cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 26-01-2022
Executado por Rafael (administrador) em RAFAELPC (Compal NCL60/61) (26-01-2022 09:57:19)
Executando a partir de C:\Users\Rafael\Downloads
Perfis Carregados: Rafael
Plataforma: Microsoft Windows 10 Pro Versão 21H1 19043.1466 (X64) Idioma: Português (Brasil)
Navegador padrão: Chrome
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

() [Arquivo não assinado] C:\Program Files (x86)\REDRAGON M711 Gaming Mouse\hid.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.60.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677688 2021-09-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-10-01] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-01-14] (Adobe Inc. -> )
HKLM-x32\...\Run: [REDRAGON M711 Gaming Mouse] => C:\Program Files (x86)\REDRAGON M711 Gaming Mouse\hid.exe [965120 2019-02-21] () [Arquivo não assinado]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-2960865112-1731992900-3936724381-1000\...\Run: [Discord] => C:\Users\Rafael\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2960865112-1731992900-3936724381-1000\...\Run: [ut] => C:\Users\Rafael\AppData\Roaming\uTorrent\uTorrent.exe [2091560 2021-09-17] (BitTorrent Inc -> BitTorrent Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->

==================== Tarefas Agendadas (Whitelisted) ============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {0371D95A-F9E6-4D9D-A985-C6C5C0BA44EE} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {05FBAE93-DB1B-4DAC-B43C-8AA0A43E33AA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {08128D23-2FF0-4781-BB60-922B984161F0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Nenhum Arquivo)
Task: {0C7C4D18-3CC8-4E0C-8807-467A4E33107D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E071B20-8B7C-437B-ABD6-C76BF4706355} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Nenhum Arquivo)
Task: {0E4AFC7D-ECA6-4BBD-A0BD-711856F3C2B1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F0D76B6-9290-4B5C-82EA-3B7B61D538F4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {14680195-840B-4DAD-B810-B84C0C411EA7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1CF758B8-DCE5-41AE-81FB-F863AADDD93E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {21004B23-1850-4446-AC6D-D90AEB90C8BA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Nenhum Arquivo)
Task: {2591379E-CD31-4EDC-962A-E4096C5C397E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Nenhum Arquivo)
Task: {3B6E5F1A-F275-4A4C-B3C9-54CB80E17C06} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E4A436A-34F5-41B8-A6AF-4EC09D40C2D4} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Nenhum Arquivo)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {4AE3094F-353F-430A-8DA4-A39FFC69A938} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate
Task: {4CF30CAC-1C84-4157-BE57-C54DF38F16B0} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5C0E65D2-6AB3-425F-9B85-51A845105DC6} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Nenhum Arquivo)
Task: {5E12AE3B-BED4-41C0-ADDD-ABAA964EC749} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Nenhum Arquivo)
Task: {6FD50EB5-54EE-4815-AA7A-79A0EA6224E0} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {73208B4B-EE78-4630-A7F3-040EF8AA7EE3} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {887E2F0D-5BAF-4008-B12E-48F2E0B00F9E} - System32\Tasks\update-S-1-5-21-2960865112-1731992900-3936724381-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: )
Task: {89B0F96E-337E-4B7C-B3D8-0292C348EF0C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Nenhum Arquivo)
Task: {8A67AA4E-AE8B-4837-A592-FDB82303E6C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BA8A13D-FDCD-4620-B0C4-2E4C5E954492} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E74DD37-5CD4-4F54-89DC-86A932A3325E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A032E1D9-4225-4A49-9CFB-655ADBC8A914} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Nenhum Arquivo)
