Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 27-12-2021 Executado por Usuario (administrador) em DESKTOP-I5G2Q4N (Dell Inc. Inspiron 7520) (05-01-2022 18:55:40) Executando a partir de C:\Users\Usuario\Desktop Perfis Carregados: Usuario Plataforma: Microsoft Windows 10 Pro Versão 1909 18363.1556 (X64) Idioma: Português (Brasil) Navegador padrão: FF Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture_DELL.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) C:\Windows\System32\CorsairGamingAudioCfgService64.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (Scarlet.Crush Productions) [Arquivo não assinado] C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2> ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3348200 2015-07-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [Arquivo não assinado] HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" (Nenhum Arquivo) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nenhum Arquivo) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [409760 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM-x32\...\Run: [HDD Regenerator] => "C:\Program Files (x86)\HDD Regenerator\Shell.exe" /1 (Nenhum Arquivo) HKLM-x32\...\Run: [StartCCC] => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun (Nenhum Arquivo) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [msnmsgr] => "C:\Program Files (x86)\MSN Messenger\msnmsgr.exe" /background (Nenhum Arquivo) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1045056 2021-05-21] (Digital Wave Ltd -> Digital Wave Ltd) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [uTorrent] => C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe [2268136 2019-12-06] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-2802420505-662629979-4225180187-1002\...\Run: [Opera Browser Assistant] => C:\Users\Usuario\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4079824 2021-07-21] (Opera Software AS -> Opera Software) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2019-11-13] (pdfforge GmbH) [Arquivo não assinado] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-05] (Google LLC -> Google LLC) GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {065FA38D-A515-4D29-B4CE-1C3FE7D8E683} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134512 2021-10-13] (Microsoft Corporation -> Microsoft Corporation) Task: {08D3031F-2ECC-4803-A260-3B6E6EBEA18B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {093EF262-3F2F-4EF8-B93B-65392797A9A7} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [5938888 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {1A467BE9-299A-4C6C-935F-2BA26772D28D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134512 2021-10-13] (Microsoft Corporation -> Microsoft Corporation) Task: {223CFB35-BB8C-4B39-9AED-7A759780612E} - System32\Tasks\Opera scheduled Autoupdate 1573773820 => C:\Users\Usuario\AppData\Local\Programs\Opera\launcher.exe [2256592 2021-12-21] (Opera Software AS -> Opera Software) Task: {4019B26D-C929-4FB8-A71B-28E45062E9EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {62097726-0549-4187-ABD7-1650CCC7BCDE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC) Task: {63D5C2B8-3C42-4AB6-A4FF-393ECAE86766} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729224 2021-10-13] (Microsoft Corporation -> Microsoft Corporation) Task: {68253DC4-F1A4-4C88-B759-642B9E0C066F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976960 2021-10-08] (Microsoft Corporation -> Microsoft Corporation) Task: {75BE7E85-E453-4FAF-B6A8-69D7EF091C95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-13] (Google Inc -> Google LLC) Task: {79ABB61B-595C-4979-9781-A2507D5A3944} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {9044F2CA-735C-4C50-9D3A-0D4B9529B20B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976960 2021-10-08] (Microsoft Corporation -> Microsoft Corporation) Task: {948674C6-C019-4F06-9BD6-395832C594D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9904C40D-37C3-4C14-AE78-A39651F0503E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {C9CF20C5-6764-45B1-A9E6-43B4D9B11788} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729224 2021-10-13] (Microsoft Corporation -> Microsoft Corporation) Task: {F4B8B554-9654-4CFA-8FC5-60D5752C7A02} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.15.1 Tcpip\..