Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 04-12-2022
Executado por Administrador (administrador) em RICHARD (Gigabyte Technology Co., Ltd. G41MT-ES2L) (09-12-2022 23:57:34)
Executando a partir de C:\Users\Administrador\Downloads
Perfis Carregados: oioioioi & 1234 & Administrador
Plataforma: Microsoft Windows 8.1 Pro (Update) (X64) Idioma: Português (Brasil)
Navegador padrão: IE
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
==================== Registro (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572536 2022-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212816 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Nenhum Arquivo)
HKLM\...\RunOnce: [ASYNCMAC] => C:\WINDOWS\INF\netrasa.inf [25220 2014-11-21] (Microsoft Windows -> )
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
HKLM\...\Print\Monitors\Local Port: localspl.dll (Nenhum Arquivo)
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: FXSMON.DLL (Nenhum Arquivo)
HKLM\...\Print\Monitors\Standard TCP/IP Port: tcpmon.dll (Nenhum Arquivo)
HKLM\...\Print\Monitors\USB Monitor: usbmon.dll (Nenhum Arquivo)
HKLM\...\Print\Monitors\WSD Port: WSDMon.dll (Nenhum Arquivo)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.99\Installer\chrmstp.exe [2022-12-09] (Google LLC -> Google LLC)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2020-03-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\Windows\SysWOW64\appmgmts.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Restrição ? <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) ============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {032F30EC-D386-4FEA-B2E7-7F0D036E22B4} - System32\Tasks\Opera scheduled Autoupdate 1626745839 => C:\Users\richardsc\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Nenhum Arquivo)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe /increment (Nenhum Arquivo) <==== ATENÇÃO
Task: {2D474863-9083-4EAE-83DD-59071F459890} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\9.2.0\Scheduler.exe [156696 2022-01-20] (IObit CO., LTD -> IObit)
Task: {2FBA1E21-E5BE-471D-AF02-2295E1B67CFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {33BC2FD4-8EFC-4C2F-B763-640C0C36E2B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {405EC276-1D12-47A7-8D81-36CAE1C8B428} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2022-06-01] (Google Inc -> Google Inc.)
Task: {4C5A3429-2E11-48AF-A0A5-210034119F38} - System32\Tasks\WpsExternal_richardsc_20220104155222 => C:\Users\richardsc\AppData\Local\Kingsoft\WPS Office\11.2.0.10426\office6\wpscloudsvr.exe /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external (Nenhum Arquivo)
Task: {53C5EC65-644F-4084-B83B-3144B7BBAE35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2022-06-01] (Google Inc -> Google Inc.)
Task: {60202B27-F849-4F1C-8651-C0A43D48E8C6} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.2.0\AutoUpdate.exe [2462744 2022-01-20] (IObit CO., LTD -> IObit)
Task: {6C4D4CD1-0959-4BB8-8A00-6BB8B02AED5D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-06-01] (Avast Software s.r.o. -> Avast Software)
Task: {7EB42FF5-8862-4281-B0CE-B2835CC56F19} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4925264 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
Task: {89891C3D-A2F0-4890-8646-B8B66BEF5044} - System32\Tasks\Driver Booster SkipUAC (richardsc) => C:\Program Files (x86)\IObit\Driver Booster\9.2.0\DriverBooster.exe [8662040 2022-02-22] (IObit CO., LTD -> IObit)
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [35840 2014-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {AC314A29-64E8-475F-ABF6-2BBD16151438} - System32\Tasks\WpsUpdateTask_richardsc => C:\Users\richardsc\AppData\Local\Kingsoft\WPS Office\11.2.0.10426\office6\wpsupdate.exe -from=task (Nenhum Arquivo)
Task: {B8B6633E-EA8C-4361-8E70-77CA08481A01} - System32\Tasks\Sump Task (One-Time) => C:\Program Files (x86)\IObit\Driver Booster\9.2.0\sump.exe [1795832 2022-08-30] (IObit CO., LTD -> IObit)
Task: {C48444CA-416F-4783-8E6B-DD34A24E1E4A} - System32\Tasks\IQOptionUpdateTask => C:\Program Files (x86)\IQ Option\\IQOptionUpdateTask.exe [598328 ] (QUAD CODE SOFTWARE LTD -> )
