Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-10-2022 Executado por User (administrador) em DESKTOP-0JOV8RN (Gigabyte Technology Co., Ltd. H81M-H) (29-10-2022 16:47:09) Executando a partir de C:\Users\User\Desktop Perfis Carregados: User Plataforma: Microsoft Windows 10 Home Single Language Versão 21H1 19043.2130 (X64) Idioma: Português (Brasil) Navegador padrão: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1 Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1206.2\AvastBrowserCrashHandler.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1206.2\AvastBrowserCrashHandler64.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4> (C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [25088 2017-05-09] (A.E.T. Europe B.V.) [Arquivo não assinado] HKLM\...\Run: [SACMonitor] => C:\Program Files\SafeNet\Authentication\SAC\x64\SACMonitor.exe [659152 2019-04-16] (GEMALTO SA -> Gemalto) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-10-28] (Avast Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [pje-office] => C:\Program Files (x86)\pje-office\PJeOffice.exe [59392 2022-06-06] (Conselho Nacional de Justica - CNJ) [Arquivo não assinado] HKLM-x32\...\Run: [S17A] => C:\Windows\twain_32\Brims17a\Common\TwDsUiLaunch.exe [86128 2020-02-13] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3382272 2018-04-09] (Brother Industries, Ltd.) [Arquivo não assinado] HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO HKU\S-1-5-21-3180502729-4026977487-3766181511-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\Update.exe [1525032 2022-08-08] (Discord Inc. -> GitHub) HKU\S-1-5-21-3180502729-4026977487-3766181511-1001\...\Run: [CanvaAutoLaunchAvailabilityCheckAgent] => C:\Users\User\AppData\Local\Programs\Canva\Canva.exe [149278864 2022-06-26] (Canva -> Canva Pty Ltd) HKU\S-1-5-21-3180502729-4026977487-3766181511-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38502416 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3180502729-4026977487-3766181511-1001\...\Run: [AvastBrowserAutoLaunch_DD3B34B51295CA4CE249213732CEC2F8] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012592 2022-10-12] (Avast Software s.r.o. -> AVAST Software) HKU\S-1-5-21-3180502729-4026977487-3766181511-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\PDFsam Enhanced 7 Monitor: C:\Windows\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.11.0.7.dll [960120 2022-09-01] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com)) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-12] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\106.0.18815.119\Installer\chrmstp.exe [2022-10-28] (Avast Software s.r.o. -> AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2022-09-01] ShortcutTarget: Microsoft Office.lnk -> Z:\PROGRAMAS\Office2000\Office\OSA9.EXE (Microsoft Corporation) [Arquivo não assinado] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\pje-office.lnk [2022-08-31] ShortcutTarget: pje-office.lnk -> C:\Program Files (x86)\pje-office\PJeOffice.exe (Conselho Nacional de Justica - CNJ) [Arquivo não assinado] HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {196F5268-4B9C-4421-87F1-38B5C846CDC1} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-10-28] (Avast Software s.r.o. -> AVAST Software) Task: {1D4A584B-4E92-4230-8162-E00E7D605E72} - System32\Tasks\Andrea Vacondio\PDFsam Enhanced 7\Update => Z:\PROGRAMAS\PDFsam Enhanced 7\sam.exe [3418520 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) Task: {2CE2D1D8-1667-4C0C-B660-0B67B083A2F7} - System32\Tasks\GoogleUpdateTaskMachineCore{D178BCF0-9FA4-4768-B36D-BEE4092C1C0B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-08-31] (Google LLC -> Google LLC) Task: {2DF43AB3-8F2F-4AA5-8EE7-76924C04CFDB} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-10-28] (Avast Software s.r.o. -> AVAST Software) Task: {3584A1F7-2961-42B9-BE8B-8370B48225BA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012592 2022-10-12] (Avast Software s.r.o. -> AVAST Software) Task: {650B6894-3203-40E0-9412-5E582CA1C3F8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-10-28] (Avast Software s.r.o. -> AVAST Software) Task: {6F52B2D3-9FC3-4125-92D9-B09AB5D079F4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {94596DCC-EB4A-497D-A489-50F9CAB817DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.) Task: {983FEC30-2D20-4C66-A25A-8218C832DA09} - System32\Tasks\Andrea Vacondio\PDFsam Enhanced 7\App Notification => Z:\PROGRAMAS\PDFsam Enhanced 7\sam-launcher.exe [1868696 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) Task: {A1A5FD1D-B27C-4CC2-8EBB-A175DE9FDFB5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-09-12] (Piriform Software Ltd -> Piriform) Task: {A733A8F0-6949-4EF4-ACFC-571E2B14280E} - System32\Tasks\Andrea Vacondio\PDFsam Enhanced 7\App Notification Logon => Z:\PROGRAMAS\PDFsam Enhanced 7\sam-launcher.exe [1868696 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) Task: {BD4F9218-C1EF-4BD0-96DF-A00328852427} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4666896 2022-09-12] (Piriform Software Ltd -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "14152990-3637-4b15-b17f-df04a9b77fec" --version "6.04.10044" --silent Task: {C8F1512D-5974-4A57-9F82-635099DE0608} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {DA46B865-5042-4D4D-A92A-39CB831BC82A} - System32\Tasks\PandaUSBVaccine => Z:\PROGRAMAS\Panda USB Vaccine\RunInteractiveWin.exe [116480 2009-09-23] (Panda Security S.L -> ) -> "Z:\PROGRAMAS\Panda USB Vaccine\USBVaccine.exe" /resident /agreelicense Task: {DF02EE77-50C4-44A8-B168-102CE10166EE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-10-28] (Avast Software s.r.o. -> Avast Software) Task: {E1A49818-CF43-4D6E-8DCF-531BE26CD6B6} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3012592 2022-10-12] (Avast Software s.r.o. -> AVAST Software) Task: {EB78D8B2-1B2E-4DEC-A8C6-AC23FA7F07E2} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [32204304 2022-09-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F407583D-1137-4BF5-8F61-869CEC7030AE} - System32\Tasks\GoogleUpdateTaskMachineUA{4209C4F6-9FD2-400D-A72D-7B83F1CDB8CD} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-08-31] (Google LLC -> Google LLC) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 177.104.209.38 177.104.209.46 Tcpip\..\Interfaces\{80a253d0-cd70-4060-b6c2-39807dda0ecd}: [DhcpNameServer] 177.104.209.38 177.104.209.46 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-21] FireFox: ======== FF DefaultProfile: r8zmvwwr.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\r8zmvwwr.default [2022-09-19] FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\yw0rj15e.default-release [2022-10-29] FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-08-31] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-08-31] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [2022-10-28] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [2022-10-28] (Avast Software s.r.o. -> AVAST Software) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2022-10-29] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-10-29] CHR HomePage: Default -> hxxp://www.google.com.br/ CHR StartupUrls: Default -> "chrome://settings/help" CHR Extension: (Web PKI) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcngeagmmhegagicpcmpinaoklddcgon [2022-09-01] CHR Extension: (Editor do Office) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2022-09-01] CHR Extension: (Documentos Google off-line) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-31] CHR Extension: (JSONView) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmegofmjomhknnokphhckolhcffdaihd [2022-09-01] CHR Extension: (View image) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2022-09-01] CHR Extension: (Certisign Soluções Corporativas - NG) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\leiaelfabcbifngldgdlahaamjpioepa [2022-09-01] CHR Extension: (Extensão do Google Keep para o Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2022-10-26] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-31] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-29] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-10-28] CHR Extension: (Adobe Acrobat: ferramentas para editar, converter e assinar PDFs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-10-25] CHR Extension: (Documentos Google off-line) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-10-25] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-25] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-29] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.) S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539152 2022-10-28] (Avast Software s.r.o. -> AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-10-28] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [179936 2022-10-28] (Avast Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\106.0.18815.119\elevation_service.exe [2047168 2022-10-12] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-10-28] (Avast Software s.r.o. -> AVAST Software) S4 PDFsam Enhanced 7; Z:\PROGRAMAS\PDFsam Enhanced 7\activation-service.exe [3210648 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) S4 