Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20-03-2022 Executado por Diego (administrador) em LAPTOP-8SR4EU2K (LENOVO 80YH) (23-03-2022 07:55:54) Executando a partir de C:\Users\Diego\Desktop Perfis Carregados: Diego Plataforma: Microsoft Windows 10 Home Single Language Versão 21H2 19044.1586 (X64) Idioma: Português (Brasil) Navegador padrão: Edge Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(DeviceSettingsSystemAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(LenovoBoostSystemAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(VantageCoreAddin).exe (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\99.0.1150.46\identity_helper.exe (C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe (DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxEM.exe (explorer.exe ->) (Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10> (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] (Dolby Laboratories, Inc. -> ) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nenhum Arquivo) HKLM-x32\...\Run: [USB Gamepad] => C:\WINDOWS\USB Vibration\7906\USB Gamepad.exe [796784 2008-12-10] (Shen Zhen Dragon Rise Macro Technology Limited Company -> ) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-1832640792-4251457729-1687516665-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-1832640792-4251457729-1687516665-1001\...\Run: [Discord] => C:\Users\Diego\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-1832640792-4251457729-1687516665-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1832640792-4251457729-1687516665-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Diego\AppData\Local\Microsoft\Teams\Update.exe [2452152 2020-10-02] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1832640792-4251457729-1687516665-1001\...\Run: [MicrosoftEdgeAutoLaunch_E645C02DD85363918E4F96458C83B102] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 HKU\S-1-5-21-1832640792-4251457729-1687516665-1001\...\MountPoints2: {1b62c8a6-8298-11e8-8221-5cc9d39617e5} - "E:\AUTORUN.EXE" HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2018-10-10] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {013278A5-C60C-4ADC-8760-78664A721156} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.) Task: {0F208F0C-4862-4973-8D17-5BD6C85BEEA6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {127EA3A8-842A-4A9C-A29F-8383A0D93D01} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {1E14C439-50D0-4B3D-917E-526821633013} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-11] (Microsoft Corporation -> Microsoft Corporation) Task: {4370428D-645D-4E65-A722-2A9F9D9117B7} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService Task: {4DA2EA30-5119-4A4C-8B13-6BA1EA27878B} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {68F4425E-6278-4BA2-85A6-57759FCDC698} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Diego\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-03-22] (ESET, spol. s r.o. -> ESET) Task: {6F8BC129-D9D9-43DD-8D48-0783FB84CBC0} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.) Task: {75100D53-8A1C-4490-BFDA-7A7643859CF7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {81D0B454-8156-462B-ADF0-E3EB38BB6696} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2017-02-17] (CyberLink Corp. -> CyberLink Corp.) Task: {93D383BC-968C-4D99-81C6-08E5AA9519C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-11] (Microsoft Corporation -> Microsoft Corporation) Task: {978A7D11-DA39-41A5-85F8-80A191D31FAF} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.) Task: {A622BB34-8BE2-4D0C-AE22-97EFEA4422B5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-11] (Microsoft Corporation -> Microsoft Corporation) Task: {A6C9C4A8-6302-4024-BBC5-8FD2A5770481} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.) Task: {B373F5E0-E99C-4D81-9006-FC6F1569DCB6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B890799A-4451-44A8-83F0-C5D2E7DADDD3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1178600 2022-03-11] (Microsoft Corporation -> Microsoft Corporation) Task: {BF0BE113-0DBA-486E-BC06-367B10D51A5D} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Diego\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-03-22] (ESET, spol. s r.o. -> ESET) Task: {C0AA8701-4460-4CD5-A418-DD72FE2978D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C28A8123-1316-48F6-9BC9-E837C1146347} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D83BF006-0AC1-447C-BAD2-9E82D438CD0C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {D8D3E4CE-C893-4A92-87F6-27272CC48B27} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-11] (Microsoft Corporation -> Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 181.213.132.3 181.213.132.2 Tcpip\..