Task: {D6369BEF-DA64-47EC-B3C2-EBE5A1B4B1C2} - System32\Tasks\Driver Booster SkipUAC (Administrador) => C:\Program Files (x86)\IObit\Driver Booster\9.2.0\DriverBooster.exe [8662040 2022-02-22] (IObit CO., LTD -> IObit)
Task: {E4A8D8E2-6359-44C2-9820-D0B5956FBF45} - System32\Tasks\Opera scheduled assistant Autoupdate 1626745840 => C:\Users\richardsc\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\richardsc\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {E7EEE107-D588-45FE-BAC7-28B2CBB968CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1C51A88-9CFF-4DDE-982D-A846BC8F7F9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C1714227-DC17-442C-83D2-56A46DCEBB9D}: [DhcpNameServer] 192.168.0.1
Chrome:
=======
CHR Profile: C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default [2022-12-09]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Documentos Google off-line) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-30]
==================== Serviços (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8432776 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576336 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [576336 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-05-03] (Avast Software s.r.o. -> AVAST Software)
R2 IQOptionUpdater; C:\Program Files (x86)\IQ Option\\IQOptionUpdater.exe [1772968 ] (QUAD CODE SOFTWARE LTD -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1054920 2022-01-04] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
===================== Drivers (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [38912 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [232648 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382608 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [255136 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [102048 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [45072 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [271600 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548968 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111056 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [86120 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [857488 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [662160 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218608 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [321928 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
S3 CMUAC; C:\WINDOWS\system32\DRIVERS\CMUAC.sys [594432 2021-07-27] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA)
S3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2022-03-09] (CPUID S.A.R.L.U. -> CPUID)
R3 MpKsl7ee1a160; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{45E53E6A-C1DE-4B9B-B36D-3113C6305660}\MpKslDrv.sys [50432 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um mês (criados) (Whitelisted) =========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2050-06-01 20:48 - 2050-06-01 20:48 - 000272600 _____ C:\WINDOWS\Minidump\060150-28218-01.dmp
2043-06-01 20:04 - 2043-06-01 20:04 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2043-06-01 20:01 - 2043-06-01 20:01 - 000273080 _____ C:\WINDOWS\Minidump\060143-34406-01.dmp
2030-09-03 21:40 - 2022-12-09 22:00 - 000003594 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3246980791-553686537-545643218-1007
2030-09-03 21:39 - 2030-09-03 21:39 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\IObit
2030-09-03 21:39 - 2030-09-03 21:39 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\IObit
2030-09-03 21:38 - 2030-09-03 21:38 - 000000000 ____D C:\Users\1234\AppData\Roaming\IObit
2030-09-03 21:38 - 2030-09-03 21:38 - 000000000 ____D C:\Users\1234\AppData\Roaming\Avast Software
2030-09-03 21:35 - 2030-09-03 21:35 - 000001288 _____ C:\Users\1234\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2030-09-03 21:35 - 2030-09-03 21:35 - 000000020 ___SH C:\Users\1234\ntuser.ini
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Modelos
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Meus Documentos
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Menu Iniciar
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Documents\Minhas Músicas
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Documents\Minhas Imagens
