Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 22-04-2022 Executado por PICHAU (administrador) em DESKTOP-ICV15QV (04-05-2022 23:55:43) Executando a partir de C:\Users\PICHAU\Desktop Perfis Carregados: PICHAU Plataforma: Microsoft Windows 10 Pro Versão 21H2 19044.1645 (X64) Idioma: Português (Brasil) Navegador padrão: Chrome Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Avast Software s.r.o. -> AVAST Software) D:\Avast\AvastUI.exe <5> (C:\Users\PICHAU\Desktop\adwcleaner.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (D:\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) D:\Avast\aswEngSrv.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <44> (explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Users\PICHAU\Desktop\adwcleaner.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) D:\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) D:\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) D:\Avast\wsc_proxy.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [AvastUI.exe] => D:\Avast\AvLaunch.exe [208152 2022-04-19] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-1684547479-436279848-3431984738-1001\...\Run: [Steam] => D:\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1684547479-436279848-3431984738-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\PICHAU\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-05-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1684547479-436279848-3431984738-1001\...\Run: [com.blitz.app] => C:\Users\PICHAU\AppData\Local\Programs\Blitz\Blitz.exe [121829184 2022-05-04] (Swift Media Entertainment, Inc. -> Blitz, Inc.) HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\WINDOWS\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.54\Installer\chrmstp.exe [2022-05-04] (Google LLC -> Google LLC) Startup: C:\Users\PICHAU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2050 J510 series.lnk [2021-10-18] GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {10C41E39-ADDF-4728-86F1-1365E92DEC58} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Task: {149786C8-72D8-4C9E-9B1F-339F64FDFEFD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8376824 2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Task: {286FFBC8-46E5-4642-8075-030132D87C97} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Task: {3FA024AA-6B26-4B8A-A28B-07646A9D0B3B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {534E9A09-25B5-4A03-BAF2-8F4DE7AA0B2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-04-02] (Google Inc -> Google LLC) Task: {59A07462-13E7-4DA7-9B85-F6FECC954E9D} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-02-28] (Advanced Micro Devices, Inc.) [Arquivo não assinado] Task: {5B48A811-E8A7-4CAF-B845-056A24A4BD9B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2296088 2022-03-07] (Avast Software s.r.o. -> Avast Software) Task: {5BF3C0E9-20F1-455E-A3FA-82CD6ADEB4E1} - System32\Tasks\Avast Emergency Update => D:\Avast\AvEmUpdate.exe [4992792 2022-04-19] (Avast Software s.r.o. -> AVAST Software) Task: {5E4D1A7B-326B-4AC6-8262-8E02B3576E25} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-04-02] (Google Inc -> Google LLC) Task: {606C6D52-76B9-4119-AC86-ADEF200A3EA7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Task: {66B38CF0-82A5-442D-925B-993557BA2191} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.) Task: {6790FFE5-24A9-4560-B4A7-9F8CA52854DC} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-02-28] (Advanced Micro Devices, Inc.) [Arquivo não assinado] Task: {7C833F0B-CB61-4AB4-8E81-BD406C39B26A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8376824 2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Task: {A200D531-CABC-4A17-924F-58D9E15B346B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-02-28] (Advanced Micro Devices, Inc.) [Arquivo não assinado] Task: {BA678B7E-3325-4B48-8A56-8EDA9D0FF02B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {C0177B18-DB2D-4F82-A018-9CCED39EF1C3} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {C33C8126-D467-4EFF-9E14-661DE3AE3B40} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144792 2022-05-02] (Microsoft Corporation -> Microsoft Corporation) Task: {F48341A3-17F7-40AE-AE61-56479B8FB344} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22890448 2022-05-02] (Microsoft Corporation -> Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 45.163.144.68 Tcpip\..\Interfaces\{309a9a41-1a22-497b-b971-3a620c847786}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{71cc41d1-8d77-4401-991b-e62832c15d95}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{ccfbcd00-c6ea-4995-8221-9c6232403281}: [DhcpNameServer] 192.168.28.1 Tcpip\..