Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 06-11-2021 Executado por Marcelo (administrador) em DESKTOP-GT4RERJ (LENOVO 20195) (07-11-2021 10:38:42) Executando a partir de C:\Users\Marcelo\Desktop Perfis Carregados: Marcelo Plataforma: Microsoft Windows 10 Home Single Language Versão 20H2 19042.1151 (X64) Idioma: Português (Brasil) Navegador padrão: Chrome Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2> (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe (Borislav Surbat -> MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Google LLC -> ) C:\Program Files\Google\Drive File Stream\52.0.6.0\crashpad_handler.exe <2> (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe <7> (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe <2> (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) C:\Program Files\Diebold\Warsaw\core.exe <2> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-04-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2018-05-23] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8807712 2021-10-23] (Dropbox, Inc -> Dropbox, Inc.) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-21-882780810-1085728416-4120966697-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (Borislav Surbat -> MyCity) HKU\S-1-5-21-882780810-1085728416-4120966697-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-882780810-1085728416-4120966697-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-882780810-1085728416-4120966697-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-882780810-1085728416-4120966697-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-882780810-1085728416-4120966697-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKU\S-1-5-21-882780810-1085728416-4120966697-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-882780810-1085728416-4120966697-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5397216 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\52.0.6.0\GoogleDriveFS.exe [54107992 2021-10-18] (Google LLC -> Google, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-03] (Google LLC -> Google LLC) ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {020EFF6C-6ADC-4891-B4E7-08555B45F2FC} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe Task: {115AA438-BA29-45DB-AD62-A9000605683B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-14] (Dropbox, Inc -> Dropbox, Inc.) Task: {12DAA062-FA18-4A65-B506-18F5F56F501E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-06] (Mozilla Corporation -> Mozilla Foundation) Task: {1F160680-8A6C-4E2F-BF36-811FDB5A2647} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505736 2018-04-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {1FFA0C18-A4A1-40A5-B6C0-2D117E823FC9} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {2D54C938-CFFE-4132-85AE-4FDDBACDCFAC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-14] (Dropbox, Inc -> Dropbox, Inc.) Task: {2E1B6E5D-A605-46E3-B883-D60537650F6E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.) Task: {44DD549A-323F-4B69-BEF0-2C7BDE87247A} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\WINDOWS\TEMP\is-3HQA0.tmp\corefixer.exe <==== ATENÇÃO Task: {4CC19170-9687-4B27-BF5F-24251DBAB286} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform) Task: {4CC1AAD0-5875-44E3-B3B2-09A69FD4C1C2} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32} Task: {582D5E2D-F4DE-47C5-8F17-250760A78877} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd) Task: {615370BA-ABCA-46A0-AFB2-C869CB90E420} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-882780810-1085728416-4120966697-1001 => C:\Users\Marcelo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe Task: {64E42299-91BC-4186-AB45-3C2658B1C673} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {6C5B19E9-60EF-4B3A-8B72-D94CE257FCCA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-23] (Google Inc -> Google Inc.) Task: {7D487D76-47AF-4DFF-946A-CDF458FE87C0} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505736 2018-04-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {8005E956-645A-4B97-A725-9A265C7875EB} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe Task: {878059E3-29AB-4E60-9107-51DAFC368F31} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.) Task: {A82606D2-2517-45DF-88CB-7CAD1DB9663E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Alwil Software\Avast5\Setup\overseer.exe Task: {ADCB87F4-A790-4406-933B-6767DEF3D853} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-23] (Google Inc -> Google Inc.) Task: {BA358DEE-8D96-4E3D-92A3-BA87182D72AC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {C0CBD0EF-C68E-4BE5-917F-C8024D0426E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {D317BA76-AC06-4A65-93B8-4B90F8F90B00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {E4BC83F0-47C3-479F-8DFC-9D487F1F6CBD} - System32\Tasks\klcp_update => CodecTweakTool.exe Task: {F1C9233F-A8C2-4A9D-988D-24A81865796D} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {FD9A13CA-10A2-4A57-A902-F1E04F5936EC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505736 2018-04-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3f2e2fdd-a4a4-4bbe-9624-1c7748eaf072}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{6d393056-b6ca-4294-8d39-bd7f9d62900e}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9537fa91-77a8-432a-8769-2d5a2ea86bd1}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{958e99a4-7b84-4656-a568-ad6504922241}: [NameServer] 8.8.8.8,8.8.4.4 Edge: ======= Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)] Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)] Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)] Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)] Edge DefaultProfile: Default Edge