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Documents\Meus Vídeos
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Dados de Aplicativos
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Configurações Locais
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Ambiente de Rede
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Ambiente de Impressão
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 ____D C:\Users\1234\AppData\Roaming\Adobe
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 ____D C:\Users\1234
2030-09-03 21:35 - 2014-11-20 20:17 - 000000369 _____ C:\Users\1234\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2030-09-03 21:35 - 2014-11-20 20:17 - 000000369 _____ C:\Users\1234\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2030-09-03 21:30 - 2030-09-03 21:30 - 000000000 ____H C:\Users\Administrador\Documents\Default.rdp
2026-01-01 01:09 - 2026-01-01 01:09 - 000289016 _____ C:\WINDOWS\Minidump\010126-26640-01.dmp
2022-12-09 23:57 - 2022-12-09 23:58 - 000014142 _____ C:\Users\Administrador\Downloads\FRST.txt
2022-12-09 23:56 - 2022-12-09 23:56 - 000000259 _____ C:\Users\Administrador\Downloads\Search.txt
2022-12-09 23:55 - 2022-12-09 23:55 - 000000289 _____ C:\Users\Administrador\Downloads\SearchReg.txt
2022-12-09 23:48 - 2022-12-09 23:49 - 002375680 _____ (Farbar) C:\Users\Administrador\Downloads\FRST64.exe
2022-12-09 23:39 - 2022-12-09 23:39 - 000000000 ____D C:\Users\Administrador\chrome_BITS_2484_137531694
2022-12-09 23:25 - 2022-12-09 23:25 - 000268488 _____ (AVAST Software) C:\Users\Administrador\Downloads\avast_free_antivirus_setup_online.exe
2022-12-09 21:25 - 2022-12-09 23:24 - 000000000 ____D C:\Users\Administrador\msdtadmin
2022-12-09 21:20 - 2022-12-09 21:20 - 000000000 ____D C:\Users\Administrador\Rar$ML2052.11006
2022-12-09 21:10 - 2022-12-09 21:10 - 000000000 ____D C:\Users\Administrador\IQ Option
2022-12-09 21:10 - 2022-12-09 21:10 - 000000000 ____D C:\Users\Administrador\dumpsiq
2022-12-09 21:10 - 2022-12-09 21:10 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\IQ Option
2022-12-09 21:09 - 2022-06-20 18:37 - 000269136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== Um mês (modificados) ==================
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2050-06-01 20:48 - 2022-04-26 18:37 - 423323859 _____ C:\WINDOWS\MEMORY.DMP
2050-06-01 20:48 - 2021-07-20 16:48 - 000000000 ____D C:\WINDOWS\Minidump
2030-09-03 21:40 - 2021-07-27 18:35 - 000000000 ____D C:\ProgramData\ProductData
2030-09-03 21:32 - 2022-08-30 23:01 - 000003970 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0E7E493E-AF94-4088-A095-0F7775300004}
2022-12-09 23:58 - 2022-08-30 22:28 - 000000000 ____D C:\Users\Administrador
2022-12-09 23:53 - 2022-06-01 18:12 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-09 23:41 - 2022-08-30 22:33 - 000003592 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3246980791-553686537-545643218-500
2022-12-09 23:23 - 2022-09-02 15:44 - 000000000 ____D C:\WINDOWS\system32\_avast_
2022-12-09 21:55 - 2022-06-01 18:13 - 000002052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-09 21:55 - 2022-06-01 18:13 - 000002011 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-12-09 21:37 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\Inf
2022-12-09 21:28 - 2022-03-09 18:29 - 000000000 ____D C:\Program Files (x86)\IQ Option
2022-12-09 21:28 - 2013-08-22 10:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2022-12-09 21:25 - 2021-11-07 18:15 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2022-12-09 21:25 - 2021-11-07 18:15 - 000001908 _____ C:\WINDOWS\diagerr.xml
2022-12-09 21:12 - 2014-11-20 20:10 - 001709670 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-09 21:12 - 2014-11-20 19:18 - 000738494 _____ C:\WINDOWS\system32\prfh0416.dat
2022-12-09 21:12 - 2014-11-20 19:18 - 000150836 _____ C:\WINDOWS\system32\prfc0416.dat
2022-12-09 21:09 - 2022-05-03 15:06 - 000001887 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2022-12-09 21:09 - 2022-05-03 10:59 - 000004168 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
==================== SigCheck ============================
(Não há correção automática para arquivos que não passaram na verificação.)
