Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-05-2023
Executado por colombo (administrador) em MULTIMARCA (Dell Inc. Inspiron 3421) (07-06-2023 09:25:10)
Executando a partir de C:\Users\colombo\Desktop\FRST64.exe
Perfis Carregados: colombo
Plataforma: Microsoft Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Navegador padrão: "C:\Users\colombo\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(C:\Users\colombo\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastNM.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Users\colombo\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe <14>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Firebird Project) [Arquivo não assinado] C:\Program Files\Firebird\Firebird_3_0\fbguard.exe
(services.exe ->) (Firebird Project) [Arquivo não assinado] C:\Program Files\Firebird\Firebird_3_0\firebird.exe
(services.exe ->) (GAS INFORMATICA LTDA -> GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe <2>
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102832 2021-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2021-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [764544 2012-08-31] (Qualcomm Atheros -> Qualcomm Atheros) [Arquivo não assinado]
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-08-31] (Qualcomm Atheros -> Atheros Communications) [Arquivo não assinado]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917688 2012-09-08] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [DellWPF] => C:\Program Files\Synaptics\SynTP\DellTouchpad.exe [4875576 2012-09-08] (Synaptics Incorporated -> )
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [CertificateRegistration] => C:\windows\system32\aetcrss1.exe [25600 2013-03-04] (A.E.T. Europe B.V.) [Arquivo não assinado]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2021-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-05-31] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Nenhum Arquivo)
HKLM-x32\...\Run: [BackUp] => c:\windel\backup.exe [4641280 2018-03-20] () [Arquivo não assinado]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe --startup_mode (Nenhum Arquivo)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe --startup_mode (Nenhum Arquivo)
HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Run: [] => [X]
HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40454048 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Run: [Microsoft Edge Update] => C:\Users\colombo\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\MicrosoftEdgeUpdateCore.exe [263640 2023-05-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Run: [vmnat.exe] => C:\Users\colombo\AppData\Roaming\Windows\Aplicação Segura\vmnat.exe [428272 2022-07-10] (VMware, Inc. -> VMware, Inc.)
HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Run: [MicrosoftEdgeAutoLaunch_93E5E7AF74DA08E30299FF7F8C0977D4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188560 2023-04-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Run: [Avast Browser] => C:\Users\colombo\AppData\Local\AVAST Software\Browser\Update\1.8.1631.4\AvastBrowserUpdateCore.exe [507752 2023-05-31] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Run: [AvastBrowserAutoLaunch_54E4480883A83850CB0582C7E5AD9DBF] => C:\Users\colombo\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe [3257832 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Winlogon: [Shell] C:\windows\explorer.exe [2755504 2016-08-27] (Microsoft Windows -> Microsoft Corporation) <==== ATENÇÃO
HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\ssText3d.scr [217088 2014-11-22] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2617833196-3362905494-1449499872-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe --startup_mode (Nenhum Arquivo)
HKU\S-1-5-21-2617833196-3362905494-1449499872-500\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe --startup_mode (Nenhum Arquivo)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc -> Autodesk, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\75.0.2.0\GoogleDriveFS.exe --startup_mode (Nenhum Arquivo)
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpfpp083: C:\Windows\System32\spool\prtprocs\x64\hpfpp083.dll [254464 2008-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\ssa7mPC: C:\Windows\System32\spool\prtprocs\x64\ssa7mpc.dll [52248 2016-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Advanced TCP/IP Port Monitor: C:\windows\system32\mvtcpmon.dll [541184 2009-06-25] (Marvell Semiconductor, Inc.) [Arquivo não assinado]
HKLM\...\Print\Monitors\HP1100LM: C:\windows\system32\HP1100LM.DLL [288768 2012-08-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\hpf3l083.dll: C:\windows\system32\hpf3l083.dll [134144 2008-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\pdfcmon: C:\windows\system32\pdfcmon.dll [116736 2019-08-02] (pdfforge GmbH) [Arquivo não assinado]
HKLM\...\Print\Monitors\ssa7m Langmon: C:\windows\system32\ssa7mlm.dll [31256 2016-09-16] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.141\Installer\chrmstp.exe [2023-06-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-12-24] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{07AA0886-CC8D-4e19-A410-1C75AF686E62}] -> C:\Windows\System32\l2nacp.dll [2014-11-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{33c86cd6-705f-4ba1-9adb-67070b837775}] -> C:\Windows\System32\l2nacp.dll [2014-11-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-08-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Arquivo não assinado]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2012-08-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Arquivo não assinado]
HKLM\Software\...\Authentication\Credential Provider Filters: [{edd749de-2ef1-4a80-98d1-81f20e6df58e}] -> C:\Windows\System32\l2nacp.dll [2014-11-22] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-01-31]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-03-16]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Serasa Update.lnk [2018-05-22]
