Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 16-10-2022 Executado por renat (administrador) em LAPTOP-PV8TKARA (Acer Aspire F5-573G) (23-10-2022 01:27:24) Executando a partir de C:\temp Perfis Carregados: renat Plataforma: Microsoft Windows 10 Home Single Language Versão 21H1 19043.2130 (X64) Idioma: Português (Brasil) Navegador padrão: FF Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3> (C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <2> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (services.exe ->) (International Business Machines Corporation -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <3> (services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1873976 2017-01-20] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212192 2022-09-26] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrição <==== ATENÇÃO HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\Run: [MicrosoftEdgeAutoLaunch_3589EAC0EA64E8DB89B4D1FC1ACEA683] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2014-07-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2014-07-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\...\Policies\Explorer: [] HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\LMUD1O4C: C:\Windows\System32\spool\prtprocs\x64\LMUD1O4C.DLL [276480 2019-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.) HKLM\...\Windows x64\Print Processors\LXKPTPRC: C:\Windows\System32\spool\prtprocs\x64\LXKPTPRC.DLL [56320 2012-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.) HKLM\...\Print\Monitors\CutePDF Writer Monitor v3.2: C:\Windows\system32\cpwmon64_v32.dll [90096 2017-05-26] (Acro Software Inc -> ) HKLM\...\Print\Monitors\EPSON L355 Series 64MonitorBE: C:\Windows\system32\E_YLMI4E.DLL [120320 2011-04-19] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [558080 2011-08-30] (SEIKO EPSON CORPORATION) [Arquivo não assinado] HKLM\...\Print\Monitors\Lexmark Travel Print Port: C:\Windows\system32\LMabtppm.dll [212992 2019-03-20] () [Arquivo não assinado] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-23] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-09-02] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH) BootExecute: autocheck autochk * HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {193D22B0-7FA6-4492-A279-479A053330FB} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4946144 2022-09-26] (Avast Software s.r.o. -> AVAST Software) Task: {2037409C-7775-4397-B2C5-264865F49258} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [643640 2017-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2C865D28-52E9-45A5-8998-C6A8887C8CF5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [643640 2017-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2CA3CE1F-6FFD-4E77-92C3-936FAE8C508D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform) Task: {2CEE189B-7BE0-434D-B7CC-2E00D440C828} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {31A874F0-E606-4CB4-9FE2-59B6A9BABD73} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [666552 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {3432BE69-8AEF-472B-BEFD-ACD5D6CC2F33} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [716344 2017-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {362938CE-6DC7-4F58-A33A-1DFB9B249C89} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (Nenhum Arquivo) Task: {4450CF20-7122-4DEC-B1EF-A24C605F072E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-20] (Google LLC -> Google LLC) Task: {54F72235-ECC5-47D0-B1F4-5527FB6E9513} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116112 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {57FFB57F-C75A-404F-A96A-729794E6F261} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-ECLB3.tmp\corefixer.exe /norerun (Nenhum Arquivo) <==== ATENÇÃO Task: {6ACADF08-61F4-4D2A-B73D-D35ABF2A87A9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {6BC7EEAF-36EA-488C-8053-BD30BD6CEC51} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [716344 2017-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7CF661EC-70D0-409B-87B7-9215695D10B0} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {8154B53F-EEF3-454F-AA91-0D69323E3ADF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-09-04] (Avast Software s.r.o. -> Avast Software) Task: {863EFE6B-9093-4188-B7B9-AA8C03BEC7CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116112 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {8D56143F-9B83-4877-AC4A-28E895A5D94E} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (Nenhum Arquivo) Task: {9AE5F947-ECB5-4A92-89AC-109212F88504} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [437816 2017-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C0D318DA-239E-4261-B6C0-51EC98126EFB} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task (Nenhum Arquivo) Task: {C44A3E5D-1EFA-4D39-8943-8096AFFE2E64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-20] (Google LLC -> Google LLC) Task: {CA123FD3-F2EF-48ED-88C3-E6071EEE14DD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-20] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {CFAC506B-1477-4ED3-AF4F-B53CB807AD77} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe (Nenhum Arquivo) Task: {D325D90F-AB0F-41AC-A6D6-D2A54F41663C} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"] Task: {D45604CD-5370-4374-8235-FE1EEB38C01F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [782904 2017-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DF3A51FF-493E-4FBB-88F5-FADB58A8D1CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {E4355CDA-9172-4F83-8104-710718796372} - System32\Tasks\CCleanerSkipUAC - renat => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F655930D-E0C9-4CE3-A7C7-DA5DC3A943D4} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473904 2017-02-21] (Acer Incorporated -> Acer Incorporated) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{3163acb2-31e7-41ca-b813-a3c7a0adbddf}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{66c7aba6-13f1-49cd-b96a-34330a97425f}: [DhcpNameServer] 192.168.0.1 Edge: ======= DownloadDir: C:\Users\renat\Downloads Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)] Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)] Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)] Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)] Edge DefaultProfile: Default Edge Profile: C:\Users\renat\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-15] Edge DownloadDir: Default -> C:\Users\renat\Downloads Edge Extension: (IBM Security Rapport) - C:\Users\renat\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kajikgogckeajjplomldcempamhidmcc [2022-02-23] Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc] FireFox: ======== FF DefaultProfile: afx6v46r.default FF ProfilePath: C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\afx6v46r.default [2022-10-23] FF Homepage: Mozilla\Firefox\Profiles\afx6v46r.default -> about:home FF Extension: (IBM Security Rapport) - C:\Users\renat\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2022-01-16] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (Português (pt-BR) Language Pack) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\afx6v46r.default\Extensions\langpack-pt-BR@firefox.mozilla.org.xpi [2022-09-02] FF Extension: (Brazilian Portuguese Checker (New Spelling)) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\afx6v46r.default\Extensions\pt-BR@dictionaries.addons.mozilla.org.xpi [2022-09-02] FF Extension: (uBlock Origin) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\afx6v46r.default\Extensions\uBlock0@raymondhill.net.xpi [2022-09-02] FF Extension: (Sunset Over Water by MaDonna) - C:\Users\renat\AppData\Roaming\Mozilla\Firefox\Profiles\afx6v46r.default\Extensions\{633f0fba-b472-4ac5-9584-e780977806b6}.xpi [2022-09-02] FF Extension: (Português (pt-BR) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-pt-BR@firefox.mozilla.org [2022-09-02] [] FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2022-09-02] [] FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-09-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-09-04] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2022-10-23] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default [2022-10-14] CHR Notifications: Default -> hxxps://mail.google.com; hxxps://meet.google.com; hxxps://rastreamentocorreios.info; hxxps://studybay.app; hxxps://vocesa.abril.com.br; hxxps://web.skype.com; hxxps://www.autoo.com.br; hxxps://www.netflix.com CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (IBM Security Rapport) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2022-02-16] CHR Extension: (Documentos Google off-line) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-29] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04] CHR Profile: C:\Users\renat\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-14] CHR Profile: C:\Users\renat\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-09-04] CHR Extension: (Apresentações) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-22] CHR Extension: (Documentos) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-22] CHR Extension: (Google Drive) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-22] CHR Extension: (IBM Security Rapport) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2021-11-22] CHR Extension: (YouTube) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-22] CHR Extension: (Planilhas) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-22] CHR Extension: (Documentos Google off-line) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-22] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-22] CHR Extension: (Gmail) - C:\Users\renat\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-22] CHR Profile: C:\Users\renat\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-14] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] CHR HKU\S-1-5-21-2400331221-4059026756-1448463897-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY) S3 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1166352 2022-07-13] (Autodesk, Inc. -> Autodesk Inc.) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3852912 2022-08-04] (philandro Software GmbH -> AnyDesk Software GmbH) S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8513552 2022-10-05] (Avast Software s.r.o. -> AVAST Software) S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325600 2016-08-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592608 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2018528 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592096 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-09-04] (Avast Software s.r.o. -> AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-14] (Microsoft Corporation -> Microsoft Corporation) S3 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation) S3 GUPMService; C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe [65408 2021-12-26] (Glarysoft LTD -> Glarysoft Ltd) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-14] (Malwarebytes Inc. -> Malwarebytes) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2973024 2022-05-01] (International Business Machines Corporation -> IBM Corp.) R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1004448 2022-04-12] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-09-02] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-09-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" S3 QALSvc; "C:\Program Files\Acer\Acer Quick Access\QALSvc.exe" [X] S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X] S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X] ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42296 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238128 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258496 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105920 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48488 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276496 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [558536 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114488 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90000 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862960 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671712 2022-09-26] (Avast Software s.r.o. -> AVAST Software) S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221976 2022-09-26] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327904 2022-09-26] (Avast Software s.r.o. -> AVAST Software) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [85424 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated) R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [452480 2022-05-01] (International Business Machines Corporation -> IBM Corp.) R1 RapportCerberus_2109072; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2109072.sys [1488456 2022-07-10] (International Business Machines Corporation -> IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [551048 2022-05-01] (International Business Machines Corporation -> IBM Corp.) R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [401288 2022-05-01] (International Business Machines Corporation -> IBM Corp.) R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [452080 2022-05-01] (International Business Machines Corporation -> IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [572336 2022-05-01] (International Business Machines Corporation -> IBM Corp.) S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2020-10-01] (Microsoft Corporation) [Arquivo não assinado] S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [452856 2022-09-02] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-09-02] (Microsoft Windows -> Microsoft Corporation) R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2022-10-23] (GAS INFORMATICA LTDA -> GAS Tecnologia) R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [51160 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [34768 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [36768 2022-02-25] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-10-23 01:26 - 2022-10-23 01:27 - 000000000 ____D C:\FRST 2022-10-23 01:16 - 2022-10-23 01:20 - 000000000 ____D C:\AdwCleaner 2022-10-22 16:10 - 2022-10-22 16:10 - 000000000 ____D C:\Users\renat\AppData\Roaming\www.shadowexplorer.com 2022-10-14 22:42 - 2022-10-14 22:48 - 000000000 ____D C:\ProgramData\HitmanPro 2022-10-13 22:23 - 2022-10-13 22:23 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-10-13 22:22 - 2022-10-13 22:22 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-10-13 22:22 - 2022-10-13 22:22 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-10-13 22:22 - 2022-10-13 22:22 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-10-13 22:22 - 2022-10-13 22:22 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-10-13 22:22 - 2022-10-13 22:22 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-10-13 