Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-05-2023 Executado por nursi (administrador) em LAPTOP-U216UT7H (ASUSTeK COMPUTER INC. ROG G703GS_G703GS) (05-06-2023 09:57:19) Executando a partir de C:\Users\nursi\OneDrive\Área de Trabalho\FRST64.exe Perfis Carregados: nursi Plataforma: Microsoft Windows 11 Home Versão 22H2 22621.1702 (X64) Idioma: Português (Portugal) Navegador padrão: Edge Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) () [Arquivo não assinado] C:\Users\nursi\AppData\Local\Temp\Fmocnpecplpmgokmihrjohgewqz.exe (C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (cmd.exe ->) (McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\browserhost.exe (explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14> (explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2304.26.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\certreq.exe (explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler64.exe (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (services.exe ->) (McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvamsi.inf_amd64_9219ad30ce7522b2\Display.NvContainer\NVDisplay.Container.exe <2> (sihost.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6> (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2320.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.16.10262.0_x64__8wekyb3d8bbwe\OpenConsole.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.16.10262.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21446.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1234432 2019-10-30] (ASUSTeK COMPUTER INC.) [Arquivo não assinado] HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-20] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM\...\Run: [Emsisoft Anti-Malware] => C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [10774960 2023-06-04] (Emsisoft Limited -> Emsisoft Ltd) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrição <==== ATENÇÃO HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.3.0\GoogleDriveFS.exe [53970712 2023-06-02] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.3.0\GoogleDriveFS.exe [53970712 2023-06-02] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.3.0\GoogleDriveFS.exe [53970712 2023-06-02] (Google LLC -> Google, Inc.) HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40454048 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123262344 2023-05-22] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31300376 2023-03-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-3848878613-230039650-1154610324-1001\...\Run: [MicrosoftEdgeAutoLaunch_E9654F28324299FCE4DDE5EEE2A42508] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-06-02] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.3.0\GoogleDriveFS.exe [53970712 2023-06-02] (Google LLC -> Google, Inc.) HKLM\...\Windows x64\Print Processors\hpzppw72: C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll [257024 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\KM Language Monitor: C:\Windows\system32\KMPJL64.DLL [80384 2013-04-08] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.) HKLM\...\Print\Monitors\PCL hpz3lw72: C:\Windows\system32\hpz3lw72.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.90\Installer\chrmstp.exe [2023-06-02] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-04-13] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) ==================== Tarefas Agendadas (Whitelisted) ================= (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {03CF5ED7-F6EF-433C-9804-52C1BAE7CE66} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {08387746-2324-4345-8016-A28AA1115DC5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {09F9477C-1B5B-4FFF-A749-EC901EC7B063} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {0D69DED8-C7BA-4F0C-BE20-632587859D39} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start ThunderboltService Task: {23A2C2E9-E278-4AE4-9276-443D67B8616C} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2023-03-08] (Garmin International, Inc. -> ) Task: {28038971-7FC3-4C57-8A78-BFD644CFE68B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2A63F50B-7D81-486F-8518-3E04D0D2E1BC} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [149712 2021-10-14] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) Task: {3020E1DD-2B33-4756-A425-E6F4CEEAF44D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {35C8EA5F-4317-4C5B-BC01-925AFB055646} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Nenhum Arquivo) Task: {3CB0C6B6-7DB0-4F82-86D2-317660974B79} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Nenhum Arquivo) Task: {3E717B58-C5EB-4CA1-9428-B3C57EA93F5E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302184 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {40EB2F69-0689-49E6-90B1-B1CCB6E225AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {4DB2E56F-33C6-46D4-9626-134B1FA7B1F9} - System32\Tasks\S-1-5-21-3848878613-230039650-1154610324-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (Nenhum Arquivo) Task: {55C45FC8-E007-494C-A58F-F033D657E907} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "bf5aeb9d-4b7a-44ff-be41-d7fe70b78db2" --version "6.12.10490" --silent Task: {68ED2B15-9716-4F7F-AC2E-E853DF81A725} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6AEAC83B-69C1-4110-A7E4-63CD753D8ED9} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-3848878613-230039650-1154610324-1001 => C:\Users\nursi\AppData\Local\Programs\Messenger\MessengerHelper.exe --lassie (Nenhum Arquivo) Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe Reboot (Nenhum Arquivo) Task: {75C6ECC2-A97B-43FE-955F-F19B1B756E6D} - System32\Tasks\Microsoft\Windows\Method\Size => C:\Users\nursi\AppData\Local\Method\lpxeccajs\Size.exe (Nenhum Arquivo) Task: {82DED51B-11BB-4D6E-8849-C79650191760} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingKey.exe [4718048 2018-03-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {837548B2-5C32-40F1-B199-428018558A58} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8448274E-5D99-4BFB-AFE4-B7151CB8B6AA} - System32\Tasks\ASUS Hello => C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe [630160 2018-04-10] (ASUSTeK Computer Inc. -> ) Task: {883D674E-9997-4C06-998C-1AD66B25BDAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-04] (Google Inc -> Google Inc.) Task: {8EF2319F-75C3-49AC-BFFD-50AA2D5F8A25} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe [1234432 2019-10-30] (ASUSTeK COMPUTER INC.) [Arquivo não assinado] Task: {919B36F3-225D-4214-B6A3-3A7CA9BE35CC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation) Task: {9990B736-2BB8-4363-9FB8-7DCA98953BCB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (Nenhum Arquivo) Task: {AB6CB96E-24C0-4CCF-9899-535BF4C17800} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B130E7A0-31B1-40FD-9840-E02126D42CA5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B3155E12-5FE2-42D1-925C-08E4A0E25E6B} - System32\Tasks\ASUS Promotion => C:\Program Files\ASUS\ASUS Promotion\ASUS Promotion.exe [1049568 2018-10-26] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) Task: {B81C4395-30C4-4666-97A1-8ECC080C4751} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C5A67A2B-2DEE-489B-93A5-FBFED80F8A3D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C9B82602-1D68-47D0-90FF-6899003F7E64} - System32\Tasks\SS3Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe [811520 2019-10-30] (ASUSTeK COMPUTER INC.) [Arquivo não assinado] Task: {CB552C89-A0CC-4E63-A286-429E65028A3B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226024 ] (Intel(R) Client Connectivity Division SW -> Intel Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Nenhum Arquivo) Task: {CE8524D6-D814-4436-B963-C64311AC0A6A} - System32\Tasks\GameFirstV => C:\Program Files (x86)\ASUS\GameFirst\\GameFirst_V.exe [714112 ] (Apex Titan