Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 30-01-2022 Executado por nando (administrador) em LAPTOP-NT1076C6 (Acer Aspire A315-41) (30-01-2022 19:16:51) Executando a partir de C:\Users\nando\OneDrive\Área de Trabalho Perfis Carregados: nando Plataforma: Microsoft Windows 10 Home Single Language Versão 20H2 19042.1466 (X64) Idioma: Português (Brasil) Navegador padrão: Edge Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QALockHandler.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\User Experience Improvement Program Service\Plugin\AppMonitor\AppMonitorPlugIn.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2> (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368925.inf_amd64_05ef22929fd9ebfc\B368707\atieclxx.exe (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368925.inf_amd64_05ef22929fd9ebfc\B368707\atiesrxx.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Realtek Semiconductor Corp) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.168.0_x64__dt26b99r8h8gj\RtkUWP.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Scarlet.Crush Productions) [Arquivo não assinado] C:\Users\nando\OneDrive\Área de Trabalho\ScpServer\bin\ScpService.exe (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [833312 2019-01-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-4150079062-731768477-2272629668-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-4150079062-731768477-2272629668-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4150079062-731768477-2272629668-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11224432 2021-09-02] (Support.com Inc -> SUPERAntiSpyware) HKU\S-1-5-21-4150079062-731768477-2272629668-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5407968 2021-12-24] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-4150079062-731768477-2272629668-1001\...\Run: [MicrosoftEdgeAutoLaunch_30449D388FEDCD5A4E335DDB5D1936A7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC) GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {06AEA7E2-3DA6-478A-9B56-274088FEE14E} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated) Task: {1CCE4D72-7155-4507-85EF-A06A0EE21DB2} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated) Task: {291CE9A4-3710-44A1-908C-85EE7AAF9A86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {2AE05F15-A825-487C-8B01-C88AA220FE41} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-13] (Microsoft Corporation -> Microsoft Corporation) Task: {31B4D176-2DED-45A5-B6AC-0D2B905CC8C3} - System32\Tasks\CCleanerSkipUAC - nando => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {3C044244-0734-4AF9-9A76-FE216A243003} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-09] (Microsoft Corporation -> Microsoft Corporation) Task: {42CF272C-6FA5-4671-BF92-B9499D161279} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-19] (Google LLC -> Google LLC) Task: {4D75A34A-1F42-4DA0-8527-AC359F14FB4C} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> ) Task: {549CEADB-C869-48EE-906C-04750D68FF8A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation) Task: {5A7F9F1D-3ACB-4443-9F56-B6B3D8C6FF70} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation) Task: {5F7A3BB5-5C13-4230-A374-636DC1624D5B} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {60A65E63-8CA6-46B8-AB69-62E01AE38A0D} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> ) Task: {69CA46A1-5751-48B4-A21C-DBF1AA20AAA4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-19] (Google LLC -> Google LLC) Task: {6ED9CE25-7EF2-4411-B606-2F7CB74162A0} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-12-14] () [Arquivo não assinado] Task: {727E7CE7-0B24-4832-8991-3824F246656C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-13] (Microsoft Corporation -> Microsoft Corporation) Task: {74B0C904-E532-48FB-B07B-1AE00E67608D} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> ) Task: {761A6859-05BD-40FF-9D73-FC1B5D4860BF} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268096 2019-01-09] (Acer Incorporated -> Acer Incorporated) Task: {9004F2BC-7E01-47C1-B5BB-8E71BDCEF929} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform) Task: {923374A4-1BD2-44FD-9393-7F0F8898CBDE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-09] (Microsoft Corporation -> Microsoft Corporation) Task: {A6CABD1C-9184-42A1-9532-563CBAE51582} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [269272 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {B0982C82-DDE3-4B2A-B059-7C3855E788B7} - System32\Tasks\DB Bigupgrade Task (One Time) => C:\Program Files (x86)\IObit\Driver Booster\7.2.0\dbupgrade6.exe /upgrade (Nenhum Arquivo) Task: {BCB7070C-0702-49BD-AF1A-57A9BED223DA} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> ) Task: {C3F6E29B-DE49-472A-BD45-F3DE879BE3BD} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {CCB04F05-B413-4FD5-B24D-8CCB7971A602} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2019-01-09] (Acer Incorporated -> Acer Incorporated) Task: {DEBD3FCC-296D-44CF-B2F5-E4A3BAA30EBD} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1715672 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {E38A285B-19CB-4850-9479-D359273EC8E1} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-06-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {E69A8F7E-850E-4053-9391-54F3DE70757E} - System32\Tasks\infatica_p2b => C:\Program Files (x86)\Infatica P2B\infatica-service-app.exe [19056 2021-04-29] (Infatica pte ltd -> ) Task: {F64B24C2-A585-45C9-89B9-4EBD93407554} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2021-12-30] (Acer Incorporated -> Acer Incorporated) Task: {FEDF9321-470D-4AD0-BB02-548FBA6FEAC2} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [622040 2021-06-17] (Advanced Micro Devices Inc. -> AMD) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) ProxyEnable: [S-1-5-21-4150079062-731768477-2272629668-1001] => Proxy está habilitado. ProxyServer: [S-1-5-21-4150079062-731768477-2272629668-1001] => http=127.0.0.1:8888; Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{139f5617-d976-47f6-8b26-43cb48cf34bf}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7d9bba6a-aa4a-4a80-bfac-d736fe267e77}: [DhcpNameServer] 192.168.1.254 ManualProxies: 1http=127.0.0.1:8888; Edge: ======= Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => caminho não encontrado (a) Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => caminho não encontrado (a) Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => caminho não encontrado (a) Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => caminho não encontrado (a) Edge DefaultProfile: Default Edge Profile: C:\Users\nando\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-30] Edge Notifications: Default -> hxxps://www.facebook.com FireFox: ======== FF DefaultProfile: tpb1s2ms.default FF DefaultProfile: zupmn3xb.default FF ProfilePath: C:\Users\nando\AppData\Roaming\Zotero\Zotero\Profiles\tpb1s2ms.default [2021-07-19] FF ProfilePath: C:\Users\nando\AppData\Roaming\Mozilla\Firefox\Profiles\zupmn3xb.default [2022-01-30] FF Extension: (Amazon Assistant) - C:\Users\nando\AppData\Roaming\Mozilla\Firefox\Profiles\zupmn3xb.default\Extensions\abb-acer@amazon.com.xpi [2021-10-14] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json] FF Extension: (Português (pt-BR) Language