\Interfaces\{d7420d48-c20d-454b-8d39-8b748f16009a}: [DhcpNameServer] 8.8.4.4 45.163.144.68 Edge: ======= DownloadDir: C:\Users\PICHAU\Downloads Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)] Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)] Edge Extension: (AdBlock — best ad blocker) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.13.0.0_neutral__c1wakc4j0nefm [2022-02-15] Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)] Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)] Edge Profile: C:\Users\PICHAU\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-04] FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-03-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-03-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default [2022-05-04] CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png CHR Extension: (YouTube) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnkijcaahngcdmfeangaknmldooml [2021-02-02] CHR Extension: (OneNote Online) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2021-10-18] CHR Extension: (AHA Music - Song Finder para Browser) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2022-04-20] CHR Extension: (Adobe Acrobat: ferramentas de edição, conversão e assinatura de PDFs) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-26] CHR Extension: (Documentos Google off-line) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-19] CHR Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-03] CHR Extension: (Recursos Copiar e Colar do Office Online) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2022-02-11] CHR Extension: (Twitter) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgeocpdicgmkeemopbanhokmhcgcflmi [2021-03-26] CHR Extension: (Loom – Free Screen Recorder & Screen Capture) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2022-04-30] CHR Extension: (Speechify for Chrome) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljflmlehinmoeknoonhibbjpldiijjmm [2022-04-28] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Flash VPN - Free VPN Connection) - C:\Users\PICHAU\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaflfgdoindheknalgiekgjlfdecogn [2022-04-23] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.) S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated) S3 aswbIDSAgent; D:\Avast\aswidsagent.exe [8507016 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; D:\Avast\AvastSvc.exe [563024 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; D:\Avast\aswToolsSvc.exe [563024 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; D:\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-04-10] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11758536 2022-05-02] (Microsoft Corporation -> Microsoft Corporation) S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [301056 2022-03-10] (Microsoft Windows -> Microsoft Corporation) S3 Rockstar Service; D:\Launcher\RockstarService.exe [1738368 2020-04-15] (Rockstar Games, Inc. -> Rockstar Games) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-02] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-02] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36768 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228912 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [378944 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252984 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100408 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42400 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269448 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546296 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108888 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83968 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855320 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [556088 2022-04-19] (Avast Software s.r.o. -> AVAST Software) S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215936 2022-04-19] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [320904 2022-04-20] (Avast Software s.r.o. -> AVAST Software) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] R4 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-04-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-04-02] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-02] (Microsoft Windows -> Microsoft Corporation) S3 wovad_micarray; C:\WINDOWS\system32\drivers\womic.sys [34496 2020-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S4 GSDriver; \SystemRoot\System32\drivers\GSDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-05-04 23:55 - 2022-05-04 23:56 - 000019137 _____ C:\Users\PICHAU\Desktop\FRST.txt 2022-05-04 23:55 - 2022-05-04 23:55 - 000000000 ____D C:\FRST 2022-05-04 23:54 - 2022-05-04 23:54 - 002366976 _____ (Farbar) C:\Users\PICHAU\Desktop\FRST64.exe 2022-05-04 23:53 - 2022-05-04 23:54 - 000001717 _____ C:\Users\PICHAU\Desktop\ADWSCAN.txt 2022-05-04 23:50 - 2022-05-04 23:51 - 000000000 ____D C:\AdwCleaner 2022-05-04 23:48 - 2022-05-04 23:48 - 008551608 _____ (Malwarebytes) C:\Users\PICHAU\Desktop\adwcleaner.exe 2022-05-04 23:21 - 2022-05-04 23:21 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp 2022-05-04 23:06 - 2022-05-04 