Technology Corp. -> ASUS) Task: {D64B1995-474C-4E6E-9CFB-2FC258248192} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {D7E72569-BA75-4B21-BA36-33E28EF979EC} - System32\Tasks\CCleanerSkipUAC - nursi => C:\Program Files\CCleaner\CCleaner.exe [34264480 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {DA0066AB-D295-44A9-8C7F-8754D040F711} - System32\Tasks\USBChargerPlusUWP => C:\Program Files (x86)\ASUS\USB Charger Plus Service\StartupUSBChargerPlus.exe [150416 2018-07-04] (ASUSTeK Computer Inc. -> ) Task: {E008A5EA-2090-4D75-A97F-61D18099AE55} - System32\Tasks\IterationCount => C:\Users\nursi\AppData\Roaming\DefinedTypes\IterationCount (Nenhum Arquivo) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Nenhum Arquivo) Task: {E90CD071-BE09-4138-BA41-AAAC86583212} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {EB6C88FD-2935-42F7-A8AC-A9FD3B3DE60A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2019-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {EE0ECFAB-B354-4C92-8A4F-8314E1C6909B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EE3A4C7D-83B8-468E-9B1A-4B3258D74D59} - \faka -> Nenhum Arquivo <==== ATENÇÃO Task: {EE969CEF-2D51-4D4D-8845-D6D99BFA678F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EFBD9700-C01E-45FB-8327-A2762C1EF853} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-04] (Google Inc -> Google Inc.) Task: {F00BB55C-CB25-4E87-8B60-0ED9F8C4D15F} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHotkeyExec64.exe [176064 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Task: {F073DAD6-7DB3-4C64-9F8B-AF7712E6EC22} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.) Task: {F1CA1299-F3B4-4FCF-8C47-EDEC9BAA81BB} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277528 2019-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {F4BC2FB6-E0AD-4A64-8C8B-D915C6A8F7D1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FC5855C5-EDF8-4136-8494-9DF310D8161C} - System32\Tasks\Method\Size => C:\Users\nursi\AppData\Local\Method\hdmyuhg\Size.exe [7168 2023-06-05] () [Arquivo não assinado] (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0b2953b5-9af0-447d-9e0f-11fa9572663c}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{c15b09dc-722c-4d37-b52d-c67a7bd8cda3}: [DhcpNameServer] 10.10.21.1 Tcpip\..\Interfaces\{cff0d725-5d03-488f-b199-9b1a7f0a32aa}: [DhcpNameServer] 172.20.10.1 Edge: ======= DownloadDir: C:\Users\nursi\Downloads Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)] Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)] Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)] Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)] Edge DefaultProfile: Default Edge Profile: C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-05] Edge HomePage: Default -> hxxp://asus13.msn.com/ Edge StartupUrls: Default -> "hxxp://www.google.pt/" Edge Extension: (Logitech Smooth Scrolling) - C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2021-11-25] Edge Extension: (New Tab Redirect) - C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2021-11-25] Edge Extension: (MyJDownloader Browser Extension) - C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ieapabanbplofifeaapjocpaogdhncdd [2021-11-25] Edge Extension: (Edge relevant text changes) - C:\Users\nursi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-24] FireFox: ======== FF ProfilePath: C:\Users\nursi\AppData\Roaming\TomTom\HOME\Profiles\ys5opl6g.default [2020-06-15] FF Extension: (Sem Nome) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [não encontrado (a)] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-22] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2021-01-26] [não assinado] FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default [2023-06-05] CHR Notifications: Default -> hxxps://best.aliexpress.com; hxxps://mail.google.com; hxxps://rockcontent.com; hxxps://www.facebook.com CHR HomePage: Default -> hxxp://www.google.pt/ CHR StartupUrls: Default -> "hxxp://www.google.pt/" CHR NewTab: Default -> Not-active:"chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html" CHR Extension: (Logitech Smooth Scrolling) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2019-03-04] CHR Extension: (MyJDownloader Browser Extension) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2021-06-28] CHR Extension: (McAfee® WebAdvisor) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-05-19] CHR Extension: (Google Docs offline) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-22] CHR Extension: (New Tab Redirect) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2019-07-07] CHR Extension: (Launcher de aplicações para o Drive (da Google)) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-23] CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Profile: C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-02] CHR Profile: C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-06-02] CHR Extension: (McAfee® WebAdvisor) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-12-16] CHR Extension: (Google Docs offline) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-16] CHR Extension: (Launcher de aplicações para o Drive (da Google)) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-03-09] CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\nursi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-09] CHR Profile: C:\Users\nursi\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-02] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKU\S-1-5-21-3848878613-230039650-1154610324-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [11453664 2023-06-04] (Emsisoft Limited -> Emsisoft Ltd) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.) S2 AsHidService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsHidSrv64.exe [173504 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) S2 ASLDRService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\AsLdrSrv64.exe [227776 2019-03-04] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [157016 2019-03-06] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063840 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> ) S2 EmsiCommService; C:\Program Files\Emsisoft Anti-Malware\CommService.exe [15048472 2023-06-04] (Emsisoft Limited -> Emsisoft Ltd) R2 EppWsc; C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe [1545368 2023-06-04] (Emsisoft Ltd -> Emsisoft Ltd) S2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> ) R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Arquivo não assinado] S2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [1977392 2019-04-12] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [905472 2019-08-22] (McAfee, LLC -> McAfee, Inc.) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado] S2 ROGGamingCenterService; C:\Program Files (x86)\ASUSTeK COMPUTER INC\ROG Gaming Center\ROGGamingCenterService.exe [40416 2018-02-22] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) S2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [Arquivo não assinado] S2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc) S2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc. -> SafeNet, Inc.) S2 USBChargerService; C:\Program Files (x86)\ASUS\USB Charger Plus Service\USBChargerService.exe [120720 2018-07-04] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe [3228464 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe [133592 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation) S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvamsi.inf_amd64_9219ad30ce7522b2\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvamsi.inf_amd64_9219ad30ce7522b2\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [31032 2018-07-04] (WDKTestCert Jie,131315143419111253 -> ASUSTek Computer Inc.