Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 11-10-2022 Executado por papie (administrador) em FERNANDO (Micro-Star International Co., Ltd. MS-7C09) (12-10-2022 15:38:44) Executando a partir de C:\Users\papie\OneDrive\Área de Trabalho Perfis Carregados: papie Plataforma: Microsoft Windows 11 Home Versão 22H2 22621.608 (X64) Idioma: Português (Brasil) Navegador padrão: "C:\Users\papie\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1 Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5> (Avast Software s.r.o. -> AVAST Software) C:\Users\papie\AppData\Local\Avast Software\Browser\Update\1.8.1206.2\AvastBrowserCrashHandler.exe (Avast Software s.r.o. -> AVAST Software) C:\Users\papie\AppData\Local\Avast Software\Browser\Update\1.8.1206.2\AvastBrowserCrashHandler64.exe (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (C:\Users\papie\AppData\Local\Avast Software\Browser\Application\AvastBrowser.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (cmd.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastNM.exe (explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Users\papie\AppData\Local\Avast Software\Browser\Application\AvastBrowser.exe <38> (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe (svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Users\papie\AppData\Local\Avast Software\Browser\Update\AvastBrowserUpdate.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212192 2022-10-08] (Avast Software s.r.o. -> AVAST Software) HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-251233717-1086473509-1987898525-1001\...\Run: [Avast Browser] => C:\Users\papie\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\AvastBrowserUpdateCore.exe [498648 2022-10-10] (Avast Software s.r.o. -> AVAST Software) HKU\S-1-5-21-251233717-1086473509-1987898525-1001\...\Run: [AvastBrowserAutoLaunch_7B3561E4BF648214B81F9414C57309F5] => C:\Users\papie\AppData\Local\Avast Software\Browser\Application\AvastBrowser.exe [2974392 2022-09-14] (Avast Software s.r.o. -> AVAST Software) HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-10-01] (Microsoft Windows -> Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2022-10-09] ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {15AE29D4-A7D2-4732-87B6-1AAE82DA8F98} - System32\Tasks\Microsoft\Windows\Application Experience\SdbinstMergeDbTask => C:\WINDOWS\system32\sdbinst.exe [217088 2022-10-01] (Microsoft Windows -> Microsoft Corporation) Task: {182DCF2D-3436-40D0-9E19-5AE7EE6E97A7} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-07] (Microsoft Windows -> ) Task: {1E0F8825-065A-422D-A12D-DA7018A20D27} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-10-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1FDBB5EA-2714-4910-89A2-E7F7224905A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-10-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {35FBB882-767B-40A5-957F-D09252364A97} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4690136 2022-10-09] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid 095ebc9f-ca94-4d1d-87e7-f006a7d478c2 Task: {3C8A0F92-CD63-489C-826F-2F1DA7A3BD54} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2022-09-29] (Avast Software s.r.o. -> Avast Software) Task: {3FA66987-2774-4A0E-B287-C89DD012A4CD} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (Nenhum Arquivo) Task: {40F7E8DA-45C1-4FB6-8369-57C5CFED9755} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-10-08] (Avast Software s.r.o. -> Avast Software) Task: {475267A5-7E7C-4EE1-970D-E942CAA65C0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-10-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {75723C2F-64FB-4466-B90B-DAE8C148C0F7} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1213144 2022-10-09] (Avast Software s.r.o. -> AVAST Software) Task: {7844499A-4660-4764-964C-0E0DC26AAE5E} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-251233717-1086473509-1987898525-1001UA => C:\Users\papie\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-10-10] (Avast Software s.r.o. -> AVAST Software) Task: {8082D26A-4C6B-414B-998F-3277BA3C5E99} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-251233717-1086473509-1987898525-1001 => C:\Users\papie\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe [2974392 2022-09-14] (Avast Software s.r.o. -> AVAST Software) Task: {86EE7906-6957-4DCA-B3DA-5E9AEBB74730} - System32\Tasks\Microsoft\Windows\WlanSvc\MoProfileManagement => {085EDA12-CF4A-4944-8222-8ADCADE137CB} C:\Windows\System32\WlanMediaManager.dll [897024 2022-10-01] (Microsoft Windows -> Microsoft Corporation) "C:\Windows\System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask" não pode ser desbloqueado. <==== ATENÇÃO Task: {95DDD589-1F40-4EAC-BA90-57E40E0096DA} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask Task: {BBECFED5-AA1E-471A-B113-330F408900E1} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4946144 2022-10-08] (Avast Software s.r.o. -> AVAST Software) Task: {BF735210-C137-478C-B879-AB60025F5758} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-10-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D271E429-FDBA-49C7-9C9A-582A05EC3984} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-251233717-1086473509-1987898525-1001Core => C:\Users\papie\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-10-10] (Avast Software s.r.o. -> AVAST Software) Task: {DC7067D0-3C99-4DAB-B606-A1C110ABC6A8} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc Task: {DDD4A578-959A-4C61-81D4-34F843267F5A} - System32\Tasks\Microsoft\Windows\CloudRestore\Restore => {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} C:\WINDOWS\system32\CloudRestoreLauncher.dll [245760 2022-10-01] (Microsoft Windows -> Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 181.213.132.4 181.213.132.5 Tcpip\..