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware 2022-05-04 23:06 - 2022-05-04 23:06 - 000000000 ____D C:\ProgramData\GridinSoft 2022-04-27 11:14 - 2022-04-27 11:14 - 000000000 ____D C:\Program Files\PCHealthCheck 2022-04-25 23:28 - 2022-04-25 23:28 - 000259358 _____ C:\Users\PICHAU\Desktop\boleto_fatura.pdf 2022-04-23 17:40 - 2022-04-23 17:40 - 000000000 ____D C:\Users\PICHAU\AppData\Roaming\EasyAntiCheat 2022-04-23 16:20 - 2022-04-23 19:48 - 000000000 ____D C:\Users\PICHAU\AppData\Roaming\qBittorrent 2022-04-23 16:20 - 2022-04-23 16:20 - 000000000 ____D C:\Users\PICHAU\AppData\Local\qBittorrent 2022-04-23 16:17 - 2022-04-23 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent 2022-04-19 22:01 - 2022-04-19 22:01 - 000413514 _____ C:\Users\PICHAU\Desktop\itaucard_•••• 7147_fatura_2022-04.pdf 2022-04-19 11:00 - 2022-04-19 11:00 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2022-04-19 11:00 - 2022-04-19 11:00 - 000215936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2022-04-15 13:38 - 2022-04-15 13:38 - 000000000 ___HD C:\$WinREAgent 2022-04-15 11:44 - 2022-04-15 11:44 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2022-04-15 11:44 - 2022-04-15 11:44 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-04-15 11:44 - 2022-04-15 11:44 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-04-15 11:44 - 2022-04-15 11:44 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-04-12 22:14 - 2022-04-12 23:21 - 000001318 _____ C:\Users\PICHAU\Desktop\HO04.txt 2022-04-10 21:11 - 2022-04-10 21:11 - 000000000 ____D C:\Users\PICHAU\Desktop\JFLAP 2022-04-10 17:06 - 2022-04-23 00:53 - 000000000 ____D C:\Users\PICHAU\AppData\Roaming\CaptureAge 2022-04-10 17:05 - 2022-04-10 17:05 - 000002404 _____ C:\Users\PICHAU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CaptureAge.lnk 2022-04-10 17:05 - 2022-04-10 17:05 - 000002396 _____ C:\Users\PICHAU\Desktop\CaptureAge.lnk 2022-04-10 17:05 - 2022-04-10 17:05 - 000000000 ____D C:\Users\PICHAU\AppData\Local\captureage-updater 2022-04-04 16:29 - 2022-04-04 16:29 - 000000320 _____ C:\Users\PICHAU\.bash_history ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-05-04 23:51 - 2021-08-17 18:59 - 000000000 ____D C:\Users\PICHAU\AppData\Roaming\Blitz 2022-05-04 23:50 - 2019-12-27 17:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2022-05-04 23:21 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2022-05-04 23:01 - 2022-02-15 10:35 - 000003546 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-05-04 23:01 - 2022-02-15 10:35 - 000003352 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d8221c10f7783a 2022-05-04 23:01 - 2022-02-15 00:30 - 000003518 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2022-05-04 23:01 - 2022-02-15 00:30 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2022-05-04 23:01 - 2022-02-15 00:30 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2022-05-04 23:01 - 2022-02-15 00:30 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0 2022-05-04 23:01 - 2022-02-15 00:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2022-05-04 22:42 - 2020-04-02 23:21 - 000000000 ____D C:\Program Files (x86)\Google 2022-05-04 22:39 - 2022-02-15 00:33 - 001741824 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-05-04 22:39 - 2019-12-07 11:53 - 000752436 _____ C:\WINDOWS\system32\prfh0416.dat 2022-05-04 22:39 - 2019-12-07 11:53 - 000148550 _____ C:\WINDOWS\system32\prfc0416.dat 2022-05-04 22:35 - 2020-04-06 19:08 - 000000000 ____D C:\Users\PICHAU\AppData\Roaming\WTablet 2022-05-04 22:34 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-05-04 22:34 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-05-04 22:34 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-05-04 22:33 - 2021-05-18 07:10 - 000000032 _____ C:\Users\PICHAU\AppData\Roaming\.machineId 2022-05-04 22:32 - 2022-03-20 15:34 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2022-05-04 22:32 - 2022-02-15 00:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-05-04 22:32 - 2022-02-15 00:23 - 000008192 ___SH C:\DumpStack.log.tmp 2022-05-04 22:32 - 2020-04-02 23:14 - 000000000 ____D C:\ProgramData\Avast Software 2022-05-04 20:23 - 2020-03-19 08:40 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2022-05-04 20:23 - 2019-12-07 06:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2022-05-04 19:03 - 2021-03-09 08:43 - 000002369 _____ C:\Users\PICHAU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2022-05-04 19:03 - 2021-03-09 08:43 - 000002361 _____ C:\Users\PICHAU\Desktop\Microsoft Teams.lnk 2022-05-04 16:48 - 2020-04-08 05:06 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2022-05-04 16:04 - 2022-02-15 00:30 - 000000000 ____D C:\Users\PICHAU\AppData\Local\D3DSCache 2022-05-04 16:03 - 2022-02-15 00:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-05-04 16:00 - 2020-04-02 23:22 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-05-04 16:00 - 2020-04-02 23:22 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-05-04 