Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 11-12-2021 Executado por teste (administrador) em LUIZ (Acer Aspire A515-51G) (22-12-2021 15:39:16) Executando a partir de C:\Users\luize\Desktop Perfis Carregados: teste Plataforma: Microsoft Windows 10 Home Single Language Versão 21H1 19043.1415 (X64) Idioma: Português (Brasil) Navegador padrão: Opera Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) () [Arquivo não assinado] C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1623661264483.exe () [Arquivo não assinado] C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe (Acer Incorporated -> acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Acer Incorporated -> TODO: ) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe (ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe (ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe (Fresco Logic Inc -> Fresco Logic) C:\Program Files\Fresco Logic\Fresco Logic USB Display Driver\FL2000\x64\flvga_tray.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4b34c18659561116\IntelCpHeciSvc.exe (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <3> (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (OpenVPN) [Arquivo não assinado] C:\Program Files\OpenVPN Connect\OpenVPNConnect.exe <4> (Opera Software AS -> Opera Software) C:\Users\luize\AppData\Local\Programs\Opera\82.0.4227.33\opera_crashreporter.exe (Opera Software AS -> Opera Software) C:\Users\luize\AppData\Local\Programs\Opera\opera.exe <35> (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SweetLabs Inc. -> SweetLabs, Inc) C:\Users\luize\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.) [Arquivo não assinado] C:\Program Files (x86)\Internet Download Manager\IDMan.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1893312 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_ASC] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [flvga_tray] => C:\Program Files\Fresco Logic\Fresco Logic USB Display Driver\FL2000\x64\flvga_tray.exe [457336 2017-11-23] (Fresco Logic Inc -> Fresco Logic) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [flvga_tray32] => C:\Program Files\Fresco Logic\Fresco Logic USB Display Driver\FL2000\x86\flvga_tray.exe [431232 2017-11-23] (Fresco Logic Inc -> Fresco Logic) HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\luize\AppData\Local\Microsoft\Teams\Update.exe [2454240 2021-10-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default (Nenhum Arquivo) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\Run: [RemoteFilesTrayIcon] => C:\ProgramData\acer\abFiles\launchFiles.exe [27352 2017-05-17] (Acer Incorporated -> ) HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5445120 2020-08-01] (Tonec Inc.) [Arquivo não assinado] HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-04-12] (Valve -> Valve Corporation) HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\Run: [org.openvpn.client] => C:\Program Files\OpenVPN Connect\OpenVPNConnect.exe [110833152 2021-06-14] (OpenVPN) [Arquivo não assinado] HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\Run: [Opera Browser Assistant] => C:\Users\luize\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33618400 2021-12-21] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\MountPoints2: D - "D:\SETUP.EXE" HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\MountPoints2: {2ca1e06b-7020-11eb-99b9-e85fa1ae3e6f} - "F:\Autoplay.exe" HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\MountPoints2: {6eea6856-95b9-11eb-99c2-646e69b22c1a} - "F:\SETUP.EXE" HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\MountPoints2: {6eea686d-95b9-11eb-99c2-646e69b22c1a} - "G:\SETUP.EXE" HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\MountPoints2: {dcf38fd6-5d98-11ec-9a43-fc4596f7b8e5} - "D:\SETUP.EXE" HKU\S-1-5-21-2542068703-144574761-1523392838-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\testet\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-2542068703-144574761-1523392838-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\testet\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-2542068703-144574761-1523392838-1004\...\RunOnce: [Uninstall 21.109.0530.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\testet\AppData\Local\Microsoft\OneDrive\21.109.0530.0001" HKU\S-1-5-21-2542068703-144574761-1523392838-1004\...\MountPoints2: {6eea6856-95b9-11eb-99c2-646e69b22c1a} - "F:\Startup.exe" HKU\S-1-5-21-2542068703-144574761-1523392838-1004\...\MountPoints2: {6eea686d-95b9-11eb-99c2-646e69b22c1a} - "G:\Startup.exe" HKU\S-1-5-21-2542068703-144574761-1523392838-500\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-2542068703-144574761-1523392838-500\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Administrador\AppData\Local\Microsoft\Teams\update.exe [2454240 2021-10-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-2542068703-144574761-1523392838-500\...