\Interfaces\{793e88ce-126c-4e8c-98ec-c15ecd4a2f32}: [DhcpNameServer] 181.213.132.4 181.213.132.5 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\papie\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-11] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\papie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2022-10-10] Edge Extension: (Avast Online Security & Privacy) - C:\Users\papie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2022-10-09] FireFox: ======== FF Plugin HKU\S-1-5-21-251233717-1086473509-1987898525-1001: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\papie\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [2022-10-10] (Avast Software s.r.o. -> AVAST Software) FF Plugin HKU\S-1-5-21-251233717-1086473509-1987898525-1001: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\papie\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [2022-10-10] (Avast Software s.r.o. -> AVAST Software) ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8513552 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592608 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2018528 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592096 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-10-08] (Avast Software s.r.o. -> AVAST Software) S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-01] (Microsoft Windows -> Microsoft Corporation) R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9332952 2022-10-09] (Avast Software s.r.o. -> AVAST Software) R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-01] (Microsoft Windows -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-10-09] (Microsoft Windows Publisher -> Microsoft Corporation) R3 webthreatdefsvc; C:\WINDOWS\System32\webthreatdefsvc.dll [163840 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S2 webthreatdefusersvc; C:\WINDOWS\System32\webthreatdefusersvc.dll [135168 2022-10-01] (Microsoft Windows -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-10-09] (Microsoft Windows Publisher -> Microsoft Corporation) R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137544 2022-10-01] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35360 2022-06-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0383491.inf_amd64_5f76bb7041acdca3\B383382\amdkmdag.sys [94458232 2022-09-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238128 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258496 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105920 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [24528 2022-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48488 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276496 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [558536 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114488 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90000 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862960 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671712 2022-10-08] (Avast Software s.r.o. -> AVAST Software) S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221976 2022-10-08] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327904 2022-10-08] (Avast Software s.r.o. -> AVAST Software) S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [65944 2022-10-09] (Avast Software s.r.o. -> Avast Software) R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-01] (Microsoft Windows -> Microsoft Corporation) S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation) S3 logi_generic_hid_filter; C:\WINDOWS\system32\drivers\logi_generic_hid_filter.sys [62288 2022-09-26] (Logitech Inc -> Logitech) S3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-26] (Logitech Inc -> Logitech) S3 logi_joy_hid_filter; C:\WINDOWS\system32\drivers\logi_joy_hid_filter.sys [63824 2022-09-26] (Logitech Inc -> Logitech) S3 logi_joy_hid_lo; C:\WINDOWS\system32\drivers\logi_joy_hid_lo.sys [51536 2022-09-26] (Logitech Inc -> Logitech) S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-26] (Logitech Inc -> Logitech) S3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-26] (Logitech Inc -> Logitech) S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.) S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> ) R1 steamxbox; C:\WINDOWS\System32\drivers\steamxbox.sys [232792 2021-09-05] (Valve Corp. -> Valve Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-10-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-10-09] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-10-09] (Microsoft Windows -> Microsoft Corporation) R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-10-01] (Microsoft Windows -> Microsoft Corporation) U1 aswbdisk; não ImagePath ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation) ==================== Três meses (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-10-12 15:34 - 2022-10-12 15:34 - 008791352 _____ (Malwarebytes) C:\Users\papie\Downloads\adwcleaner (1).exe 2022-10-11 16:40 - 2022-10-11 16:40 - 000360000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_2701474ea_klark.sys 2022-10-11 16:40 - 2022-10-11 16:40 - 000270672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_2701474ea_mark.sys 2022-10-11 16:39 - 2022-10-11 16:39 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\2701474e.sys 2022-10-11 16:39 - 2022-10-11 16:39 - 000000000 ____D C:\KVRT2020_Data 2022-10-11 16:19 - 2022-10-11 16:20 - 105811008 _____ (AO Kaspersky Lab) C:\Users\papie\Downloads\KVRT.exe 2022-10-10 15:26 - 2022-10-10 15:26 - 000004074 