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [104808 2018-01-21] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_30ffacb41f78f352\atkwmiacpi64.sys [36368 2019-03-04] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Arquivo não assinado] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S1 epp; C:\Program Files\Emsisoft Anti-Malware\epp.sys [164400 2023-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd) R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37776 2023-06-04] (Emsisoft Ltd -> Emsisoft Ltd) S0 EppElam; C:\WINDOWS\System32\drivers\EppElam.sys [19392 2023-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Emsisoft Ltd) S1 eppwfp; C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys [137224 2023-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd) R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [34488 2022-08-09] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) R3 MpKsl205df62c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{336B76F3-2513-42D2-93BC-F7DFB78BD717}\MpKslDrv.sys [213288 2023-06-05] (Microsoft Windows -> Microsoft Corporation) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R1 netfilter21556; C:\WINDOWS\System32\drivers\netfilter21556.sys [96392 2017-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek) S3 RtsUpx; C:\Windows\system32\drivers\RtsUpx.sys [30328 2018-06-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.) R3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc. -> SafeNet, Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 TPS6598x; C:\WINDOWS\System32\drivers\TPS6598x.sys [56376 2017-11-28] (FPT USA Corp. -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498984 2023-06-01] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-06-01] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-06-05 09:57 - 2023-06-05 09:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Method 2023-06-05 09:57 - 2023-06-05 09:57 - 000000000 ____D C:\FRST 2023-06-05 09:52 - 2023-06-05 09:54 - 000000000 ____D C:\AdwCleaner 2023-06-05 08:22 - 2023-06-05 08:22 - 000782858 _____ C:\WINDOWS\system32\prfh0816.dat 2023-06-05 08:22 - 2023-06-05 08:22 - 000159072 _____ C:\WINDOWS\system32\prfc0816.dat 2023-06-05 08:10 - 2023-06-05 09:30 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware 2023-06-05 08:10 - 2023-06-05 08:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware 2023-06-05 08:10 - 2023-06-04 21:01 - 000037776 _____ (Emsisoft Ltd) C:\WINDOWS\system32\Drivers\eppdisk.sys 2023-06-05 08:07 - 2023-06-05 08:07 - 003411592 _____ (Emsisoft Ltd) C:\Users\nursi\Downloads\EmsisoftAntiMalwareWebSetup_5220a051-ee4d-4b83-8d5d-ad4e4488857b (1).exe 2023-06-02 12:35 - 2023-06-02 12:35 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2023-06-02 12:04 - 2023-06-05 08:13 - 000000000 ____D C:\ProgramData\Emsisoft 2023-06-02 12:04 - 2023-06-02 12:04 - 003411592 _____ (Emsisoft Ltd) C:\Users\nursi\Downloads\EmsisoftAntiMalwareWebSetup_5220a051-ee4d-4b83-8d5d-ad4e4488857b.exe 2023-06-02 09:54 - 2023-06-05 09:57 - 000000000 ____D C:\Users\nursi\AppData\Local\Method 2023-06-02 09:52 - 2023-06-05 08:12 - 000000000 ____D C:\Users\nursi\AppData\Roaming\DefinedTypes 2023-06-02 09:52 - 2023-06-02 09:52 - 000003656 _____ C:\WINDOWS\system32\Tasks\IterationCount 2023-06-02 09:52 - 2023-06-02 09:52 - 000000000 ____D C:\ProgramData\sib 2023-06-02 09:52 - 2023-06-02 09:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyShot 11 2023-06-02 09:52 - 2023-06-02 09:52 - 000000000 ____D C:\ProgramData\Luxion 2023-06-02 09:51 - 2023-06-02 09:52 - 000000000 ____D C:\Program Files\KeyShot11 2023-06-02 09:19 - 2023-06-02 09:19 - 000000000 ____D C:\Users\nursi\AppData\Roaming\NVIDIA 2023-06-02 09:15 - 2023-06-02 09:55 - 000000000 ____D C:\Users\nursi\AppData\Roaming\Luxion 2023-06-02 09:15 - 2023-06-02 09:54 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\KeyShot 11 2023-06-02 09:01 - 2023-06-02 09:01 - 000001181 _____ C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\keyshot5.lnk 2023-06-02 08:48 - 2023-06-02 