Profile: C:\Users\Marcelo\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-04] Edge HomePage: Default -> hxxps://www.google.com.br/?gws_rd=ssl Edge Extension: (Kaspersky Protection) - C:\Users\Marcelo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-10-11] Edge HKU\S-1-5-21-882780810-1085728416-4120966697-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF DefaultProfile: z2me1i8k.default-1538675719716 FF ProfilePath: C:\Users\Marcelo\AppData\Roaming\Mozilla\Firefox\Profiles\z2me1i8k.default-1538675719716 [2021-11-07] FF Homepage: Mozilla\Firefox\Profiles\z2me1i8k.default-1538675719716 -> hxxps://www.ieducar.se.df.gov.br/ieducar/ FF Extension: (Favoritos do iCloud) - C:\Users\Marcelo\AppData\Roaming\Mozilla\Firefox\Profiles\z2me1i8k.default-1538675719716\Extensions\firefoxdav@icloud.com.xpi [2018-10-17] FF Extension: (Kaspersky Protection) - C:\Users\Marcelo\AppData\Roaming\Mozilla\Firefox\Profiles\z2me1i8k.default-1538675719716\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2021-09-22] FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a) FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a) FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a) FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1233203.dll [2018-05-15] (Adobe Systems, Inc.) [Arquivo não assinado] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2021-11-06] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-02-25] <==== ATENÇÃO (Aponta para arquivo *.cfg) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2021-11-07] FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-02-25] <==== ATENÇÃO Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default [2021-11-07] CHR Notifications: Default -> hxxps://meet.google.com CHR HomePage: Default -> hxxps://www.google.com.br/?gws_rd=ssl CHR StartupUrls: Default -> "hxxps://www.google.com.br/?gws_rd=ssl" CHR Extension: (Apresentações) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-04] CHR Extension: (Safe Torrent Scanner) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-11-04] CHR Extension: (Kaspersky Protection) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-09-15] CHR Extension: (Documentos) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-04] CHR Extension: (Google Drive) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-04] CHR Extension: (YouTube) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-04] CHR Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-08] CHR Extension: (Dropbox para Gmail) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2021-09-08] CHR Extension: (Adobe Acrobat) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-10-21] CHR Extension: (Kaspersky Protection 20.0) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2021-03-08] CHR Extension: (Planilhas) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-04] CHR Extension: (Favoritos do iCloud) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2018-05-25] CHR Extension: (Documentos Google off-line) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-19] CHR Extension: (Desprotetor de Links) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2021-11-04] CHR Extension: (Google Meet Grid View) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kklailfgofogmmdlhgmjgenehkjoioip [2020-06-22] CHR Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-26] CHR Extension: (Meet Attendance) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenibigflkdikhamlnekfppbganmojlg [2021-09-08] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Gmail) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-04] CHR Profile: C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-07] CHR Profile: C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Profile 7 [2021-08-05] CHR Extension: (Kaspersky Protection) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-30] CHR Extension: (Adobe Acrobat) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-08-05] CHR Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-06-30] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-30] CHR Extension: (Chrome Media Router) - C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-05] CHR Profile: C:\Users\Marcelo\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-07] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKU\S-1-5-21-882780810-1085728416-4120966697-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-14] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-14] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2021-10-23] (Dropbox, Inc -> Dropbox, Inc.) S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S4 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1141648 2020-08-10] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-07-30] (Google LLC -> Google, Inc.) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [674104 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1469240 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [273176 2021-08-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [265176 2021-09-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [315032 2021-09-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [113952 2021-09-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [225648 2021-09-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S4 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [56680 2020-06-17] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2018-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420072 2021-03-17] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-17] (Microsoft Windows -> Microsoft Corporation) R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2021-11-07] (GAS INFORMATICA LTDA -> GAS Tecnologia) R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [61456 