ShortcutTarget: Serasa Update.lnk -> C:\Program Files (x86)\Serasa Experian\Service\eSfUpdateForm.exe (Serasa Experian) [Arquivo não assinado]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {00FDEFA3-3164-452F-97BB-A56A7126DE72} - System32\Tasks\PCDEventLauncherTask => "C:\Program Files\My Dell\sessionchecker.exe"  (Nenhum Arquivo)
Task: {04D07F54-7A87-4B20-A70D-06065DCA60E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe  /send (Nenhum Arquivo)
Task: {0A3BA289-BD7F-4E78-95AB-9CE3ECBF0BDB} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2917688 ] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {0D7B1C31-D14F-4161-815A-030B4A6BC881} - System32\Tasks\{3EE14225-E617-4BD2-9F41-6EB2297520AB} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.18.85.112/pt/abandoninstall?page=tsProgressBar
Task: {0EC3EE58-801A-4E72-8ACF-141DD78D3BB8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [677280 2023-05-24] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1704B76B-7EB7-4557-A719-4F970054A2E7} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2617833196-3362905494-1449499872-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-11-22] (Microsoft Windows -> Microsoft)
Task: {1EDBE37B-D814-40E2-853A-EFF232018B07} - System32\Tasks\{7D699C71-0A98-46C0-8CD9-EAF75DE61B85} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.13.0.101/pt/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {23B4BD03-E646-4CBD-9B2C-C7C033A95722} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2617833196-3362905494-1449499872-1001Core => C:\Users\colombo\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {254745B9-59C7-4CF2-9DCC-6A36666685CD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-16] (Adobe Inc. -> Adobe)
Task: {359D9BCC-440B-402B-965C-CD44D788544C} - System32\Tasks\{441CB40E-EDC0-495F-9235-49DF984FE209} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.18.85.112/pt/abandoninstall?page=tsProgressBar
Task: {38997CA1-BF29-4EB2-BE74-209177B5205D} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {3A077856-2ED8-43BF-91EE-ECD9E445DB0F} - System32\Tasks\{5E522E74-F3D7-4400-9CDD-A6E2072073E2} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.18.85.112/pt/abandoninstall?page=tsProgressBar
Task: {441F36B9-52FC-486E-8C6D-6807A1D89308} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {4973187A-C77D-4B4C-A630-65E0B6B55098} - System32\Tasks\{8493F36D-FAA9-460B-8223-F90737E713C5} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.13.0.101/pt/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {4A82506C-6529-4A37-B8C4-28B7767EFE90} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-16] (Adobe Inc. -> Adobe)
Task: {4C0493EB-5521-4D71-AF9C-2FDF37A80A31} - System32\Tasks\{0B39D2CF-56C7-4CA6-A04B-003559AF64CF} => C:\WINDOWS\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\colombo\Desktop\BBCobranca.exe -d C:\Users\colombo\Desktop
Task: {4CEA0FB5-D88F-43A7-8727-5E4CA0391E97} - System32\Tasks\{3FFFF167-C2CD-48F2-912A-CEFB573B8DFF} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.13.0.101/pt/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {4D25B583-E2BA-4FD4-870A-3F2F9286B5B7} - System32\Tasks\{CE805909-7865-45AD-BFB0-2C6680BF5F0B} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.13.0.101/pt/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {4F1933E7-5484-4993-A558-484EA01B089F} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-2617833196-3362905494-1449499872-1001Core => C:\Users\colombo\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-05-31] (Avast Software s.r.o. -> AVAST Software)
Task: {55FD9A13-A1B5-48CF-8E0F-28C20F63BE26} - System32\Tasks\CorelUpdateHelperTask-30FF26E9CE185ECAFE7743C2118A6A0C => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {5893101E-F169-4541-BD22-9B9E7442E857} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [6762544 2012-07-09] (Dell Inc. -> Dell, Inc.)
Task: {68C6CAA1-78A6-4A9A-8640-A6216F0CB7B7} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\windows\TEMP\is-GQRPA.tmp\corefixer.exe  /norerun (Nenhum Arquivo) <==== ATENÇÃO
Task: {6F499521-3F71-4F68-894D-221ADDC8FC87} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {77E57733-A380-4C54-A139-9F3FA859926F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {7B2A811C-E680-4CD8-9AAC-F4951294F3D7} - System32\Tasks\{A037E845-C621-43C2-9049-BDF210AA8A7C} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.13.0.101/pt/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {7E57D52B-4501-45F6-B859-DD4ECCA7E020} - System32\Tasks\{CA58C343-467D-4636-B4B7-DEDBE5292493} => C:\WINDOWS\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe" -c /Uninstall file:///C:/Program%20Files%20(x86)/Dell%20Wireless/Bluetooth%20Suite/Atheros%20Outlook%20Addin%202010.vsto
Task: {80FB3F77-9754-44EF-8C98-2D6358031CAA} - System32\Tasks\{2152DDD0-7006-4F7D-B477-C9B865481B1E} => C:\WINDOWS\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\colombo\Desktop\BBCobranca.exe -d C:\Users\colombo\Desktop
Task: {84DA3EDF-3085-435B-9A83-263229578250} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {870E9452-9546-463B-B2C3-443183CE8133} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "89d98741-1c30-4afd-a2e3-416cb07a4c0c" --version "6.12.10490" --silent
Task: {8C7A8E27-BB2D-49A6-B002-898DA12CF6EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {8DE99275-B927-44D7-BFD5-8008CA6ECB10} - System32\Tasks\{94D79011-53C7-4587-A3E7-6D00552DF649} => C:\WINDOWS\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\colombo\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=smt
Task: {8E867BA7-93E2-4809-8D6D-AE1BA7686DFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-20] (Google Inc -> Google Inc.)