\Interfaces\{1c194405-ab8e-43ff-addf-ba5ab5eb04fb}: [DhcpNameServer] 181.213.132.3 181.213.132.2 Tcpip\..\Interfaces\{447cccbf-ef79-49f3-ada6-6973051a98fb}: [DhcpNameServer] 10.0.0.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Diego\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-23] FireFox: ======== FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2022-03-10] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-03] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-06] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8914856 2021-09-13] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-06] (Microsoft Corporation -> Microsoft Corporation) S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd) R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [810800 2021-07-12] (EasyAntiCheat Oy -> Epic Games, Inc) R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe [28928 2022-01-20] (Lenovo -> Lenovo Group Ltd.) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado] S4 npggsvc; C:\WINDOWS\system32\GameMon.des [7455240 2018-04-17] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado] S4 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-11-22] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-14] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2018-07-09] (Disc Soft Ltd -> Disc Soft Ltd) S3 EMACDRV; C:\WINDOWS\System32\drivers\EMAC-Driver-x64.sys [2797592 2021-07-17] (Gamers Club (Gamers Club Ltda) -> ) S3 h647906; C:\WINDOWS\System32\drivers\h647906.sys [62576 2008-12-01] (Shen Zhen Dragon Rise Macro Technology Limited Company -> Your Corporation) R2 LdBoxDrv; C:\Program Files\dnplayerext2\LdBoxDrv.sys [283216 2019-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Oracle Corporation) R3 MpKslcec69040; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B478525E-CB68-49CA-A81B-C3F2ECFDD1C8}\MpKslDrv.sys [137464 2022-03-22] (Microsoft Windows -> Microsoft Corporation) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-11-01] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-12-02] (Tencent Technology(Shenzhen) Company Limited -> TENCENT) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Apple, Inc.) [Arquivo não assinado] S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-14] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-14] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-11-22] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R4 edevmon; system32\DRIVERS\edevmon.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três meses (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-03-23 07:55 - 2022-03-23 07:58 - 000020868 _____ C:\Users\Diego\Desktop\FRST.txt 2022-03-23 00:31 - 2022-03-23 00:31 - 001510111 _____ C:\WINDOWS\unins000.exe 2022-03-23 00:31 - 2022-03-23 00:31 - 000217463 _____ C:\WINDOWS\unins000.dat 2022-03-23 00:31 - 2022-03-23 00:31 - 000001159 _____ C:\Users\Diego\Desktop\REDRAGON Gaming Mouse.lnk 2022-03-23 00:31 - 2022-03-23 00:31 - 000000000 ____D C:\Users\Diego\AppData\Roaming\REDRAGON Gaming Mouse 2022-03-23 00:31 - 2022-03-23 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REDRAGON Gaming Mouse 2022-03-23 00:31 - 2022-03-23 00:31 - 000000000 ____D C:\Program Files (x86)\REDRAGON Gaming Mouse 2022-03-22 19:28 - 2022-03-22 19:28 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn 2022-03-22 19:28 - 2022-03-22 19:28 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime 2022-03-22 11:56 - 2022-03-22 11:56 - 000001283 _____ C:\Users\Diego\Desktop\ESET Online Scanner.lnk 2022-03-22 11:53 - 2022-03-22 11:56 - 000001389 _____ C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-03-22 11:53 - 2022-03-22 11:54 - 000000000 ____D C:\Users\Diego\AppData\Local\ESET 2022-03-22 11:53 - 2022-03-22 11:53 - 015274968 _____ (ESET) C:\Users\Diego\Desktop\esetonlinescanner.exe 2022-03-22 11:50 - 2022-03-22 11:50 - 008428192 _____ (ESET) C:\Users\Diego\Downloads\eset_internet_security_live_installer.exe 2022-03-21 16:55 - 2022-03-22 19:29 - 000000000 ____D C:\Users\Diego\Desktop\Relatorios 2022-03-21 13:28 - 2022-03-23 07:57 - 000000000 ____D C:\FRST 2022-03-21 13:27 - 2022-03-21 13:27 - 002364928 _____ (Farbar) C:\Users\Diego\Desktop\FRST64.exe 2022-03-21 11:56 - 2022-03-21 12:07 - 000000000 ____D C:\Users\Diego\Desktop\Arquivos Faculdade 2022-03-20 21:41 - 2022-03-20 21:41 - 000012288 _____ C:\WINDOWS\SysWOW64\persistent_q.db 2022-03-20 16:11 - 2022-03-20 16:11 - 000002521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-03-20 16:11 - 2022-03-20 16:11 - 000002359 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-03-20 16:10 - 2022-03-20 16:10 