ATENÇÃO: ==> Não foi possível acessar BCD. -> 0
LastRegBack: 2022-08-30 20:01
==================== Fim de FRST.txt ========================
Executado por Administrador (administrador) em RICHARD (Gigabyte Technology Co., Ltd. G41MT-ES2L) (09-12-2022 23:57:34)
Executando a partir de C:\Users\Administrador\Downloads
Perfis Carregados: oioioioi & 1234 & Administrador
Plataforma: Microsoft Windows 8.1 Pro (Update) (X64) Idioma: Português (Brasil)
Navegador padrão: IE
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
==================== Registro (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572536 2022-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212816 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (Nenhum Arquivo)
HKLM\...\RunOnce: [ASYNCMAC] => C:\WINDOWS\INF\netrasa.inf [25220 2014-11-21] (Microsoft Windows -> )
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
HKLM\...\Print\Monitors\Local Port: localspl.dll (Nenhum Arquivo)
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: FXSMON.DLL (Nenhum Arquivo)
HKLM\...\Print\Monitors\Standard TCP/IP Port: tcpmon.dll (Nenhum Arquivo)
HKLM\...\Print\Monitors\USB Monitor: usbmon.dll (Nenhum Arquivo)
HKLM\...\Print\Monitors\WSD Port: WSDMon.dll (Nenhum Arquivo)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.99\Installer\chrmstp.exe [2022-12-09] (Google LLC -> Google LLC)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2020-03-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\Windows\SysWOW64\appmgmts.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2014-11-20] (Microsoft Windows -> Microsoft Corporation)
GroupPolicy: Restrição ? <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrição <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) ============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {032F30EC-D386-4FEA-B2E7-7F0D036E22B4} - System32\Tasks\Opera scheduled Autoupdate 1626745839 => C:\Users\richardsc\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Nenhum Arquivo)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe /increment (Nenhum Arquivo) <==== ATENÇÃO
Task: {2D474863-9083-4EAE-83DD-59071F459890} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\9.2.0\Scheduler.exe [156696 2022-01-20] (IObit CO., LTD -> IObit)
Task: {2FBA1E21-E5BE-471D-AF02-2295E1B67CFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {33BC2FD4-8EFC-4C2F-B763-640C0C36E2B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {405EC276-1D12-47A7-8D81-36CAE1C8B428} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2022-06-01] (Google Inc -> Google Inc.)
Task: {4C5A3429-2E11-48AF-A0A5-210034119F38} - System32\Tasks\WpsExternal_richardsc_20220104155222 => C:\Users\richardsc\AppData\Local\Kingsoft\WPS Office\11.2.0.10426\office6\wpscloudsvr.exe /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external (Nenhum Arquivo)
Task: {53C5EC65-644F-4084-B83B-3144B7BBAE35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2022-06-01] (Google Inc -> Google Inc.)
Task: {60202B27-F849-4F1C-8651-C0A43D48E8C6} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\9.2.0\AutoUpdate.exe [2462744 2022-01-20] (IObit CO., LTD -> IObit)
Task: {6C4D4CD1-0959-4BB8-8A00-6BB8B02AED5D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-06-01] (Avast Software s.r.o. -> Avast Software)
Task: {7EB42FF5-8862-4281-B0CE-B2835CC56F19} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4925264 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
Task: {89891C3D-A2F0-4890-8646-B8B66BEF5044} - System32\Tasks\Driver Booster SkipUAC (richardsc) => C:\Program Files (x86)\IObit\Driver Booster\9.2.0\DriverBooster.exe [8662040 2022-02-22] (IObit CO., LTD -> IObit)
Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [35840 2014-11-20] (Microsoft Windows -> Microsoft Corporation)
Task: {AC314A29-64E8-475F-ABF6-2BBD16151438} - System32\Tasks\WpsUpdateTask_richardsc => C:\Users\richardsc\AppData\Local\Kingsoft\WPS Office\11.2.0.10426\office6\wpsupdate.exe -from=task (Nenhum Arquivo)
Task: {B8B6633E-EA8C-4361-8E70-77CA08481A01} - System32\Tasks\Sump Task (One-Time) => C:\Program Files (x86)\IObit\Driver Booster\9.2.0\sump.exe [1795832 2022-08-30] (IObit CO., LTD -> IObit)
Task: {C48444CA-416F-4783-8E6B-DD34A24E1E4A} - System32\Tasks\IQOptionUpdateTask => C:\Program Files (x86)\IQ Option\\IQOptionUpdateTask.exe [598328 ] (QUAD CODE SOFTWARE LTD -> )