Task: {8FE9E45E-619E-4CE3-B8CA-EDF22F766CBC} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4885400 2023-05-31] (Avast Software s.r.o. -> AVAST Software)
Task: {9774CF0D-21AB-4CA5-A66F-7F71A699C5A6} - System32\Tasks\CCleanerSkipUAC - colombo => C:\Program Files\CCleaner\CCleaner.exe [34264480 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9A36A386-F7B4-4A38-B2F9-949C0AC318EA} - System32\Tasks\{6934CC76-1768-4E9A-9D46-9706E3404B75} => C:\WINDOWS\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\HP\Digital Imaging\{82D96D11-AF74-4449-8811-4D6CE66FEF63}\setup\hpzscr40.exe" -c -datfile hposcr37.dat -onestop -forcereboot
Task: {A2FD8FF9-6427-4A3E-9272-6C2FEB6B7638} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {A4725FEF-FAD3-4749-BF0F-DD074A8F2AF3} - System32\Tasks\AvastUpdateTaskUserS-1-5-21-2617833196-3362905494-1449499872-1001UA => C:\Users\colombo\AppData\Local\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-05-31] (Avast Software s.r.o. -> AVAST Software)
Task: {A6F8DD61-F583-4159-97D6-190C51009744} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {A848B157-9703-4110-8043-36BF72CCD52D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {AEDE40D6-8BF1-4CB3-B45D-1527361FC525} - System32\Tasks\{CBD3A2CD-A00D-485F-8605-CA3CAB3F56BE} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.18.85.112/pt/abandoninstall?page=tsProgressBar
Task: {B52FCD82-9E69-48AC-9E91-EF0DC6414E48} - System32\Tasks\{26280222-B33D-4C5B-85A3-86A69AC92211} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.18.85.112/pt/abandoninstall?page=tsProgressBar
Task: {B83EEBBB-0E67-4D75-9023-BC5A331FF043} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2135448 2023-05-31] (Avast Software s.r.o. -> Avast Software)
Task: {C041BA36-08D8-42F1-95EA-51136328CD19} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-2617833196-3362905494-1449499872-1001 => C:\Users\colombo\AppData\Local\AVAST Software\Browser\Application\AvastBrowser.exe [3257832 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {C4DBBF1C-A622-410C-B53F-E96395A354F5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {C8A17EA2-97A2-4CBB-BAC9-C3B1E46059D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe  /f (Nenhum Arquivo)
Task: {CE8F8001-9CEB-46DA-BF8C-2B552A690533} - System32\Tasks\{30989543-7366-4E38-B2D1-9F8B035CF684} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.13.0.101/pt/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {E03990A3-8750-42F3-9FFE-335F41B25D11} - System32\Tasks\{BEF46480-0F4D-49A1-B7D4-DE61FE8F0154} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.13.0.101/pt/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {EF036C26-DEEA-44CB-97F2-97502D610D62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-05-20] (Google Inc -> Google Inc.)
Task: {F10762FD-8AE0-4866-B2D1-D8FB8F361C30} - System32\Tasks\{554ABDF1-C679-43EF-BAF3-D24C3C33A889} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.13.0.101/pt/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {F3E92E56-3ED6-4BD1-A035-2D415533F7DD} - System32\Tasks\{844D6326-7910-44AE-8EAB-4FBFC50E8379} => "c:\program files (x86)\mozilla firefox\firefox.exe"  -> hxxp://ui.skype.com/ui/0/7.18.85.112/pt/abandoninstall?page=tsProgressBar
Task: {FAF5CE85-AA36-41C3-A365-F86F0DFF10C2} - System32\Tasks\SystemToolsDailyTest => "uaclauncher.exe"  -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently (Nenhum Arquivo)
Task: {FFE937E4-E6A3-4777-B3B8-39391D0AB450} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2617833196-3362905494-1449499872-1001UA => C:\Users\colombo\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-07-06] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\windows\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATENÇÃO (Restrição - Zones)
Tcpip\Parameters: [DhcpNameServer] 181.213.132.2 181.213.132.3
Tcpip\..\Interfaces\{33D953CE-B15D-4712-91BF-5CD5A343A83A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{3CB7ADA6-1EB3-465C-82D2-34513BC16223}: [DhcpNameServer] 181.213.132.2 181.213.132.3
Tcpip\..\Interfaces\{CFB6F68E-C9DF-48B2-945C-53F20FC81D9A}: [DhcpNameServer] 187.63.183.3 187.63.167.3

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\colombo\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-07]
Edge DownloadDir: Default -> C:\Users\colombo\Downloads
Edge HomePage: Default -> hxxp://www.google.com/
Edge Extension: (Assinatura digital) - C:\Users\colombo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlihldkpooaidnkjckkkehahkbhbmign [2023-05-24]
Edge Extension: (Edge relevant text changes) - C:\Users\colombo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-29]
Edge Extension: (Web PKI) - C:\Users\colombo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nedeegdmhlnmboboahchfpkmdnnemapd [2023-05-24]
Edge Extension: (Serasa Experian - Certificado Digital) - C:\Users\colombo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\njcdgcofcbnlbpkpdhmlmiblaglnkpnj [2021-03-17]
Edge Extension: (Trend Micro Security) - C:\Users\colombo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\plenenahmcbmckcigmnfohjdajncaakd [2023-05-24]

FireFox:
========
FF DefaultProfile: 6nm15t8p.default-1560880648572
FF ProfilePath: C:\Users\colombo\AppData\Roaming\Mozilla\Firefox\Profiles\kvvhev3a.default-release-1602855607879 [2023-06-07]
FF DownloadDir: C:\Users\colombo\Desktop
FF Extension: (Web PKI) - C:\Users\colombo\AppData\Roaming\Mozilla\Firefox\Profiles\kvvhev3a.default-release-1602855607879\Extensions\webpki-beta@lacunasoftware.com.xpi [2022-07-25] [UpdateUrl:hxxps://get.webpkiplugin.com/firefox-extensions]
FF ProfilePath: C:\Users\colombo\AppData\Roaming\Mozilla\Firefox\Profiles\6nm15t8p.default-1560880648572 [2023-06-07]
FF Extension: (Avast Online Security) - C:\Users\colombo\AppData\Roaming\Mozilla\Firefox\Profiles\6nm15t8p.default-1560880648572\Extensions\wrc@avast.com.xpi [2019-07-18]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => não encontrado (a)
FF HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\colombo\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => não encontrado (a)
FF HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\colombo\AppData\Local\GAS Tecnologia\GBBD\bb\xpi => não encontrado (a)
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-10-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-10-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Nenhum Arquivo]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Nenhum Arquivo]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2021-11-18] (Sun Microsystems, Inc.) [Arquivo não assinado]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Nenhum Arquivo]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-09-17] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2617833196-3362905494-1449499872-1001: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\colombo\AppData\Local\AVAST Software\Browser\Update\1.8.1631.4\npAvastBrowserUpdate3.dll [2023-05-31] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-2617833196-3362905494-1449499872-1001: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\colombo\AppData\Local\AVAST Software\Browser\Update\1.8.1631.4\npAvastBrowserUpdate3.dll [2023-05-31] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-2617833196-3362905494-1449499872-1001: gastecnologia.com.br/sf/bb64 -> C:\Users\colombo\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-2617833196-3362905494-1449499872-1001: gastecnologia.com.br/sf/cef64 -> C:\Users\colombo\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [Nenhum Arquivo]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2023-06-07]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2019-10-04]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default [2023-06-07]