22:22 - 2022-10-13 22:22 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-10-13 22:00 - 2022-10-13 22:03 - 000000000 ___HD C:\$WinREAgent 2022-10-13 21:40 - 2022-10-13 21:40 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys 2022-10-12 22:30 - 2022-10-15 21:19 - 000000000 __SHD C:\found.000 2022-09-29 19:07 - 2022-09-29 19:07 - 000000000 ____D C:\Users\renat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2022-09-26 20:04 - 2022-09-26 20:03 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2022-09-26 20:04 - 2022-09-26 20:03 - 000221976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-10-23 01:27 - 2017-07-20 01:03 - 000000000 ____D C:\temp 2022-10-23 01:21 - 2017-07-20 01:34 - 000000000 ____D C:\ProgramData\Acer 2022-10-23 01:21 - 2017-07-20 01:34 - 000000000 ____D C:\Program Files\Acer 2022-10-23 01:21 - 2017-07-20 01:34 - 000000000 ____D C:\Program Files (x86)\Acer 2022-10-23 01:20 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-23 01:20 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2022-10-23 01:20 - 2017-10-21 18:12 - 000000000 ____D C:\ProgramData\EPSON 2022-10-23 01:20 - 2017-07-20 01:23 - 000000000 ____D C:\ProgramData\NVIDIA 2022-10-23 00:47 - 2022-09-04 02:17 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - renat 2022-10-23 00:47 - 2022-09-04 01:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2022-10-23 00:47 - 2020-10-01 02:02 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-23 00:47 - 2020-10-01 02:02 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification 2022-10-23 00:47 - 2020-10-01 02:02 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-23 00:47 - 2020-10-01 02:02 - 000002956 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-23 00:47 - 2020-10-01 02:02 - 000002858 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-23 00:47 - 2020-10-01 02:02 - 000002838 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-23 00:47 - 2020-10-01 02:02 - 000002786 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-23 00:47 - 2020-10-01 02:02 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2022-10-23 00:47 - 2020-10-01 02:02 - 000001992 _____ C:\WINDOWS\system32\Tasks\Rerun Warsaw's CoreFixer 2022-10-23 00:47 - 2020-10-01 01:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-10-23 00:37 - 2017-11-18 15:25 - 000000000 ____D C:\Users\renat\AppData\Local\CrashDumps 2022-10-23 00:36 - 2022-09-02 22:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-10-23 00:35 - 2019-04-22 00:08 - 000028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys 2022-10-23 00:35 - 2019-02-15 21:19 - 000000000 ____D C:\Users\renat\AppData\Roaming\WTablet 2022-10-23 00:35 - 2017-10-16 21:55 - 000000000 __SHD C:\Users\renat\IntelGraphicsProfiles 2022-10-22 16:40 - 2022-09-04 02:02 - 000000000 ____D C:\Users\renat\AppData\Local\Avast Software 2022-10-22 16:05 - 2022-09-04 01:57 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2022-10-22 03:44 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-22 03:44 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-10-16 16:03 - 2022-09-02 22:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-10-16 16:03 - 2021-11-06 00:13 - 000000000 ____D C:\ProgramData\Lexmark Universal v2 2022-10-16 16:03 - 2019-08-10 17:01 - 000000000 ____D C:\ProgramData\FLEXnet 2022-10-16 16:03 - 2017-07-20 01:48 - 000000000 ____D C:\ProgramData\Norton 2022-10-16 15:57 - 2020-05-15 19:53 - 000000000 ____D C:\EES32 2022-10-16 15:57 - 2016-10-07 08:11 - 000000000 ___HD C:\OEM 2022-10-15 22:52 - 2022-09-04 01:53 - 000000000 ____D C:\ProgramData\Avast Software 2022-10-15 22:52 - 2020-10-01 02:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-10-15 22:52 - 2020-10-01 01:25 - 000008192 ___SH C:\DumpStack.log.tmp 2022-10-15 22:27 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-10-15 22:17 - 2019-12-07 06:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2022-10-15 21:19 - 2022-09-04 03:19 - 000000000 ____D C:\ProgramData\Glarysoft 2022-10-15 21:19 - 2022-09-04 02:44 - 000000000 ____D C:\ProgramData\SystemAcCrux 2022-10-15 21:19 - 2022-09-04 01:03 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-10-15 21:19 - 2022-09-02 22:41 - 000000000 ____D C:\ProgramData\Auslogics 2022-10-15 21:19 - 2022-09-02 22:13 - 000000000 ____D C:\ProgramData\AnyDesk 2022-10-15 21:19 - 2021-12-21 23:21 - 000000000 ____D C:\ProgramData\APP 2022-10-15 21:19 - 2020-10-20 20:33 - 000000000 ____D C:\ProgramData\Oracle 2022-10-15 21:19 - 2020-10-01 19:03 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2022-10-15 21:19 - 2020-05-15 19:39 - 000000000 ____D C:\Nova pasta 2022-10-15 21:19 - 2020-05-06 19:22 - 000000000 ___HD C:\OneDriveTemp 2022-10-15 21:19 - 2020-04-26 19:46 - 000000000 ____D C:\ProgramData\Lexmark Install Logs 2022-10-15 21:19 - 2020-04-26 16:33 - 000000000 ____D C:\ProgramData\Printer Install Logs 2022-10-15 21:19 - 2020-04-26 16:33 - 000000000 ____D C:\ProgramData\Lexmark Package Logs 2022-10-15 