\Run: [org.openvpn.client] => C:\Program Files\OpenVPN Connect\OpenVPNConnect.exe [110833152 2021-06-14] (OpenVPN) [Arquivo não assinado] HKU\S-1-5-21-2542068703-144574761-1523392838-500\...\Run: [MicrosoftEdgeAutoLaunch_F051A690BAA67B3401A30F8EB7BB491E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKU\S-1-5-21-2542068703-144574761-1523392838-500\...\Run: [DAEMON Tools Ultra Automount] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [483184 2021-12-16] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-2542068703-144574761-1523392838-500\...\MountPoints2: {dcf38fd6-5d98-11ec-9a43-fc4596f7b8e5} - "D:\SETUP.EXE" HKU\S-1-5-21-2542068703-144574761-1523392838-500\...\MountPoints2: {f0c1903d-fbe7-11e7-9944-646e69b22c1a} - "D:\SETUP.EXE" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-13] (Google LLC -> Google LLC) IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-10-28] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) Startup: C:\Users\luize\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2021-10-21] ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Nenhum Arquivo) GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {077012E4-9C57-41D3-87DF-60F27372B26C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-22] (Google LLC -> Google LLC) Task: {11238D76-A99B-4649-B317-6C249B0CBB3D} - System32\Tasks\Opera scheduled assistant Autoupdate 1632681176 => C:\Users\luize\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\luize\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {17B62333-9EDB-4FC5-9103-ADB77164881C} - System32\Tasks\PicstreamAgent => C:\Program [Argument = Files (x86)\Acer\AOP Framework\uwplauncher.exe AcerIncorporated.6245439DEEE9E_48frkmn4z8aw4!abPhoto] Task: {2A4F337F-3818-433A-8A8F-0840B456F5CB} - System32\Tasks\Opera scheduled assistant Autoupdate 1624243697 => C:\Users\luize\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\luize\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {37B39744-6C9D-4319-9568-6AD8CC6B4696} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-20] (Microsoft Corporation -> Microsoft Corporation) Task: {43F0EBDD-83E9-4F6E-BBE7-98F4DB808616} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {46FD7D0A-8788-4970-911B-EA4FC083EA1E} - System32\Tasks\Opera scheduled Autoupdate 1632681172 => C:\Users\luize\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-14] (Opera Software AS -> Opera Software) Task: {4C13BFD1-F1F4-4544-ABB3-CC78F7BCA1B9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-22] (Google LLC -> Google LLC) Task: {554BE007-14C0-43D7-81D2-BA8D4A045F84} - System32\Tasks\Opera scheduled Autoupdate 1624243693 => C:\Users\luize\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-14] (Opera Software AS -> Opera Software) Task: {56A5A87B-1C7D-415B-A25F-86E49D1DBEE1} - System32\Tasks\update-S-1-5-21-2542068703-144574761-1523392838-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {67C52A27-DAFC-4FBB-9398-DC2DACC82B24} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {70467246-1A47-437A-B61E-6B073007919B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {7367E6CC-8CC4-4028-B0BA-9292DB492C99} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [215856 2017-05-23] (Acer Incorporated -> TODO: ) Task: {738B8DE1-C6A9-4A12-A44A-0BAC14EAD140} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7FD93B63-A61D-46B2-8D5B-458CDF8524D4} - System32\Tasks\Opera scheduled assistant Autoupdate 1579923526 => C:\Users\luize\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-14] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\luize\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {83DD68E8-E868-4D58-93D5-056A9FA582DE} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {8511A575-029B-4F72-8AFF-FD1F81A55919} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649152 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8DEE90CF-ED04-4C2A-9DA4-AB424C8BD68E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {8FB0DD8B-B316-4BB2-A41D-F2975982625D} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474368 2019-09-25] (Acer Incorporated -> Acer Incorporated) Task: {9B4562BC-ED99-4E73-ABED-228D0123D351} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {9B8180FD-F73E-426E-9C45-EE8AF0FE6C29} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1693632 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9ECDD678-1D15-4889-8E46-356F29A70AA2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AD8F50A1-1772-41A0-A398-65F31676BAD4} - System32\Tasks\Opera scheduled Autoupdate 1566604988 => C:\Users\luize\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-14] (Opera Software AS -> Opera Software) Task: {AFB89005-2B8B-4279-BC64-F6879E3690CA} - System32\Tasks\CareCenter\cmsc_Reg_HKLMWow6432Run => c:\program files (x86)\cmcm\Clean Master\cmtray.exe -autorun (Nenhum Arquivo) Task: {B412417F-EAE3-4337-A651-657AA72DE155} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B73565F3-E73E-462B-B3F5-E4E07E8E6984} - System32\Tasks\App Explorer => C:\Users\luize\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7822896 