CHR DownloadDir: C:\Users\colombo\Desktop
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Kriptonita Validação de assinaturas) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaofigjbabehheajkgnkbmeihnnhfjj [2023-02-10]
CHR Extension: (Fast Delete Messages) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahhjpmdnfhfkgldefihhcgkaalllbld [2022-10-14]
CHR Extension: (Web PKI) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcngeagmmhegagicpcmpinaoklddcgon [2022-06-20]
CHR Extension: (Kriptonita Zip) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbefajnakmfifehnaneljnhojeijccna [2023-02-10]
CHR Extension: (IE Tab) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2023-05-09]
CHR Extension: (GBBD Banco do Brasil) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkafhcogdnfhkmiepeebkkdbdphnjfll [2016-07-29]
CHR Extension: (Assinatura digital) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlihldkpooaidnkjckkkehahkbhbmign [2023-01-03]
CHR Extension: (Kriptonita Assinatura Digital) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkoineenohoofaigpoafaadfigmabld [2023-02-10]
CHR Extension: (Kriptonita Emissão) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcopjikfdpjdhmjkjgolonjhffjlldlc [2023-02-10]
CHR Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-18]
CHR Extension: (Serasa Experian - Certificado Digital) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\njcdgcofcbnlbpkpdhmlmiblaglnkpnj [2019-11-06]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Assina RBMWEB) - C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppkaacijmboifmkoaoocpokmfhfjlane [2022-08-05]
CHR Profile: C:\Users\colombo\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-07]
CHR Profile: C:\Users\colombo\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-07]
CHR HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [akaofigjbabehheajkgnkbmeihnnhfjj]
CHR HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fbefajnakmfifehnaneljnhojeijccna]
CHR HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kfkoineenohoofaigpoafaadfigmabld]
CHR HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lcopjikfdpjdhmjkjgolonjhffjlldlc]
CHR HKU\S-1-5-21-2617833196-3362905494-1449499872-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk, Inc -> Autodesk Inc.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-16] (Adobe Inc. -> Adobe)
S4 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
S4 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [391032 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S4 AMSPTLM; C:\Program Files\Trend Micro\AMSP\AMSPTelemetryService.exe [250136 2020-12-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-15] (philandro Software GmbH -> AnyDesk Software GmbH)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8826776 2023-05-31] (Avast Software s.r.o. -> AVAST Software)
S4 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [Arquivo não assinado]
S4 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [582552 2023-05-31] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [583576 2023-05-31] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-05-31] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063840 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_3_0\fbguard.exe [282624 2018-02-02] (Firebird Project) [Arquivo não assinado]
R2 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_3_0\firebird.exe [824320 2018-02-02] (Firebird Project) [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-08-23] (GAS INFORMATICA LTDA -> GAS Tecnologia)
S4 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Arquivo não assinado]
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [126880 2012-09-26] (Hewlett-Packard Company -> HP)
S4 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Arquivo não assinado]
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-08] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
S2 KMService; C:\WINDOWS\SysWOW64\srvany.exe [8192 2015-03-12] () [Arquivo não assinado]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit Information Technology -> IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9255384 2023-06-01] (Malwarebytes Inc. -> Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43130032 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S4 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (pdfforge GmbH -> Â© pdfforge GmbH.)
S4 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579240 2019-07-11] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [836904 2019-07-11] (pdfforge GmbH -> pdfforge GmbH)
S4 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1825576 2019-07-11] (pdfforge GmbH -> pdfforge GmbH)
S4 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1141680 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
S2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 SerasaUpdate; C:\Program Files (x86)\Serasa Experian\Service\SerasaUpdate.exe [400384 2016-12-09] (Serasa Experian) [Arquivo não assinado]
S4 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (Dell Inc. -> SoftThinks SAS)
S4 SQLAgent$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [381104 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13257000 2021-07-01] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1012024 2023-01-13] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
S4 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-08-30] (Atheros) [Arquivo não assinado]
S4 DellDigitalDelivery; "c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" [X]
S4 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S2 MSMQSVC; C:\WINDOWS\system32\mqsv32.exe [X]

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 A38CCID; C:\windows\system32\DRIVERS\a38ccid.sys [78344 2017-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Card Systems Ltd.)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [31376 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [236448 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [392320 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [297832 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [95912 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [39600 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [271504 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\windows\System32\drivers\aswNetHub.sys [556064 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [105248 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [80376 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [943456 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [703800 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [212680 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [319560 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 BthMtpEnum; C:\windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
S3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30352 2015-03-12] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [158640 2023-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S1 gbpddfac; C:\windows\System32\drivers\gbpddfac64.sys [28888 2018-04-21] (GAS INFORMATICA LTDA -> GAS Tecnologia)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [223176 2023-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [199640 2023-06-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [77752 2023-06-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [239544 2023-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [181984 2023-06-07] (Malwarebytes Inc. -> Malwarebytes)
S3 mfencbdc; C:\windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc. -> McAfee, Inc.)