Task: {D6369BEF-DA64-47EC-B3C2-EBE5A1B4B1C2} - System32\Tasks\Driver Booster SkipUAC (Administrador) => C:\Program Files (x86)\IObit\Driver Booster\9.2.0\DriverBooster.exe [8662040 2022-02-22] (IObit CO., LTD -> IObit)
Task: {E4A8D8E2-6359-44C2-9820-D0B5956FBF45} - System32\Tasks\Opera scheduled assistant Autoupdate 1626745840 => C:\Users\richardsc\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\richardsc\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {E7EEE107-D588-45FE-BAC7-28B2CBB968CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1C51A88-9CFF-4DDE-982D-A846BC8F7F9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [356968 ] (Microsoft Corporation -> Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C1714227-DC17-442C-83D2-56A46DCEBB9D}: [DhcpNameServer] 192.168.0.1
Chrome:
=======
CHR Profile: C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default [2022-12-09]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Documentos Google off-line) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Administrador\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-30]
==================== Serviços (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8432776 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576336 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [576336 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-05-03] (Avast Software s.r.o. -> AVAST Software)
R2 IQOptionUpdater; C:\Program Files (x86)\IQ Option\\IQOptionUpdater.exe [1772968 ] (QUAD CODE SOFTWARE LTD -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\office6\wpscloudsvr.exe [1054920 2022-01-04] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
===================== Drivers (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [38912 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [232648 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [382608 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [255136 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [102048 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [45072 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [271600 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [548968 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111056 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [86120 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [857488 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [662160 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218608 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [321928 2022-06-20] (Avast Software s.r.o. -> AVAST Software)
S3 CMUAC; C:\WINDOWS\system32\DRIVERS\CMUAC.sys [594432 2021-07-27] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA)
S3 cpuz150; C:\Windows\temp\cpuz150\cpuz150_x64.sys [44832 2022-03-09] (CPUID S.A.R.L.U. -> CPUID)
R3 MpKsl7ee1a160; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{45E53E6A-C1DE-4B9B-B36D-3113C6305660}\MpKslDrv.sys [50432 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um mês (criados) (Whitelisted) =========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2050-06-01 20:48 - 2050-06-01 20:48 - 000272600 _____ C:\WINDOWS\Minidump\060150-28218-01.dmp
2043-06-01 20:04 - 2043-06-01 20:04 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2043-06-01 20:01 - 2043-06-01 20:01 - 000273080 _____ C:\WINDOWS\Minidump\060143-34406-01.dmp
2030-09-03 21:40 - 2022-12-09 22:00 - 000003594 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3246980791-553686537-545643218-1007
2030-09-03 21:39 - 2030-09-03 21:39 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\IObit
2030-09-03 21:39 - 2030-09-03 21:39 - 000000000 ____D C:\Users\Administrador\AppData\LocalLow\IObit
2030-09-03 21:38 - 2030-09-03 21:38 - 000000000 ____D C:\Users\1234\AppData\Roaming\IObit
2030-09-03 21:38 - 2030-09-03 21:38 - 000000000 ____D C:\Users\1234\AppData\Roaming\Avast Software
2030-09-03 21:35 - 2030-09-03 21:35 - 000001288 _____ C:\Users\1234\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2030-09-03 21:35 - 2030-09-03 21:35 - 000000020 ___SH C:\Users\1234\ntuser.ini
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Modelos
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Meus Documentos
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Menu Iniciar
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Documents\Minhas Músicas
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Documents\Minhas Imagens