PDFsam Enhanced 7 Creator; Z:\PROGRAMAS\PDFsam Enhanced 7\creator-ws.exe [514456 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) S4 PDFsam Enhanced 7 Update Service; Z:\PROGRAMAS\PDFsam Enhanced 7\update-service.exe [267672 2021-11-03] (Sober Lemur S.a.s. di Vacondio Andrea -> Andrea Vacondio) S4 SACSrv; C:\Program Files\SafeNet\Authentication\SAC\x64\SACSRV.exe [63480 2019-04-16] (GEMALTO SA -> Gemalto) S2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2022-05-24] (Microsoft) [Arquivo não assinado] R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1004448 2022-04-12] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-13] (Microsoft Windows Publisher -> Microsoft Corporation) S2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [19968 2022-05-24] (Microsoft) [Arquivo não assinado] ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 AKSIFDH; C:\Windows\System32\drivers\aksifdh.sys [62632 2018-12-26] (Aladdin Knowledge Systems Inc. -> Aladdin Knowledge Systems, Ltd.) R3 AKSUP; C:\Windows\system32\drivers\aksup.sys [44712 2018-12-26] (Aladdin Knowledge Systems Inc. -> Aladdin Knowledge Systems, Ltd.) S3 ALSysIO; C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [47240 2022-10-20] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATENÇÃO R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [42304 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [238152 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [390096 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [306128 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [105936 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [48512 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276520 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [564304 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [114464 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [90008 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [862936 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [672272 2022-10-28] (Avast Software s.r.o. -> AVAST Software) S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [221944 2022-10-28] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [327896 2022-10-28] (Avast Software s.r.o. -> AVAST Software) S3 SzCCID; C:\Windows\system32\DRIVERS\SzCCID.sys [40448 2011-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Generic) R3 VBAudioVMVAIOMME; C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2022-08-31] (Vincent Burel -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [455968 2022-10-13] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-13] (Microsoft Windows -> Microsoft Corporation) R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [39488 2022-10-29] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [51160 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [34768 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [36768 2022-02-25] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-10-29 16:47 - 2022-10-29 16:47 - 000021939 _____ C:\Users\User\Desktop\FRST.txt 2022-10-29 16:46 - 2022-10-29 16:47 - 000000000 ____D C:\FRST 2022-10-29 16:46 - 2022-10-29 16:42 - 002374144 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe 2022-10-29 16:43 - 2022-10-29 16:43 - 000000000 ____D C:\AdwCleaner 2022-10-29 16:35 - 2022-10-29 16:42 - 000000000 ____D C:\Users\User\Desktop\ClubeHardware 2022-10-29 09:08 - 2022-10-29 16:39 - 000000000 ____D C:\Users\User\Desktop\Reciclagem 2022 2022-10-29 08:22 - 2022-10-29 08:22 - 000000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics 2022-10-29 08:20 - 2022-10-29 08:20 - 000000656 _____ C:\Users\User\Downloads\wu10.diagcab 2022-10-28 18:03 - 2022-10-28 18:03 - 000000000 ____D C:\Windows\system32\gf2engine 2022-10-28 17:30 - 2022-10-28 17:30 - 000003856 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) 2022-10-28 17:30 - 2022-10-28 17:30 - 000003626 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA 2022-10-28 17:30 - 2022-10-28 17:30 - 000003502 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore 2022-10-28 17:30 - 2022-10-28 17:30 - 000003272 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon) 2022-10-28 17:30 - 2022-10-28 17:30 - 000002574 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2022-10-28 17:30 - 2022-10-28 17:30 - 000002539 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk 2022-10-28 17:30 - 2022-10-28 17:30 - 000000000 ____D C:\Program Files (x86)\AVAST Software 2022-10-28 17:29 - 2022-10-29 08:28 - 000000000 ____D C:\Users\User\AppData\Local\Avast Software 2022-10-28 