S3 mfencrk; C:\windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc. -> McAfee, Inc.)
S3 mvusbews; C:\windows\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R2 npf; C:\windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R2 npf; C:\Windows\SysWOW64\drivers\npf.sys [36600 2019-07-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 rtcrfilt64; C:\windows\System32\DRIVERS\rtcrfilt64.sys [19600 2012-09-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S4 TMEBC; C:\windows\System32\DRIVERS\TMEBC64.sys [74760 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S4 tmeevw; C:\windows\system32\DRIVERS\tmeevw.sys [147672 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S0 tmel; C:\windows\System32\DRIVERS\tmel.sys [39872 2021-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Trend Micro Inc.)
R1 tmeyes; C:\windows\system32\DRIVERS\tmeyes.sys [673832 2021-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Trend Micro Inc.)
S4 tmnciesc; C:\windows\system32\DRIVERS\tmnciesc.sys [562296 2020-07-29] (Trend Micro, Inc. -> Trend Micro Inc.)
S4 tmumh; C:\windows\system32\DRIVERS\TMUMH.sys [161280 2021-03-15] (Trend Micro, Inc. -> Trend Micro Inc.)
S4 tmusa; C:\windows\system32\DRIVERS\tmusa.sys [137112 2020-07-29] (Trend Micro, Inc. -> Trend Micro, Inc.)
S3 vcom_service; C:\windows\System32\Drivers\posvcom.sys [76600 2015-10-26] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R1 Win10Pcap; C:\windows\system32\DRIVERS\Win10Pcap.sys [41584 2015-10-08] (SoftEther Corporation -> Daiyuu Nobori, University of Tsukuba, Japan)
R1 wsddfac; C:\windows\System32\drivers\wsddfac.sys [55496 2023-06-07] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddntf; C:\windows\system32\DRIVERS\wsddntf.sys [51160 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S1 wsddpp; C:\windows\system32\drivers\wsddpp.sys [34768 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R3 wsddprm; C:\windows\system32\drivers\wsddprm.sys [33728 2021-02-10] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 GBPRCM; \??\C:\Program Files (x86)\GbPlugin\gbprcm64.sys [X]
U2 TMAgent; não ImagePath
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-06-07 09:25 - 2023-06-07 09:26 - 000050933 _____ C:\Users\colombo\Desktop\FRST.txt
2023-06-07 09:24 - 2023-06-07 09:24 - 000005432 _____ C:\Users\colombo\Desktop\AdwCleaner[C01].txt
2023-06-07 09:21 - 2023-06-07 09:21 - 000247398 _____ C:\Users\colombo\Desktop\RGE JOSINO.pdf
2023-06-07 09:21 - 2023-06-07 09:21 - 000122437 _____ C:\Users\colombo\Desktop\boletoitau_7656322_2023-06-07-33642.pdf
2023-06-07 09:19 - 2023-06-07 09:19 - 000047303 _____ C:\Users\colombo\Downloads\Segunda_Via_Resumida_2023_5_0184250005.pdf
2023-06-07 09:06 - 2023-06-07 09:06 - 000181984 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2023-06-07 06:51 - 2023-06-07 06:51 - 000059868 _____ C:\Users\colombo\Downloads\CC2751.pdf
2023-06-06 07:06 - 2023-06-06 07:06 - 000161732 _____ C:\Users\colombo\Downloads\FATURA-JUNHO-2023-298162594.pdf
2023-06-06 07:06 - 2023-06-06 07:06 - 000161732 _____ C:\Users\colombo\Downloads\FATURA-JUNHO-2023-298162594 (1).pdf
2023-06-06 07:06 - 2023-06-06 07:06 - 000040455 _____ C:\Users\colombo\Downloads\43230634833588000186550010000027511330831682.pdf
2023-06-01 09:03 - 2023-06-01 09:02 - 002383360 _____ (Farbar) C:\Users\colombo\Desktop\FRST64.exe
2023-06-01 09:03 - 2023-06-01 08:59 - 008791352 _____ (Malwarebytes) C:\Users\colombo\Desktop\adwcleaner.exe
2023-06-01 09:02 - 2023-06-07 09:25 - 000000000 ___DC C:\FRST
2023-06-01 08:59 - 2023-06-01 09:00 - 000000000 ___DC C:\AdwCleaner
2023-06-01 08:17 - 2023-06-01 08:17 - 000000000 ____D C:\Users\colombo\AppData\Local\mbam
2023-06-01 08:16 - 2023-06-07 09:06 - 000000000 ____D C:\Users\colombo\AppData\Local\Malwarebytes
2023-06-01 08:16 - 2023-06-01 08:16 - 000001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-06-01 08:14 - 2023-06-01 08:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-06-01 08:14 - 2023-06-01 08:14 - 000000000 ____D C:\Program Files\Malwarebytes
2023-06-01 07:40 - 2023-06-01 07:40 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-31 15:19 - 2023-05-31 15:19 - 000003878 _____ C:\windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) S-1-5-21-2617833196-3362905494-1449499872-1001
