Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 22-04-2022 Executado por Marcio (administrador) em MARCIO-PC (Acer Aspire 5750) (22-04-2022 20:13:52) Executando a partir de C:\Users\Marcio\Desktop Perfis Carregados: Marcio Plataforma: Microsoft Windows 7 Home Basic Service Pack 1 (X64) Idioma: Português (Brasil) Navegador padrão: Chrome Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe (C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe (explorer.exe ->) (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (explorer.exe ->) (Atheros Communications Inc. -> Atheros Communications) [Arquivo não assinado] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\57.0.5.0\crashpad_handler.exe <6> (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe <7> (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe (explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE (Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (services.exe ->) (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe (services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe (services.exe ->) (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) C:\Program Files\Diebold\Warsaw\core.exe <2> (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\consent.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe (taskeng.exe ->) (CyberLink -> CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (taskeng.exe ->) (CyberLink -> CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [168064 2022-03-29] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-11-25] (Atheros Communications Inc. -> Atheros Communications) [Arquivo não assinado] HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-11-25] (Atheros Communications Inc. -> Atheros Commnucations) [Arquivo não assinado] HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10586448 2022-04-11] (Dropbox, Inc -> Dropbox, Inc.) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe [53934992 2022-04-14] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe [53934992 2022-04-14] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe [53934992 2022-04-14] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKU\S-1-5-21-2766664585-520136655-3584524175-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2766664585-520136655-3584524175-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\57.0.5.0\GoogleDriveFS.exe [53934992 2022-04-14] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid} HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\Windows\system32\cpwmon64.dll [87600 2013-10-23] (Acro Software Inc. -> ) HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\Windows\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Acesso Negado) [Arquivo não assinado] HKLM\...\Print\Monitors\EPSON L355 Series 64MonitorBE: C:\Windows\system32\E_YLMI4E.DLL [120320 2011-04-18] (SEIKO EPSON CORPORATION) [Arquivo não assinado] HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (Acesso Negado) [Arquivo não assinado] HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\Windows\system32\hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\Windows\system32\HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-14] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-10-27] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.) HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-10-27] (Qualcomm Atheros -> Qualcomm®Atheros®) [Arquivo não assinado] GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {04634239-A4E5-49E0-AD9D-9DD13FD443F8} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f18943ecc0cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {09D14090-C809-4FC8-90E6-28825E1E7CD2} - System32\Tasks\GoogleUpdateTaskMachineUA1d0be7567d17eaa => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {127B68D2-7EFD-4B15-9F24-40830B215DC0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7700184 2017-05-19] (Piriform Ltd -> Piriform Ltd) Task: {1C3A33FA-6FAB-4F32-94FD-62577513B803} - System32\Tasks\{F8141788-B88C-40F0-8722-1690F15B655D} => C:\Users\Marcio\Desktop\ZA-Scan.exe (Nenhum Arquivo) Task: {1D104906-979B-49FA-B6D1-6DFEFBB684C5} - System32\Tasks\EPSON L3150 Series Update {8C314BFB-FC24-4D64-AC05-55DDFB06DD98} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Task: {1D880400-305A-4FEA-9F9C-B9E367F3D905} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2022-04-14] (Microsoft Corporation -> Microsoft Corporation) Task: {21118A70-098C-42AC-9483-7F18AD71E725} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> ) Task: {2A718665-C195-4692-9B6D-D1F18C619E5A} - System32\Tasks\{8C95140B-D16F-4380-869D-7045B6457735} => C:\Windows\system32\pcalua.exe -a "C:\Users\Marcio\Desktop\ug30d\All MTK USB Driverv.9.2.PDanet.Adb 2015\Android WinADBUSB\installer\InstallADBDriver.exe" -d "C:\Users\Marcio\Desktop\ug30d\All MTK USB Driverv.9.2.PDanet.Adb 2015\Android WinADBUSB\installer" Task: {2C7E7CD9-4346-4A73-90B1-071E1D7631E5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117144 2022-04-14] (Microsoft Corporation -> Microsoft Corporation) Task: {324DB2B4-9A86-450D-9C62-D76A24EA6E50} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614320 2022-03-28] (Microsoft Corporation -> Microsoft Corporation) Task: {3DADE325-51A7-4B6F-9C87-B6D38678B18D} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [120104 2011-08-24] (CyberLink -> CyberLink Corp.) Task: {44EAD42A-E27A-4985-84B2-90C830FA52BC} - System32\Tasks\{DDA3C2C6-2F1C-4FA6-A52B-F119DCDD786C} => C:\Users\Marcio\Desktop\ZA-Scan.exe (Nenhum Arquivo) Task: {458C5281-F4EF-4828-90A8-FBAB8998AD6A} - System32\Tasks\{7E827799-6A99-4B45-9566-7B585A278944} => C:\Users\Marcio\Downloads\uTorrent.exe (Nenhum Arquivo) Task: {4648826D-45EC-49E8-8201-0602600EE05E} - System32\Tasks\{A6E73FE4-E57E-47C2-89F8-8A04E792072B} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcio\Desktop\bankerfix.exe -d C:\Users\Marcio\Desktop Task: {46B065E7-F6B7-4E47-9AC4-CD4ED90F20E1} - System32\Tasks\{0B9FCD87-EAC0-47DE-95CD-44FE6BB27F29} => C:\Windows\system32\pcalua.exe -a "C:\Users\Marcio\Desktop\Oneplus 6\OnePlus_USB_Drivers_Setup.exe" -d "C:\Users\Marcio\Desktop\Oneplus 6" Task: {52E0C135-3451-45CB-B31B-2494A1D66E65} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [169352 2011-08-24] (CyberLink -> CyberLink) Task: {56A9BDC3-4797-4163-B7C4-9281E3BABAD7} - System32\Tasks\GoogleUpdateTaskMachineUA1d090fa37b3d89c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {60F9AD29-2FF9-4F75-96B9-8C68D12F6774} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> ) Task: {6235551F-3984-4B75-934B-19C2E52B2064} - System32\Tasks\{8B65F609-27F4-4342-9F92-5614CB15FBB9} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcio\Downloads\JavaUninstallTool.exe -d C:\Users\Marcio\Downloads Task: {63FCE471-F1BD-4689-8A29-9F5FCD485530} - System32\Tasks\{2AD3B5FA-0867-4305-85C7-87BF58D20FF1} => C:\Windows\system32\pcalua.exe -a "E:\Imposto de Renda\PROG IR 2015\IRPF2015.exe" -d "E:\Imposto de Renda\PROG IR 2015" Task: {6868D3E5-9D1C-4DF7-A511-77A3BF87D3C1} - System32\Tasks\GoogleUpdateTaskMachineCore1d12cf697c616e6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {7457BDBC-82FC-4EEA-B941-7D6EEEEED30C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {7C1730B5-47A1-426D-A098-3BC7C54DD592} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614320 2022-03-28] (Microsoft Corporation -> Microsoft Corporation) Task: {81C72D3D-69E5-4614-8DED-388DCD11F067} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" Task: {855BB38C-7D93-4615-8427-ED028FFFD1B5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) Task: {92C778D0-A0FC-4F69-ACEB-520D20BD67C0} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e2b44ad79d16 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {9378FDC7-BECB-408B-A21A-983CECB504FD} - System32\Tasks\GoogleUpdateTaskMachineUA1d15e0b283ce9ba => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {9AB483C1-9AD4-4CB4-91DE-A74C58FFE39F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {AC9CB033-695E-4B47-A4A7-76BC047A4A3D} - System32\Tasks\GoogleUpdateTaskMachineUA1d12cf6980b849c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {B28B1260-9285-4D47-A2CF-ABE22F28DF54} - System32\Tasks\{0ED2165E-D203-4EB2-AC0E-1DA65C7CE55E} => C:\Users\Marcio\Downloads\flashplayer32ppau_ha_install.exe (Nenhum Arquivo) Task: {B666226D-D990-4E21-86E9-CD5FA5FCAAF0} - System32\Tasks\{08BA2DAF-DDC3-4F80-959E-24FB8A4B34D0} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}\setup.exe" -c -runfromtemp -l0x0409 -removeonly Task: {B7274097-9510-424B-945C-A8D7848301D3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {BAEE6B86-6103-42EE-A78C-EBBBD2409A79} - System32\Tasks\{19D04AEE-67D2-4216-BF42-94D35ED4B706} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcio\Desktop\ZA-Scan.exe -d C:\Users\Marcio\Desktop Task: {C3C88142-E7BC-4EC0-830E-CB3CF1F2DB10} - System32\Tasks\{FF3F5185-CE1E-4EF5-AC29-41CF4583EA0D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Marcio\Desktop\OP-5T\OnePlus 