15:26 - 2020-05-10 17:16 - 000000000 ____D C:\Users\PICHAU\AppData\Local\visualboyadvance-m 2022-05-02 20:51 - 2022-02-05 00:42 - 000000000 ____D C:\Users\PICHAU\Desktop\740026_Rafael_Pereira_Vilefort 2022-05-02 13:43 - 2020-08-30 17:44 - 000000000 ____D C:\Program Files\Microsoft Office 2022-05-01 19:29 - 2020-04-02 18:35 - 000000000 ____D C:\ProgramData\Riot Games 2022-04-30 08:42 - 2020-04-07 02:30 - 000000000 ____D C:\Users\PICHAU\AppData\Local\CrashDumps 2022-04-29 18:16 - 2022-02-15 00:23 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-04-29 18:16 - 2022-02-15 00:23 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-04-29 07:07 - 2020-06-08 15:57 - 000000000 ____D C:\Users\PICHAU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome 2022-04-27 11:14 - 2022-02-15 10:35 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2022-04-26 15:27 - 2020-06-28 16:03 - 000000000 ____D C:\Users\PICHAU\Desktop\nicks do lol 2022-04-20 14:45 - 2020-04-02 23:17 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2022-04-19 11:01 - 2022-02-15 00:30 - 000003932 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2022-04-19 11:00 - 2020-10-20 22:05 - 000269448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2022-04-19 11:00 - 2020-05-26 20:37 - 000546296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2022-04-19 11:00 - 2020-04-02 23:17 - 000855320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2022-04-19 11:00 - 2020-04-02 23:17 - 000556088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2022-04-19 11:00 - 2020-04-02 23:17 - 000378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2022-04-19 11:00 - 2020-04-02 23:17 - 000252984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2022-04-19 11:00 - 2020-04-02 23:17 - 000228912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2022-04-19 11:00 - 2020-04-02 23:17 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2022-04-19 11:00 - 2020-04-02 23:17 - 000100408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2022-04-19 11:00 - 2020-04-02 23:17 - 000083968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2022-04-19 11:00 - 2020-04-02 23:17 - 000042400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2022-04-19 11:00 - 2020-04-02 23:17 - 000036768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2022-04-19 11:00 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-04-16 13:20 - 2022-02-15 00:23 - 000289840 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-04-16 00:31 - 2022-03-20 15:29 - 000000000 ____D C:\Program Files\Hyper-V 2022-04-16 00:31 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-04-16 00:31 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-04-16 00:31 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-04-16 00:31 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-04-16 00:31 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-04-16 00:31 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-04-16 00:31 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-04-16 00:31 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-04-16 00:31 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-04-16 00:31 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-04-15 11:47 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-04-14 13:44 - 2021-11-24 19:37 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2022-04-14 13:44 - 2021-11-24 19:37 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk 2022-04-14 13:41 - 2020-04-02 18:06 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-04-14 13:38 - 2020-04-02 18:06 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-04-12 23:36 - 2022-03-31 16:11 - 000000906 _____ C:\Users\PICHAU\Desktop\HO05.txt 2022-04-10 02:13 - 2022-03-31 15:31 - 000000947 _____ C:\Users\PICHAU\Desktop\HO08.txt 2022-04-10 02:13 - 2022-03-29 16:34 - 000002138 _____ C:\Users\PICHAU\Desktop\HO07.txt 2022-04-08 20:19 - 2021-03-26 22:00 - 000000000 ____D C:\Users\PICHAU\Desktop\Twitter 2022-04-08 20:19 - 2020-04-13 19:49 - 000000000 ____D C:\Users\PICHAU\Desktop\Memes 2022-04-07 13:25 - 2022-02-14 23:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-04-05 16:58 - 2022-02-12 01:26 - 000000000 ____D C:\Users\PICHAU\AppData\Roaming\Code 2022-04-04 16:29 - 2022-02-15 00:24 - 000000000 ____D C:\Users\PICHAU ==================== Arquivos na raiz de alguns diretórios ======== 2021-05-18 07:10 - 2022-05-04 22:33 - 000000032 _____ () C:\Users\PICHAU\AppData\Roaming\.machineId 2020-04-09 19:10 - 2020-04-09 19:10 - 000000000 _____ () C:\Users\PICHAU\AppData\Local\oobelibMkey.log 2021-08-01 23:23 - 2021-08-01 23:23 - 000105987 _____ () C:\Users\PICHAU\AppData\Local\Temp663B69A8BB5D1E07033349377DDCE283_S_Dump_dxdb4cqs.zip 2021-10-08 07:00 - 2021-10-08 07:00 - 000000000 _____ () C:\Users\PICHAU\AppData\Local\{8EE4C379-AF25-4E44-9142-DF91DC9DECE7} ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================