08:59 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\KeyShot 5 2023-06-01 17:09 - 2023-06-01 17:09 - 000032786 _____ C:\Users\nursi\Downloads\Hogan_Shoes_and_Fashion.eps 2023-06-01 17:09 - 2023-06-01 17:09 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\Minhas paletas 2023-06-01 16:23 - 2023-06-01 16:24 - 504198189 _____ C:\Users\nursi\Downloads\ASICS X ForEver Meeting 17th May,2023 (1) (1).pptx 2023-06-01 16:22 - 2023-06-01 16:23 - 504198189 _____ C:\Users\nursi\Downloads\ASICS X ForEver Meeting 17th May,2023 (1).pptx 2023-06-01 11:40 - 2023-06-01 11:40 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\FlashIntegro 2023-06-01 11:37 - 2023-06-01 11:37 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\vulcao 2023-06-01 11:22 - 2023-06-01 11:22 - 026693624 _____ C:\Users\nursi\Downloads\Rueda_vapesol_rect_1_6_23.3dm 2023-06-01 11:10 - 2023-06-01 11:10 - 002887440 _____ C:\Users\nursi\Downloads\TP SOLES SONRA_MONSIEURGERMAIN_300523.pdf 2023-05-30 17:07 - 2023-05-30 17:07 - 004883572 _____ C:\Users\nursi\Downloads\Ficheiros 3D.zip 2023-05-30 17:07 - 2023-05-30 17:07 - 000000000 ____D C:\Users\nursi\Downloads\Ficheiros 3D 2023-05-30 13:26 - 2023-05-30 13:26 - 000407788 _____ C:\Users\nursi\Downloads\Bilhetes Passadiços do Mondego (1).pdf 2023-05-30 13:23 - 2023-05-30 13:23 - 000407788 _____ C:\Users\nursi\Downloads\Bilhetes Passadiços do Mondego.pdf 2023-05-30 13:23 - 2023-05-30 13:23 - 000144055 _____ C:\Users\nursi\Downloads\Normas e Recomendações.pdf 2023-05-30 13:12 - 2023-05-30 13:12 - 000025255 _____ C:\Users\nursi\Downloads\87482713.pdf 2023-05-29 13:20 - 2023-05-29 13:20 - 001406433 _____ C:\Users\nursi\Downloads\Kirigamine Zen.pdf 2023-05-29 13:20 - 2023-05-29 13:20 - 000069051 _____ C:\Users\nursi\Downloads\ORÇ_2864_MARCIO_MIT.pdf 2023-05-29 13:10 - 2023-05-29 13:10 - 001920078 _____ C:\Users\nursi\Downloads\FT DAIKIN MULTI.pdf 2023-05-29 13:10 - 2023-05-29 13:10 - 001102590 _____ C:\Users\nursi\Downloads\PO_220523_R00_DK_MULTI.pdf 2023-05-26 07:55 - 2023-05-26 07:55 - 000000000 ____D C:\Users\nursi\AppData\LocalLow\Messenger 2023-05-24 11:18 - 2023-05-24 11:18 - 104545080 _____ C:\Users\nursi\Downloads\S1PS_A2_(PADUA)_V5_003 igs.igs 2023-05-23 16:54 - 2023-05-23 16:54 - 000270180 _____ C:\Users\nursi\Downloads\symb.dxf 2023-05-23 16:52 - 2023-05-23 16:52 - 000028708 _____ C:\Users\nursi\Downloads\shoes-materials-symbols-footwear-labels-vector-20840027.webp 2023-05-23 15:36 - 2023-05-23 15:36 - 000043323 _____ C:\Users\nursi\Downloads\CallaGhan.eps 2023-05-23 14:28 - 2023-05-23 14:28 - 215491326 _____ C:\Users\nursi\Downloads\QUONDAM IGS.igs 2023-05-23 14:11 - 2023-05-23 14:11 - 215632802 _____ C:\Users\nursi\Downloads\wetransfer_quondam-difu-jpg_2023-05-22_1137 (1).zip 2023-05-22 16:06 - 2023-05-22 16:06 - 026919105 _____ C:\Users\nursi\Downloads\Rueda_16_5_23.3dm 2023-05-22 14:53 - 2023-05-22 14:54 - 215632802 _____ C:\Users\nursi\Downloads\wetransfer_quondam-difu-jpg_2023-05-22_1137.zip 2023-05-22 13:50 - 2023-05-22 13:50 - 001503097 _____ C:\Users\nursi\Downloads\THOR STREET (1).pdf 2023-05-22 07:56 - 2023-05-22 07:56 - 001723014 _____ C:\Users\nursi\Downloads\2271CMV-16_BAK_BAK.pdf 2023-05-16 18:02 - 2023-05-16 18:02 - 003883291 _____ C:\Users\nursi\Downloads\HATTY TENNIS SNEAKER Outsole design tech pack .pdf 2023-05-16 18:02 - 2023-05-16 18:02 - 001916145 _____ C:\Users\nursi\Downloads\HATTY TENNIS VECTOR FILE.ai 2023-05-16 18:02 - 2023-05-16 18:02 - 001396764 _____ C:\Users\nursi\Downloads\HATTY BRANDING 02.05.23.ai 2023-05-16 18:02 - 2023-05-16 18:02 - 000137355 _____ C:\Users\nursi\Downloads\HATTY TENNIS DRAWING.pdf 2023-05-16 15:27 - 2023-05-16 15:27 - 000073107 _____ C:\Users\nursi\Downloads\RM 2023-448.pdf 2023-05-16 15:12 - 2023-05-16 15:12 - 000226527 _____ C:\Users\nursi\Downloads\PoleCapV1[1].step 2023-05-15 17:41 - 2023-05-15 17:41 - 083634963 _____ C:\Users\nursi\Downloads\wetransfer_capa-livro-final-stl-stl_2023-05-15_1557.zip 