\Interfaces\{040a3816-807d-4343-a4da-d10f7485137c}: [DhcpNameServer] 192.168.15.1 Tcpip\..\Interfaces\{6536d128-8fca-4d42-adc4-1b88cca0c3a2}: [DhcpNameServer] 192.168.15.1 FireFox: ======== FF DefaultProfile: vgzm1g9q.default FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App [2022-01-05] FF Homepage: Mozilla\Firefox\Profiles\mvwwq55k.App -> hxxps://www.google.com/ FF NewTab: Mozilla\Firefox\Profiles\mvwwq55k.App -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName= FF SearchPlugin: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\mvwwq55k.App\searchplugins\My Bing Search.xml [2021-07-22] FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\vgzm1g9q.default [2022-01-05] FF Homepage: Mozilla\Firefox\Profiles\vgzm1g9q.default -> hxxps://www.google.com/ FF NewTab: Mozilla\Firefox\Profiles\vgzm1g9q.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName= FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release [2022-01-05] FF NewTab: Mozilla\Firefox\Profiles\z5b2d0y9.default-release -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2021-07-22 02:28:55&bName= FF Notifications: Mozilla\Firefox\Profiles\z5b2d0y9.default-release -> hxxps://minhaclaroresidencial.claro.com.br; hxxps://www.palmeiras.com.br; hxxps://medal.tv; hxxps://www.faceit.com; hxxps://villacountry.com.br; hxxps://www.samsclub.com.br; hxxps://servicosonline.cpfl.com.br; hxxps://autopapo.uol.com.br; hxxps://www.tiktok.com; hxxps://www.tvexpress.pro; hxxps://br.puma.com; hxxps://carrinho.pontofrio.com.br; hxxps://www.fastshop.com.br FF Extension: (BetterTTV) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\firefox@betterttv.net.xpi [2021-12-07] FF Extension: (Direct Message DM for Instagram) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\oinkandstuffdirectmessagedmforinstagram@gmail.com.xpi [2020-12-03] FF Extension: (MetaMask) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\webextension@metamask.io.xpi [2021-12-24] FF Extension: (Bilômetro) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\{09d09f49-3615-4cf3-ad57-a6cc924f29e8}.xpi [2021-11-18] FF Extension: (GamersClub Booster) - C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\Extensions\{68a6744b-6d1e-4c85-83ad-637c9dc135b5}.xpi [2021-09-25] FF SearchPlugin: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\z5b2d0y9.default-release\searchplugins\My Bing Search.xml [2021-07-22] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-13] (Microsoft Corporation -> Microsoft Corporation) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2022-01-05] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2022-01-05] CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?fr=mcafee&type=E211BR105G0&p={searchTerms} CHR DefaultSearchKeyword: Default -> mcafee CHR DefaultSuggestURL: Default -> hxxps://br.search.yahoo.com/sugg/gossip/gossip-br-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms} CHR Extension: (Apresentações) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-13] CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-13] CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-26] CHR Extension: (Web Developer) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2021-12-16] CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-13] CHR Extension: (Adobe Acrobat) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-24] CHR Extension: (Facebook Pixel Helper) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2021-07-29] CHR Extension: (Planilhas) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-13] CHR Extension: (Documentos Google off-line) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-16] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-10] CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-26] CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-01] CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-01] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= OPR