (Source: Application Error) (EventID: 1000) (User: ERICK) Description: Nome do aplicativo com falha: WINWORD.EXE, versão: 16.0.16327.20248, carimbo de data/hora: 0x644c7ce4 Nome do módulo com falha: wwlib.dll, versão: 16.0.16327.20248, carimbo de data/hora: 0x644ce399 Código de exceção: 0xc0000005 Deslocamento da falha: 0x0000000000a469a1 ID do processo com falha: 0x0x3fa4 Hora de início do aplicativo com falha: 0x0x1d991a15eaa066a Caminho do aplicativo com falha: C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE Caminho do módulo com falha: C:\Program Files\Microsoft Office\Root\Office16\wwlib.dll ID do Relatório: b39886ad-2d0b-409e-b528-9fe1b0179293 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (05/24/2023 06:43:47 AM) (Source: Application Error) (EventID: 1000) (User: ERICK) Description: Nome do aplicativo com falha: backgroundTaskHost.exe, versão: 10.0.22621.1, carimbo de data/hora: 0x004687c2 Nome do módulo com falha: biwinrt.dll, versão: 10.0.22621.1635, carimbo de data/hora: 0xa3e75401 Código de exceção: 0xc000027b Deslocamento da falha: 0x000000000001e9a7 ID do processo com falha: 0x0x15f0 Hora de início do aplicativo com falha: 0x0x1d98e2438ea56de Caminho do aplicativo com falha: C:\WINDOWS\system32\backgroundTaskHost.exe Caminho do módulo com falha: C:\Windows\System32\biwinrt.dll ID do Relatório: 1db517ad-087e-4261-9855-be8b4dcc1cb1 Nome completo do pacote com falha: SAMSUNGELECTRONICSCO.LTD.StudioPlus_5.0.8.0_x64__3c1yjt4zspk6g ID do aplicativo relativo ao pacote com falha: App Error: (05/23/2023 08:57:47 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado. . Error: (05/23/2023 08:57:47 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado. ] Error: (05/23/2023 08:57:47 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Erro do serviço de cópias de sombra de volume: erro inesperado ao chamar a rotina CoCreateInstance. hr = 0x8007045b, O sistema está sendo desligado. . Error: (05/23/2023 08:57:47 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informações sobre o Serviço de Cópias de Sombra de Volume: não é possível iniciar o Servidor COM com CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} e nome CEventSystem. [0x8007045b, O sistema está sendo desligado. ] Erros de Sistema: ============= Error: (05/30/2023 10:42:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80073d02: 9WZDNCRFJBMP-MICROSOFT.WINDOWSSTORE. Error: (05/29/2023 04:31:44 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: A chamada ScRegSetValueExW falhou para Start com o seguinte erro: Acesso negado. Error: (05/23/2023 09:14:05 PM) (Source: ACPI) (EventID: 4) (User: ) Description: AMLI: o BIOS da ACPI está tentando ler um endereço de porta de E/S (0x75) inválido, que está no intervalo de endereços protegido 0x74 - 0x76. Isso pode causar instabilidade no sistema. Contate o fornecedor do sistema para obter assistência técnica. Error: (05/23/2023 09:14:05 PM) (Source: ACPI) (EventID: 5) (User: ) Description: AMLI: o BIOS da ACPI está tentando gravar em um endereço de porta de E/S (0x74) inválido, que está no intervalo de endereços protegido 0x74 - 0x76. Isso pode causar instabilidade no sistema. Contate o fornecedor do sistema para obter assistência técnica. Error: (05/23/2023 08:59:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço SecPowerCtrlService. Error: (05/23/2023 08:56:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Microsoft Office Click-to-Run Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço. Error: (05/23/2023 08:56:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: O serviço Intel(R) Graphics Command Center Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es). Error: (05/23/2023 08:56:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: O serviço Samsung Update Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço. Windows Defender: ================ Date: 2023-05-29 00:33:20 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {68625080-108D-475B-AF28-2D36DD7855A7} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2023-05-28 00:28:27 