Task: {A0A36D40-F02E-42BD-9C2B-E03086B7B718} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Nenhum Arquivo)
Task: {A5B29847-AF4E-4CFE-AD77-DA88D1E0E7CD} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-rafael.olliveira8143@outlook.com.br => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (Nenhum Arquivo)
Task: {A7383D48-8B2C-4210-BBBA-39B0CF6C1F85} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {AB81C9AA-24EE-45B2-94B1-25E2DD37C275} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Nenhum Arquivo)
Task: {ADCCCE49-5FCB-4E6F-80DB-614AB690FE4B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Nenhum Arquivo)
Task: {B0424BC0-D118-4B73-B008-A846A285C240} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Nenhum Arquivo)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B41F1731-8106-4ACE-9CEA-7FDCE9E0DE9D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B59C4956-AAD0-4A16-B328-E46D343F6617} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: )
Task: {BCA9EEB3-77CB-49C5-B33E-12E6BEF490B0} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {BE288507-82EA-4220-8737-281687425F33} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {C5A99C97-5A51-412C-9173-B166DED6219A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-17] (Google LLC -> Google LLC)
Task: {C91DB906-419B-4494-B7E8-D3A62AC12CF7} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Nenhum Arquivo)
Task: {CECE9BE7-F263-48ED-BC8D-73E812E19E8C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Nenhum Arquivo)
Task: {CED56457-4BB3-4C77-8F10-2941A5E84EA4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6FDEB21-D325-4027-AD22-76622F2E54D8} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {D9E2FACB-372F-4FDF-922C-4A8E7270C975} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBB9E752-4CDA-43D4-AF79-6B06E1E44D34} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Nenhum Arquivo)
Task: {DFFA534A-1058-4862-ACA1-35A612868EB2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Nenhum Arquivo)
Task: {E2877F8F-632D-4717-9F5F-A94252377724} - System32\Tasks\{DFA601E9-DCC5-47F6-9FC6-CD5FA8F563AF} => C:\Windows\system32\pcalua.exe -a C:\Users\Rafael\AppData\Local\Temp\Temp1_driver_iwa_3000.zip\driver_iwa_3000\Setup.exe <==== ATENÇÃO
Task: {E48D12DE-8063-4C63-8515-5C55054CE0B7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Nenhum Arquivo)
Task: {EA7E2AD4-ED30-4514-8996-535DCFBA226C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Nenhum Arquivo)
Task: {EC965878-E53A-4ED7-9420-1D7CDC29EB85} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {EE521451-D488-4A72-8840-138B18467E9B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Nenhum Arquivo)
Task: {F06212A3-F951-443F-87F3-6F2B6BD4EB25} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Nenhum Arquivo)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-2960865112-1731992900-3936724381-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9f94746d-3918-4ccc-8956-652499f7bf14}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B681475B-8AA6-460E-A075-826A4F791C63}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rafael\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-21]
Edge HKU\S-1-5-21-2960865112-1731992900-3936724381-1000\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2022-01-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2022-01-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-01-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-01-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default [2022-01-26]
CHR Notifications: Default -> hxxps://www85.nathanaeldan.pro
CHR HomePage: Default -> hxxps://www.baixaki.com.br/