Profile: C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable [2022-01-05] OPR Notifications: Opera Stable -> hxxps://pt.aliexpress.com; hxxps://www.gearbest.com; hxxps://www.kabum.com.br; hxxps://www.reddit.com; hxxps://www.youtube.com OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-12-25] OPR Extension: (Amazon Assistant Promotion) - C:\Users\Usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-13] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250688 2021-10-08] (Microsoft Corporation -> Microsoft Corporation) R2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [616344 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [421536 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [80544 2021-03-05] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [436256 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3847712 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [462880 2021-09-29] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1024680 2021-09-01] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-11-11] (Dell Inc -> ) S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [454720 2021-05-21] (Digital Wave Ltd -> Digital Wave Ltd) R2 Ds3Service; C:\Users\Usuario\Downloads\ScpServer\bin\ScpService.exe [381952 2014-04-02] (Scarlet.Crush Productions) [Arquivo não assinado] S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [24005064 2021-08-29] (FACE IT LIMITED -> ) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-07-05] (HP Inc. -> HP Inc.) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2559704 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3477728 2021-12-02] (Electronic Arts, Inc. -> Electronic Arts) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1716632 2021-05-11] (Rockstar Games, Inc. -> Rockstar Games) R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [2269056 2021-03-02] (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6517736 2021-05-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-11-15] (Dell Inc -> Dell Inc.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [975472 2021-02-10] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) U3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL) U3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATENÇÃO (não ServiceDLL) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 athr; C:\Windows\System32\drivers\athw10x.sys [4316784 2015-06-16] (WDKTestCert qcaswbld,130129545209614653 -> Qualcomm Atheros Communications, Inc.) S3 CorsairGamingAudioService; C:\Windows\System32\drivers\CorsairGamingAudio64.sys [60312 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24968 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Dell) R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies) S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [42256 2020-01-11] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [59344 2020-01-11] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 EMAC-Driver; C:\Windows\System32\drivers\EMAC-Driver-x64.sys [4057760 2021-10-31] (EMAC LAB SOFTWARE LTDA -> ) S3 EMACDRV; C:\Windows\System32\drivers\EMAC-Driver-x64.sys [4057760 2021-10-31] (EMAC LAB SOFTWARE LTDA -> ) R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [12422672 2021-08-29] (Microsoft Windows Hardware Compatibility Publisher -> ) U5 GCSYS; C:\Users\Usuario\AppData\Local\Programs\gcac-launcher\resources\bin\EMAC-Driver-x64.sys [4057760 2021-10-31] (EMAC LAB SOFTWARE LTDA -> ) S3 MpKslcef444d9; C:\Windows\system32\MpEngineStore\MpKslDrv.sys [48360 2022-01-05] (Microsoft Windows -> Microsoft Corporation) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [207344 2021-12-09] (Disc Soft Ltd -> Duplex Secure Ltd) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation) R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [47800 2022-01-05] (Gas Informatica Ltda -> GAS