2023-05-31 15:19 - 2023-05-31 15:19 - 000002686 _____ C:\Users\colombo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-05-31 15:16 - 2023-05-31 15:16 - 000003724 _____ C:\windows\system32\Tasks\AvastUpdateTaskUserS-1-5-21-2617833196-3362905494-1449499872-1001UA
2023-05-31 15:16 - 2023-05-31 15:16 - 000003452 _____ C:\windows\system32\Tasks\AvastUpdateTaskUserS-1-5-21-2617833196-3362905494-1449499872-1001Core
2023-05-31 15:07 - 2023-05-31 15:07 - 000002027 _____ C:\Users\colombo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avast Antivirus.lnk
2023-05-31 14:52 - 2023-05-31 14:52 - 000015940 _____ C:\Users\colombo\Desktop\BoletoBradesco_31052023_145143.pdf
2023-05-31 14:22 - 2023-05-31 14:22 - 000000000 ____D C:\Users\colombo\AppData\Roaming\Avast Software
2023-05-31 14:22 - 2023-05-31 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2023-05-31 14:19 - 2023-06-07 06:50 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2023-05-31 14:19 - 2023-06-01 11:16 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2023-05-31 14:18 - 2023-05-31 14:18 - 000313240 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2023-05-31 14:18 - 2023-05-31 14:18 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-05-31 14:16 - 2023-05-31 14:16 - 000000000 ____D C:\Program Files\Avast Software
2023-05-31 13:32 - 2023-05-31 13:32 - 000215562 _____ C:\Users\colombo\Desktop\410061_Viga perfi U braco movel.dwg
2023-05-31 13:32 - 2023-05-31 13:32 - 000000212 ____H C:\Users\colombo\Desktop\410061_Viga perfi U braco movel.dwl2
2023-05-31 13:32 - 2023-05-31 13:32 - 000000062 ____H C:\Users\colombo\Desktop\410061_Viga perfi U braco movel.dwl
2023-05-31 13:28 - 2023-05-31 13:28 - 000006280 _____ C:\Users\colombo\Desktop\410061_Viga perfi U braco movel.pdf
2023-05-25 16:25 - 2023-05-25 16:25 - 000001198 _____ C:\Users\colombo\Desktop\Comprovante_25-05-2023_162404.pdf
2023-05-25 16:18 - 2023-05-25 16:18 - 000021985 _____ C:\Users\colombo\Desktop\boletoClaro_149038924.pdf
2023-05-25 15:39 - 2023-05-25 15:39 - 003684651 _____ C:\Users\colombo\Desktop\ALUGUEL 05_2023.pdf
2023-05-25 10:46 - 2023-05-25 11:09 - 000000000 ____D C:\Users\colombo\Downloads\Roots (2016) Season 1 S01 (1080p BluRay x265 HEVC 10bit EAC3 5.1 t3nzin)
2023-05-25 10:09 - 2023-05-25 10:40 - 000000000 ____D C:\Users\colombo\Downloads\[DMCALOL] Digital Juice - BackTraxx Music Libraries
2023-05-25 09:53 - 2023-06-01 08:58 - 000000000 ____D C:\Users\colombo\Downloads\Dances with Wolves (1990) [1080p]
2023-05-24 10:12 - 2023-05-24 10:19 - 000000000 ____D C:\Users\colombo\Downloads\Dungeons.and.Dragons.Honor.Among.Thieves.2023.1080p.AMZN.WEBRip.1600MB.DD5.1.x264-GalaxyRG[TGx]
2023-05-24 07:15 - 2023-06-07 09:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-05-23 09:11 - 2023-05-23 09:12 - 006324039 _____ C:\Users\colombo\Desktop\Catálogo de tubos - 2023.pdf
2023-05-19 07:40 - 2023-05-22 14:55 - 000014422 _____ C:\Users\colombo\Desktop\módulos atualizados.xlsx
2023-05-17 09:02 - 2023-05-31 10:13 - 000000866 _____ C:\Users\colombo\Desktop\WizTree.lnk
2023-05-17 09:02 - 2023-05-17 09:02 - 000000000 ____D C:\Users\colombo\AppData\Roaming\WizTree3
2023-05-17 09:02 - 2023-05-17 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WizTree
2023-05-17 09:02 - 2023-05-17 09:02 - 000000000 ____D C:\Program Files\WizTree
2023-05-16 15:55 - 2023-05-25 09:20 - 000000000 ____D C:\Users\colombo\Desktop\MAIO 2023
2023-05-08 09:32 - 2023-05-08 09:32 - 000000165 ____H C:\Users\colombo\Desktop\~$HB TRANSPORTES 05.05.23.xlsx

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-06-07 09:24 - 2023-04-05 16:29 - 000055496 _____ (Topaz OFD) C:\windows\system32\Drivers\wsddfac.sys
2023-06-07 09:24 - 2017-06-29 07:31 - 000000000 ____D C:\Users\colombo\AppData\Roaming\Hewlett-Packard
2023-06-07 09:24 - 2016-07-27 14:24 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2023-06-07 09:24 - 2016-07-25 14:23 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2023-06-07 09:24 - 2013-08-03 00:17 - 000000000 ____D C:\Program Files\Dell
2023-06-07 09:24 - 2013-08-03 00:11 - 000000000 ____D C:\ProgramData\Dell
2023-06-07 09:19 - 2014-11-21 23:44 - 001987732 _____ C:\windows\system32\PerfStringBackup.INI
2023-06-07 09:19 - 2014-11-21 22:52 - 000839236 _____ C:\windows\system32\prfh0416.dat