CHR StartupUrls: Default -> "hxxp://websearch.pu-results.info/?pid=724&r=2013/05/10&hid=2827450244&lg=EN&cc=BR","hxxp://br.hao123.com/?tn=bbl_pay_hp_01_hao123_br&babsrc=HP_ss&mntrId=52F600A0C6000000","hxxp://search.babylon.com/?tn=bbl_pay_hp_01_hao123_br&babsrc=HP_ss_din2g&mntrId=52F600A0C6000000","hxxp://search.softonic.com/MOY00015/tb_v1?SearchSource=48&cc=&mi=52f6f849000000000000000000000000","chrome://newtab/?source=home","hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=52F600A0C6000000&affID=122600&tt=160713_9127&tsp=4946","hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=65965155-1116-45fc-a0bc-b86521098309&searchtype=hp&installDate={installDate}","hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=TJ&userid=65965155-1116-45fc-a0bc-b86521098309&searchtype=hp&installDate=09/08/2013","hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=BR&userid=f0a7208c-625e-48f2-8697-0222ffebb5e6&searchtype=hp&installDate={installDate}","hxxp://search.certified-toolbar.com/?si=43168&st=home&tid=4003&ver=3.6&ts=1372470987335&tguid=43168-4003-1372470987335-40F00415C5F95B8BB3FEAC58C04A6F1A","hxxp://www.mystartsearch.com/?type=hp&ts=1428539391&from=slbnew&uid=ST3250310AS_6RYLTMGE","hxxp://www.istartsurf.com/?type=hp&ts=1436396053&z=2fe2ef17d7bcec93040f642g4zcc1qec5tfq6e8zaz&from=cor&uid=ST3250310AS_6RYLTMGE","hxxp://www.istartsurf.com/?type=hppp&ts=1436396110&z=f323b51e77dc24d6c63891egczecbq4c0t2q5g3efg&from=cor&uid=ST3250310AS_6RYLTMGE","hxxp://www.mystartsearch.com/?type=hp&ts=1442349431&z=5598dec56732e2e62a5e12fg9zcz7o1c8z4tbodm2e&from=cmi&uid=WDCXWD1600BEVS-22VAT0_WD-WXC508A5885358853","hxxp://www.istartsurf.com/?type=hp&ts=1442436153&z=746f9ec12eb0a2d32499953g6z0z2o6zdcdw4t6t7g&from=face&uid=WDCXWD1600BEVS-22VAT0_WD-WXC508A5885358853","hxxp://www.mystartsearch.com/?type=hp&ts=1442601632&z=4948f6b4da65e6b0d9ad5e6g2zcz9o6q2edgbz7q8q&from=cmi&uid=WDCXWD1600BEVS-22VAT0_WD-WXC508A5885358853","hxxp://www.mystartsearch.com/?type=hp&ts=1442945356&z=3b471f8ad2e8b4b00701114g9z8z4o1t0z8wbg1m3t&from=cmi&uid=WDCXWD1600BEVS-22VAT0_WD-WXC508A5885358853","hxxp://br.hao123.com/?tn=sdks_inner_hp_09_hao123_br&fr=EUsc4l0yRP999idrAAps6xFMHedVIAm3NQ%3D%3D","hxxp://www.mystartsearch.com/?type=hp&ts=1443039034&z=c0bf6aaee76f9dc528975b2g3z5z6c9ecccb5bfwcz&from=cmi&uid=WDCXWD1600BEVS-22VAT0_WD-WXC508A5885358853","hxxp://www.mystartsearch.com/?type=hp&ts=1443556668&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=cmi&uid=WDCXWD1600BEVS-22VAT0_WD-WXC508A5885358853","hxxp://www.mystartsearch.com/?type=hp&ts=1445287317&z=2ba5083e1ebd53fe1c3c39bg3zbzcwao2bam0e9m3o&from=cmi&uid=WDCXWD1600BEVS-22VAT0_WD-WXC508A5885358853"
CHR Session Restore: Default -> está habilitado.
CHR Extension: (Apresentações) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-17]
CHR Extension: (Just Black) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-09-18]
CHR Extension: (Kaspersky Protection) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-01-25]
CHR Extension: (Documentos) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-17]
CHR Extension: (Google Drive) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-17]
CHR Extension: (Economize! Adrenaline) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkhpibkldkmjjpikipeklkbdamlknnc [2022-01-13]
CHR Extension: (ColorZilla) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2021-09-17]
CHR Extension: (YouTube) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-17]
CHR Extension: (Adblock para o Youtube™) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-01-26]
CHR Extension: (Folhas de cálculo) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-17]
CHR Extension: (Google Docs offline) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-19]
CHR Extension: (Cuponomia - Cupom e Cashback) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidejehfgombmkfflghejpncblgfkagj [2022-01-26]
CHR Extension: (AdBlock – O melhor Bloqueador de Anúncios) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-26]
CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-17]
CHR Extension: (Gmail) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-17]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [184768 2022-01-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2022-01-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 xigncode3_pbbr; C:\Program Files\Common Files\UNCHEATER\xigncode3_pbbr.exe [6650608 2022-01-14] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 cpuz150; C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [44832 2022-01-19] (CPUID S.A.R.L.U. -> CPUID)