Tecnologia) R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [51160 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [34768 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [33728 2021-02-10] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-01-05 18:53 - 2022-01-05 18:54 - 000000000 ____D C:\Windows\system32\MpEngineStore 2022-01-05 18:44 - 2022-01-05 18:48 - 000014661 _____ C:\Users\Usuario\Desktop\Fixlog.txt 2022-01-04 17:31 - 2022-01-04 17:32 - 000059461 _____ C:\Users\Usuario\Desktop\Addition.txt 2022-01-04 17:30 - 2022-01-05 18:56 - 000028032 _____ C:\Users\Usuario\Desktop\FRST.txt 2022-01-04 17:29 - 2022-01-04 17:29 - 002311168 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe 2022-01-04 17:26 - 2022-01-04 17:27 - 000003266 _____ C:\Users\Usuario\Desktop\AdwCleaner[C01].txt 2022-01-04 17:23 - 2022-01-04 17:23 - 008540344 _____ (Malwarebytes) C:\Users\Usuario\Desktop\adwcleaner_8.3.1.exe 2022-01-04 17:21 - 2022-01-04 17:21 - 000024188 _____ C:\Users\Usuario\Desktop\ZA-Scan.txt 2022-01-03 10:39 - 2022-01-03 10:39 - 000004228 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1573773820 2022-01-03 10:39 - 2022-01-03 10:39 - 000001456 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk 2022-01-02 16:22 - 2022-01-02 16:22 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dashboard.lnk 2022-01-02 16:22 - 2022-01-02 16:22 - 000002234 _____ C:\Users\Usuario\Desktop\Dashboard.lnk 2021-12-31 11:12 - 2021-01-05 18:53 - 000012633 _____ C:\Users\Usuario\Desktop\script-completo.bat 2021-12-29 07:11 - 2021-12-29 07:11 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job 2021-12-28 19:48 - 2021-12-28 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D 2021-12-28 19:48 - 2021-12-28 19:48 - 000000000 ____D C:\Program Files (x86)\Geeks3D 2021-12-28 19:47 - 2021-12-28 19:48 - 012625549 _____ (Geeks3D ) C:\Users\Usuario\Downloads\FurMark_1.29.0.0_Setup.exe 2021-12-28 19:25 - 2021-12-28 19:25 - 002118673 _____ C:\Users\Usuario\Desktop\WhatsApp Video 2021-12-28 at 19.13.08.mp4 2021-12-28 19:17 - 2021-12-28 19:18 - 002061844 _____ C:\Windows\Minidump\122821-21750-01.dmp 2021-12-28 11:26 - 2021-12-28 11:26 - 000279560 _____ C:\Users\Usuario\Downloads\CrucialBRScan.exe 2021-12-27 15:25 - 2021-12-27 15:25 - 000141864 _____ C:\Users\Usuario\Downloads\bluescreenview-1-55-multi-win.exe 2021-12-27 15:25 - 2021-12-27 15:25 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView 2021-12-27 15:25 - 2021-12-27 15:25 - 000000000 ____D C:\Program Files (x86)\NirSoft 2021-12-27 10:02 - 2021-12-27 10:02 - 000000000 ____D C:\Program Files\Topaz OFD 2021-12-27 10:02 - 2021-12-27 10:02 - 000000000 ____D C:\Program Files (x86)\Topaz OFD 2021-12-27 10:01 - 2021-02-11 19:37 - 000051160 _____ (Topaz OFD) C:\Windows\system32\Drivers\wsddntf.sys 2021-12-27 10:01 - 2021-02-11 19:37 - 000034768 ____N (Topaz OFD) C:\Windows\system32\Drivers\wsddpp.sys 2021-12-27 10:01 - 2021-02-10 19:55 - 000033728 ____N (Topaz OFD) C:\Windows\system32\Drivers\wsddprm.sys 2021-12-27 10:00 - 2021-02-11 19:37 - 000010722 _____ C:\Windows\system32\Drivers\wsddntf.cat 2021-12-26 11:49 - 2021-12-26 11:49 - 000000000 ____D C:\Users\Usuario\AppData\Local\AWSToolkit 2021-12-26 11:38 - 2021-06-17 11:56 - 000107440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys 2021-12-26 11:37 - 2021-12-26 11:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software 2021-12-26 11:37 - 2021-05-11 15:00 - 002260008 _____ (AMD Inc.) C:\Windows\SysWOW64\AMDBugReportTool.exe 2021-12-26 11:37 - 2021-04-30 10:53 - 000517536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdfendrsr.exe 2021-12-26 11:37 - 2021-04-30 10:53 - 000117448 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdfendr.sys 2021-12-26 11:36 - 2021-12-26 11:57 - 000000000 ____D C:\Users\Usuario\AppData\Local\AMD_Common 2021-12-26 11:33 - 2021-12-29 07:11 - 000000000 ____D C:\Program Files (x86)\AMD 2021-12-26 11:33 - 2021-12-26 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2021-12-26 11:33 - 2021-12-26 11:33 - 000000000 _____ C:\Windows\ativpsrm.bin 2021-12-26 11:29 - 