5T - Toolkit by Marchetto96\files\OnePlus_USB_Drivers_Setup.exe" -d "C:\Users\Marcio\Desktop\OP-5T\OnePlus 5T - Toolkit by Marchetto96" Task: {C6E865A3-635F-4A31-AEC7-58E4F268BAB4} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {CE42DD44-E84B-4A0A-8BC3-A8E0EC964448} - System32\Tasks\{D25A2FDC-354F-435B-9296-0E1F0ED0A393} => C:\Windows\system32\pcalua.exe -a "C:\Users\Marcio\Desktop\All MTK USB Driver 2014\All MTK USB Driver 2014\All MTK Drivers\FeaturePhoneDriver\v1.1032.1\InstallDriver.exe" -d "C:\Users\Marcio\Desktop\All MTK USB Driver 2014\All MTK USB Driver 2014\All MTK Drivers\FeaturePhoneDriver\v1.1032.1" Task: {D0AA3862-E00B-4C2E-ACF4-CA59BC902247} - System32\Tasks\{5BFD5620-0138-4E8C-BD9E-D1C23E21DB5F} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcio\Desktop\bankerfix.exe -d C:\Users\Marcio\Desktop Task: {D178833F-3655-424D-BEA3-7A9A353CB718} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe /Task (Nenhum Arquivo) Task: {D8FD40D1-A424-4B72-80BA-3A754DECF7D2} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [264760 2011-08-24] (CyberLink -> Acer Incorporated) Task: {E37E631B-AF53-46AE-B7D8-AD7C1B792C3E} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e2b44b274404 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {EE5AE1DE-567F-4825-AEA4-DD6FD80704F5} - System32\Tasks\{BD8EE84B-885D-4065-A3C3-0DB8F42AF58A} => C:\Windows\system32\pcalua.exe -a C:\Users\Marcio\Downloads\dotnetfx35.exe -d C:\Users\Marcio\Downloads Task: {EF4BB98F-A1F3-41F7-BDEC-21B46AFD7E76} - System32\Tasks\GoogleUpdateTaskMachineCore1d0be756769bc21 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {F1CF992C-1EAD-4527-83E6-0CFD0CCC9A06} - System32\Tasks\GoogleUpdateTaskMachineCore1d090fa377ab796 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) Task: {F64BB11C-309D-4266-BFC4-CC81332F986E} - System32\Tasks\{A74C5CDF-F131-49A1-B818-217C00BE9DD4} => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HP Deskjet 3050 J610 series.exe [5420136 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) Task: {FC71B5DA-7ED9-4B1F-8760-71372F96CC91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-29] (Google Inc -> Google Inc.) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\EPSON L3150 Series Update {8C314BFB-FC24-4D64-AC05-55DDFB06DD98}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{8C314BFB-FC24-4D64-AC05-55DDFB06DD98} /F:UpdateSISTEMAĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d090fa377ab796.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0be756769bc21.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e2b44ad79d16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d090fa37b3d89c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0be7567d17eaa.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e2b44b274404.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f18943ecc0cf.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12cf6980b849c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.) Tcpip\Parameters: [DhcpNameServer] 168.196.40.23 168.196.40.24 Tcpip\..\Interfaces\{008F778E-442B-4173-90ED-87859B7E07DE}: [DhcpNameServer] 168.196.40.23 168.196.40.24 Tcpip\..\Interfaces\{8010445A-E4CD-4809-8243-F77EAF30D091}: [DhcpNameServer] 168.196.40.23 168.196.40.24 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Marcio\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-09] Edge HomePage: Default -> hxxp://www.google.com.br/ FireFox: ======== FF DefaultProfile: 1cb0xr7y.default-1557914998784 FF ProfilePath: C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\1cb0xr7y.default-1557914998784 [2022-04-22] FF Extension: (AdBlocker Ultimate) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\1cb0xr7y.default-1557914998784\Extensions\adblockultimate@adblockultimate.net.xpi [2022-03-11] FF Extension: (Ant Video downloader) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\1cb0xr7y.default-1557914998784\Extensions\anttoolbar@ant.com.xpi [2022-01-17] FF Extension: (Video Download) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\1cb0xr7y.default-1557914998784\Extensions\{2c1bf1db-1d03-469a-8d76-c7a3c8b8d928}.xpi [2021-01-19] FF Extension: (Video DownloadHelper) - C:\Users\Marcio\AppData\Roaming\Mozilla\Firefox\Profiles\1cb0xr7y.default-1557914998784\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-04] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => não encontrado (a) FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-11-13] [] [não