2021-12-15] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATENÇÃO Task: {BBDA5D4F-2C59-4CEB-BCBE-D2651463B957} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138584 2021-12-20] (Microsoft Corporation -> Microsoft Corporation) Task: {BCDBB474-F25E-4585-8834-CF1DBF626042} - System32\Tasks\CareCenter\SecurityHealth_Reg_HKLMRun => C:\Program Files\Windows Defender\MSASCuiL.exe (Nenhum Arquivo) Task: {C055FD00-3A36-438D-B91E-E0F3EB1A45D8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {C1971AEF-F267-4D45-BF80-2822BFEF5205} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-20] (Microsoft Corporation -> Microsoft Corporation) Task: {CF2459AA-CE62-487B-A141-C30F34AE788F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649152 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D1993E96-B520-4DCE-86B1-0768DE30A806} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D5530F77-5147-4EAD-B273-773A00B51300} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DF51CA2D-E476-4235-ADC4-976A068ACB40} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {E20A1F9E-4030-42B7-9267-B637D9472452} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {F0315182-D3A3-4D08-BBBB-D5C32393BC10} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F655A98C-0993-48B4-80A7-2352EB0E0499} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FF225BB9-840D-4519-9B14-4F7F3FE61142} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8388528 2021-12-20] (Microsoft Corporation -> Microsoft Corporation) Task: {FF4BB010-A870-4AE9-9A0A-656E6FD14B51} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112 2017-05-03] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FF6477A5-F65E-4A73-9210-DAE45ECDA696} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\update-S-1-5-21-2542068703-144574761-1523392838-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 181.213.132.2 181.213.132.3 Tcpip\..\Interfaces\{32587ab7-7448-44a3-bd93-306932157785}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{b7389e28-e290-4cad-b1ae-3b7445850ef9}: [NameServer] 208.67.222.222,208.67.220.220 Tcpip\..\Interfaces\{b7389e28-e290-4cad-b1ae-3b7445850ef9}: [DhcpNameServer] 181.213.132.2 181.213.132.3 Tcpip\..\Interfaces\{f3c84ef8-d2e3-4a51-91c5-be566d84e6e0}: [DhcpNameServer] 181.213.132.2 181.213.132.3 Edge: ======= Edge Profile: C:\Users\luize\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-18] Edge Extension: (IDM Integration Module) - C:\Users\luize\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-11-02] Edge HKU\S-1-5-21-2542068703-144574761-1523392838-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2020-08-01] FireFox: ======== FF DefaultProfile: xvxf44hd.default FF ProfilePath: C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default [2021-12-22] FF Homepage: Mozilla\Firefox\Profiles\xvxf44hd.default -> about:blank FF NetworkProxy: Mozilla\Firefox\Profiles\xvxf44hd.default -> type", 0 FF Extension: (YouTube Download Plus) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\addon@ytdownloader.info.xpi [2021-03-19] FF Extension: (Simple YouTube to MP3/MP4 Converter) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack.xpi [2018-08-31] FF Extension: (To Google Translate) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-23] FF Extension: (SoundCloud MP3 Downloader) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\jid1-hnmMaq1milpehc6uI@jetpack.xpi [2021-07-20] FF Extension: (Português (pt-BR) Language Pack) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\langpack-pt-BR@firefox.mozilla.org.xpi [2021-12-20] FF Extension: (Corretor gramatical e ortográfico — LanguageTool) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\languagetool-webextension@languagetool.org.xpi [2021-12-08] FF Extension: (Sem Nome) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2021-12-06] FF Extension: (Portuguese-Brazil Checker (Former Spelling)) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\pt-BR-1971@dictionaries.addons.mozilla.org.xpi [2018-12-12] FF Extension: (uBlock Origin) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\uBlock0@raymondhill.net.xpi [2021-12-06] FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\youtubedownloader@youtubedownloadvideo1clickgroup.com.xpi [2020-10-09] FF Extension: (O YouTube Downloader) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\{307f416a-39c0-49e0-8e96-cf802290e33c}.xpi [2021-06-08] FF Extension: (Return YouTube Dislike) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\{762f9885-5a13-4abd-9c77-433dcd38b8fd}.xpi [2021-12-17] FF Extension: (Vevioz Youtube Downloader) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\{7f4fdb0c-a234-4eda-bc9e-e1b2bc1c5f10}.xpi [2021-07-09] FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-11-22] FF Extension: (Video DownloadHelper) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01] FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2017-11-16] [] FF Extension: (Português (pt-BR) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pt-BR@firefox.mozilla.org [2017-11-16] [] FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2017-11-16] [] FF HKLM-x32\...