2020-08-11] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [44728 2019-05-17] (Gas Informatica Ltda -> GAS Tecnologia) R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [43528 2020-07-23] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-11-07 10:38 - 2021-11-07 10:40 - 000028828 _____ C:\Users\Marcelo\Desktop\FRST.txt 2021-11-07 10:38 - 2021-11-07 10:39 - 000000000 ____D C:\FRST 2021-11-07 10:30 - 2021-11-07 10:31 - 002312192 _____ (Farbar) C:\Users\Marcelo\Desktop\FRST64.exe 2021-11-06 09:58 - 2021-11-07 10:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-11-06 09:10 - 2021-11-06 09:10 - 000000000 ___HD C:\$WinREAgent 2021-11-04 01:29 - 2021-11-04 01:29 - 000025445 _____ C:\Users\Marcelo\Downloads\ZA-Scan.txt 2021-11-04 00:39 - 2021-11-04 00:39 - 000022548 _____ C:\Users\Marcelo\Desktop\ZHPCleaner (R).html 2021-11-04 00:39 - 2021-11-04 00:39 - 000012928 _____ C:\Users\Marcelo\Desktop\ZHPCleaner (R).txt 2021-11-04 00:24 - 2021-11-04 00:24 - 000022981 _____ C:\Users\Marcelo\Desktop\ZHPCleaner (S).html 2021-11-04 00:24 - 2021-11-04 00:24 - 000013181 _____ C:\Users\Marcelo\Desktop\ZHPCleaner (S).txt 2021-11-04 00:02 - 2021-11-04 00:03 - 003290776 _____ (Nicolas Coolman) C:\Users\Marcelo\Desktop\ZHPCleaner.exe 2021-11-03 23:58 - 2021-11-04 00:01 - 000000884 _____ C:\Users\Marcelo\Desktop\ZHPCleaner.lnk 2021-11-03 23:08 - 2021-11-03 23:08 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-03 23:08 - 2021-11-03 23:08 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-11-03 23:03 - 2021-11-03 23:03 - 000000000 ___HD C:\$SysReset 2021-11-03 16:52 - 2021-11-03 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-11-03 16:11 - 2021-11-03 16:11 - 000001823 _____ C:\Users\Public\Desktop\iTunes.lnk 2021-11-03 16:11 - 2021-11-03 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2021-11-03 16:10 - 2021-11-03 16:11 - 000000000 ____D C:\Program Files\iTunes 2021-10-25 22:37 - 2021-10-25 22:42 - 000000000 ____D C:\Users\Marcelo\Desktop\Atividades e coisas do GSuite da SEEDF 2021-10-25 21:43 - 2021-10-25 21:42 - 000090318 _____ C:\Users\Marcelo\Desktop\Certificado_Nacional_de_Covid-19.pdf 2021-10-23 15:59 - 2021-10-23 15:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2021-10-23 15:59 - 2021-10-23 15:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2021-10-23 15:59 - 2021-10-23 15:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2021-10-23 15:59 - 2021-10-23 15:59 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2021-10-14 20:44 - 2021-11-07 10:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-10-14 20:36 - 2021-10-14 20:36 - 000713754 _____ C:\Users\Marcelo\Desktop\Lista Presença 1E-2H.pdf 2021-10-13 20:28 - 2021-10-13 20:28 - 000313625 _____ C:\Users\Marcelo\Desktop\Atividade em Dupla Iluminismo.pdf 2021-10-13 20:27 - 2021-10-13 20:27 - 000303173 _____ C:\Users\Marcelo\Desktop\Atividade em Dupla Fim Roma e Bizantino.pdf 2021-10-13 19:11 - 2021-10-13 19:12 - 000903774 _____ C:\Users\Marcelo\Desktop\Avaliações 1E-2H CEAN 2021.pdf 2021-10-13 19:00 - 2021-10-13 19:00 - 001197492 _____ C:\Users\Marcelo\Desktop\Diários 1E-2H CEAN 2021.pdf ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-11-07 10:33 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-11-07 10:33 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2021-11-07 10:31 - 2016-12-20 17:36 - 000000000 ____D C:\Users\Marcelo\AppData\LocalLow\Mozilla 2021-11-07 10:30 - 2018-05-25 20:48 - 000000000 ____D C:\Program Files\CCleaner 2021-11-07 10:30 - 2018-05-23 13:52 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-11-07 10:30 - 2018-05-23 13:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-11-07 10:26 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-07 10:26 - 2018-05-30 02:15 - 000000000 ____D C:\ProgramData\MCShield 2021-11-07 10:26 - 2018-05-23 13:52 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-07 10:22 - 2018-05-23 13:58 - 000000000 __SHD C:\Users\Marcelo\IntelGraphicsProfiles 2021-11-07 10:21 - 2018-07-10 21:52 - 000028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys 2021-11-07 10:20 - 2020-06-17 22:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-11-06 12:03 - 2019-12-07 06:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-11-06 10:40 - 2018-05-27 17:17 - 000001306 _____ C:\Users\Marcelo\Desktop\Dropbox.lnk 2021-11-06 10:40 - 2013-07-12 20:32 - 000000881 _____ C:\Users\Marcelo\Desktop\Downloads.lnk 2021-11-06 09:50 - 2019-02-25 09:24 - 000000000 ____D C:\ProgramData\Mozilla 2021-11-06 09:05 - 2020-06-23 17:45 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-11-06 09:05 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-06 09:05 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-11-06 08:57 - 2020-06-17 22:03 - 001741824 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-11-06 08:57 - 2019-12-07 11:54 - 000752646 _____ C:\WINDOWS\system32\prfh0416.dat 2021-11-06 08:57 - 2019-12-07 11:54 - 000148760 _____ C:\WINDOWS\system32\prfc0416.dat 2021-11-04 01:14 - 2020-06-17 21:42 - 000442992 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-11-04 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-11-04 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-11-04 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\UNP 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\appraiser 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-11-04 01:08 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-11-04 01:08 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\servicing 2021-11-04 00:39 - 2016-04-17 16:32 - 000000000 ____D C:\Users\Marcelo\AppData\Roaming\ZHP 2021-11-04 00:13 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-11-03 23:00 - 2020-06-17 21:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-11-03 19:48 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-11-03 19:47 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-11-03 19:47 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2021-11-03 18:24 - 2021-01-25 15:17 - 000000000 ____D C:\Users\Marcelo\Desktop\Fotos 2021 2021-11-03 18:05 - 2018-05-23 12:43 - 000000000 ____D C:\Users\Marcelo\AppData\Local\Packages 2021-11-03 16:54 - 2018-05-27 17:08 - 000000000 ____D C:\Users\Marcelo\AppData\Local\Dropbox 2021-11-03 16:53 - 2018-05-27 17:09 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-11-03 16:31 - 2018-05-23 13:53 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-11-03 16:08 - 2020-06-17 22:20 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-882780810-1085728416-4120966697-1001 2021-11-03 16:08 - 2020-06-17 21:46 - 000002398 _____ C:\Users\Marcelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-10-25 21:40 - 2018-05-27 17:17 - 000000000 ___RD C:\Users\Marcelo\Dropbox 2021-10-25 20:18 - 2021-02-03 15:56 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2021-10-17 09:42 - 2018-05-30 01:13 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-10-17 09:34 - 2018-05-30 01:13 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-10-14 21:16 - 2021-03-10 13:00 - 000000000 ____D C:\Users\Marcelo\Desktop\2021 2021-10-14 20:21 - 2021-06-16 16:08 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-10-13 21:15 - 2020-06-25 19:01 - 000000000 ____D C:\Users\Marcelo\Desktop\Matrizes Cean 2021-10-13 16:55 - 2018-05-23 15:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2021-10-12 17:30 - 2016-02-20 16:47 - 000000000 ____D C:\Users\Marcelo\Documents\Arquivos do Outlook 2021-10-11 23:47 - 2018-05-23 14:13 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Web 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\WaaS 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Vss 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\ras 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2021-10-11 23:38 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2021-10-11 23:37 - 2019-12-07 11:57 - 000000000 ____D C:\WINDOWS\system32\Hydrogen 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\Nui 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\F12 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\dsc 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\system32\Configuration 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\winevt 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\ta-lk 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\ta-in 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\spool 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\si-lk 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\ras 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\my-mm 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Keywords 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\IME 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\icsxml 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\ias 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\DriverState 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\downlevel 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Com 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Bthprops 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\am-et 2021-10-11 23:37 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2021-10-11 23:37 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\system32\SMI 2021-10-11 23:37 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2021-10-11 23:36 - 2019-12-07 11:57 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 __SHD C:\Program Files\Windows Sidebar 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 __RSD C:\WINDOWS\Media 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 __RHD C:\Users\Public\Libraries 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\System 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\security 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\schemas 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Resources 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Registration 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PLA 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\L2Schemas 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\InputMethod 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\IME 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\IdentityCRL 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Help 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Globalization 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Cursors 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Containers 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Branding 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\Services 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2021-10-11 23:36 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-10-11 21:35 - 2016-06-25 11:35 - 000000000 ____D C:\Users\Marcelo\AppData\Local\ElevatedDiagnostics 2021-10-11 18:19 - 2020-06-23 17:45 - 000003618 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-10-11 18:19 - 2020-06-23 17:45 - 000003494 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore ==================== Arquivos na raiz de alguns diretórios ======== 2016-06-25 21:27 - 2016-06-25 21:27 - 000000000 _____ () C:\Users\Marcelo\AppData\Local\{27C9D99D-7DDD-4244-BCAD-8E83CEFA48A4} 2020-07-06 15:20 - 2020-07-06 15:20 - 000000000 _____ () C:\Users\Marcelo\AppData\Local\{BF9D5671-7B7C-489E-BD1E-96F91BF8633D} ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================