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-03-20 16:10 - 2022-03-20 16:10 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-03-20 16:08 - 2022-03-20 16:08 - 000000000 ____D C:\Users\Diego\AppData\Roaming\HP 2022-03-20 15:52 - 2022-03-21 17:55 - 105906176 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-03-20 15:52 - 2022-03-20 15:52 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2022-03-18 22:49 - 2022-03-18 22:49 - 000000000 ____D C:\Users\Diego\AppData\LocalLow\Low-Hi Tech 2022-03-17 23:27 - 2022-03-17 23:27 - 000019676 _____ C:\Users\Diego\Desktop\Ata 17 03 2022 Pibid .pdf 2022-03-15 22:19 - 2022-03-15 22:19 - 000000000 ____D C:\Users\Diego\AppData\Roaming\stremio 2022-03-15 17:54 - 2022-03-22 23:52 - 000000000 ____D C:\Users\Diego\Desktop\Matematica 2022- 1ºsemestre 2022-03-09 19:59 - 2022-03-09 19:59 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-03-09 19:58 - 2022-03-09 19:58 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-03-09 19:56 - 2022-03-09 19:56 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2022-03-09 19:54 - 2022-03-09 19:54 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-03-09 19:53 - 2022-03-09 19:53 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe 2022-03-09 01:29 - 2022-03-09 01:29 - 000000000 ___HD C:\$WinREAgent 2022-03-03 21:25 - 2022-03-03 21:25 - 000000000 ____D C:\Users\Diego\AppData\Roaming\LibreOffice 2022-03-02 19:58 - 2022-03-02 19:59 - 000000000 ____D C:\Users\Diego\Desktop\Educare 2022-03-01 16:01 - 2022-03-01 16:01 - 000000222 _____ C:\Users\Diego\Desktop\BRAIN OUT.url 2022-03-01 13:51 - 2022-03-21 12:07 - 000000000 ____D C:\Users\Diego\Desktop\Jogos 2022-03-01 13:26 - 2022-03-01 13:35 - 000000850 _____ C:\Users\Diego\Desktop\Descrições das atuações em vagas.txt 2022-02-24 21:32 - 2022-02-24 21:32 - 000000000 ____D C:\Users\Diego\AppData\Roaming\WinRAR 2022-02-24 20:49 - 2022-02-24 22:22 - 003683000 _____ C:\Users\Diego\Desktop\anexo_texto_bncc_reexportado.pdf 2022-02-15 14:45 - 2022-02-15 14:45 - 000109501 _____ C:\Users\Diego\Desktop\Comprovante de Vacina Covid.pdf 2022-02-14 23:42 - 2022-02-14 23:42 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-02-14 23:42 - 2022-02-14 23:42 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-02-14 21:45 - 2022-03-09 21:02 - 000000000 ____D C:\Users\Diego\AppData\Roaming\Adobe 2022-02-14 21:37 - 2022-02-14 21:37 - 000000000 ____D C:\Users\Diego\AppData\Roaming\HpUpdate 2022-02-06 12:51 - 2022-02-06 12:51 - 000000000 ____D C:\Users\Diego\AppData\Local\K552RGB-2_K552RGB-1_ET-8180 2022-02-06 12:42 - 2022-02-06 12:42 - 007397660 _____ (Acresso Software Inc.) C:\Users\Diego\Downloads\Redragon K552RGB-1 Mechanical Keyboard.exe 2022-02-06 12:41 - 2022-02-06 12:42 - 018760190 _____ (REDRAGON ZONE ) C:\Users\Diego\Downloads\REDRAGON Gaming Mouse M711 V2.exe 2022-02-03 16:52 - 2021-10-08 11:00 - 000167544 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2022-02-03 16:39 - 2022-02-03 16:39 - 000671537 _____ C:\Users\Diego\Desktop\Definição Curricular Diego 2022.pdf 2022-01-31 17:38 - 2021-10-08 11:00 - 000160376 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys 2022-01-31 16:26 - 2022-01-31 16:26 - 000347810 _____ C:\Users\Diego\Desktop\Historico 2022.pdf 2022-01-28 20:04 - 2022-01-28 20:04 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll 2022-01-28 20:04 - 2022-01-28 20:04 - 000064256 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe 2022-01-26 14:46 - 2022-03-11 21:20 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1832640792-4251457729-1687516665-1001 2022-01-17 03:36 - 2022-01-30 12:29 - 000000000 ____D C:\Users\Diego\Desktop\Puc Minas Matematica Geral 2022-01-14 15:15 - 2022-02-15 16:39 - 000000000 ____D C:\Users\Diego\Desktop\Documentos renovação da bolsa 2022-01-14 03:17 - 2022-01-14 03:17 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-01-14 03:17 - 2022-01-14 03:17 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-01-10 21:40 - 2022-02-28 13:16 - 000000796 _____ C:\WINDOWS\storelibdebug.txt 2022-01-06 01:58 - 2022-03-07 23:13 - 000000000 ____D C:\Users\Diego\Desktop\Cs 1.6 ==================== Três meses (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-03-23 07:52 - 2017-12-05 18:50 - 000000000 __SHD C:\Users\Diego\IntelGraphicsProfiles 2022-03-23 00:35 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-03-23 00:10 - 2020-10-25 23:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-03-22 23:27 - 2017-12-08 16:13 - 000000000 ____D C:\Users\Diego\Desktop\Diego 2022-03-22 14:09 - 2020-10-26 00:30 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-03-22 14:08 - 2021-12-14 20:24 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-03-22 