2021-12-26 11:29 - 039032008 _____ (AMD Inc.) C:\Users\Usuario\Downloads\radeon-software-adrenalin-2020-21.12.1-minimalsetup-211202_web.exe 2021-12-26 11:26 - 2021-12-29 07:11 - 000658204 _____ C:\Windows\ntbtlog.txt 2021-12-26 11:17 - 2021-12-26 11:17 - 001912832 _____ C:\Users\Usuario\Downloads\amdcleanuputility-x64.exe 2021-12-25 13:31 - 2021-12-25 13:31 - 402206392 _____ (Dell Inc.) C:\Users\Usuario\Downloads\Video_Driver_6YKW1_WN32_15.201.1101_A01.EXE 2021-12-25 08:22 - 2021-12-25 08:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2021-12-25 08:22 - 2021-12-25 08:22 - 000000000 ____D C:\Program Files\Speccy 2021-12-25 08:03 - 2021-12-25 08:03 - 001676325 _____ C:\Users\Usuario\Downloads\ColetorLogsBSOD-CdH.7z 2021-12-25 06:59 - 2021-12-25 07:00 - 000861403 _____ C:\Users\Usuario\Downloads\memtest86-4.3.7-usb.img.zip 2021-12-24 23:22 - 2021-12-28 19:17 - 953327496 _____ C:\Windows\MEMORY.DMP 2021-12-24 23:22 - 2021-12-24 23:22 - 001545900 _____ C:\Windows\Minidump\122421-19265-01.dmp 2021-12-24 22:47 - 2021-12-28 20:27 - 000000000 ____D C:\Windows\LastGood 2021-12-24 22:28 - 2021-12-24 22:28 - 000746748 _____ C:\Windows\Minidump\122421-19437-01.dmp 2021-12-24 22:20 - 2021-12-24 22:20 - 000000000 ____D C:\Windows\LastGood.Tmp 2021-12-24 22:17 - 2021-12-24 22:18 - 227981256 _____ (AMD Inc.) C:\Users\Usuario\Downloads\amd-catalyst-15.7.1-win10-64bit.exe 2021-12-24 19:05 - 2021-12-24 19:05 - 000954956 _____ C:\Windows\Minidump\122421-20578-01.dmp 2021-12-24 18:44 - 2021-12-24 18:53 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2021-12-24 18:22 - 2021-12-24 18:22 - 001198780 _____ C:\Windows\Minidump\122421-24781-01.dmp 2021-12-24 18:20 - 2021-12-25 00:11 - 000000000 ___HD C:\Users\Usuario\Downloads\.opera 2021-12-24 18:20 - 2021-12-25 00:11 - 000000000 ___HD C:\Users\Usuario\.opera 2021-12-24 17:22 - 2022-01-04 17:26 - 000000000 ____D C:\Users\Usuario\Documents\Dell 2021-12-16 16:42 - 2022-01-02 14:38 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Code 2021-12-16 16:42 - 2021-12-16 16:42 - 000000000 ____D C:\Users\Usuario\.vscode 2021-12-16 16:41 - 2021-12-16 16:41 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2021-12-14 10:12 - 2021-12-14 10:21 - 000212169 _____ C:\Users\Usuario\Downloads\Planilhas Orçamentárias_R0.xlsx 2021-12-12 14:24 - 2021-12-12 14:24 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2802420505-662629979-4225180187-1002 2021-12-12 14:24 - 2021-12-12 14:24 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2802420505-662629979-4225180187-1002 2021-12-12 14:24 - 2021-12-12 14:24 - 000002436 _____ C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-12-09 16:49 - 2021-12-09 16:49 - 000000124 _____ C:\Users\Usuario\Documents\ax_files.xml 2021-12-09 16:32 - 2021-12-09 16:48 - 000000000 ____D C:\Users\Usuario\Documents\Alcohol 120% 2021-12-09 16:29 - 2021-12-09 16:54 - 000000000 ____D C:\ProgramData\Alcohol Soft 2021-12-09 16:27 - 2021-12-09 16:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\luminati 2021-12-09 16:23 - 2021-12-09 16:23 - 000207344 _____ (Duplex Secure Ltd) C:\Windows\system32\Drivers\sptd2.sys ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-01-05 18:55 - 2021-07-26 12:46 - 000000000 ____D C:\FRST 2022-01-05 18:54 - 2019-11-13 15:07 - 000000000 ____D C:\Program Files (x86)\Google 2022-01-05 18:54 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-01-05 18:53 - 2019-11-13 15:25 - 000000000 __SHD C:\Users\Usuario\IntelGraphicsProfiles 2022-01-05 18:52 - 2019-11-14 21:09 - 000047800 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys 2022-01-05 18:52 - 2019-11-13 15:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-01-05 18:52 - 2019-11-13 15:07 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-01-05 18:52 - 2019-06-29 00:54 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-01-05 18:52 - 2019-03-19 01:37 - 000786432 _____ C:\Windows\system32\config\BBI 2022-01-05 18:44 - 2019-11-14 20:15 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla 2022-01-05 16:55 - 2019-06-29 00:53 