\Firefox\Extensions: [helper-sig@savefrom.net] - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\extensions\staged\helper-sig@savefrom.net.xpi FF Extension: (SaveFrom.net helper) - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\extensions\staged\helper-sig@savefrom.net.xpi [2019-01-09] [UpdateUrl:hxxps://download.sf-helper.com/mozilla/updates.json] FF HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\Firefox\Extensions: [helper-sig@savefrom.net] - C:\Users\luize\AppData\Roaming\Mozilla\Firefox\Profiles\xvxf44hd.default\extensions\staged\helper-sig@savefrom.net.xpi FF HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\luize\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\luize\AppData\Roaming\IDM\idmmzcc5 [2020-10-13] [] [não assinado] FF HKU\S-1-5-21-2542068703-144574761-1523392838-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2018-01-09] (Adobe Systems Incorporated -> ) FF Plugin: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-07-22] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-07-22] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2018-01-09] (Adobe Systems Incorporated -> ) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.CryptoTab.com/CryptoTab Update;version=3 -> C:\Program Files (x86)\CryptoCompany\Update\1.3.99.31\npCryptoTabUpdate3.dll [Nenhum Arquivo] FF Plugin-x32: @tools.CryptoTab.com/CryptoTab Update;version=9 -> C:\Program Files (x86)\CryptoCompany\Update\1.3.99.31\npCryptoTabUpdate3.dll [Nenhum Arquivo] Chrome: ======= CHR DefaultProfile: Profile 2 CHR Profile: C:\Users\luize\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-22] CHR Profile: C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-12-21] CHR HomePage: Profile 2 -> hxxps://www.google.com.br/ CHR StartupUrls: Profile 2 -> "hxxps://www.google.com.br/","","hxxp://www.feevale.br/","hxxp://searchfunmoods.com/?f=1&a=1543n&cd=2XzuyEtN2Y1L1Qzu0FyE0C0EyEyCtDyC0Ezz0EyDtAtBzztBtN0D0Tzu0CyBtDtBtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1CzutCyDyEtA1G&cr=978522087&ir=","hxxp://websearch.searchguru.info/?pid=373&r=2013/12/08&hid=10277907611027540660&lg=BR&cc=BR&unqvl=43" CHR Extension: (Norton Password Manager) - C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\admmjipmmciaobhojoghlmleefbicajg [2021-11-17] CHR Extension: (Win7 Scrollbars) - C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cifcnoebhbpdndjendfkpehpfbglgfkc [2021-09-22] CHR Extension: (uBlock Origin) - C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-12-21] CHR Extension: (Adobe Acrobat) - C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-17] CHR Extension: (Word Online) - C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2021-09-22] CHR Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-12-21] CHR Extension: (NetBeans Connector) - C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2021-09-22] CHR Extension: (IDM Integration Module) - C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-10-28] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-22] CHR Extension: (Amazon Assistant para o Chrome) - C:\Users\luize\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-10-11] CHR Profile: C:\Users\luize\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-22] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-08-01] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2020-08-01] CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] Opera: ======= OPR Profile: C:\Users\luize\AppData\Roaming\Opera Software\Opera Stable [2021-12-22] OPR Notifications: Opera Stable -> hxxp://192.168.223.1; hxxps://intranet.multiclinica.com.br; hxxps://www.guj.com.br; hxxps://www.youtube.com OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Corretor gramatical e ortográfico — LanguageTool) - C:\Users\luize\AppData\Roaming\Opera Software\Opera Stable\Extensions\aepeanpnbhpclokahahihakiphmfoeco [2021-12-07] OPR Extension: (Google™ Translator Lite) - C:\Users\luize\AppData\Roaming\Opera Software\Opera Stable\Extensions\cbjljabajpnmappjhlnnlbahmmcngkpf [2021-06-26] OPR Extension: (Rich Hints Agent) - C:\Users\luize\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-09] OPR Extension: (Recursos Copiar e Colar do Office Online) - C:\Users\luize\AppData\Roaming\Opera Software\Opera Stable\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2021-11-25] OPR Extension: (Download with Internet Download Manager) - C:\Users\luize\AppData\Roaming\Opera Software\Opera Stable\Extensions\kajaikkhnmegmfnlifeklklaienhdekb [2020-10-15] OPR Extension: (Amazon Assistant Promotion) - C:\Users\luize\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15] OPR Extension: (Adblock - No More Ads) - C:\Users\luize\AppData\Roaming\Opera Software\Opera Stable\Extensions\mblbcmmhijbfhblohmfjopjjlagmkgem [2021-05-15] OPR Extension: (Google Tradutor) - C:\Users\luize\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2021-12-04] OPR Extension: (Youtube like-dislike ratio) - C:\Users\luize\AppData\Roaming\Opera Software\Opera Stable\Extensions\mgmmdklckabadidjlamdhjdclkmcifci [2021-12-16] StartMenuInternet: (HKU\S-1-5-21-2542068703-144574761-1523392838-1001) OperaStable - "C:\Users\luize\AppData\Local\Programs\Opera\Launcher.exe" ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 agent_ovpnconnect; C:\Program Files\OpenVPN Connect\agent_ovpnconnect_1623661264483.exe [3194368 2021-06-14] () [Arquivo não assinado] S2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3766512 2021-10-28] (philandro Software GmbH -> AnyDesk Software GmbH) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation) S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd) R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [7262064 2021-12-16] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2021-12-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.) S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-11-03] (HP Inc. -> HP Inc.) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.) S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [305664 2021-12-16] (Microsoft Windows -> Microsoft Corporation) R2 ovpnhelper_service; C:\Program Files\OpenVPN Connect\ovpnhelper_service.exe [3019776 2021-06-14] () [Arquivo não assinado] S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-03] (ADLICE (ASCOET JULIEN) -> ) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [299824 2017-05-23] (Acer Incorporated -> acer) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2018-01-18] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2021-12-16] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2021-12-16] (AVB Disc Soft, SIA -> Disc Soft Ltd) R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) S3 fl2000; C:\WINDOWS\System32\drivers\fl2000.sys [205944 2017-11-23] (Fresco Logic Inc -> Fresco Logic) S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) S3 IndirectDisplayBus; C:\WINDOWS\System32\drivers\IndirectDisplayBus.sys [25592 2019-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [89776 2018-01-22] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-20] (Acer Incorporated -> Acer Incorporated) R3 MpKsl4ea48d10; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5602DF9-DF45-424F-8CC6-7F7A88FBAEEB}\MpKslDrv.sys [134376 2021-12-22] (Microsoft Windows -> Microsoft Corporation) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-20] (Acer Incorporated -> Acer Incorporated) R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc. -> SafeNet, Inc.) R3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [40128 2021-06-14] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [216080 2020-07-10] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [227528 2020-07-10] (Oracle Corporation -> Oracle Corporation) R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-12-22 15:39 - 2021-12-22 15:49 - 000042028 _____ C:\Users\luize\Desktop\FRST.txt 2021-12-22 15:36 - 2021-12-22 15:48 - 000000000 ____D C:\FRST 2021-12-22 15:33 - 2021-12-22 15:33 - 002311168 _____ (Farbar) C:\Users\luize\Desktop\FRST64.exe 2021-12-22 15:31 - 2021-12-22 15:32 - 008540344 _____ (Malwarebytes) C:\Users\luize\Desktop\adwcleaner_8.3.1.exe 2021-12-22 14:05 - 2021-12-22 14:05 - 000223784 _____ C:\Users\luize\Downloads\WhatsApp Image 2021-12-22 at 13.57.29.jpeg 2021-12-22 09:47 - 2021-12-22 12:05 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2021-12-22 09:40 - 2021-12-22 09:44 - 000000000 ____D C:\Users\luize\Documents\Arquivos do Outlook 2021-12-22 08:39 - 2021-12-22 08:39 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys 2021-12-21 11:54 - 2021-12-21 11:54 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2021-12-21 11:48 - 2021-12-21 11:48 - 000095107 _____ C:\Users\luize\Documents\ok.prn 2021-12-21 09:15 - 2021-12-21 09:15 - 000000000 ____D C:\Users\luize\AppData\Local\drmingw 2021-12-21 09:03 - 2021-12-21 09:15 - 000000000 ____D C:\Program Files\CodeBlocks 2021-12-20 09:41 - 2021-12-20 09:41 - 000010347 _____ C:\Users\luize\Downloads\OS 69364 MULTICLINICA.pdf 2021-12-20 09:19 - 2021-12-20 09:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-12-20 09:17 - 2021-12-21 08:14 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-12-19 15:26 - 2021-12-19 15:26 - 000001059 _____ C:\Users\luize\Downloads\status_reports_2021-12-19T18-26-51+00-00.csv 2021-12-19 14:03 - 2021-12-19 14:03 - 000000134 _____ C:\Users\luize\Downloads\new_user_credentials.csv 2021-12-17 08:12 - 2021-12-17 08:12 - 000000000 ____D C:\WINDOWS\SystemTemp 2021-12-16 22:28 - 2021-12-16 22:28 - 000000000 ____D C:\Users\luize\AppData\Roaming\DAEMON Tools Ultra 2021-12-16 10:29 - 2021-12-16 10:29 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2021-12-16 10:29 - 2021-12-16 10:29 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-12-16 10:24 - 2021-12-16 10:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe 2021-12-16 10:24 - 2021-12-16 10:24 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-12-16 09:07 - 2021-12-16 09:07 - 000000000 ___HD C:\$WinREAgent 2021-12-16 00:41 - 2021-12-16 00:42 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\DAEMON Tools Ultra 2021-12-16 00:41 - 2021-12-16 00:41 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2021-12-16 00:41 - 2021-12-16 00:41 - 000000000 ____D C:\Users\Public\Documents\Catch! 