17:29 - 2022-10-28 17:29 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2022-10-28 17:29 - 2022-10-28 17:29 - 000002154 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2022-10-28 17:29 - 2022-10-28 17:29 - 000000000 ____D C:\Users\User\AppData\Roaming\Avast Software 2022-10-28 17:28 - 2022-10-28 17:28 - 000862936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000672272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000564304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000390096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000327896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000306128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000276520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000270552 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2022-10-28 17:28 - 2022-10-28 17:28 - 000238152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000221944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000114464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000105936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000090008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000048512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000042304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000025576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys 2022-10-28 17:28 - 2022-10-28 17:28 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2022-10-28 17:28 - 2022-10-28 17:28 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2022-10-28 17:28 - 2022-10-28 17:28 - 000000000 ____D C:\Program Files\Common Files\Avast Software 2022-10-28 17:28 - 2022-10-28 17:28 - 000000000 ____D C:\Program Files\Avast Software 2022-10-28 17:27 - 2022-10-28 17:28 - 000000000 ____D C:\ProgramData\Avast Software 2022-10-28 17:26 - 2022-10-28 17:26 - 000268488 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online.exe 2022-10-28 16:32 - 2022-10-28 16:32 - 001741776 _____ C:\Users\User\Downloads\search-panel-video.mp4 2022-10-27 08:38 - 2022-10-27 08:38 - 000361725 _____ C:\Users\User\Downloads\historico-creditos.pdf 2022-10-27 08:32 - 2022-10-29 07:28 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-10-25 09:09 - 2022-10-25 09:09 - 000002392 _____ C:\Users\User\Desktop\francelmo - Chrome.lnk 2022-10-24 23:31 - 2022-10-24 23:31 - 000200884 _____ C:\Users\User\Desktop\CVV_Uma_Proposta_de_Vida_FILOSOFIA.pdf 2022-10-24 23:04 - 2022-10-24 23:04 - 001794497 _____ C:\Users\User\Downloads\alvarás autorizando saques-Maria Aparecida-jan.21.pdf 2022-10-23 09:54 - 2022-10-23 09:54 - 000045394 _____ C:\Users\User\Downloads\inscricao (1).pdf 2022-10-22 12:21 - 2022-10-22 12:21 - 000103643 _____ C:\Users\User\Downloads\Termo_de_voluntariado_-_versao_Julho_2022 (1).pdf 2022-10-21 18:52 - 2022-10-21 18:52 - 000002238 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegação privativa do Firefox.lnk 2022-10-14 12:46 - 2022-10-14 12:46 - 000803186 _____ C:\Users\User\Desktop\pesquisa_reunião_mediúnica._out22.pdf 2022-10-13 11:05 - 2022-10-13 11:05 - 000040383 _____ C:\Users\User\Downloads\Relatorio-TempoContribuicao-Thamiel Dievo Carvalho-13-10-2022.pdf 2022-10-12 08:25 - 2022-10-12 08:25 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll 2022-10-12 08:25 - 2022-10-12 08:25 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll 2022-10-12 08:25 - 2022-10-12 08:25 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll 2022-10-12 08:25 - 2022-10-12 08:25 - 000060928 _____ C:\Windows\system32\runexehelper.exe 2022-10-12 08:25 - 2022-10-12 08:25 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2022-10-12 08:25 - 2022-10-12 08:25 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2022-10-12 08:25 - 2022-10-12 08:25 - 000012253 _____ C:\Windows\system32\DrtmAuthTxt.wim 2022-10-12 08:20 - 2022-10-12 08:20 - 000000000 ___HD C:\$WinREAgent 2022-10-07 16:44 - 2022-10-07 16:44 - 000152180 _____ C:\Users\User\Downloads\Tabela-8.pdf 2022-10-06 09:38 - 2022-10-29 07:28 - 000039488 _____ (Topaz OFD) C:\Windows\system32\Drivers\wsddfac.sys 2022-10-06 09:38 - 2022-10-06 09:38 - 000000000 ___HD C:\Program Files (x86)\Topaz OFD 2022-10-06 09:38 - 2022-10-06 09:38 - 000000000 ____D C:\Program Files\Topaz OFD 2022-10-06 09:38 - 2022-02-25 14:58 - 000036768 ____N (Topaz OFD) C:\Windows\system32\Drivers\wsddprm.sys 2022-10-06 09:38 - 2021-02-11 19:37 - 000051160 _____ (Topaz OFD) C:\Windows\system32\Drivers\wsddntf.sys 2022-10-06 09:38 - 2021-02-11 19:37 - 000034768 ____N (Topaz OFD) C:\Windows\system32\Drivers\wsddpp.sys 2022-10-06 09:38 - 2021-02-11 19:37 - 000010722 _____ C:\Windows\system32\Drivers\wsddntf.cat 2022-10-06 09:37 - 2022-10-06 09:37 - 006210896 _____ (Banco do Brasil S.A.) C:\Users\User\Downloads\DiagnosticoBB.exe 2022-09-30 08:02 - 2022-10-29 08:02 - 000003416 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2022-09-30 08:02 - 2022-10-29 08:02 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-10-29 16:44 - 2022-08-31 18:08 - 000000000 ____D C:\Users\User\AppData\Roaming\discord 2022-10-29 16:31 - 2022-08-31 18:15 - 000000000 ____D C:\Users\User\AppData\Local\Discord 2022-10-29 16:06 - 2022-08-31 15:01 - 000000000 ____D C:\Program Files (x86)\Google 2022-10-29 15:51 - 2022-08-31 13:48 - 000000000 ____D C:\Windows\system32\SleepStudy 2022-10-29 14:14 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-29 10:27 - 2022-09-19 11:27 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla 2022-10-29 08:02 - 2022-09-01 00:25 - 000000000 ____D C:\Program Files\CCleaner 2022-10-29 07:32 - 2022-08-31 13:54 - 001651882 _____ C:\Windows\system32\PerfStringBackup.INI 2022-10-29 07:32 - 2019-12-07 11:54 - 000715446 _____ C:\Windows\system32\prfh0416.dat 2022-10-29 07:32 - 2019-12-07 11:54 - 000140602 _____ C:\Windows\system32\prfc0416.dat 2022-10-29 07:32 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF 2022-10-29 07:27 - 2022-09-19 11:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-10-29 07:27 - 2022-08-31 13:48 - 000008192 ___SH C:\DumpStack.log.tmp 2022-10-29 07:27 - 2022-08-31 13:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-10-28 18:48 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-28 18:48 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness 2022-10-28 17:28 - 2019-12-07 06:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2022-10-28 08:12 - 2022-08-31 13:48 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-10-28 08:12 - 2022-08-31 13:48 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-10-27 09:27 - 2022-09-19 11:27 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-10-27 09:27 - 2022-09-19 11:27 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-10-25 15:21 - 2022-09-19 11:27 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-10-25 08:43 - 2022-08-31 14:44 - 005289014 _____ C:\Users\User\Desktop\Manual Voluntário - 2018.pdf 2022-10-22 07:30 - 2022-08-31 18:08 - 000002228 _____ C:\Users\User\Desktop\Discord.lnk 2022-10-20 08:04 - 2019-12-07 06:03 - 000262144 _____ C:\Windows\system32\config\BBI 2022-10-15 18:11 - 2022-08-31 21:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Canva 2022-10-15 07:59 - 2022-08-31 13:48 - 000003674 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-10-15 07:59 - 2022-08-31 13:48 - 000003550 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-10-13 22:28 - 2022-08-31 13:48 - 000000000 ____D C:\Windows\system32\Drivers\wd 2022-10-13 08:36 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp 2022-10-12 18:07 - 2022-08-31 15:02 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-10-12 18:07 - 2022-08-31 15:02 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-10-12 08:55 - 2022-08-31 13:48 - 000368664 _____ C:\Windows\system32\FNTCACHE.DAT 2022-10-12 08:55 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2022-10-12 08:55 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-10-12 08:55 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemResources 2022-10-12 08:55 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2022-10-12 08:55 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\oobe 2022-10-12 08:55 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\Dism 2022-10-12 08:55 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\Provisioning 2022-10-12 08:55 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2022-10-12 08:55 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\bcastdvr 2022-10-12 08:40 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\NDF 2022-10-12 08:27 - 2019-12-07 06:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll 2022-10-12 08:27 - 2019-12-07 06:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll 2022-10-12 08:25 - 2022-08-31 13:52 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2022-10-12 08:20 - 2022-08-31 14:31 - 000000000 ____D C:\Windows\system32\MRT 2022-10-12 08:18 - 2022-08-31 14:31 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-10-06 09:54 - 2022-09-01 15:13 - 000026554 _____ C:\Users\User\.sambox.cache 2022-10-06 09:39 - 2022-09-01 00:21 - 000000000 ____D C:\ProgramData\TEMP 2022-09-30 08:02 - 2022-09-01 00:25 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================