2023-05-15 15:43 - 2023-05-15 15:43 - 000000000 ____D C:\Users\nursi\Downloads\wetransfer_oxford-41-3dm-3dm_2023-05-14_1653 2023-05-15 15:42 - 2023-05-15 15:42 - 180250995 _____ C:\Users\nursi\Downloads\wetransfer_oxford-41-3dm-3dm_2023-05-14_1653.zip 2023-05-15 13:48 - 2023-05-15 13:48 - 039455284 _____ C:\Users\nursi\Downloads\capa livro 3.stl 2023-05-12 10:18 - 2023-05-12 10:18 - 003647486 _____ C:\Users\nursi\Downloads\Casual (1) (1).pdf 2023-05-11 15:21 - 2023-05-11 15:21 - 002199362 _____ C:\Users\nursi\Downloads\23-214.rar 2023-05-11 15:21 - 2023-05-11 15:21 - 002096800 _____ C:\Users\nursi\Downloads\23-218.rar 2023-05-11 14:07 - 2023-05-11 14:07 - 000014719 _____ C:\Users\nursi\Downloads\Logo Chinelo (1).pdf 2023-05-11 09:35 - 2023-05-11 09:35 - 003647486 _____ C:\Users\nursi\Downloads\Casual (1).pdf 2023-05-10 08:55 - 2023-05-10 08:55 - 000000000 ___HD C:\$WinREAgent 2023-05-09 17:14 - 2023-05-09 17:14 - 002736125 _____ C:\Users\nursi\Downloads\PME ART PLUG with wing V1.pdf 2023-05-09 13:22 - 2023-05-09 13:22 - 000023271 _____ C:\Users\nursi\Downloads\5336704.pdf 2023-05-09 12:08 - 2023-05-09 12:08 - 006085630 _____ C:\Users\nursi\Downloads\Profilsohle_links_oval_12_Schwund.iges 2023-05-09 12:08 - 2023-05-09 12:08 - 006084400 _____ C:\Users\nursi\Downloads\Profilsohle_rechts_oval_12_Schwund.iges 2023-05-09 12:07 - 2023-05-09 12:08 - 001721262 _____ C:\Users\nursi\Downloads\Muttersohle_rechts_oval_12_Schwund.iges 2023-05-09 12:07 - 2023-05-09 12:08 - 001720770 _____ C:\Users\nursi\Downloads\Muttersohle_links_oval_12_Schwund.iges 2023-05-09 11:57 - 2023-05-09 11:57 - 000014719 _____ C:\Users\nursi\Downloads\Logo Chinelo.pdf 2023-05-09 11:48 - 2023-05-09 11:48 - 000000000 ____D C:\Users\nursi\Downloads\Dynamic-Sohle-Basis37669-Gr37-Model-Origin 2023-05-09 11:47 - 2023-05-09 11:47 - 008007904 _____ C:\Users\nursi\Downloads\Dynamic-Sohle-Basis37669-Gr37-Model-Origin.zip 2023-05-08 13:04 - 2023-05-08 13:04 - 002651876 _____ C:\Users\nursi\Downloads\FAMIL MALAGA.rar 2023-05-08 11:36 - 2023-05-08 11:36 - 014566316 _____ C:\Users\nursi\Downloads\wetransfer_malaga-y-eivissa_2023-05-08_1005.zip 2023-05-08 07:56 - 2023-05-08 07:56 - 112598874 _____ C:\Users\nursi\Downloads\S1PS_A2_(PADUA)_V5_concavo.igs 2023-05-08 07:56 - 2023-05-08 07:56 - 012434434 _____ C:\Users\nursi\Downloads\74840A.stl ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-06-05 09:54 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-06-05 09:54 - 2018-06-22 23:58 - 000000000 ____D C:\ProgramData\NVIDIA 2023-06-05 09:49 - 2022-09-30 11:28 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2023-06-05 09:40 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-06-05 09:32 - 2019-03-04 18:00 - 000000000 ____D C:\Users\nursi\AppData\Roaming\PowerSHAPE 2023-06-05 09:28 - 2019-04-08 09:23 - 000000000 ____D C:\Users\nursi\AppData\Local\D3DSCache 2023-06-05 09:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-06-05 09:02 - 2019-03-04 17:33 - 000000000 ___SD C:\Users\nursi\AppData\Roaming\Microsoft\Credentials 2023-06-05 08:58 - 2019-03-04 17:40 - 000000000 ____D C:\Program Files (x86)\Google 2023-06-05 08:22 - 2022-09-30 15:01 - 001790242 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-06-05 08:22 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2023-06-05 08:17 - 2019-03-07 09:08 - 000000000 ____D C:\Program Files\CCleaner 2023-06-05 08:16 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2023-06-05 08:16 - 2020-07-20 10:08 - 000000000 ____D C:\Users\nursi\AppData\Roaming\Microsoft\Skype for Desktop 2023-06-05 08:16 - 2019-03-04 17:35 - 000000000 ___RD C:\Users\nursi\OneDrive 2023-06-05 08:15 - 2022-09-30 15:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-06-05 08:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState 2023-06-05 08:15 - 2021-03-08 10:29 - 000012288 ___SH C:\DumpStack.log.tmp 2023-06-05 08:14 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2023-06-05 