2023-06-07 09:19 - 2014-11-21 22:52 - 000182548 _____ C:\windows\system32\prfc0416.dat
2023-06-07 09:19 - 2013-08-22 10:36 - 000000000 ____D C:\windows\Inf
2023-06-07 09:16 - 2015-03-13 11:11 - 000000000 ____D C:\Program Files\CCleaner
2023-06-07 09:16 - 2015-03-11 09:20 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-07 09:13 - 2016-01-29 08:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-06-07 09:13 - 2015-03-11 10:07 - 000000000 ____D C:\Users\colombo\AppData\Local\CrashDumps
2023-06-07 09:05 - 2019-03-20 08:52 - 000000000 ____D C:\ProgramData\AVAST Software
2023-06-07 09:05 - 2017-06-20 07:33 - 000000000 ___RD C:\Users\colombo\OneDrive
2023-06-07 09:04 - 2013-08-22 11:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2023-06-07 06:54 - 2021-01-29 15:21 - 000003958 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{7625E4E3-9AC3-4501-975B-86C109E5C278}
2023-06-06 07:08 - 2022-09-29 07:08 - 000000760 _____ C:\windows\Tasks\CCleanerCrashReporting.job
2023-06-06 07:03 - 2015-03-18 10:28 - 000000000 ____D C:\Users\colombo\AppData\Roaming\Microsoft\Word
2023-06-06 07:01 - 2020-09-25 14:21 - 018250240 ___SH C:\Users\colombo\Desktop\Thumbs.db
2023-06-01 11:34 - 2019-03-20 07:56 - 000000000 ____D C:\Users\colombo\AppData\Roaming\vlc
2023-06-01 11:16 - 2022-09-29 07:08 - 000003340 _____ C:\windows\system32\Tasks\CCleanerCrashReporting
2023-06-01 11:16 - 2022-07-06 11:12 - 000003756 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2617833196-3362905494-1449499872-1001UA
2023-06-01 11:16 - 2022-07-06 11:12 - 000003692 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2617833196-3362905494-1449499872-1001Core
2023-06-01 11:16 - 2021-10-05 16:34 - 000002816 _____ C:\windows\system32\Tasks\CCleanerSkipUAC - colombo
2023-06-01 11:16 - 2021-03-17 14:15 - 000003574 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-01 11:16 - 2021-03-17 14:15 - 000003446 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-01 11:16 - 2017-11-07 07:58 - 000002912 _____ C:\windows\system32\Tasks\Rerun Warsaw's CoreFixer
2023-06-01 11:16 - 2017-10-30 06:30 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
2023-06-01 11:16 - 2015-05-20 16:11 - 000003798 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-06-01 11:16 - 2015-05-20 16:11 - 000003670 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-06-01 11:16 - 2015-03-12 16:20 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2023-06-01 10:21 - 2019-03-22 15:23 - 000000000 ____D C:\Users\colombo\AppData\Local\AVAST Software
2023-06-01 09:29 - 2015-03-11 09:18 - 000003600 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2617833196-3362905494-1449499872-1001
2023-06-01 09:00 - 2016-11-25 08:02 - 000000000 ____D C:\Users\colombo\AppData\Roaming\IObit
2023-06-01 09:00 - 2015-03-12 09:27 - 000000000 ____D C:\Users\colombo
2023-06-01 08:44 - 2015-03-17 10:33 - 000000000 ____D C:\Users\colombo\AppData\Roaming\uTorrent
2023-06-01 08:44 - 2014-01-27 16:47 - 000000000 ____D C:\Users\colombo\Documents\UltraPDFMerger
2023-06-01 07:39 - 2020-06-30 07:53 - 000000000 ____D C:\Program Files\Google
2023-05-31 15:15 - 2022-02-10 07:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-31 13:57 - 2016-10-25 09:20 - 000000000 ____D C:\ProgramData\firebird
2023-05-31 13:57 - 2013-08-22 10:25 - 000524288 ___SH C:\windows\system32\config\BBI
2023-05-31 13:38 - 2015-03-12 13:35 - 000000000 ____D C:\Users\colombo\AppData\Roaming\Microsoft\Excel
2023-05-31 10:32 - 2013-08-22 12:36 - 000000000 ____D C:\windows\system32\NDF
2023-05-31 10:06 - 2015-03-24 08:58 - 000000000 ____D C:\windel
2023-05-25 17:07 - 2019-03-17 15:20 - 000000000 ____D C:\Users\colombo\AppData\Local\BitTorrentHelper
2023-05-24 14:39 - 2015-03-23 07:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-24 08:17 - 2021-11-18 07:10 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2023-05-24 08:17 - 2020-05-28 08:15 - 000000950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-23 08:43 - 2013-08-22 12:36 - 000000000 ____D C:\PerfLogs
2023-05-19 06:41 - 2018-07-16 14:07 - 000666872 _____ C:\windows\system32\FNTCACHE.DAT
2023-05-18 15:45 - 2015-05-29 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macromedia
2023-05-18 15:45 - 2015-05-29 14:38 - 000000000 ____D C:\Program Files (x86)\Macromedia