S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [104512 2022-01-18] (Hans Roes -> Multi Theft Auto)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [689976 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1507648 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2022-01-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [287904 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [319720 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115968 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [229248 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-01-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2022-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [2522256 2022-01-15] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 xspirit; C:\WINDOWS\xspirit.sys [47928 2022-01-14] (Wellbia.com Co., Ltd. -> )
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
U3 idsvc; não ImagePath

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três meses (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2022-01-26 09:57 - 2022-01-26 10:00 - 000033033 _____ C:\Users\Rafael\Downloads\FRST.txt
2022-01-26 09:54 - 2022-01-26 09:54 - 002311680 _____ (Farbar) C:\Users\Rafael\Downloads\FRST64.exe
2022-01-26 09:54 - 2022-01-26 09:54 - 000000000 ____D C:\Users\Rafael\Downloads\FRST-OlderVersion
2022-01-26 09:44 - 2022-01-26 09:42 - 000191832 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2022-01-25 16:37 - 2022-01-25 16:34 - 000096008 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpnpflt.sys
2022-01-25 16:26 - 2022-01-25 16:26 - 000319720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2022-01-25 16:19 - 2022-01-25 16:20 - 000000000 ____D C:\Program Files\Common Files\AV
2022-01-25 16:19 - 2022-01-25 16:19 - 000287904 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2022-01-25 16:19 - 2022-01-25 16:19 - 000229248 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2022-01-25 16:19 - 2022-01-25 16:19 - 000115968 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2022-01-25 16:18 - 2022-01-25 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2022-01-25 16:17 - 2022-01-25 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud
2022-01-25 16:16 - 2022-01-25 16:17 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-01-25 16:16 - 2022-01-25 16:17 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-01-25 16:16 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2022-01-25 16:15 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2022-01-25 16:15 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2022-01-25 15:51 - 2022-01-25 15:52 - 003281381 _____ C:\Users\Rafael\Downloads\cpu-z_1.99-en.zip
2022-01-25 15:45 - 2022-01-25 15:45 - 002760536 _____ (Kaspersky) C:\Users\Rafael\Downloads\ks4.021.3.10.391en_25092.exe
2022-01-25 12:17 - 2022-01-26 09:59 - 000000000 ____D C:\FRST
2022-01-22 03:56 - 2022-01-22 03:56 - 028988305 _____ C:\Users\Rafael\Downloads\FreePsdVn.com_2101467_ACTION_vintage_offset_printer_5673346.zip
2022-01-21 13:25 - 2022-01-21 13:26 - 004751770 _____ C:\Users\Rafael\Downloads\Pinceles Rodillos y Brochas.abr
2022-01-21 13:24 - 2022-01-21 13:26 - 012357458 _____ C:\Users\Rafael\Downloads\WG_Spray_1.abr
2022-01-21 13:14 - 2022-01-21 13:14 - 000288731 _____ C:\Users\Rafael\Downloads\Dharma Gothic E.zip
2022-01-21 13:13 - 2022-01-21 13:13 - 000031933 _____ C:\Users\Rafael\Downloads\PODIUMSharp-2.12.zip
2022-01-21 11:24 - 2022-01-21 11:24 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-01-20 23:07 - 2022-01-20 23:07 - 112735504 _____ C:\Users\Rafael\Downloads\free-letter-size-magazine-mockup.zip
2022-01-20 14:51 - 2022-01-20 14:51 - 000141420 _____ C:\Users\Rafael\Downloads\f1642701069.zip
2022-01-20 13:24 - 2022-01-20 13:34 - 061612194 _____ C:\Users\Rafael\Downloads\Sticker Free.zip
2022-01-20 13:23 - 2022-01-20 13:33 - 1508118670 _____ C:\Users\Rafael\Downloads\FREE PACK 1K -@olirumdesigner.rar