Pack) - C:\Users\nando\AppData\Roaming\Mozilla\Firefox\Profiles\zupmn3xb.default\Extensions\langpack-pt-BR@firefox.mozilla.org.xpi [2021-10-13] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default [2022-01-30] CHR Extension: (Apresentações) - C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-07] CHR Extension: (Documentos) - C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-07] CHR Extension: (Google Drive) - C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22] CHR Extension: (YouTube) - C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-07] CHR Extension: (Planilhas) - C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-07] CHR Extension: (Documentos Google off-line) - C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-19] CHR Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-26] CHR Extension: (Video DownloadHelper) - C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-07-23] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\nando\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [510936 2021-06-17] (Advanced Micro Devices Inc. -> AMD) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation) R2 Ds3Service; C:\Users\nando\OneDrive\Área de Trabalho\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Arquivo não assinado] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-06-30] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-04] (Malwarebytes Inc -> Malwarebytes) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9476680 2020-12-28] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated) R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2019-01-10] (Acer Incorporated -> Acer Incorporated) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated) R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [40512 2021-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0368925.inf_amd64_05ef22929fd9ebfc\B368707\amdkmdag.sys [81597776 2021-06-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-04-11] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-04-11] (AVB Disc Soft, SIA -> Disc Soft Ltd) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-03-30] (Martin Malik - REALiX -> REALiX(tm)) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-04] (Malwarebytes Inc -> Malwarebytes) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation) S3 amdkmdag; \SystemRoot\System32\DriverStore\FileRepository\u0365275.inf_amd64_136741f59e43f995\B364966\amdkmdag.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-01-30 19:16 - 2022-01-30 19:18 - 000000000 ____D C:\FRST 2022-01-30 19:11 - 2022-01-30 19:12 - 000000000 ____D C:\AdwCleaner 2022-01-30 15:11 - 2022-01-30 15:11 - 000000000 ____D C:\Users\nando\AppData\Local\WhatsApp 2022-01-30 15:10 - 2022-01-30 15:11 - 144294608 _____ (WhatsApp) C:\Users\nando\Downloads\WhatsAppSetup (2).exe 2022-01-30 15:05 - 2022-01-30 15:08 - 002037345 _____ C:\Users\nando\Downloads\trabalho3001.pptx 2022-01-30 11:32 - 2022-01-30 11:32 - 013510992 _____ C:\Users\nando\Downloads\FMRTE 2018.rar 2022-01-30 10:44 - 2022-01-30 10:45 - 012792728 _____ C:\Users\nando\Downloads\FMRTE.22.2.0.18.zip 2022-01-29 18:56 - 2022-01-29 18:56 - 000044377 _____ C:\Users\nando\Downloads\rdfs_4-3-3_perfecto2c88121c16182989_182249.fmf 2022-01-27 21:55 - 2022-01-27 21:55 - 000046385 _____ C:\Users\nando\Downloads\gasperini_masterclass_185358.fmf 2022-01-26 21:14 - 2022-01-26 21:14 - 000044155 _____ C:\Users\nando\Downloads\rdfs_4-3-3_4-2-3-1_like_ajax5c5fed743453464d_182249.fmf 2022-01-26 20:03 - 2022-01-26 20:03 - 000028002 _____ C:\Users\nando\Downloads\bid 25 de janeiro.xlsx 2022-01-25 14:48 - 2022-01-28 13:01 - 000000000 ____D