Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 27-02-2022 Executado por Neves (administrador) em NEVES-PC (04-03-2022 16:37:04) Executando a partir de C:\Users\Neves\Desktop Perfis Carregados: Neves Plataforma: Microsoft Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil) Navegador padrão: Chrome Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe <4> (C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe (C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe (services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe (services.exe ->) (GAS INFORMATICA LTDA -> GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe <2> (services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [190904 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO HKU\S-1-5-21-3906829491-772124867-3683219445-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\...\Print\Monitors\doPDF 7 Monitor: C:\Windows\system32\dopdfmn7.dll [25480 2012-10-03] (Softland S.R.L. -> Softland) HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\80.0.3765.152\Installer\chrmstp.exe [2020-04-02] (Piriform Software Ltd -> Piriform Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-03-01] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-05-28] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {24A94E50-A284-43AC-B770-9FFCA4D08BE2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {353E8704-4A60-4303-A71A-1DE8891AE902} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform) Task: {38A92DFE-A48E-4CBF-89D6-6E6683A2D961} - System32\Tasks\{D154281E-3A1E-4F94-B63E-44F3511F9290} => C:\Windows\system32\pcalua.exe -a "C:\Arquivos de Programas RFB\IRPF2016\IRPF2016.exe" -d "C:\Arquivos de Programas RFB\IRPF2016" Task: {3CAB101F-63B0-4F84-BBB7-3C8161917E7F} - System32\Tasks\{E8A37ABA-B71D-47F2-858E-60E1C25A9DB8} => C:\Windows\system32\pcalua.exe -a C:\WINDOWS\ISUN0416.EXE -c -f"C:\Program Files (x86)\Adobe\Photoshop 7.0\Uninst.isu" -c"C:\Program Files (x86)\Adobe\Photoshop 7.0\Uninst.dll" Task: {4BEF28B8-0D4E-481B-AAB4-AD90A34E6ACB} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies) Task: {4D1438B6-2B77-4DBC-9113-72E0228B1EE6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {50A7643C-5176-4FBD-923E-827CC50C5B65} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {5BBAF9FC-1296-4491-93BC-EC29AEF8520B} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [116480 2009-09-23] (Panda Security S.L -> ) -> "C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe" /resident /agreelicense Task: {5E608626-BD90-44D5-856B-E5924BB9D0CE} - System32\Tasks\{81E89B82-F74D-4C57-8574-49A29CEFAFA0} => C:\Windows\system32\pcalua.exe -a C:\Users\Neves\Desktop\wlsetup-web.exe -d C:\Users\Neves\Desktop Task: {678245F4-F52C-4C76-BEDC-FBAC30647A57} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2043472 2020-03-19] (Piriform Software Ltd -> Piriform Software) Task: {68F148D4-5097-4D7B-841D-697C1BC71752} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-04-02] (AVAST Software s.r.o. -> Piriform Software) Task: {728E36FA-6897-41DF-956D-18A7CF5B1042} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2043472 2020-03-19] (Piriform Software Ltd -> Piriform Software) Task: {B8F4FB49-F687-4133-ADB5-585B14432233} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) Task: {C13CAA9F-32F1-406D-BEB7-B56159AD1767} - System32\Tasks\CCleanerSkipUAC - Neves => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {C17C81A8-5E77-4628-9277-D81518895D87} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-04-02] (AVAST Software s.r.o. -> Piriform Software) Task: {DA72912A-84F5-4CAC-B8F5-3937615BEBFB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {F3902A19-AE4D-4002-80A8-4C712E01D01A} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [5026232 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{FB1ED1A9-79E2-4151-B5DA-EB3A4E3103AB}: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-08-22] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-01-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-01-30] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [2020-04-02] (AVAST Software s.r.o. -> Piriform Software) FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [2020-04-02] (AVAST Software s.r.o. -> Piriform Software) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default [2022-03-04] CHR Notifications: Default -> hxxps://blogdoperrone.blogosfera.uol.com.br; hxxps://load24.biz; hxxps://marcelrizzo.blogosfera.uol.com.br; hxxps://pt.dreamstime.com; hxxps://revercecaptcha.com; hxxps://terraavista.blogosfera.uol.com.br; hxxps://www.acidadeon.com; hxxps://www.drogariasaopaulo.com.br; hxxps://www.facebook.com; hxxps://www1.folha.uol.com.br CHR HomePage: Default -> hxxp://www.google.com.br/ CHR StartupUrls: Default -> "hxxps://www.google.com.br/" CHR Extension: (Apresentações) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Documentos) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Drive) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21] CHR