2022-01-20 09:34 - 2022-01-21 13:15 - 000000000 ____D C:\Users\Rafael\FontBase
2022-01-20 09:33 - 2022-01-22 04:23 - 000000000 ____D C:\Users\Rafael\AppData\Roaming\FontBase
2022-01-20 09:33 - 2022-01-20 09:33 - 000002420 _____ C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontBase.lnk
2022-01-20 09:32 - 2022-01-20 09:33 - 000000000 ____D C:\Users\Rafael\AppData\Local\fontbase-app-updater
2022-01-19 17:42 - 2022-01-19 17:44 - 000000000 ____D C:\Users\Rafael\AppData\LocalLow\uTorrent
2022-01-19 16:14 - 2022-01-19 16:14 - 000000000 ____D C:\Users\Rafael\Documents\Lightshot
2022-01-19 15:00 - 2022-01-19 15:00 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-01-19 14:58 - 2022-01-19 14:58 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2022-01-19 14:58 - 2022-01-19 14:58 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2022-01-19 14:58 - 2022-01-19 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office
2022-01-19 14:42 - 2022-01-19 14:58 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-19 14:42 - 2022-01-19 14:42 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-01-19 13:13 - 2022-01-19 13:13 - 089325568 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2022-01-19 13:13 - 2022-01-19 13:13 - 000540672 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2022-01-19 13:13 - 2022-01-19 13:13 - 000069632 _____ C:\WINDOWS\system32\config\SAM.iobit
2022-01-19 13:13 - 2022-01-19 13:13 - 000040960 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2022-01-19 12:29 - 2022-01-19 12:40 - 000000000 ____D C:\Users\Rafael\AppData\Roaming\UUID
2022-01-19 12:29 - 2022-01-19 12:29 - 000000000 ____D C:\Users\Rafael\AppData\Roaming\ProfCleaner
2022-01-19 12:28 - 2022-01-19 12:28 - 000000000 ____D C:\Users\Rafael\AppData\Local\Yandex
2022-01-18 09:00 - 2022-01-18 09:03 - 000000000 ____D C:\Program Files (x86)\MTA San Andreas 1.5
2022-01-18 09:00 - 2022-01-18 09:00 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2022-01-18 09:00 - 2022-01-18 09:00 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2022-01-18 08:58 - 2022-01-18 09:03 - 000000000 ____D C:\ProgramData\MTA San Andreas All
2022-01-18 08:51 - 2022-01-18 08:57 - 000000000 ____D C:\Users\Rafael\Documents\GTA San Andreas User Files
2022-01-18 08:51 - 2022-01-18 08:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GTA San Andreas
2022-01-17 11:54 - 2022-01-19 09:30 - 000000408 _____ C:\WINDOWS\Tasks\update-sys.job
2022-01-17 11:54 - 2022-01-19 09:30 - 000000408 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2960865112-1731992900-3936724381-1000.job
2022-01-17 11:54 - 2022-01-17 11:54 - 000003400 _____ C:\WINDOWS\system32\Tasks\update-S-1-5-21-2960865112-1731992900-3936724381-1000
2022-01-17 11:54 - 2022-01-17 11:54 - 000003334 _____ C:\WINDOWS\system32\Tasks\update-sys
2022-01-17 11:54 - 2022-01-17 11:54 - 000000424 _____ C:\Users\Rafael\AppData\Local\UserProducts.xml
2022-01-17 11:54 - 2022-01-17 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2022-01-17 11:54 - 2022-01-17 11:54 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2022-01-15 13:47 - 2022-01-15 13:47 - 000043802 _____ C:\WINDOWS\unins000.dat
2022-01-15 13:47 - 2022-01-15 13:47 - 000000000 ____D C:\Users\Rafael\Documents\M711 Gaming Mouse
2022-01-15 13:47 - 2022-01-15 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REDRAGON M711
2022-01-15 13:47 - 2022-01-15 13:47 - 000000000 ____D C:\Program Files (x86)\REDRAGON M711 Gaming Mouse
2022-01-15 13:47 - 2022-01-15 13:46 - 001502943 _____ C:\WINDOWS\unins000.exe
2022-01-15 00:04 - 2022-01-15 00:04 - 000000000 ____D C:\Users\Rafael\AppData\Local\UXP
2022-01-14 23:53 - 2022-01-14 23:53 - 000002513 _____ C:\Users\Rafael\Desktop\Adobe Illustrator 2021.lnk
2022-01-14 23:51 - 2022-01-14 23:51 - 000001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2022-01-14 23:51 - 2022-01-14 23:51 - 000001064 _____ C:\Users\Rafael\Desktop\Adobe Photoshop 2020.lnk