C:\Users\nando\AppData\LocalLow\uTorrent 2022-01-23 18:07 - 2022-01-23 18:07 - 000012741 _____ C:\Users\nando\Downloads\PES6 Stats to PES21 Stat Converter.rar 2022-01-23 17:54 - 2022-01-23 17:54 - 001332166 _____ C:\Users\nando\Downloads\conversao de stats.xlsx 2022-01-23 17:44 - 2022-01-23 17:46 - 474431328 _____ C:\Users\nando\Downloads\WE2002 - 100% PTBR.bin 2022-01-23 17:44 - 2022-01-23 17:44 - 000000404 _____ C:\Users\nando\Downloads\WE2002 - 100% PTBR.cue 2022-01-23 17:38 - 2022-01-23 17:39 - 025529704 _____ C:\Users\nando\Downloads\FMP Converter 1.0 (1).zip 2022-01-23 17:17 - 2022-01-23 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FMSE22 2022-01-22 18:57 - 2022-01-22 18:57 - 000043953 _____ C:\Users\nando\Downloads\bid 21 de janeiro.xlsx 2022-01-22 18:57 - 2022-01-22 18:57 - 000043953 _____ C:\Users\nando\Downloads\bid 21 de janeiro (1).xlsx 2022-01-21 15:07 - 2022-01-21 15:07 - 000030152 _____ C:\Users\nando\Downloads\bid 20 de janeiro.xlsx 2022-01-20 20:47 - 2022-01-20 20:47 - 000060088 _____ C:\Users\nando\Downloads\bid 19 de janeiro.xlsx 2022-01-20 16:29 - 2022-01-20 16:29 - 000151168 _____ C:\Users\nando\Downloads\96-370-1-PB.pdf 2022-01-20 16:24 - 2022-01-20 16:24 - 000529015 _____ C:\Users\nando\Downloads\138071-Texto do artigo-267703-1-10-20170919 (1).pdf 2022-01-20 16:23 - 2022-01-20 16:23 - 000529015 _____ C:\Users\nando\Downloads\138071-Texto do artigo-267703-1-10-20170919.pdf 2022-01-19 16:33 - 2022-01-19 16:33 - 000000165 ____H C:\Users\nando\Downloads\~$bid 18 de janeiro.xlsx 2022-01-19 16:28 - 2022-01-19 16:28 - 000031859 _____ C:\Users\nando\Downloads\bid 18 de janeiro.xlsx 2022-01-19 16:28 - 2022-01-19 16:28 - 000031859 _____ C:\Users\nando\Downloads\bid 18 de janeiro (1).xlsx 2022-01-18 19:22 - 2022-01-18 19:22 - 001887284 _____ C:\Users\nando\Downloads\Como acessar as aulas da CBF Academy no Zoom01 (1).pdf 2022-01-18 19:16 - 2022-01-18 19:16 - 001887284 _____ C:\Users\nando\Downloads\Como acessar as aulas da CBF Academy no Zoom01.pdf 2022-01-18 18:01 - 2022-01-18 18:01 - 000000000 ____D C:\Users\nando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2022-01-16 15:49 - 2022-01-16 15:55 - 000000000 ____D C:\Users\nando\Downloads\Morte no Funeral (2010) 5.1 CH Dublado (By-LuanHarper) 2022-01-16 15:46 - 2022-01-16 15:51 - 000000000 ____D C:\Users\nando\Downloads\O.Durao.2015.1080p.Dual-WOLVERDONFILMES.COM 2022-01-16 15:46 - 2022-01-16 15:46 - 000000000 ____D C:\Users\nando\Downloads\O Durão (2015) 5.1 CH Dublado 1080p (By-LuanHarper) 2022-01-16 13:15 - 2022-01-16 13:15 - 000026753 _____ C:\Users\nando\Downloads\bid 14 de janeiro.xlsx 2022-01-15 23:13 - 2022-01-15 23:17 - 000000000 ____D C:\Users\nando\Downloads\Top Five (2015).Dublado.720p.5.1Ch.By-LuanHarper 2022-01-15 23:06 - 2022-01-15 23:06 - 000000000 ____D C:\Users\nando\Downloads\Free Guy 2021 1080p BluRay DUAL 5.1 2022-01-15 23:04 - 2022-01-15 23:07 - 000000000 ____D C:\Users\nando\Downloads\Um Pobretão na Casa Branca 720p (2003) Dublado - YTSBR.COM 2022-01-14 15:53 - 2022-01-14 15:53 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-01-14 15:53 - 2022-01-14 15:53 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-01-14 15:53 - 2022-01-14 15:53 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-01-14 15:11 - 2022-01-14 15:16 - 000000000 ___HD C:\$WinREAgent 2022-01-13 17:56 - 2022-01-13 17:56 - 004243941 _____ C:\Users\nando\Downloads\Rodrigo+Casarin+-+Categoria+de+Base+-+BFC+ao+vivo.pdf 2022-01-13 14:55 - 2022-01-13 14:55 - 000034513 _____ C:\Users\nando\Downloads\bid 12 de janeiro (1).xlsx 2022-01-13 14:54 - 2022-01-13 14:54 - 000034513 _____ C:\Users\nando\Downloads\bid 12 de janeiro.xlsx 2022-01-12 