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {07FAB2E9-7137-4944-9A39-91C364F571A4} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2023-05-27 00:45:21 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {7E35A06F-F995-4002-AE5A-7FCCD68FAB07} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2023-05-26 00:59:08 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {8ACD06E8-B0C6-4479-BAC7-6E21C8538ACE} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2023-05-25 00:59:05 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {6A000139-2D12-4570-BB6D-4576D07224FA} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Event[0] Date: 2023-02-18 19:14:41 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.383.160.0 Fonte da Atualização: Servidor do Microsoft Update Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.20000.2 Código de Erro: 0x8024402c Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte. Date: 2023-02-13 03:49:55 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: 1.381.3495.0 Fonte da Atualização: Servidor do Microsoft Update Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Completa Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: Versão Anterior do Mecanismo: 1.1.19900.2 Código de Erro: 0x80240438 Descrição do Erro: Erro inesperado ao verificar atualizações. Para obter informações sobre como instalar ou solucionar problemas de atualizações, consulte Ajuda e Suporte. Date: 2023-01-22 15:12:49 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: 1.381.2553.0 Versão da Inteligência de Segurança anterior: 1.381.2548.0 Fonte da Atualização: Usuário Tipo da Inteligência de Segurança: Anti-spyware Tipo da atualização: Delta Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: 1.1.19900.2 Versão Anterior do Mecanismo: 1.1.19900.2 Código de Erro: 0x80004004 Descrição do Erro: Operação anulada Date: 2023-01-22 15:12:49 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: 1.381.2553.0 Versão da Inteligência de Segurança anterior: 1.381.2548.0 Fonte da Atualização: Usuário Tipo da Inteligência de Segurança: Antivírus Tipo da atualização: Delta Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: 1.1.19900.2 Versão Anterior do Mecanismo: 1.1.19900.2 Código de Erro: 0x80004004 Descrição do Erro: Operação anulada Date: 2023-01-22 13:41:11 Description: Microsoft Defender Antivírus encontrou um erro ao tentar atualizar a inteligência de segurança. Nova Versão da Inteligência de Segurança: Versão da Inteligência de Segurança anterior: Fonte da Atualização: Usuário Tipo da Inteligência de Segurança: Anti-spyware Tipo da atualização: Completa Usuário: AUTORIDADE NT\SISTEMA Versão Atual do Mecanismo: Versão Anterior do Mecanismo: Código de Erro: 0x80070002 Descrição do Erro: O sistema não pode encontrar o arquivo especificado. CodeIntegrity: =============== Date: 2023-05-31 08:59:39 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements. Date: 2023-05-31 07:24:51 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\com_antivirus.dll that did not meet the Windows signing level requirements. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. P13REU.091.220223.JJ 02/23/2022 placa-mãe: SAMSUNG ELECTRONICS CO., LTD. NP350XBE-KDABR Processador: Intel(R) Celeron(R) CPU 4205U @ 1.80GHz Percentagem de memória em uso: 85% RAM física total: 3989.34 MB RAM física disponível: 595.23 MB Virtual Total: 14880.41 MB Virtual disponível: 2431.23 MB ==================== Drives ================================ Drive () (Fixed) (Total:450.19 GB) (Free:384.55 GB) (Model: SAMSUNG MZMLN128HCGR-000) NTFS \\?\Volume{b14fd758-04ae-452e-b90f-8da40d2c34c4}\ (Windows RE tools) (Fixed) (Total:0.83 GB) (Free:0.11 GB) NTFS \\?\Volume{9078874e-bae7-41ce-8c8a-026ed38abf15}\ (SAMSUNG_REC2) (Fixed) (Total:13.47 GB) (Free:1.69 GB) NTFS \\?\Volume{1ba4d1ef-9855-4dc3-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.43 GB) FAT32 \\?\Volume{983d71b3-6fff-4ae9-8520-01f6337172a2}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 26EA9241) Partition: GPT. ==================== Fim de Addition.txt =======================