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-251233717-1086473509-1987898525-1001 2022-10-10 15:26 - 2022-10-10 15:26 - 000002693 _____ C:\Users\papie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2022-10-10 15:25 - 2022-10-10 15:25 - 000003886 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskUserS-1-5-21-251233717-1086473509-1987898525-1001UA 2022-10-10 15:25 - 2022-10-10 15:25 - 000003618 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskUserS-1-5-21-251233717-1086473509-1987898525-1001Core 2022-10-10 15:22 - 2022-10-10 15:22 - 000768140 _____ C:\WINDOWS\system32\prfh0416.dat 2022-10-10 15:22 - 2022-10-10 15:22 - 000154268 _____ C:\WINDOWS\system32\prfc0416.dat 2022-10-10 15:06 - 2022-10-12 15:38 - 000000000 ____D C:\FRST 2022-10-10 14:54 - 2022-10-10 14:55 - 000000000 ____D C:\AdwCleaner 2022-10-10 14:52 - 2022-10-10 14:52 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\papie\Downloads\rkill.exe 2022-10-10 14:51 - 2022-10-10 14:52 - 002372096 _____ (Farbar) C:\Users\papie\Downloads\FRST64.exe 2022-10-10 14:48 - 2022-10-10 14:48 - 008791352 _____ (Malwarebytes) C:\Users\papie\Downloads\adwcleaner.exe 2022-10-09 18:00 - 2022-10-10 00:41 - 000002006 _____ C:\WINDOWS\ntbtlog.txt 2022-10-09 17:11 - 2022-10-09 17:11 - 016995528 _____ (NortonLifeLock Inc.) C:\Users\papie\Downloads\NPE.exe 2022-10-09 17:01 - 2022-10-12 15:34 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update 2022-10-09 17:01 - 2022-10-09 17:01 - 000065944 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys 2022-10-09 17:01 - 2022-10-09 17:01 - 000037200 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe 2022-10-09 17:01 - 2022-10-09 17:01 - 000002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk 2022-10-09 16:11 - 2022-10-09 16:11 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2022-10-09 15:35 - 2022-10-09 17:11 - 000000000 ____D C:\Users\papie\AppData\Local\NPE 2022-10-09 15:35 - 2022-10-09 15:35 - 000000000 ____D C:\ProgramData\Norton 2022-10-09 10:07 - 2022-10-09 10:07 - 000000000 ___RD C:\Users\papie\OneDrive\Documentos\Microsoft.SecHealthUI_8wekyb3d8bbwe!SecHealthUI 2022-10-09 09:41 - 2022-10-10 15:05 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2022-10-09 09:40 - 2022-10-09 09:40 - 000000000 ____D C:\WINDOWS\pss 2022-10-09 00:06 - 2022-10-09 00:13 - 000000000 ____D C:\Program Files (x86)\Google 2022-10-09 00:06 - 2022-10-09 00:06 - 000000000 ____D C:\Users\papie\AppData\Local\Google 2022-10-08 23:37 - 2022-10-08 23:37 - 000000000 ____D C:\Users\papie\AppData\Local\cache 2022-10-08 23:32 - 2022-10-08 23:32 - 000000000 ____D C:\Users\papie\AppData\Local\OneDrive 2022-10-08 23:26 - 2022-10-10 14:29 - 000001575 _____ C:\WINDOWS\system32\config\VSMIDK 2022-10-08 23:26 - 2022-10-08 23:26 - 000000000 ____D C:\WINDOWS\system32\gf2engine 2022-10-08 23:21 - 2022-10-08 23:21 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk 2022-10-08 23:21 - 2022-10-08 23:14 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2022-10-08 23:15 - 2022-10-10 15:25 - 000000000 ____D C:\Users\papie\AppData\Local\Avast Software 2022-10-08 23:15 - 2022-10-08 23:15 - 000000000 ____D C:\Users\papie\AppData\Roaming\Avast Software 2022-10-08 23:15 - 2022-10-08 23:15 - 000000000 ____D C:\Users\papie\AppData\Local\CEF 2022-10-08 23:14 - 2022-10-12 15:29 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2022-10-08 23:14 - 2022-10-09 17:01 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2022-10-08 23:14 - 2022-10-08 23:14 - 000862960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000671712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000558536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000327904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000276496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000258496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000238128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000221976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000114488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000105920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000090000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000048488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2022-10-08 23:14 - 2022-10-08 23:14 - 000024528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys 2022-10-08 23:03 - 2022-10-09 17:01 - 000000000 ____D C:\Program Files\Avast Software 2022-10-08 22:59 - 2022-10-10 15:15 - 000000000 ____D C:\ProgramData\Avast Software 2022-10-08 22:58 - 2022-10-08 22:58 - 000000000 ____D C:\Users\papie\AppData\Local\VirtualStore 2022-10-08 22:51 - 2022-10-08 22:51 - 000000000 ___HD C:\$WinREAgent 2022-10-08 22:48 - 2022-10-08 22:49 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-10-08 22:41 - 2022-10-08 22:41 - 000000000 ____D C:\Users\papie\AppData\Local\Comms 2022-10-08 22:25 - 2022-10-08 22:25 - 000000000 ____D C:\Users\papie\Doctor Web 2022-10-08 22:25 - 2022-10-08 22:25 - 000000000 ____D C:\Users\papie\AppData\Local\Publishers 2022-10-08 22:22 - 2022-10-08 22:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Doctor Web 2022-10-08 22:19 - 2022-10-08 23:10 - 000000000 ____D C:\Program Files\DrWeb 2022-10-08 22:17 - 2022-10-08 23:10 - 000000000 ____D C:\ProgramData\Doctor Web 2022-10-08 22:15 - 2022-10-08 23:37 - 000000000 ____D C:\Users\papie\AppData\Local\mbam 2022-10-08 22:13 - 2022-10-08 22:13 - 000000000 ____D C:\Program Files\Malwarebytes 2022-10-08 22:12 - 2022-10-12 15:30 - 000000000 ___RD C:\Users\papie\OneDrive 2022-10-08 22:12 - 2022-10-11 15:22 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-251233717-1086473509-1987898525-1001 