22:02 - 2022-01-12 22:02 - 003099899 _____ C:\Users\nando\Downloads\FernandaCoimbra - Comunicação e Eventos - BFC ao vivo.pdf 2022-01-12 18:27 - 2022-01-12 18:28 - 007085566 _____ C:\Users\nando\Downloads\Ricardo+Vidal+(Five+CT)+-+Preparando+Superatletas.pdf 2022-01-12 15:05 - 2022-01-12 15:05 - 000023990 _____ C:\Users\nando\Downloads\bid 11 de janeiro 2022.xlsx 2022-01-10 22:26 - 2022-01-10 22:26 - 012321280 _____ C:\Users\nando\Downloads\7063-brastaff-10012022.xls 2022-01-10 22:26 - 2022-01-10 22:26 - 012321280 _____ C:\Users\nando\Downloads\7063-brastaff-10012022 (1).xls 2022-01-10 22:05 - 2022-01-10 22:06 - 004651842 _____ C:\Users\nando\Downloads\BFC+INTERNACIONAL+-+Romina+Fernandez.pdf 2022-01-10 17:31 - 2022-01-10 17:32 - 058019796 _____ C:\Users\nando\Downloads\BFC+INTERNACIONAL+-+Andre+Zanotta.pdf 2022-01-10 17:31 - 2022-01-10 17:32 - 003753512 _____ C:\Users\nando\Downloads\BFC+INTERNACIONAL+-FernandoMaisonnave.pdf 2022-01-10 17:31 - 2022-01-10 17:31 - 004582570 _____ C:\Users\nando\Downloads\BFC+INTERNACIONAL+-+Luis+Estevam.pdf 2022-01-10 17:31 - 2022-01-10 17:31 - 001639279 _____ C:\Users\nando\Downloads\BFC+INTERNACIONAL+-+Cesar+Grafietti.pdf 2022-01-09 22:56 - 2022-01-09 22:57 - 001418046 _____ C:\Users\nando\Downloads\edital-de-avaliacao.pdf 2022-01-09 22:56 - 2022-01-09 22:57 - 000062487 _____ C:\Users\nando\Downloads\termo-de-inscricao.pdf 2022-01-09 20:57 - 2022-01-09 20:57 - 000122946 _____ C:\Users\nando\Downloads\lfernando.curriculo.pdf 2022-01-09 14:20 - 2022-01-09 14:20 - 000024664 _____ C:\Users\nando\Downloads\bid 7 de janeiro.xlsx 2022-01-08 17:24 - 2022-01-08 17:24 - 000076814 _____ C:\Users\nando\Downloads\curriculo134pedrinho.pdf 2022-01-08 17:22 - 2022-01-08 17:22 - 000111496 _____ C:\Users\nando\Downloads\curriculo136kaykedavid (1).pdf 2022-01-08 17:21 - 2022-01-08 17:21 - 000111496 _____ C:\Users\nando\Downloads\curriculo136kaykedavid.pdf 2022-01-06 20:13 - 2022-01-06 20:14 - 003166565 _____ C:\Users\nando\Downloads\PFCHD_V03_059.zip 2021-12-31 16:16 - 2021-12-31 16:16 - 130510426 _____ C:\Users\nando\Downloads\Game Dev Tycoon v1.6.15 PT-BR [nvKing YT].rar ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-01-30 19:07 - 2019-12-20 20:52 - 000000000 ____D C:\Users\nando\AppData\Roaming\uTorrent 2022-01-30 19:07 - 2019-12-07 12:01 - 000000000 ____D C:\Program Files (x86)\Steam 2022-01-30 19:05 - 2019-12-07 12:00 - 000000000 ____D C:\Program Files (x86)\Google 2022-01-30 18:52 - 2021-12-21 19:42 - 000000000 ____D C:\Users\nando\AppData\Roaming\MPC-HC 2022-01-30 18:51 - 2020-03-11 14:25 - 000000000 ____D C:\Users\nando\AppData\Local\CrashDumps 2022-01-30 18:51 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-01-30 18:50 - 2019-12-28 12:25 - 000000000 ____D C:\Program Files\CCleaner 2022-01-30 18:14 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-01-30 16:15 - 2021-03-17 21:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-01-30 15:12 - 2021-03-30 15:42 - 000000000 ____D C:\Users\nando\AppData\Local\SquirrelTemp 2022-01-29 13:04 - 2021-03-17 22:09 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-01-28 23:27 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-01-28 23:26 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-01-28 22:47 - 2020-06-25 20:15 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-01-28 11:33 - 2019-12-20 18:19 - 000000000 ____D C:\Users\nando\AppData\Local\BitTorrentHelper 2022-01-26 20:04 - 2019-12-07 11:58 - 000000000 ____D C:\Users\nando\AppData\Local\Packages 2022-01-26 14:20 - 2021-12-12 23:29 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4150079062-731768477-2272629668-1001 2022-01-26 14:20 - 