2022-01-14 23:33 - 2022-01-14 23:33 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2022-01-14 22:52 - 2022-01-14 22:52 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2960865112-1731992900-3936724381-1000
2022-01-14 22:52 - 2022-01-14 22:52 - 000002392 _____ C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-14 15:21 - 2022-01-14 15:21 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-01-14 11:20 - 2022-01-14 12:22 - 000000000 ____D C:\Users\Rafael\Downloads\Adobe Illustrator 2021 v25.2.1.236 (x64) + Fix {CracksHash}
2022-01-14 11:17 - 2022-01-14 11:48 - 000000000 ____D C:\Users\Rafael\Downloads\Adobe Photoshop 2020 v21.1.1.121 (x64) Multilingual Pre-Activated [FileCR]
2022-01-14 00:45 - 2022-01-14 00:45 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-01-13 22:57 - 2022-01-13 22:57 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2022-01-13 22:56 - 2022-01-13 22:56 - 000000000 ____D C:\Program Files\Synaptics
2022-01-13 22:33 - 2022-01-13 22:33 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 22:32 - 2022-01-13 22:32 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 22:32 - 2022-01-13 22:32 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 22:30 - 2022-01-13 22:30 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-01-13 22:27 - 2022-01-13 22:27 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-01-13 22:24 - 2022-01-13 22:24 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-01-13 22:24 - 2022-01-13 22:24 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-01-13 21:24 - 2022-01-13 21:24 - 000000000 ___HD C:\$WinREAgent
2022-01-13 20:01 - 2022-01-14 22:52 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2960865112-1731992900-3936724381-1000
2022-01-13 19:54 - 2022-01-13 19:54 - 000001154 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-01-13 19:53 - 2022-01-13 19:54 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-13 02:57 - 2021-11-13 02:57 - 000689976 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klgse.sys
2021-11-13 02:56 - 2021-11-13 02:56 - 001507648 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys

==================== Três meses (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2022-01-26 10:07 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-26 09:44 - 2021-09-21 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-01-26 09:44 - 2021-09-21 23:04 - 000000000 ____D C:\Program Files\Java
2022-01-26 09:40 - 2021-09-17 16:29 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-26 09:37 - 2021-09-17 19:26 - 000000000 ____D C:\Users\Rafael
2022-01-26 09:37 - 2021-09-17 13:58 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-26 09:32 - 2021-09-17 19:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-26 09:32 - 2021-09-17 19:11 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-26 09:32 - 2021-09-17 19:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-25 16:20 - 2021-09-17 13:58 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 16:18 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-25 16:17 - 2019-12-07 06:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-25 16:16 - 2019-12-07 06:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-25 15:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-24 12:42 - 2021-09-17 19:40 - 000000000 ____D C:\Users\Rafael\AppData\Local\Packages
2022-01-22 12:47 - 2021-09-17 19:18 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-22 12:47 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 04:11 - 2021-09-22 14:04 - 000001456 _____ C:\Users\Rafael\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2022-01-21 14:17 - 2021-09-17 22:52 - 000000000 ____D C:\Users\Rafael\AppData\Local\D3DSCache
2022-01-21 11:18 - 2021-09-17 19:36 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 11:18 - 2021-09-17 19:36 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 22:50 - 2021-09-17 19:11 - 000307368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-20 22:48 - 2019-12-07 06:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-20 22:43 - 2021-09-22 13:15 - 000000000 ____D C:\Program Files\Adobe