Extension: (YouTube) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-15] CHR Extension: (Planilhas) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Documentos Google off-line) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-15] CHR Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-26] CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2022-01-25] CHR Extension: (Social Video Downloader) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2021-03-03] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28] CHR Extension: (Gmail) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (TED Video Download) - C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponobohemjmcfbdcjghajlmkenceogaa [2019-10-10] CHR Profile: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-04] CHR Profile: C:\Users\Neves\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-04] CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] CHR HKU\S-1-5-21-3906829491-772124867-3683219445-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [596920 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AVG Tools; C:\Program Files (x86)\AVG\Antivirus\avgToolsSvc.exe [596920 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [8519280 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-11] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-04-02] (AVAST Software s.r.o. -> Piriform Software) S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\80.0.3765.152\elevation_service.exe [1124080 2020-03-19] (Piriform Software Ltd -> Piriform Software) S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-04-02] (AVAST Software s.r.o. -> Piriform Software) S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [555320 2014-10-31] (GAS INFORMATICA LTDA -> GAS Tecnologia) S4 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [5249008 2018-01-24] (IBM -> IBM Corp.) S4 Unchecky; C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe [241400 2015-10-13] (Reason Software Company Inc. -> RaMMicHaeL) S4 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [847160 2015-02-13] (GAS INFORMATICA LTDA -> GAS Tecnologia LTDA) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [36896 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [226464 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [369768 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [253040 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [99424 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [41488 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [267000 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [544880 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [29944 2020-06-16] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [107992 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [83056 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [854416 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [551576 2022-03-03] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S2 avgStm; C:\Windows\System32\drivers\avgStm.sys [215024 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [318872 2022-02-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) S3 PAEAFLT.sys; C:\Windows\System32\DRIVERS\PAEAFLT.sys [9472 2007-09-26] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [489616 2018-01-24] (IBM -> IBM Corp.) R1 RapportCerberus_1908103; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1908103.sys [1635344 2018-02-04] (IBM -> IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [703056 2018-01-24] (IBM -> IBM Corp.) R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [338384 2018-01-24] (IBM -> IBM Corp.) S3 RapportIaso; não ImagePath R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [597976 2018-01-24] (IBM -> IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [743568 2018-01-24] (IBM -> IBM Corp.) S3 SPC230NC; C:\Windows\System32\DRIVERS\SPC230NC.SYS [531968 2008-01-03] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.) S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-06] (Windscribe Limited -> The OpenVPN Project) S3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-10-31] (GAS INFORMATICA LTDA -> GAS Tecnologia LTDA) R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-09-21] (Zemana Ltd. -> Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-09-21] (Zemana Ltd. -> Zemana Ltd.) U1 avgbdisk; não ImagePath ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-03-04 16:24 - 2022-03-04 16:28 - 000009427 _____ C:\Users\Neves\Desktop\Fixlog.txt 2022-03-04 09:06 - 2022-03-04 09:07 - 000693048 _____ C:\Users\Neves\Desktop\GAS MARÇO.pdf 2022-03-03 10:02 - 2022-03-03 10:02 - 000000000 ____D C:\Program Files\CCleanerSetup 2022-03-02 11:11 - 2022-03-02 11:26 - 000043555 _____ C:\Users\Neves\Desktop\Addition.txt 2022-03-02 11:09 - 2022-03-04 16:38 - 