2021-03-17 22:09 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4150079062-731768477-2272629668-1001 2022-01-26 14:20 - 2021-03-17 21:43 - 000002389 _____ C:\Users\nando\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-01-25 22:41 - 2021-04-12 20:35 - 000003524 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71b90e7f9ac86 2022-01-25 22:41 - 2021-03-17 22:09 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-01-25 20:18 - 2020-04-14 19:01 - 000000000 ____D C:\Users\nando\OneDrive\Documents\Zoom 2022-01-25 12:40 - 2021-10-19 22:23 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-01-24 00:55 - 2021-03-17 21:43 - 000000000 ____D C:\Users\nando 2022-01-23 22:14 - 2021-03-17 22:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-01-23 22:14 - 2021-03-17 21:38 - 000008192 ___SH C:\DumpStack.log.tmp 2022-01-23 17:17 - 2021-11-04 10:46 - 000000000 ____D C:\Program Files\FMSE22 2022-01-23 17:17 - 2019-11-12 15:20 - 000000000 ____D C:\ProgramData\Package Cache 2022-01-23 13:40 - 2020-09-19 22:36 - 000000000 ____D C:\Users\nando\AppData\Local\Game Dev Tycoon - Steam 2022-01-22 15:08 - 2021-04-10 11:01 - 000000000 ____D C:\Users\nando\AppData\Local\AMD_Common 2022-01-21 08:51 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2022-01-21 08:49 - 2021-10-19 22:22 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-01-21 08:49 - 2021-10-19 22:22 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-01-18 18:01 - 2019-12-12 00:03 - 000000000 ____D C:\Users\nando\AppData\Roaming\Zoom 2022-01-17 20:28 - 2021-03-17 21:56 - 001741820 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-01-17 20:28 - 2019-12-07 11:54 - 000752472 _____ C:\WINDOWS\system32\prfh0416.dat 2022-01-17 20:28 - 2019-12-07 11:54 - 000148586 _____ C:\WINDOWS\system32\prfc0416.dat 2022-01-17 20:22 - 2021-03-17 21:38 - 000438816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-01-17 20:15 - 2019-12-07 06:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-01-17 20:14 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-01-17 20:14 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-01-17 20:14 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-01-17 20:14 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-01-17 20:14 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-01-17 20:14 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-01-17 20:14 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-01-15 11:59 - 2019-11-12 15:20 - 000000000 ____D C:\WINDOWS\system32\AMD 2022-01-14 16:35 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-01-14 15:07 - 2019-12-11 15:55 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-01-14 15:02 - 2019-12-11 15:55 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-01-14 12:07 - 2021-06-03 17:32 - 000000000 ____D C:\Program Files\Microsoft Office 2022-01-11 19:34 - 2021-06-13 18:58 - 000000000 ____D C:\Users\nando\AppData\Local\Adobe 2022-01-11 17:13 - 2021-06-13 19:01 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-01-11 17:12 - 2021-06-13 19:01 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk ==================== Arquivos na raiz de alguns diretórios ======== 2020-04-23 22:50 - 2020-07-04 21:25 - 000000132 _____ () C:\Users\nando\AppData\Roaming\Adobe PNG Format CS6 Prefs 2020-05-30 13:36 - 2021-12-01 17:14 - 000000132 _____ () C:\Users\nando\AppData\Roaming\Preferências do Formato PNG do Adobe CS6 2020-02-26 20:14 - 2020-08-15 17:15 - 000000081 _____ () C:\Users\nando\AppData\Local\.bidstack.fault 2020-04-29 17:00 - 2020-04-29 17:00 - 000000886 _____ () C:\Users\nando\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================