08:10 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-06-05 08:00 - 2020-06-08 08:45 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-06-05 07:59 - 2022-09-30 14:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-06-02 10:35 - 2019-03-04 18:53 - 000000000 ____D C:\Users\nursi\AppData\Local\CrashDumps 2023-06-02 09:54 - 2019-09-12 14:44 - 000000000 ____D C:\Users\nursi\AppData\Local\Luxion 2023-06-02 09:43 - 2022-09-21 08:03 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-06-02 09:11 - 2019-09-12 14:44 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\KeyShot 8 2023-06-02 07:52 - 2021-02-02 09:14 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2023-06-02 07:52 - 2019-03-04 17:42 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-06-01 18:03 - 2019-03-18 15:37 - 000000000 ____D C:\Users\nursi\AppData\Local\JDownloader 2.0 2023-06-01 17:09 - 2019-03-11 10:15 - 000000000 ____D C:\Users\nursi\OneDrive\Documentos\Corel 2023-06-01 17:02 - 2022-01-03 14:58 - 000000000 ____D C:\Users\nursi\AppData\Local\CHITUBOX_Thumbnail 2023-06-01 07:51 - 2019-04-04 13:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-06-01 07:50 - 2022-09-30 15:04 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3848878613-230039650-1154610324-1001 2023-06-01 07:50 - 2022-09-30 15:04 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3848878613-230039650-1154610324-1001 2023-06-01 07:50 - 2021-03-08 09:56 - 000002482 _____ C:\Users\nursi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-05-29 07:51 - 2020-07-20 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2023-05-26 07:55 - 2020-11-16 15:29 - 000000000 ____D C:\Users\nursi\AppData\Local\Messenger 2023-05-25 16:04 - 2021-12-28 11:31 - 000000000 ____D C:\Users\nursi\AppData\Local\TvVodafone-data 2023-05-23 10:20 - 2019-03-04 18:35 - 000000000 ____D C:\ProgramData\Packages 2023-05-23 10:20 - 2019-03-04 17:51 - 000000000 ____D C:\Users\nursi\AppData\Local\PlaceholderTileLogoFolder 2023-05-23 10:20 - 2019-03-04 17:33 - 000000000 ____D C:\Users\nursi\AppData\Local\Packages 2023-05-22 07:53 - 2022-09-30 15:04 - 000003824 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2023-05-22 07:53 - 2022-09-30 15:04 - 000003700 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2023-05-19 08:10 - 2022-09-30 15:04 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2023-05-19 08:10 - 2022-09-30 15:04 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-05-11 18:03 - 2022-09-30 15:04 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-05-11 18:03 - 2022-09-30 15:04 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-05-11 08:03 - 2022-10-13 11:39 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-05-11 08:03 - 2022-09-30 15:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-05-10 11:14 - 2022-09-30 14:59 - 000535000 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-05-10 11:13 - 2022-05-07 11:30 - 000000000 ____D C:\WINDOWS\SysWOW64\pt 2023-05-10 11:13 - 2022-05-07 11:30 - 000000000 ____D C:\WINDOWS\system32\pt 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-05-10 11:13 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-05-10 09:03 - 2019-03-04 18:04 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-05-10 09:01 - 2019-03-04 18:04 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-05-10 09:00 - 2022-05-07 11:41 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2023-05-10 09:00 - 2022-05-07 11:41 - 000023775 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2023-05-10 09:00 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-05-10 08:58 - 2022-09-30 14:59 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll ==================== Arquivos na raiz de alguns diretórios ======== 2023-04-04 14:21 - 2021-08-04 11:56 - 000000576 _____ () C:\Users\nursi\AppData\Roaming\DeskProto.xml ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================