2021-12-16 00:41 - 2021-12-16 00:41 - 000000000 ____D C:\Users\Administrador\AppData\Local\Disc_Soft_Ltd 2021-12-16 00:40 - 2021-12-16 00:40 - 000059344 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtultrausbbus.sys 2021-12-16 00:40 - 2021-12-16 00:40 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtultrascsibus.sys 2021-12-16 00:40 - 2021-12-16 00:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Ultra 2021-12-16 00:40 - 2021-12-16 00:40 - 000000000 ____D C:\Program Files\DAEMON Tools Ultra 2021-12-16 00:39 - 2021-12-16 00:41 - 000000000 ____D C:\ProgramData\DAEMON Tools Ultra 2021-12-16 00:36 - 2021-12-16 00:38 - 033313648 _____ (Disc Soft Ltd) C:\Users\Administrador\Downloads\daemon-tools-5-7-0.exe 2021-12-16 00:16 - 2021-12-16 00:16 - 000000000 ____D C:\Users\Administrador\AppData\Local\NVIDIA 2021-12-15 16:35 - 2021-12-15 16:35 - 000159542 _____ C:\Users\luize\Desktop\05-Autenticacao-Usuarios-ProxySquid.pdf 2021-12-15 09:20 - 2021-12-15 09:20 - 000001876 _____ C:\Users\luize\Desktop\marcacao.txt 2021-12-14 20:31 - 2021-12-14 20:31 - 000052697 _____ C:\Users\luize\AppData\Roaming\WinUsbDisplay.dmp 2021-12-14 20:19 - 2021-12-14 20:24 - 000000000 ____D C:\WINDOWS\TempInst 2021-12-14 19:00 - 2019-09-18 08:29 - 000025592 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\IndirectDisplayBus.sys 2021-12-14 10:46 - 2021-12-22 12:11 - 000001254 _____ C:\Users\luize\Desktop\passo a passo.txt 2021-12-13 21:13 - 2021-12-13 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes 2021-12-13 09:38 - 2021-12-14 09:43 - 000000000 ____D C:\Users\luize\Desktop\Nova pasta 2021-12-13 09:00 - 2021-12-20 10:43 - 000000000 ____D C:\Users\luize\Desktop\pasta02 2021-12-13 08:46 - 2021-12-13 08:46 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2542068703-144574761-1523392838-1001 2021-12-10 09:29 - 2021-12-10 09:29 - 000340562 _____ C:\Users\luize\Downloads\IMPRESSORA SALA FONO SL.pdf 2021-12-10 09:21 - 2021-12-10 09:21 - 000341420 _____ C:\Users\luize\Downloads\IMPRESSORA RECEPÇÃO SL.pdf 2021-12-10 01:09 - 2021-12-17 08:13 - 000000000 ___SD C:\WINDOWS\system32\lxss 2021-12-10 01:09 - 2021-12-10 01:09 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss 2021-12-09 14:46 - 2021-12-09 17:18 - 000081954 _____ C:\Users\luize\Downloads\PCMSO.odt 2021-12-09 11:43 - 2021-12-20 11:59 - 000000000 ____D C:\Users\luize\Desktop\outro pc 2021-12-02 22:50 - 2021-12-02 22:51 - 000000000 ____D C:\Users\luize\AppData\Local\DeadByDaylight 2021-12-02 22:47 - 2021-12-02 22:48 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2021-12-02 22:47 - 2021-12-02 22:47 - 000000000 ____D C:\Users\luize\AppData\Roaming\EasyAntiCheat 2021-12-02 21:19 - 2021-12-02 21:19 - 000000357 _____ C:\Users\luize\Desktop\Dead by Daylight.url 2021-12-02 19:59 - 2021-12-02 19:59 - 000000000 ____D C:\Program Files\Epic Games 2021-12-02 19:48 - 2021-12-02 22:51 - 000000000 ____D C:\Users\luize\AppData\Local\Epic Games 2021-12-02 19:48 - 2021-12-02 22:50 - 000000000 ____D C:\Users\luize\AppData\Local\UnrealEngine 2021-12-02 19:48 - 2021-12-02 19:48 - 000000000 ____D C:\Users\luize\AppData\Local\UnrealEngineLauncher 2021-12-02 19:48 - 2021-12-02 19:48 - 000000000 ____D C:\Users\luize\AppData\Local\EpicGamesLauncher 2021-12-02 19:36 - 2021-12-02 19:56 - 000000000 ____D C:\ProgramData\Epic 2021-12-02 19:36 - 2021-12-02 19:47 - 000000000 ____D C:\Program Files (x86)\Epic Games 2021-12-02 19:36 - 2021-12-02 19:36 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk 2021-12-02 19:36 - 2021-12-02 19:36 - 000001280 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk 2021-12-02 16:45 - 2021-12-02 16:45 - 000000211 _____ C:\Users\luize\.gitconfig 2021-12-02 16:35 - 2021-12-02 16:35 - 000000000 ____D C:\Users\luize\devopstest 2021-12-02 16:31 - 2021-12-02 16:52 - 000000250 _____ C:\Users\luize\.bash_history 2021-12-02 13:33 - 2021-12-02 13:33 - 000032770 _____ C:\Users\luize\Downloads\funcionariosMulticlinica - SGS.ods 2021-12-02 11:04 - 2021-12-02 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git 2021-11-30 18:44 - 2021-12-01 20:03 - 000000000 ____D C:\Users\luize\Downloads\neander 2021-11-29 13:52 - 2021-11-29 13:52 - 000000000 ____D C:\Users\luize\AppData\Roaming\Godot 2021-11-29 12:52 - 2021-11-29 12:52 - 000691003 _____ C:\Users\luize\Downloads\2173.pdf 2021-11-29 09:56 - 2021-11-29 09:58 - 004863558 _____ C:\Users\luize\Desktop\Novo Orcamento.ods 2021-11-28 15:37 - 2021-11-28 15:41 - 1899528192 _____ C:\Users\luize\Downloads\linuxmint-18.3-cinnamon-64bit.iso 2021-11-26 12:49 - 2021-12-03 15:05 - 000000368 _____ C:\Users\luize\Desktop\script.txt 2021-11-26 12:48 - 2021-11-26 14:32 - 000000348 _____ C:\Users\luize\Downloads\ScriptNewResolucao ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-12-22 15:49 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-12-22 15:04 - 2018-01-04 13:15 - 000000000 ____D C:\Program Files (x86)\Google 2021-12-22 15:01 - 2020-10-09 14:25 - 000003510 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck 2021-12-22 14:10 - 2019-02-07 22:04 - 000000000 ____D C:\ProgramData\Mozilla 2021-12-22 14:09 - 2021-08-21 23:50 - 000000000 ____D C:\Users\luize\AppData\LocalLow\Mozilla 2021-12-22 12:58 - 2021-09-10 14:22 - 000000000 ____D C:\Users\luize\AppData\Roaming\OpenVPN Connect 2021-12-22 12:58 - 2020-10-09 13:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-12-22 12:05 - 2017-11-16 01:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-12-22 09:59 - 2018-01-04 19:48 - 000000000 ____D C:\Users\luize\AppData\Local\Packages 2021-12-22 09:53 - 2021-09-10 14:56 - 000000000 ____D C:\Users\luize\AppData\Local\RealVNC 2021-12-22 08:56 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-12-22 08:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-12-22 08:51 - 2018-05-24 11:55 - 000000000 ____D C:\Users\luize\AppData\Local\Host App Service 2021-12-22 08:51 - 2017-11-16 01:20 - 000000000 ____D C:\ProgramData\NVIDIA 2021-12-22 08:47 - 2021-04-06 18:24 - 000000000 ____D C:\Users\luize\AppData\Local\LogMeIn Hamachi 2021-12-22 08:46 - 2018-01-04 13:08 - 000000000 ____D C:\Users\luize\AppData\Local\CrashDumps 2021-12-22 08:43 - 2020-10-09 14:07 - 000005812 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-12-22 08:43 - 2019-12-07 11:54 - 000966628 _____ C:\WINDOWS\system32\prfh0416.dat 2021-12-22 08:43 - 2019-12-07 11:54 - 000353526 _____ C:\WINDOWS\system32\prfc0416.dat 2021-12-22 08:37 - 2020-10-09 14:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-12-22 08:37 - 2020-10-09 13:43 - 000008192 ___SH C:\DumpStack.log.tmp 2021-12-22 00:26 - 2019-12-07 06:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI 2021-12-22 00:25 - 2019-03-19 15:50 - 000000000 ____D C:\Users\luize\AppData\Roaming\DMCache 2021-12-22 00:22 - 2018-03-10 19:42 - 000000000 ____D C:\Users\luize\AppData\Roaming\vlc 2021-12-21 14:00 - 2019-03-06 18:00 - 000000000 ____D C:\Users\luize\AppData\Roaming\CodeBlocks 2021-12-21 13:38 - 2021-03-03 22:35 - 000000000 ____D C:\Users\luize\Documents\codeblock 2021-12-21 13:22 - 2021-10-28 14:16 - 000000000 ____D C:\Program Files (x86)\AnyDesk 2021-12-21 12:55 - 2020-09-04 13:54 - 000000000 ____D C:\Users\luize\AppData\Local\PlaceholderTileLogoFolder 2021-12-21 11:53 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2021-12-21 09:04 - 2019-03-06 18:00 - 000000000 ____D C:\Users\luize\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2021-12-21 09:03 - 2019-03-06 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks 2021-12-20 20:32 - 2018-02-27 14:28 - 000000000 ____D C:\Users\luize\AppData\Roaming\discord 2021-12-20 19:11 - 2018-02-27 14:28 - 000000000 ____D C:\Users\luize\AppData\Local\Discord 2021-12-20 17:22 - 2018-05-24 17:16 - 000000000 ____D C:\Users\luize\AppData\Local\D3DSCache 2021-12-20 11:33 - 2020-10-09 13:52 - 000000000 ____D C:\Users\luize 2021-12-20 11:31 - 2021-09-06 16:57 - 000000000 ____D C:\Users\luize\Desktop\pasta 2021-12-20 11:28 - 2017-11-16 01:32 - 000000000 ____D C:\Program Files\Acer 2021-12-20 09:19 - 2017-11-16 01:35 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-12-20 08:30 - 2021-10-22 10:55 - 000000000 ____D C:\Program Files\Microsoft Office 2021-12-19 12:18 - 2021-09-26 02:32 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-12-19 12:18 - 2020-06-24 17:13 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-12-19 10:28 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-12-19 02:21 - 2021-09-26 19:28 - 000000000 ____D C:\ProjectIgnis 2021-12-19 01:23 - 2018-01-04 17:44 - 000000000 ____D C:\Users\luize\AppData\Roaming\uTorrent 2021-12-17 11:10 - 2021-09-26 15:33 - 000004150 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1632681172 2021-12-17 11:10 - 2021-09-26 15:32 - 000001443 _____ C:\Users\luize\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk 2021-12-17 08:19 - 2020-10-09 13:44 - 000639720 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-12-17 08:13 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-12-17 08:13 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-12-17 08:13 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-12-17 08:13 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2021-12-17 08:13 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-12-17 08:13 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\et-EE 2021-12-17 08:13 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-12-17 08:12 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-12-17 