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-01-05 15:14 - 2019-11-24 08:30 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\WhatsApp 2022-01-05 14:01 - 2019-06-29 01:01 - 001742324 _____ C:\Windows\system32\PerfStringBackup.INI 2022-01-05 14:01 - 2019-03-19 09:46 - 000752820 _____ C:\Windows\system32\prfh0416.dat 2022-01-05 14:01 - 2019-03-19 09:46 - 000148836 _____ C:\Windows\system32\prfc0416.dat 2022-01-05 14:01 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF 2022-01-05 12:06 - 2019-11-14 21:11 - 000000000 ____D C:\Program Files (x86)\Steam 2022-01-05 07:57 - 2019-11-13 15:08 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-01-04 19:58 - 2019-11-14 08:16 - 000000000 ____D C:\ProgramData\FLEXnet 2022-01-04 18:43 - 2020-12-28 20:17 - 000000000 ____D C:\Program Files\Rockstar Games 2022-01-04 18:43 - 2020-12-28 20:17 - 000000000 ____D C:\Program Files (x86)\Rockstar Games 2022-01-04 18:40 - 2021-10-02 19:07 - 000000000 ____D C:\Program Files\QGIS 3.16.11 2022-01-04 18:32 - 2019-11-13 15:21 - 000000000 ____D C:\Program Files\AMD 2022-01-04 17:05 - 2019-11-15 17:51 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps 2022-01-03 12:05 - 2019-11-13 14:01 - 000000000 ____D C:\Users\Usuario 2021-12-30 12:47 - 2019-11-14 08:16 - 000000000 ____D C:\Users\Usuario\AppData\Local\D3DSCache 2021-12-29 07:11 - 2019-11-13 16:20 - 000000000 ____D C:\AMD 2021-12-28 19:18 - 2019-06-29 00:58 - 000000000 ____D C:\Windows\minidump 2021-12-28 14:24 - 2019-11-15 12:38 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Telegram Desktop 2021-12-26 12:14 - 2019-11-13 16:29 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2021-12-26 11:47 - 2019-11-13 16:29 - 000000000 ____D C:\Windows\system32\AMD 2021-12-26 11:46 - 2019-11-13 16:28 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\AMD 2021-12-25 15:21 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness 2021-12-25 14:46 - 2019-12-14 15:28 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Discord 2021-12-25 14:33 - 2019-12-14 15:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\Discord 2021-12-24 18:56 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-12-24 18:53 - 2020-10-09 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool 2021-12-24 18:53 - 2019-11-29 11:51 - 000000000 ____D C:\Users\Usuario\AppData\Local\Trimble 2021-12-24 18:53 - 2019-11-14 21:29 - 000000000 ____D C:\Program Files\CrystalDiskInfo 2021-12-24 18:53 - 2019-11-13 15:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-12-24 18:48 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\registration 2021-12-24 18:44 - 2019-11-13 15:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-12-24 18:27 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp 2021-12-24 18:17 - 2020-01-21 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2021-12-24 18:05 - 2020-06-18 09:22 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-12-21 13:31 - 2019-11-13 14:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\Packages 2021-12-16 07:56 - 2021-10-07 17:46 - 000000000 ____D C:\Users\Usuario\AppData\Local\WhatsApp 2021-12-16 06:49 - 2019-06-29 00:54 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-12-15 16:45 - 2020-01-13 10:01 - 000000000 ____D C:\Program Files (x86)\Origin 2021-12-15 09:49 - 2019-11-15 11:38 - 000000000 ____D C:\Users\Usuario\Documents\Cursos 2021-12-10 10:25 - 2021-07-20 10:55 - 000089389 _____ C:\Users\Usuario\Desktop\2.dxe 2021-12-09 07:15 - 2020-06-18 09:22 - 000003618 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-12-09 07:15 - 2020-06-18 09:22 - 000003494 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-12-07 10:55 - 2020-02-07 10:57 - 000000132 _____ C:\Users\Usuario\AppData\Roaming\Adobe PNG Format CS6 Prefs ==================== Arquivos na raiz de alguns diretórios ======== 2020-02-07 10:57 - 2021-12-07 10:55 - 000000132 _____ () C:\Users\Usuario\AppData\Roaming\Adobe PNG Format CS6 Prefs 2020-12-24 17:37 - 2021-05-09 12:29 - 000007597 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================