000022299 _____ C:\Users\Neves\Desktop\FRST.txt 2022-03-02 11:09 - 2022-03-04 16:37 - 000000000 ____D C:\FRST 2022-03-02 11:08 - 2022-03-02 11:08 - 002312192 _____ (Farbar) C:\Users\Neves\Desktop\FRST64.exe 2022-03-02 11:06 - 2022-03-02 11:06 - 000001413 _____ C:\Users\Neves\Desktop\AdwCleaner[S00].txt 2022-03-02 11:04 - 2022-03-02 11:05 - 000000000 ____D C:\AdwCleaner 2022-03-02 11:03 - 2022-03-02 11:03 - 008540344 _____ (Malwarebytes) C:\Users\Neves\Desktop\adwcleaner_8.3.1.exe 2022-02-22 23:17 - 2022-02-22 23:16 - 000369776 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw00bddcfb5df2924b.tmp 2022-02-22 23:17 - 2022-02-22 23:16 - 000337336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe 2022-02-22 23:17 - 2022-02-22 23:16 - 000253040 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw267d3615d77236c0.tmp 2022-02-22 23:17 - 2022-02-22 23:16 - 000215024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys 2022-02-22 23:17 - 2022-02-22 23:16 - 000099424 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\asw3c69ac7d6767bc4c.tmp ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-03-04 16:38 - 2018-07-21 14:03 - 000042233 _____ C:\Windows\ZAM.krnl.trace 2022-03-04 16:38 - 2018-07-21 14:03 - 000017654 _____ C:\Windows\ZAM_Guard.krnl.trace 2022-03-04 16:34 - 2017-09-21 08:02 - 000000000 ____D C:\Program Files\CCleaner 2022-03-04 16:33 - 2015-02-27 11:40 - 000000000 ____D C:\Program Files (x86)\Google 2022-03-04 16:31 - 2015-11-01 18:16 - 000000000 ____D C:\ProgramData\Avg 2022-03-04 16:30 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-03-04 16:07 - 2009-07-14 01:45 - 000038240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-03-04 16:07 - 2009-07-14 01:45 - 000038240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-03-03 07:15 - 2017-06-01 12:21 - 000551576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys 2022-03-01 17:16 - 2019-07-11 16:20 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-02-27 20:05 - 2019-11-29 15:54 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update 2022-02-27 20:05 - 2017-06-01 12:21 - 000004174 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update 2022-02-22 23:18 - 2019-01-14 11:58 - 000369768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys 2022-02-22 23:18 - 2017-06-01 12:21 - 000318872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys 2022-02-22 23:16 - 2020-10-13 07:45 - 000267000 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys 2022-02-22 23:16 - 2020-06-16 05:48 - 000544880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys 2022-02-22 23:16 - 2019-02-23 18:42 - 000083056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys 2022-02-22 23:16 - 2019-01-04 10:20 - 000253040 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys 2022-02-22 23:16 - 2019-01-04 10:20 - 000099424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys 2022-02-22 23:16 - 2019-01-04 10:20 - 000036896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys 2022-02-22 23:16 - 2018-10-19 10:19 - 000041488 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys 2022-02-22 23:16 - 2017-11-12 05:20 - 000226464 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys 2022-02-22 23:16 - 2017-06-01 12:21 - 000854416 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys 2022-02-22 23:16 - 2017-06-01 12:21 - 000107992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys 2022-02-21 13:08 - 2021-01-14 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2022-02-18 22:09 - 2017-03-14 06:43 - 000000000 ____D C:\Users\Neves\AppData\Local\CrashDumps 2022-02-17 09:35 - 2020-05-27 10:03 - 000000000 ____D C:\Users\Neves\Desktop\genealogia 2022-02-06 07:28 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\NDF ==================== Arquivos na raiz de alguns diretórios ======== 2017-07-31 22:39 - 2017-07-31 22:39 - 000000268 ___RH () C:\Users\Neves\AppData\Roaming\Image Manipulation 2017-07-31 22:41 - 2017-07-31 22:41 - 000000268 ___RH () C:\Users\Neves\AppData\Roaming\Image Units 2017-07-31 22:39 - 2017-07-31 22:39 - 000000268 ___RH () C:\Users\Neves\AppData\Roaming\Images 2015-03-02 12:20 - 2015-10-27 12:22 - 000033787 _____ () C:\Users\Neves\AppData\Roaming\unins000.dat 2015-04-05 07:05 - 2016-08-02 18:54 - 000003584 _____ () C:\Users\Neves\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2017-03-14 06:23 - 2017-03-14 06:23 - 000000036 _____ () C:\Users\Neves\AppData\Local\housecall.guid.cache 2015-07-29 19:37 - 2015-08-03 20:45 - 000004096 ____H () C:\Users\Neves\AppData\Local\keyfile3.drm 2015-11-15 20:44 - 2017-06-07 20:24 - 000007598 _____ () C:\Users\Neves\AppData\Local\resmon.resmoncfg 2021-06-08 10:14 - 2021-06-08 10:14 - 000000000 _____ () C:\Users\Neves\AppData\Local\{08D288E2-37DE-4CD3-9855-2859FFDCFDFE} ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) LastRegBack: 2022-02-26 14:09 ==================== Fim de FRST.txt ========================