08:12 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-12-17 08:12 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-12-16 19:56 - 2021-09-24 08:28 - 000000000 ___HD C:\Users\luize\.opera 2021-12-16 19:48 - 2021-09-24 00:26 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware 2021-12-16 13:30 - 2021-10-18 13:32 - 000003320 _____ C:\Users\luize\Desktop\Novo Documento de Texto.txt 2021-12-16 12:13 - 2021-02-28 18:10 - 000000000 ____D C:\Users\luize\AppData\Roaming\Code 2021-12-16 11:35 - 2021-02-28 18:10 - 000000000 ____D C:\Users\luize\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2021-12-16 11:09 - 2020-03-15 18:17 - 000000000 ____D C:\Users\luize\.p2 2021-12-16 10:47 - 2021-09-24 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware 2021-12-16 10:45 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-12-16 10:44 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-12-16 09:00 - 2018-01-04 15:47 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-12-16 08:57 - 2018-05-24 12:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-12-16 08:44 - 2018-01-04 15:46 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-12-16 00:47 - 2021-10-26 12:09 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\OpenVPN Connect 2021-12-16 00:29 - 2021-09-25 20:40 - 000000000 ____D C:\Outlive 2021-12-16 00:20 - 2021-08-17 10:15 - 000000000 ____D C:\Users\Administrador\AppData\Local\LogMeIn Hamachi 2021-12-16 00:19 - 2021-08-17 10:17 - 000000000 ____D C:\Users\Administrador\AppData\Local\D3DSCache 2021-12-16 00:16 - 2018-01-18 16:12 - 000002334 _____ C:\Users\Administrador\Desktop\Google Chrome.lnk 2021-12-16 00:16 - 2018-01-18 16:12 - 000000000 __SHD C:\Users\Administrador\IntelGraphicsProfiles 2021-12-14 19:26 - 2021-08-11 15:48 - 000000000 ____D C:\Program Files\DIFX 2021-12-13 20:05 - 2018-01-04 13:16 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-12-13 17:11 - 2021-10-19 14:29 - 000000286 __RSH C:\ProgramData\ntuser.pol 2021-12-13 15:49 - 2021-10-25 13:12 - 000002234 ____H C:\Users\luize\Documents\Default.rdp 2021-12-13 13:44 - 2021-09-14 14:59 - 000000000 ____D C:\Users\luize\AppData\Roaming\npm-cache 2021-12-13 11:41 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-12-13 08:46 - 2020-10-09 14:25 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2542068703-144574761-1523392838-1001 2021-12-13 08:46 - 2020-10-09 13:52 - 000002423 _____ C:\Users\luize\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-12-12 20:53 - 2020-10-05 15:57 - 000000000 ____D C:\Program Files\Cheat Engine 7.1 2021-12-11 14:11 - 2020-10-09 14:25 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-12-11 14:11 - 2020-10-09 14:25 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-12-10 09:56 - 2021-11-08 22:08 - 000000854 _____ C:\Users\luize\Desktop\Novo Documento de Texto (2).txt 2021-12-09 09:15 - 2018-06-15 21:12 - 000000000 ____D C:\ProgramData\Packages 2021-12-08 18:52 - 2021-10-09 09:19 - 000000000 ____D C:\Users\luize\Downloads\dashboard 2021-12-08 16:36 - 2021-08-17 10:37 - 000000000 ____D C:\Users\luize\AppData\Local\ElevatedDiagnostics 2021-12-03 11:18 - 2019-03-19 15:50 - 000000000 ____D C:\Users\luize\AppData\Roaming\IDM 2021-12-02 22:47 - 2017-11-16 00:55 - 000000000 ____D C:\ProgramData\Package Cache 2021-12-02 19:55 - 2018-01-04 12:44 - 000000000 ____D C:\Users\luize\AppData\Local\NVIDIA Corporation 2021-12-02 11:05 - 2021-02-28 18:24 - 000000000 ____D C:\Program Files\Git 2021-11-29 10:47 - 2021-10-14 13:39 - 000001210 _____ C:\Users\luize\Desktop\Command Prompt.lnk 2021-11-29 09:59 - 2021-11-17 08:50 - 001212614 _____ C:\Users\luize\Desktop\PlacaDeVideo_orcamento2.ods 2021-11-28 15:43 - 2021-10-19 14:29 - 000000000 ____D C:\Users\luize\AppData\Local\Rufus 2021-11-25 18:57 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports ==================== Arquivos na raiz de alguns diretórios ======== 2021-08-14 21:55 - 2021-08-16 16:18 - 000000004 _____ () C:\ProgramData\lock.dat 2021-04-21 22:15 - 2021-09-24 13:56 - 000440120 _____ () C:\ProgramData\msvcp140.dll 2021-08-14 21:56 - 2021-08-16 16:17 - 000000004 _____ () C:\ProgramData\rc.dat 2021-08-14 21:55 - 2021-08-14 21:55 - 000000008 _____ () C:\ProgramData\ts.dat 2021-04-21 22:15 - 2021-09-24 13:57 - 000083784 _____ () C:\ProgramData\vcruntime140.dll 2020-07-14 23:48 - 2020-07-14 23:48 - 000039021 _____ () C:\Program Files (x86)\Common Files\Castle Excellent.zip 2021-08-06 16:25 - 2021-08-07 14:41 - 000000015 _____ () C:\Users\luize\AppData\Roaming\obs-virtualcam.txt 2021-12-14 20:31 - 2021-12-14 20:31 - 000052697 _____ () C:\Users\luize\AppData\Roaming\WinUsbDisplay.dmp 2018-09-27 15:27 - 2021-09-22 22:24 - 000007615 _____ () C:\Users\luize\AppData\Local\Resmon.ResmonCfg 2021-04-17 19:44 - 2021-04-17 19:44 - 000000003 _____ () C:\Users\luize\AppData\Local\updater.log 2021-04-17 19:44 - 2021-04-17 19:44 - 000000424 _____ () C:\Users\luize\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================