2022-01-20 19:04 - 2021-09-17 23:35 - 000000000 ____D C:\Users\Rafael\AppData\Roaming\discord
2022-01-20 18:44 - 2021-09-17 23:34 - 000000000 ____D C:\Users\Rafael\AppData\Local\Discord
2022-01-20 08:13 - 2021-09-17 19:40 - 000000000 ____D C:\Users\Rafael\AppData\Roaming\Adobe
2022-01-20 00:07 - 2021-09-21 12:16 - 000000000 ____D C:\ProgramData\Adobe
2022-01-19 18:37 - 2021-09-17 14:18 - 000000000 ____D C:\Users\Rafael\AppData\Roaming\uTorrent
2022-01-19 18:11 - 2021-09-21 10:39 - 000000000 ____D C:\Users\Rafael\AppData\Local\BitTorrentHelper
2022-01-19 14:58 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-01-19 13:29 - 2021-09-17 14:03 - 000000000 ____D C:\ProgramData\IObit
2022-01-19 13:22 - 2021-09-17 18:27 - 000000000 ___DC C:\WINDOWS\Panther
2022-01-19 13:09 - 2021-09-17 14:04 - 000000000 ____D C:\ProgramData\ProductData
2022-01-19 12:35 - 2009-07-14 00:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-01-19 12:10 - 2021-01-16 18:53 - 000000000 ____D C:\Users\Rafael\Documents\Monkey Publicidade
2022-01-18 22:42 - 2021-09-18 04:15 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-18 22:42 - 2021-09-18 04:15 - 000003524 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7ac1447001fb1
2022-01-18 08:57 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-18 08:36 - 2021-09-18 01:50 - 000000000 ____D C:\Users\Rafael\AppData\Local\PlaceholderTileLogoFolder
2022-01-17 11:19 - 2021-09-21 12:12 - 000000000 ____D C:\Users\Rafael\AppData\Local\Adobe
2022-01-15 14:00 - 2021-09-18 00:29 - 002522256 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2022-01-15 00:05 - 2021-09-21 13:05 - 000000000 ____D C:\Users\Rafael\Documents\Adobe
2022-01-14 23:33 - 2021-09-21 12:31 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-01-14 23:18 - 2021-09-22 12:56 - 000000000 ____D C:\Program Files (x86)\Adobe
2022-01-14 23:17 - 2021-09-17 14:16 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-14 15:21 - 2021-09-17 19:42 - 000000000 ____D C:\ProgramData\Packages
2022-01-14 12:33 - 2021-09-17 23:35 - 000002236 _____ C:\Users\Rafael\Desktop\Discord.lnk
2022-01-14 10:07 - 2021-09-18 00:30 - 000047928 _____ C:\WINDOWS\xspirit.sys
2022-01-14 08:38 - 2021-09-17 19:37 - 001741820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-14 08:38 - 2019-12-07 11:53 - 000752602 _____ C:\WINDOWS\system32\prfh0416.dat
2022-01-14 08:38 - 2019-12-07 11:53 - 000148716 _____ C:\WINDOWS\system32\prfc0416.dat
2022-01-14 00:46 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-01-14 00:46 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-14 00:46 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-14 00:46 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 00:45 - 2019-12-07 11:56 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-01-14 00:45 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-01-14 00:45 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-14 00:45 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\servicing
2022-01-13 21:11 - 2021-09-17 23:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 21:06 - 2021-09-17 23:07 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-12 13:45 - 2021-09-17 19:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Arquivos na raiz de alguns diretórios ========

2021-09-22 14:04 - 2022-01-22 04:11 - 000001456 _____ () C:\Users\Rafael\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2021-09-25 07:37 - 2021-09-25 07:37 - 000000000 _____ () C:\Users\Rafael\AppData\Local\oobelibMkey.log
2022-01-17 11:54 - 2022-01-17 11:54 - 000000003 _____ () C:\Users\Rafael\AppData\Local\updater.log
2022-01-17 11:54 - 2022-01-17 11:54 - 000000424 _____ () C:\Users\Rafael\AppData\Local\UserProducts.xml

==================== FCheck ================================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2021-09-17] <==== ATENÇÃO (zero byte Arquivo/Pasta)

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Publicité


Signaler le contenu de ce document

Publicité