2022-10-08 22:12 - 2022-10-11 15:22 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-251233717-1086473509-1987898525-1001 2022-10-08 22:12 - 2022-10-11 15:22 - 000002385 _____ C:\Users\papie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-10-08 22:12 - 2022-10-08 22:12 - 000000000 ___HD C:\OneDriveTemp 2022-10-08 22:12 - 2022-10-08 22:12 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2022-10-08 22:11 - 2022-10-10 15:22 - 001773120 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-10-08 22:11 - 2022-10-10 00:18 - 000000000 ____D C:\Users\papie\AppData\Local\PlaceholderTileLogoFolder 2022-10-08 22:11 - 2022-10-08 22:11 - 000000000 ____D C:\Users\papie\AppData\LocalLow\AMD 2022-10-08 22:10 - 2022-10-11 17:43 - 000000000 ____D C:\Users\papie\AppData\Local\D3DSCache 2022-10-08 22:10 - 2022-10-10 00:20 - 000000000 ____D C:\Users\papie\AppData\Local\Packages 2022-10-08 22:10 - 2022-10-09 17:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2022-10-08 22:10 - 2022-10-08 22:24 - 000000000 ____D C:\Users\papie\AppData\Local\ConnectedDevicesPlatform 2022-10-08 22:10 - 2022-10-08 22:11 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-10-08 22:10 - 2022-10-08 22:10 - 000000000 ____D C:\Users\papie\AppData\Roaming\Adobe 2022-10-08 22:10 - 2022-10-08 22:10 - 000000000 ____D C:\Users\papie\AppData\Local\AMD 2022-10-08 22:09 - 2022-10-09 15:32 - 000000000 ____D C:\Users\papie 2022-10-08 22:09 - 2022-10-08 22:09 - 000000020 ___SH C:\Users\papie\ntuser.ini 2022-10-08 22:09 - 2022-10-08 22:09 - 000000000 _SHDL C:\Users\papie\Modelos 2022-10-08 22:09 - 2022-10-08 22:09 - 000000000 _SHDL C:\Users\papie\Meus Documentos 2022-10-08 22:09 - 2022-10-08 22:09 - 000000000 _SHDL C:\Users\papie\Menu Iniciar 2022-10-08 22:09 - 2022-10-08 22:09 - 000000000 _SHDL C:\Users\papie\Dados de Aplicativos 2022-10-08 22:09 - 2022-10-08 22:09 - 000000000 _SHDL C:\Users\papie\Configurações Locais 2022-10-08 22:09 - 2022-10-08 22:09 - 000000000 _SHDL C:\Users\papie\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2022-10-08 22:09 - 2022-10-08 22:09 - 000000000 _SHDL C:\Users\papie\AppData\Local\Histórico 2022-10-08 22:09 - 2022-10-08 22:09 - 000000000 _SHDL C:\Users\papie\AppData\Local\Dados de Aplicativos 2022-10-08 22:09 - 2022-10-08 22:09 - 000000000 _SHDL C:\Users\papie\Ambiente de Rede 2022-10-08 22:09 - 2022-10-08 22:09 - 000000000 _SHDL C:\Users\papie\Ambiente de Impressão 2022-10-08 22:09 - 2022-05-07 02:19 - 000001281 _____ C:\Users\papie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk 2022-10-08 22:09 - 2022-05-07 02:19 - 000000407 _____ C:\Users\papie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk 2022-10-08 21:11 - 2022-10-08 22:57 - 000000000 ____D C:\ProgramData\Packages 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Usuário Padrão 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Todos os Usuários 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Default\Modelos 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Default\Meus Documentos 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Default\Menu Iniciar 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Default\Dados de Aplicativos 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Default\Configurações Locais 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Default\AppData\Local\Histórico 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Default\Ambiente de Rede 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Users\Default\Ambiente de Impressão 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\ProgramData\Modelos 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\ProgramData\Menu Iniciar 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\ProgramData\Documentos 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\ProgramData\Dados de Aplicativos 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Program Files\Common Files\Sistema 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Program Files\Arquivos Comuns 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Documents and Settings 2022-10-08 21:11 - 2022-10-08 21:11 - 000000000 _SHDL C:\Arquivos de Programas 2022-10-08 21:09 - 2022-10-12 15:35 - 000003750 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{338399A6-58B6-4520-9B93-C8757673418B} 2022-10-08 21:09 - 2022-10-12 15:35 - 000003626 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{304DD72A-A96D-4908-93CA-BC15A7677FA4} 2022-10-08 21:09 - 2022-10-10 15:05 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2022-10-08 21:09 - 2022-10-08 21:11 - 000000000 ____D C:\Program Files\AMD 2022-10-08 21:09 - 2022-10-08 21:09 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-10-08 21:08 - 2022-10-11 15:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-10-08 21:08 - 2022-10-10 15:15 - 000012288 ___SH C:\DumpStack.log.tmp 2022-10-08 21:08 - 2022-10-10 15:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-10-08 21:08 - 2022-10-09 09:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-10-08 21:08 - 2022-10-08 21:11 - 000000000 ____D C:\WINDOWS\system32\AMD 2022-10-08 21:08 - 2022-10-08 21:08 - 000294872 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-10-08 21:08 - 2022-10-08 21:08 - 000000000 ____D C:\WINDOWS\system32\config\BFS 2022-10-08 21:08 - 2022-10-08 21:08 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2022-10-08 21:05 - 2022-10-08 21:11 - 000000000 ____D C:\WINDOWS\Panther 2022-10-08 21:05 - 2022-10-08 21:05 - 000000000 ____D C:\WINDOWS\OEM 2022-10-08 21:04 - 2022-10-08 22:05 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2022-10-08 21:04 - 2022-10-08 21:04 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\Setup 