2023-05-18 15:45 - 2015-03-26 10:02 - 000000000 ____D C:\windows\Downloaded Installations
2023-05-18 15:43 - 2023-04-11 09:52 - 000000000 ____D C:\Users\colombo\AppData\Roaming\discord
2023-05-18 15:43 - 2023-04-11 09:52 - 000000000 ____D C:\Users\colombo\AppData\Local\Discord
2023-05-18 15:42 - 2023-01-12 07:24 - 000000000 ____D C:\Users\colombo\AppData\Roaming\BSplayer
2023-05-18 15:42 - 2023-01-12 07:24 - 000000000 ____D C:\Program Files (x86)\Webteh
2023-05-18 15:35 - 2015-03-16 08:49 - 000000000 ____D C:\Outlook
2023-05-18 14:28 - 2015-03-19 11:44 - 000000000 ____D C:\Users\colombo\AppData\Roaming\MPC-HC
2023-05-18 09:42 - 2014-04-24 16:14 - 000000000 ____D C:\FFOutput
2023-05-18 08:21 - 2014-05-22 09:30 - 000000000 ____D C:\Games
2023-05-17 09:23 - 2014-01-03 16:53 - 000000000 ____D C:\Users\colombo\Documents\Arquivos do Outlook
2023-05-17 08:48 - 2013-08-22 12:36 - 000000000 ____D C:\windows\AppReadiness
2023-05-16 14:26 - 2021-09-10 16:26 - 000001872 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-05-16 14:26 - 2021-09-10 16:26 - 000001872 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-05-16 14:26 - 2021-09-10 16:26 - 000001860 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-05-15 09:18 - 2020-10-19 09:32 - 000083968 ___SH C:\Users\colombo\Downloads\Thumbs.db
2023-05-12 08:37 - 2022-10-13 09:23 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-05-10 08:36 - 2015-03-11 12:42 - 000000000 ____D C:\windows\system32\MRT
2023-05-10 08:23 - 2015-03-11 12:42 - 159583304 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2023-05-09 15:43 - 2020-01-31 09:26 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-05-09 07:48 - 2021-01-29 14:47 - 000000000 ____D C:\Users\colombo\AppData\Local\IE Tab

==================== Arquivos na raiz de alguns diretórios ========

2021-01-29 15:22 - 2021-11-18 15:51 - 000057344 _____ (DBA Engenharia de Sistemas) C:\Users\colombo\signver1.dll
2020-09-23 15:21 - 2020-09-22 10:44 - 164631384 _____ () C:\Users\Public\hp_LJP1100_P1560_P1600_Full_Solution-v20180815-50157036.exe
2021-04-13 15:17 - 2021-12-22 17:18 - 000000105 _____ () C:\Users\colombo\AppData\Roaming\Camdata.ini
2021-04-13 15:17 - 2021-12-22 17:18 - 000000408 _____ () C:\Users\colombo\AppData\Roaming\CamLayout.ini
2021-04-13 15:17 - 2021-12-22 17:18 - 000000408 _____ () C:\Users\colombo\AppData\Roaming\CamShapes.ini
2021-04-13 15:17 - 2021-12-22 08:19 - 000004534 _____ () C:\Users\colombo\AppData\Roaming\CamStudio.cfg
2019-09-19 11:28 - 2019-12-06 08:11 - 000000008 _____ () C:\Users\colombo\AppData\Roaming\formProperties.config
2021-06-21 16:57 - 2021-06-21 16:57 - 000099384 _____ () C:\Users\colombo\AppData\Roaming\inst.exe
2021-06-21 16:57 - 2021-06-21 16:57 - 000007859 _____ () C:\Users\colombo\AppData\Roaming\pcouffin.cat
2021-06-21 16:57 - 2021-06-21 16:57 - 000001167 _____ () C:\Users\colombo\AppData\Roaming\pcouffin.inf
2021-06-21 16:57 - 2021-06-21 16:57 - 000000055 _____ () C:\Users\colombo\AppData\Roaming\pcouffin.log
2021-06-21 16:57 - 2021-06-21 16:57 - 000082816 _____ (VSO Software) C:\Users\colombo\AppData\Roaming\pcouffin.sys
2021-04-13 15:16 - 2021-04-16 08:44 - 000000096 _____ () C:\Users\colombo\AppData\Roaming\version2.xml
2019-08-07 09:56 - 2019-09-13 15:11 - 000001057 _____ () C:\Users\colombo\AppData\Roaming\vso_ts_preview.xml
2019-07-26 14:10 - 2019-07-26 14:10 - 000004184 _____ () C:\Users\colombo\AppData\Local\C_Users_colombo_Desktop_SETA.png
2021-03-11 10:22 - 2021-03-11 10:22 - 000000036 _____ () C:\Users\colombo\AppData\Local\housecall.guid.cache
2015-05-29 15:28 - 2015-06-08 12:40 - 000000600 _____ () C:\Users\colombo\AppData\Local\PUTTY.RND
2017-01-09 08:00 - 2017-01-09 08:00 - 000000000 _____ () C:\Users\colombo\AppData\Local\{0222BCC4-B898-423D-87BA-B119F4620EC4}
2017-10-02 07:44 - 2017-10-02 07:44 - 000000000 _____ () C:\Users\colombo\AppData\Local\{04B5D728-425E-4A00-90C1-039DC08A7793}
2019-05-04 16:43 - 2019-05-04 16:43 - 000000000 _____ () C:\Users\colombo\AppData\Local\{5DEE6E80-ED53-42F8-889B-CB03113157BD}
2016-12-20 06:47 - 2016-12-20 06:47 - 000000000 _____ () C:\Users\colombo\AppData\Local\{6695E6A4-84C6-4309-8CB2-FC5D9D10CA4B}

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)


LastRegBack: 2023-05-31 10:04
==================== Fim de FRST.txt ========================