21:19 - 2020-04-26 16:33 - 000000000 ____D C:\Lexmark 2022-10-15 21:19 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\USOShared 2022-10-15 21:19 - 2019-08-13 19:26 - 000000000 ____D C:\ProgramData\boost_interprocess 2022-10-15 21:19 - 2019-08-10 16:13 - 000000000 ____D C:\Autodesk 2022-10-15 21:19 - 2019-08-10 16:08 - 000000000 ____D C:\ProgramData\Autodesk 2022-10-15 21:19 - 2019-08-10 16:07 - 000000000 ____D C:\ProgramData\Applications 2022-10-15 21:19 - 2017-11-13 21:47 - 000000000 ____D C:\ProgramData\Apple 2022-10-15 21:19 - 2017-11-05 14:54 - 000000000 ____D C:\ProgramData\Trusteer 2022-10-15 21:19 - 2017-10-21 18:22 - 000000000 ____D C:\ProgramData\ABBYY 2022-10-15 21:19 - 2017-10-21 18:19 - 000000000 ____D C:\ProgramData\UDL 2022-10-15 21:19 - 2017-10-17 01:36 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2022-10-15 21:19 - 2017-10-17 01:35 - 000000000 ____D C:\ProgramData\rtkSSTSetting 2022-10-15 21:19 - 2017-10-16 21:56 - 000000000 ___HD C:\ProgramData\O949 2022-10-15 21:19 - 2017-10-16 21:46 - 000000000 ___HD C:\ProgramData\{72725B64-F17C-4EB1-9CF0-3729C6F52EB5} 2022-10-15 21:19 - 2017-10-16 21:46 - 000000000 ____D C:\ProgramData\Dashlane 2022-10-15 21:19 - 2017-07-20 01:48 - 000000000 ____D C:\ProgramData\CyberLink 2022-10-15 21:19 - 2017-07-20 01:48 - 000000000 ____D C:\ProgramData\CLSK 2022-10-15 21:19 - 2017-07-20 01:47 - 000000000 ____D C:\ProgramData\Temp 2022-10-15 21:19 - 2017-07-20 01:47 - 000000000 ____D C:\ProgramData\install_clap 2022-10-15 21:19 - 2017-07-20 01:36 - 000000000 ____D C:\ProgramData\PPiP 2022-10-15 21:19 - 2017-07-20 01:34 - 000000000 ____D C:\ProgramData\OEM 2022-10-15 21:19 - 2017-07-20 00:54 - 000000000 ____D C:\ProgramData\Qualcomm Atheros 2022-10-15 21:19 - 2017-07-20 00:53 - 000000000 ____D C:\ProgramData\DriverSetupUtility 2022-10-15 21:19 - 2017-07-20 00:48 - 000000000 ____D C:\ProgramData\Intel 2022-10-15 21:19 - 2016-07-16 08:47 - 000000000 ____D C:\ProgramData\Comms 2022-10-15 07:51 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-10-14 23:33 - 2017-07-20 01:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-10-13 22:35 - 2020-10-01 01:47 - 001915240 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-10-13 22:35 - 2019-12-07 11:54 - 000817370 _____ C:\WINDOWS\system32\prfh0416.dat 2022-10-13 22:35 - 2019-12-07 11:54 - 000168164 _____ C:\WINDOWS\system32\prfc0416.dat 2022-10-13 22:35 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2022-10-13 22:31 - 2020-10-01 01:25 - 000533488 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-10-13 22:29 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-10-13 22:29 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-10-13 22:29 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-10-13 22:29 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-10-13 22:29 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-10-13 22:29 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-10-13 22:29 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-10-13 22:29 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-10-13 22:29 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-10-13 22:28 - 2019-04-23 18:33 - 000000000 ____D C:\Users\renat\AppData\Local\D3DSCache 2022-10-13 22:26 - 2019-12-07 06:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2022-10-13 22:26 - 2019-12-07 06:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2022-10-13 22:22 - 2020-10-01 01:30 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-10-13 21:54 - 2017-10-17 21:51 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-10-13 21:50 - 2017-10-17 21:50 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-10-12 22:27 - 2022-09-02 22:13 - 000000000 ____D C:\Program Files (x86)\AnyDesk 2022-10-12 16:46 - 2022-08-06 16:43 - 000000112 ___SH C:\bootTel.dat 2022-10-02 20:43 - 2020-02-05 23:50 - 000000000 ____D C:\Users\renat\AppData\Local\ElevatedDiagnostics 2022-10-02 16:57 - 2020-10-01 01:33 - 000000000 ____D C:\Users\renat 2022-09-29 19:07 - 2020-04-16 19:22 - 000000000 ____D C:\Users\renat\AppData\Roaming\Zoom 2022-09-26 20:04 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-09-26 20:03 - 2022-09-04 01:56 - 000862960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000671712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000558536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000327904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000276496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000258496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000238128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000114488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000105920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000090000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000048488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2022-09-26 20:03 - 2022-09-04 01:56 - 000042296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================