14:08 - 2021-12-14 20:24 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk 2022-03-22 13:19 - 2018-09-24 13:46 - 000000000 ____D C:\sv6BN0X06VsZnR7 2022-03-22 12:25 - 2018-09-24 13:46 - 000000000 ____D C:\PJkJ2P8Ljsj195H 2022-03-22 12:10 - 2018-09-24 13:46 - 000000000 ____D C:\5A7LV98M6MU654i 2022-03-22 11:57 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-03-22 11:57 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2022-03-21 20:15 - 2017-12-31 14:34 - 000000000 ____D C:\Program Files (x86)\ZHPDiag 2022-03-21 18:16 - 2020-09-22 13:53 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2022-03-21 18:12 - 2021-07-06 20:40 - 000000000 ____D C:\Program Files (x86)\Epic Games 2022-03-21 17:56 - 2020-10-26 00:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-03-21 17:56 - 2020-10-25 23:36 - 000008192 ___SH C:\DumpStack.log.tmp 2022-03-21 17:56 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-03-21 17:55 - 2020-09-22 13:53 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2022-03-21 17:55 - 2019-12-07 06:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-03-21 17:00 - 2020-09-22 13:55 - 000000000 ____D C:\Program Files\Common Files\AV 2022-03-21 17:00 - 2019-12-07 06:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-03-21 16:57 - 2019-08-08 19:59 - 000000000 ____D C:\Users\Diego\Desktop\God.ie and Nihilnon 2022-03-21 16:18 - 2020-10-26 00:00 - 001608278 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-03-21 16:18 - 2019-12-07 11:54 - 000692482 _____ C:\WINDOWS\system32\prfh0416.dat 2022-03-21 16:18 - 2019-12-07 11:54 - 000140098 _____ C:\WINDOWS\system32\prfc0416.dat 2022-03-21 16:07 - 2020-05-26 20:18 - 000000000 ____D C:\Users\Diego\AppData\LocalLow\Temp 2022-03-21 14:46 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-03-21 14:46 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-03-21 13:38 - 2017-12-05 19:39 - 000000000 ____D C:\Users\Diego\AppData\Local\Lenovo 2022-03-21 13:25 - 2020-10-26 00:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo 2022-03-21 13:25 - 2020-03-13 19:27 - 000000000 ____D C:\WINDOWS\Lenovo 2022-03-21 13:25 - 2017-11-17 22:19 - 000000000 ____D C:\ProgramData\Lenovo 2022-03-21 13:18 - 2017-12-31 00:18 - 000000000 ____D C:\ProgramData\MCShield 2022-03-21 11:58 - 2018-01-04 05:24 - 000000000 ____D C:\Users\Diego\AppData\Local\Packages 2022-03-20 16:07 - 2018-10-10 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2022-03-20 16:07 - 2018-10-10 09:30 - 000000000 ____D C:\Program Files (x86)\HP 2022-03-20 14:41 - 2018-10-02 18:40 - 000000000 ____D C:\Users\Diego\AppData\Local\mbam 2022-03-20 14:19 - 2018-07-29 01:15 - 000000000 ____D C:\Program Files\Malwarebytes 2022-03-19 13:55 - 2019-03-03 16:30 - 000000000 ____D C:\Program Files (x86)\Steam 2022-03-14 20:08 - 2018-05-20 20:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-03-14 18:07 - 2018-06-25 00:51 - 000000000 ____D C:\Users\Diego\AppData\Local\CrashDumps 2022-03-11 21:20 - 2020-10-26 00:30 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1832640792-4251457729-1687516665-1001 2022-03-11 21:20 - 2020-10-25 23:47 - 000002396 _____ C:\Users\Diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-03-11 21:10 - 2017-11-17 21:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-03-10 20:33 - 2020-10-01 12:10 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-03-09 20:57 - 2020-10-25 23:36 - 000615456 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-03-09 20:48 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-03-09 20:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-03-09 20:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-03-09 20:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-03-09 20:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-03-09 20:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-03-09 20:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-03-09 20:48 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\servicing 2022-03-09 20:24 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-03-09 19:53 - 2020-10-25 23:41 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-03-09 01:25 - 2017-12-06 04:06 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-03-09 01:16 - 2017-12-06 04:05 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-03-08 01:50 - 2020-10-25 23:47 - 000000000 ____D C:\Users\Diego 2022-03-07 23:29 - 2018-05-23 00:30 - 000000000 ____D C:\Users\Diego\AppData\Local\D3DSCache ==================== Arquivos na raiz de alguns diretórios ======== 2018-09-21 14:14 - 2018-09-21 14:14 - 000000017 _____ () C:\Users\Diego\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================