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\addins 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\ProgramData\ssh 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\Program Files\Reference Assemblies 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\Program Files\MSBuild 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2022-10-08 21:04 - 2022-10-08 21:04 - 000000000 ____D C:\Program Files (x86)\MSBuild 2022-10-08 21:03 - 2022-10-08 21:03 - 000328664 _____ C:\WINDOWS\system32\prfi0416.dat 2022-10-08 21:03 - 2022-10-08 21:03 - 000040858 _____ C:\WINDOWS\system32\prfd0416.dat 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\0409 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\winrm 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\WCN 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\slmgr 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\0409 2022-10-08 21:03 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\DigitalLocker 2022-10-08 21:01 - 2022-10-12 15:38 - 000000000 ____D C:\WINDOWS\INF 2022-10-08 21:01 - 2022-10-12 15:34 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-10-08 21:01 - 2022-10-12 15:28 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-08 21:01 - 2022-10-11 18:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2022-10-08 21:01 - 2022-10-11 15:22 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-08 21:01 - 2022-10-10 22:41 - 000000000 ____D C:\WINDOWS\appcompat 2022-10-08 21:01 - 2022-10-09 15:51 - 000000000 ____D C:\WINDOWS\system32\NDF 2022-10-08 21:01 - 2022-10-09 15:49 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-10-08 21:01 - 2022-10-09 09:55 - 000000000 ____D C:\Program Files\Windows Defender 2022-10-08 21:01 - 2022-10-09 00:06 - 000000000 ___RD C:\Program Files (x86) 2022-10-08 21:01 - 2022-10-08 22:25 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-10-08 21:01 - 2022-10-08 22:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-10-08 21:01 - 2022-10-08 22:05 - 000000000 ____D C:\WINDOWS\system32\spool 2022-10-08 21:01 - 2022-10-08 22:05 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2022-10-08 21:01 - 2022-10-08 22:05 - 000000000 ____D C:\ProgramData\USOPrivate 2022-10-08 21:01 - 2022-10-08 21:12 - 000000000 ____D C:\WINDOWS\ServiceState 2022-10-08 21:01 - 2022-10-08 21:11 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2022-10-08 21:01 - 2022-10-08 21:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2022-10-08 21:01 - 2022-10-08 21:11 - 000000000 ____D C:\Program Files\Windows NT 2022-10-08 21:01 - 2022-10-08 21:08 - 000000000 ____D C:\WINDOWS\system32\config\TxR 2022-10-08 21:01 - 2022-10-08 21:05 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\SystemResources 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\system32\vi-VN 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\system32\setup 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\system32\MUI 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\system32\id-ID 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\system32\gl-ES 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\system32\eu-ES 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\system32\ca-ES 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-10-08 21:01 - 2022-10-08 21:04 - 000000000 ____D C:\WINDOWS\OCR 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ___SD C:\WINDOWS\system32\F12 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ___SD C:\WINDOWS\system32\dsc 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\system32\Com 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\IME 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\Help 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\WINDOWS\BrowserCore 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\Program Files\Common Files\System 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\Program Files (x86)\Windows NT 2022-10-08 21:01 - 2022-10-08 21:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 __SHD C:\Program Files\Windows Sidebar 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 __RHD C:\Users\Public\Libraries 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ___SD C:\WINDOWS\system32\UNP 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ___SD C:\WINDOWS\system32\Nui 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ___SD C:\WINDOWS\system32\lxss 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ___SD C:\WINDOWS\system32\Configuration 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\WUModels 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Web 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\WaaS 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Vss 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\UUS 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\tracing 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\TAPI 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\ras 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SystemApps 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\winevt 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ras 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ProximityToast 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\PointOfService 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\Pbr 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\Keywords 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\Ipmi 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\IME 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\icsxml 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\ias 