Olá, fui continuar o passo a passo e quando fui abrir o executável como administrador, acusou como arquivo malicioso, posso executá-lo mesmo assim?

Segue os LOGS: # ------------------------------- # Malwarebytes AdwCleaner 8.4.0.0 # ------------------------------- # Build: 08-30-2022 # Database: 2022-10-10.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 05-23-2023 # Duration: 00:00:26 # OS: Windows 11 (Build 22621.1702) # Cleaned: 2 # Awaiting reboot:1 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.SamsungSettings Folder C:\Windows\System32\Tasks\SAMSUNG\SETTINGS Needs Reboot Preinstalled.SamsungColorEngine Folder C:\Program Files\SAMSUNG\COLORENGINE ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* ***** Reboot Required to Complete ***** ***** [ Folders ] ***** Cleaning failed C:\Program Files\SAMSUNG\COLORENGINE ************************* AdwCleaner[S00].txt - [1554 octets] - [23/05/2023 20:53:31] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## ~ ZHPCleaner v2023.5.19.20 by Nicolas Coolman (2023/05/20) ~ Run by black (Administrator) (23/05/2023 22:40:32) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Repair ~ Report : C:\Users\black\OneDrive\Área de Trabalho\ZHPCleaner (R).txt ~ Quarantine : C:\Users\black\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ System Restore Point : OK ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 22621) ---\\ Alternate Data Stream (ADS). (0) ~ No malicious or unnecessary items found. ---\\ Services (0) ~ No malicious or unnecessary items found. ---\\ Browser internet (0) ~ No malicious or unnecessary items found. ---\\ Hosts file (1) ~ The hosts file is legitimate (21) ---\\ Scheduled automatic tasks. (0) ~ No malicious or unnecessary items found. ---\\ Explorer ( File, Folder) (5) MOVED file: C:\Users\black\AppData\Local\Google\Chrome\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\black\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences =>Préférences Chromium MOVED file: C:\Users\black\AppData\Local\Microsoft\Edge\User Data\Default\Preferences =>Préférences Chromium MOVED file: C:\Users\black\Downloads\DiscordSetup.exe [Discord Inc. - Discord - https://discord.com/] =>.SUP.Discord MOVED folder: C:\Users\black\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc =>.SUP.Discord ---\\ Registry ( Key, Value, Data) (6) DELETED key*: HKEY_USERS\S-1-5-21-3836000981-1062990447-1966762079-1001\SOFTWARE\Discord [] =>.SUP.Discord DELETED key*: HKEY_USERS\S-1-5-21-3836000981-1062990447-1966762079-1001\SOFTWARE\Classes\AppXq0pwa73vfcn2qdexp8cexcc6qk87xh1r [] =>Adware.Navipromo DELETED key*: HKEY_USERS\S-1-5-21-3836000981-1062990447-1966762079-1001\SOFTWARE\Classes\Discord [URL:Discord Protocol] =>.SUP.Discord DELETED key**: HKCU\Software\Discord [] =>.SUP.Discord DELETED key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Discord [Discord Inc.] =>.SUP.Discord DELETED value: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Discord ["C:\Users\black\AppData\Local\Discord\Update.exe" ] =>.SUP.Discord ---\\ Summary of the elements found (3) https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium https://nicolascoolman.eu/forum/Topic/Discord-logiciel-potentiellement-superflu-lps/ =>.SUP.Discord https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Adware.Navipromo ---\\ Other deletions. (2) ~ Registry Keys Tracing deleted (2) ~ Remove the old reports ZHPCleaner. (0) ---\\ Result of repair ~ Repair carried out successfully ~ Google Chrome OK ~ Internet Explorer OK ---\\ Statistics ~ Items scanned : 1038 ~ Items found : 0 ~ Items cancelled : 0 ~ Space saving (bytes) : 0 ~ Items options : 9/17 ---\\ OPTIONS NOT ACTIVES ~ Temporary file analysis ~ Temporary folder analysis ~ Empty Folder CLSID Analysis ~ Empty Other Folder Analysis ~ Empty LocalLow Folder Analysis ~ Empty Local Folder Analysis ~ Obsolete Installer File Analysis ~ Start browsers with extensions removed ~ End of clean in 00h00mn26s ---\\ Reports (3) ZHPCleaner-[S]-23052023-21_43_44.txt ZHPCleaner-[S]-23052023-22_36_28.txt ZHPCleaner-[R]-23052023-22_40_58.txt

Meu Pc ultimamente anda muito lento, e recentemente eu percebi um processo estranho no gerenciador de tarefas, se chama: "WlanAniControl.exe" Eu não sei se isso é um vírus ou malware, mas toda vez que vou finalizar o processo, ele simplesmente some, e aparece outro no lugar, que pelo que eu entendi, tem a ver com algum driver da Samsung. Recentemente eu baixei o malware bytes e fiz a remoção de 2 malwares no meu Pc, mas não sei se resolveu. Outra coisa estranha, é que meu windows defender recomenda ações recomendadas, mas quando eu abro o Windows Defender, ele diz que tá tudo bem. Eu vou mandar algumas fotos para vcs verem como está, e se puderem me ajudar, eu ficaria extremamente agradecido.

Nossa,que triste,então vou trocar de computador,ou por jogos leves nele

Oi pessoal, ontem meu pai comprou um computador da montadora CCE com um processador Intel-Atom CPU D510, tipo aquele computador que já vem tudo integrado, o monitor também é o gabinete, novo que saiu agora CCE WN, 2GB memória, 320HD, Windows 7 STARTER. No outro dia, eu peguei o NFS Most Wanted, e instalei nele,só que ficou com MUIIIIIIIIIIIIIIIIITO lag e o gráfico ficou um lixo, lentidão pura, mesmo eu abaixando as propriedades de detalhes e a resolução do jogo, ai eu queria saber o que poderia ser, mas eu descobri uma coisa. Eu descobri que o pc não usa memória RAM para propriedades gráficas, e quando eu fui no painel de controle no sistema de classificação do desempenho do pc, a nota foi de 3,0 e ele não veio com nenhum CD de instalação de nada. Ah, eu achei que poderia ser o driver de vídeo que não estava instalado,mas se fosse isso, teria vindo com o CD, eu já tentei configurar a propriedade gráfica pelo Icone da intel da bandeja que fica em baixo, mas nem adiantou, e e nem sei se esses tipos de computador vem com placa de vídeo. Tem inúmeras possibilidades, mas e não entendo muito de hardware e de software ,então eu vim aqui pedir a ajuda das pessoas que frequentam esse fórum.