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Documents\Meus Vídeos
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Dados de Aplicativos
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Configurações Locais
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Ambiente de Rede
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 _SHDL C:\Users\1234\Ambiente de Impressão
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 ____D C:\Users\1234\AppData\Roaming\Adobe
2030-09-03 21:35 - 2030-09-03 21:35 - 000000000 ____D C:\Users\1234
2030-09-03 21:35 - 2014-11-20 20:17 - 000000369 _____ C:\Users\1234\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2030-09-03 21:35 - 2014-11-20 20:17 - 000000369 _____ C:\Users\1234\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2030-09-03 21:30 - 2030-09-03 21:30 - 000000000 ____H C:\Users\Administrador\Documents\Default.rdp
2026-01-01 01:09 - 2026-01-01 01:09 - 000289016 _____ C:\WINDOWS\Minidump\010126-26640-01.dmp
2022-12-09 23:57 - 2022-12-09 23:58 - 000014142 _____ C:\Users\Administrador\Downloads\FRST.txt
2022-12-09 23:56 - 2022-12-09 23:56 - 000000259 _____ C:\Users\Administrador\Downloads\Search.txt
2022-12-09 23:55 - 2022-12-09 23:55 - 000000289 _____ C:\Users\Administrador\Downloads\SearchReg.txt
2022-12-09 23:48 - 2022-12-09 23:49 - 002375680 _____ (Farbar) C:\Users\Administrador\Downloads\FRST64.exe
2022-12-09 23:39 - 2022-12-09 23:39 - 000000000 ____D C:\Users\Administrador\chrome_BITS_2484_137531694
2022-12-09 23:25 - 2022-12-09 23:25 - 000268488 _____ (AVAST Software) C:\Users\Administrador\Downloads\avast_free_antivirus_setup_online.exe
2022-12-09 21:25 - 2022-12-09 23:24 - 000000000 ____D C:\Users\Administrador\msdtadmin
2022-12-09 21:20 - 2022-12-09 21:20 - 000000000 ____D C:\Users\Administrador\Rar$ML2052.11006
2022-12-09 21:10 - 2022-12-09 21:10 - 000000000 ____D C:\Users\Administrador\IQ Option
2022-12-09 21:10 - 2022-12-09 21:10 - 000000000 ____D C:\Users\Administrador\dumpsiq
2022-12-09 21:10 - 2022-12-09 21:10 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\IQ Option
2022-12-09 21:09 - 2022-06-20 18:37 - 000269136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== Um mês (modificados) ==================
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2050-06-01 20:48 - 2022-04-26 18:37 - 423323859 _____ C:\WINDOWS\MEMORY.DMP
2050-06-01 20:48 - 2021-07-20 16:48 - 000000000 ____D C:\WINDOWS\Minidump
2030-09-03 21:40 - 2021-07-27 18:35 - 000000000 ____D C:\ProgramData\ProductData
2030-09-03 21:32 - 2022-08-30 23:01 - 000003970 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0E7E493E-AF94-4088-A095-0F7775300004}
2022-12-09 23:58 - 2022-08-30 22:28 - 000000000 ____D C:\Users\Administrador
2022-12-09 23:53 - 2022-06-01 18:12 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-09 23:41 - 2022-08-30 22:33 - 000003592 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3246980791-553686537-545643218-500
2022-12-09 23:23 - 2022-09-02 15:44 - 000000000 ____D C:\WINDOWS\system32\_avast_
2022-12-09 21:55 - 2022-06-01 18:13 - 000002052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-09 21:55 - 2022-06-01 18:13 - 000002011 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-12-09 21:37 - 2013-08-22 10:36 - 000000000 ____D C:\WINDOWS\Inf
2022-12-09 21:28 - 2022-03-09 18:29 - 000000000 ____D C:\Program Files (x86)\IQ Option
2022-12-09 21:28 - 2013-08-22 10:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2022-12-09 21:25 - 2021-11-07 18:15 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2022-12-09 21:25 - 2021-11-07 18:15 - 000001908 _____ C:\WINDOWS\diagerr.xml
2022-12-09 21:12 - 2014-11-20 20:10 - 001709670 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-09 21:12 - 2014-11-20 19:18 - 000738494 _____ C:\WINDOWS\system32\prfh0416.dat
2022-12-09 21:12 - 2014-11-20 19:18 - 000150836 _____ C:\WINDOWS\system32\prfc0416.dat
2022-12-09 21:09 - 2022-05-03 15:06 - 000001887 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2022-12-09 21:09 - 2022-05-03 10:59 - 000004168 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
==================== SigCheck ============================
(Não há correção automática para arquivos que não passaram na verificação.)
ATENÇÃO: ==> Não foi possível acessar BCD. -> 0
LastRegBack: 2022-08-30 20:01
==================== Fim de FRST.txt ========================