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\Hydrogen 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\DriverState 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\downlevel 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\config\RegBack 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\config\Journal 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\Bthprops 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\appraiser 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\System 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SKB 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\security 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\schemas 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\SchCache 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Resources 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\rescache 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Registration 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Provisioning 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\PLA 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Performance 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\ModemLogs 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Media 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\L2Schemas 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\InputMethod 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\IdentityCRL 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Globalization 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\DiagTrack 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Cursors 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Containers 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\Branding 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\ProgramData\USOShared 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\Program Files\ModifiableWindowsApps 2022-10-08 21:01 - 2022-10-08 21:01 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2022-10-08 21:01 - 2022-10-08 21:00 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2022-10-08 21:01 - 2022-10-08 21:00 - 000215943 _____ C:\WINDOWS\system32\dssec.dat 2022-10-08 21:01 - 2022-10-08 21:00 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll 2022-10-08 21:01 - 2022-10-08 21:00 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2022-10-08 21:01 - 2022-10-08 21:00 - 000023649 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2022-10-08 21:01 - 2022-10-08 21:00 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services 2022-10-08 21:01 - 2022-10-08 21:00 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2022-10-08 21:01 - 2022-10-08 21:00 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config 2022-10-08 21:01 - 2022-10-08 21:00 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config 2022-10-08 21:01 - 2022-10-08 21:00 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2022-10-08 21:01 - 2022-10-08 21:00 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2022-10-08 21:01 - 2022-10-08 21:00 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2022-10-08 21:01 - 2022-10-08 21:00 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT 2022-10-08 21:01 - 2022-10-08 21:00 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2022-10-08 21:01 - 2022-10-08 21:00 - 000000219 _____ C:\WINDOWS\system.ini 2022-10-08 21:01 - 2022-10-08 21:00 - 000000092 _____ C:\WINDOWS\win.ini 2022-10-08 20:59 - 2022-10-11 15:27 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-10-08 20:58 - 2022-10-10 15:14 - 072089600 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-10-08 20:58 - 2022-10-10 15:14 - 014680064 _____ C:\WINDOWS\system32\config\SYSTEM 2022-10-08 20:58 - 2022-10-10 15:14 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT 2022-10-08 20:58 - 2022-10-10 15:14 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-10-08 20:58 - 2022-10-10 15:14 - 000131072 _____ C:\WINDOWS\system32\config\SAM 2022-10-08 20:58 - 2022-10-10 15:14 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY 2022-10-08 20:58 - 2022-10-08 23:13 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-10-08 20:58 - 2022-10-08 22:40 - 000000000 ____D C:\WINDOWS\servicing 2022-10-08 20:58 - 2022-10-08 21:01 - 000000000 ____D C:\WINDOWS\system32\SMI 2022-10-08 20:56 - 2022-10-09 10:27 - 000000000 ___HD C:\$SysReset 2022-10-06 22:02 - 2022-09-14 13:06 - 000113080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys 2022-10-01 15:18 - 2022-10-01 15:18 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-10-01 15:17 - 2022-10-01 15:17 - 002575632 ____R (The ICU Project) C:\WINDOWS\system32\icu.dll 2022-10-01 15:17 - 2022-10-01 15:17 - 002088728 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll 2022-10-01 15:17 - 2022-10-01 15:17 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll 2022-10-01 15:17 - 2022-10-01 15:17 - 000062800 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe 2022-10-01 15:17 - 2022-10-01 15:17 - 000055144 _____ C:\WINDOWS\system32\SFAPE.dll 2022-10-01 15:17 - 2022-10-01 15:17 - 000046888 _____ C:\WINDOWS\system32\wow64base.dll 2022-10-01 15:17 - 2022-10-01 15:17 - 000016539 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-09-26 14:03 - 2022-09-26 14:03 - 000073040 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_xlcore.sys 2022-09-26 14:03 - 2022-09-26 14:03 - 000063824 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_hid_filter.sys 2022-09-26 14:03 - 2022-09-26 14:03 - 000062288 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_generic_hid_filter.sys 2022-09-26 14:03 - 2022-09-26 14:03 - 000051536 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_hid_lo.sys 2022-09-26 14:03 - 2022-09-26 14:03 - 000044880 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_bus_enum.sys 2022-09-26 14:03 - 2022-09-26 14:03 - 000032080 _____ (Logitech) C:\WINDOWS\system32\Drivers\logi_joy_vir_hid.sys 2022-09-20 15:30 - 2022-09-20 15:30 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-09-20 15:30 - 2022-09-20 15:30 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe 2022-09-20 15:29 - 2022-09-20 15:29 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-09-20 15:29 - 2022-09-20 15:29 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll 2022-09-20 15:29 - 2022-09-20 15:29 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe 2022-09-20 15:29 - 2022-09-20 15:29 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 001975168 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2022-09-14 13:13 - 2022-09-14 13:13 - 001975168 _____ C:\WINDOWS\system32\vulkaninfo.exe 2022-09-14 13:13 - 2022-09-14 13:13 - 001531760 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2022-09-14 13:13 - 2022-09-14 13:13 - 001531760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2022-09-14 13:13 - 2022-09-14 13:13 - 001456976 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 001456976 _____ C:\WINDOWS\system32\vulkan-1.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 001168552 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 001168552 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000801120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000678248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000604008 _____ C:\WINDOWS\system32\GameManager64.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000538976 _____ C:\WINDOWS\system32\dgtrayicon.exe 2022-09-14 13:13 - 2022-09-14 13:13 - 000502120 _____ C:\WINDOWS\system32\EEURestart.exe 2022-09-14 13:13 - 2022-09-14 13:13 - 000457560 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000360832 _____ C:\WINDOWS\system32\clinfo.exe 2022-09-14 13:13 - 2022-09-14 13:13 - 000206184 _____ C:\WINDOWS\system32\mantle64.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000185704 _____ C:\WINDOWS\system32\mantleaxl64.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000163168 _____ C:\WINDOWS\SysWOW64\mantle32.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000147304 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000051056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000047976 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000043752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2022-09-14 13:13 - 2022-09-14 13:13 - 000043752 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2022-09-14 13:12 - 2022-09-14 13:12 - 000183696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2022-09-14 13:12 - 2022-09-14 13:12 - 000146808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 001988968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 001516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 001516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 000937840 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2022-09-14 13:10 - 2022-09-14 13:10 - 000535400 _____ C:\WINDOWS\system32\atieah64.exe 2022-09-14 13:10 - 2022-09-14 13:10 - 000472952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 000404336 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2022-09-14 13:10 - 2022-09-14 13:10 - 000266104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 000226656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 000210104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 000172976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 000170880 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 000144232 _____ C:\WINDOWS\system32\atidxx64.dll 2022-09-14 13:10 - 2022-09-14 13:10 - 000118136 _____ C:\WINDOWS\SysWOW64\atidxx32.dll 2022-09-14 13:09 - 2022-09-14 13:09 - 075133320 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll 2022-09-14 13:09 - 2022-09-14 13:09 - 000142184 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2022-09-14 13:09 - 2022-09-14 13:09 - 000118144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2022-09-14 13:09 - 2022-09-14 13:09 - 000074632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll 2022-09-14 13:08 - 2022-09-14 13:08 - 091449728 _____ C:\WINDOWS\system32\amd_comgr.dll 2022-09-14 13:07 - 2022-09-14 13:07 - 000138088 _____ C:\WINDOWS\system32\amdxc64.dll 2022-09-14 13:07 - 2022-09-14 13:07 - 000113520 _____ C:\WINDOWS\SysWOW64\amdxc32.dll 2022-09-14 13:06 - 2022-09-14 13:06 - 000942952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2022-09-14 13:06 - 2022-09-14 13:06 - 000770944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2022-09-14 13:06 - 2022-09-14 13:06 - 000470920 _____ C:\WINDOWS\system32\amdlogum.exe 2022-09-14 13:05 - 2022-09-14 13:05 - 000231752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll 2022-09-14 13:05 - 2022-09-14 13:05 - 000186904 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 010567544 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 001719776 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 001395760 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 000568192 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 000567696 _____ C:\WINDOWS\system32\amdmiracast.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 000431992 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 000176928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 000167000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 000166984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 000151072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 000136424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2022-09-14 13:04 - 2022-09-14 13:04 - 000136424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2022-09-14 12:38 - 2022-09-14 12:38 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin 2022-09-14 12:38 - 2022-09-14 12:38 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin 2022-09-14 12:38 - 2022-09-14 12:38 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin 2022-09-14 12:38 - 2022-09-14 12:38 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin 2022-09-14 12:37 - 2022-09-14 12:37 - 080459712 _____ C:\WINDOWS\system32\amdxc64.so 2022-09-14 12:37 - 2022-09-14 12:37 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2022-09-14 12:37 - 2022-09-14 12:37 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2022-09-14 12:37 - 2022-09-14 12:37 - 000580288 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2022-09-14 12:37 - 2022-09-14 12:37 - 000580288 _____ C:\WINDOWS\system32\atiapfxx.blb 2022-09-14 12:37 - 2022-09-14 12:37 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat 2022-09-14 12:37 - 2022-09-14 12:37 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat 2022-09-14 12:37 - 2022-09-14 12:37 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat 2022-09-14 12:37 - 2022-09-14 12:37 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat 2022-09-14 12:37 - 2022-09-14 12:37 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man 2022-08-13 16:10 - 2018-12-23 23:09 - 009362376 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys 2022-08-13 16:10 - 2018-12-23 19:01 - 000080458 _____ C:\WINDOWS\system32\Drivers\rtldata.txt 2022-08-13 16:10 - 2018-12-23 19:01 - 000006470 _____ C:\WINDOWS\system32\Drivers\TXPWR_LMT_T4E.txt 2022-08-13 16:10 - 2018-12-23 19:01 - 000004868 _____ C:\WINDOWS\system32\Drivers\PBR_T4E.txt 2022-08-04 17:21 - 2021-09-05 13:16 - 000232792 _____ (Valve Corporation) C:\WINDOWS\system32\Drivers\steamxbox.sys 2022-07-22 00:31 - 2022-07-22 00:31 - 000247240 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys ==================== Três meses (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) ==================== FLock ============================== 2022-10-08 21:01 C:\WINDOWS\system32\WebThreatDefSvc ==================== SigCheckExt ========================= 2022-10-10 14:51 - 2022-10-10 14:52 - 002372096 _____ (Farbar) C:\Users\papie\Downloads\FRST64.exe ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== BCD ================================ Gerenciador de Inicializa‡Æo de Firmware ---------------------------------------- identificador {fwbootmgr} displayorder {bootmgr} {2549ade5-1371-11ed-b5d8-ec327e74538b} timeout 1 Gerenciador de Inicializa‡Æo do Windows --------------------------------------- identificador {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale pt-BR inherit {globalsettings} default {current} resumeobject {16f2e91c-4766-11ed-889a-bb0dd48de398} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Aplicativo de Firmware (101fffff) --------------------------------- identificador {2549ade5-1371-11ed-b5d8-ec327e74538b} description Hard Drive Carregador de Inicializa‡Æo do Windows -------------------------------------- identificador {current} device partition=C: path \WINDOWS\system32\winload.efi description Windowsÿ11 locale pt-BR inherit {bootloadersettings} recoverysequence {2549adef-1371-11ed-b5d8-ec327e74538b} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {16f2e91c-4766-11ed-889a-bb0dd48de398} nx OptIn bootmenupolicy Standard Carregador de Inicializa‡Æo do Windows -------------------------------------- identificador {2549adef-1371-11ed-b5d8-ec327e74538b} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{2549adf0-1371-11ed-b5d8-ec327e74538b} path \windows\system32\winload.efi description Windows Recovery Environment locale pt-BR inherit {bootloadersettings} displaymessage Recovery displaymessageoverride PushButtonReset osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{2549adf0-1371-11ed-b5d8-ec327e74538b} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Continuar da Hiberna‡Æo ----------------------- identificador {16f2e91c-4766-11ed-889a-bb0dd48de398} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale pt-BR inherit {resumeloadersettings} recoverysequence {2549adef-1371-11ed-b5d8-ec327e74538b} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testador de Mem¢ria do Windows ------------------------------ identificador {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagn¢stico de Mem¢ria do Windows locale pt-BR inherit {globalsettings} badmemoryaccess Yes Configura‡äes de EMS -------------------- identificador {emssettings} bootems No Configura‡äes do Depurador -------------------------- identificador {dbgsettings} debugtype Local Defeitos de RAM --------------- identificador {badmemory} Configura‡äes Globais --------------------- identificador {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Configura‡äes do Carregador de Inicializa‡Æo -------------------------------------------- identificador {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Configura‡äes do Hypervisor --------------------------- identificador {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Configura‡äes do Carregador de Retorno -------------------------------------- identificador {resumeloadersettings} inherit {globalsettings} Op‡äes de dispositivo --------------------- identificador {2549adf0-1371-11ed-b5d8-ec327e74538b} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fim de FRST.txt ========================