assinado] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => não encontrado (a) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation -> Foxit Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin HKU\S-1-5-21-2766664585-520136655-3584524175-1000: SkypeForBusinessPlugin-16.2 -> C:\Users\Marcio\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\npGatewayNpapi.dll [2017-05-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-2766664585-520136655-3584524175-1000: SkypeForBusinessPlugin64-16.2 -> C:\Users\Marcio\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.194\npGatewayNpapi-x64.dll [2017-05-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Marcio\AppData\Roaming\mozilla\plugins\npatgpc.dll [2018-03-30] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2022-04-22] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-04-22] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default [2022-04-22] CHR Notifications: Default -> hxxps://conteudos.xpi.com.br; hxxps://meet.google.com; hxxps://outlook.office.com; hxxps://teams.microsoft.com; hxxps://web.skype.com CHR HomePage: Default -> hxxp://www.google.com.br/ CHR DefaultSearchKeyword: Default -> google.com_ CHR Extension: (Google Tradutor) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-09] CHR Extension: (Gerenciador de favoritos) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\biojdgbkkgmnfijfpdppmlomdapfpcnl [2017-05-29] CHR Extension: ('Improve YouTube!' (Video & YouTube Tools)🎧) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnomihfieiccainjcjblhegjgglakjdd [2022-04-13] CHR Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-12] CHR Extension: (Hola Video Accelerator) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgpmaaockmdehmidghebcjafhihlgha [2018-07-26] CHR Extension: (OneTab) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2022-04-13] CHR Extension: (Web PKI) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcngeagmmhegagicpcmpinaoklddcgon [2021-06-16] CHR Extension: (Compartilhamento de tela do Microsoft Teams) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhheiegalgcabbcobinipgmhepkkeidk [2021-10-08] CHR Extension: (Dark Reader) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2022-04-22] CHR Extension: (Documentos Google off-line) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-18] CHR Extension: (Marvel Comics) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice [2017-05-29] CHR Extension: (Video Downloader Wise) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\iekgholhfibbgedbemeoglmklmeleonb [2022-01-21] CHR Extension: (Chrome Remote Desktop) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-12-28] CHR Extension: (Downloads) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2017-05-29] CHR Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23] CHR Extension: (Simple Downloader for Vimeo™) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mffmjlddchdccijipncbjhoabgmphjfb [2022-04-14] CHR Extension: (Google Play Books) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2017-05-29] CHR Extension: (Video Speed Controller) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2021-09-29] CHR Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2020-10-07] CHR Extension: (TZWebChartWindow) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmdhbmdklokcmpmcegmbfehjencmbeab [2017-05-29] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Corretor gramatical e ortográfico — LanguageTool) - C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldceeleldhonbafppcapldpdifcinji [2022-04-20] CHR Profile: C:\Users\Marcio\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-05-29] CHR HKU\S-1-5-21-2766664585-520136655-3584524175-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Marcio\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx CHR HKU\S-1-5-21-2766664585-520136655-3584524175-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S4 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-10-27] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Arquivo não assinado] S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\101.0.4951.13\remoting_host.exe [72024 2022-03-27] (Google LLC -> Google LLC) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11138976 2022-03-28] (Microsoft Corporation -> Microsoft Corporation) S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [45408 2022-04-11] (Dropbox, Inc -> Dropbox, Inc.) R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [3210720 2022-03-29] (ESET, spol. s r.o. -> ESET) S4 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2018-01-29] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) S4 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [243880 2015-01-16] (Foxit Software Incorporated -> Foxit Software Inc.) R2 HFGService; C:\Windows\System32\HFGService.dll [535552 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc) R2 mfevtp; C:\Windows\system32\mfevtps.exe [343544 2017-06-05] (McAfee, Inc. -> McAfee, Inc.) S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC) S4 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> ) S4 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S4 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado] R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [2269056 2021-08-16] (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1118256 2019-11-22] (PROCOMP INDUSTRIA ELETRONICA LTDA -> Diebold Nixdorf) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S3 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) S3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [52224 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc) S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc) S3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [78848 2009-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [183888 2022-03-29] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107944 2022-03-29] (ESET, spol. s r.o. -> ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [226264 2022-03-29] (ESET, spol. s r.o. -> ESET) S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [44968 2022-03-29] (ESET, spol. s r.o. -> ESET) R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [70776 2022-03-29] (ESET, spol. s r.o. -> ESET) R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [56880 2022-03-29] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [111624 2022-03-29] (ESET, spol. s r.o. -> ESET) R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-01] (Martin Malik - REALiX -> REALiX(tm)) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [917008 2017-06-05] (McAfee, Inc. -> McAfee, Inc.) S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [124432 2017-06-05] (McAfee, Inc. -> McAfee, Inc.) R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [82432 2011-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation) R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [181760 2011-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation) R3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [3564568 2017-09-01] (AlcorMicro, Corp. -> Windows (R) Win 7 DDK provider) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit Information Technology -> IObit) R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider) S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies) R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2022-04-22] (GAS INFORMATICA LTDA -> GAS Tecnologia) R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [47064 2019-08-28] (Gas Informatica Ltda -> GAS Tecnologia) R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [44728 2019-05-17] (Gas Informatica Ltda -> GAS Tecnologia) R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [43560 2018-04-10] (Gas Informatica Ltda -> GAS Tecnologia) R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-09-19] (Zemana Ltd. -> Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-09-19] (Zemana Ltd. -> Zemana Ltd.) S3 catchme; \??\C:\combofix-17-5-4-1\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-04-22 20:13 - 2022-04-22 20:14 - 000039057 _____ C:\Users\Marcio\Desktop\FRST.txt 2022-04-22 20:13 - 2022-04-22 20:14 - 000000000 ____D C:\FRST 2022-04-22 20:08 - 2022-04-22 20:08 - 008551608 _____ (Malwarebytes) C:\Users\Marcio\Desktop\adwcleaner.exe 2022-04-22 20:07 - 2022-04-22 20:07 - 005659583 _____ (Swearware) C:\Users\Marcio\Desktop\5 - ComboFix.exe 2022-04-22 20:07 - 2022-04-22 20:07 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Marcio\Desktop\4 - rkill.exe 2022-04-22 20:06 - 2022-04-22 20:07 - 001790024 _____ (Malwarebytes) C:\Users\Marcio\Desktop\3 - JRT.exe 2022-04-22 20:06 - 2022-04-22 20:06 - 002366976 _____ (Farbar) C:\Users\Marcio\Desktop\2 - FRST64.exe 2022-04-22 20:04 - 2022-04-22 20:05 - 008540344 _____ (Malwarebytes) C:\Users\Marcio\Desktop\adwcleaner_8.3.1.exe 2022-04-22 10:41 - 2022-04-22 10:41 - 000057932 _____ C:\Users\Marcio\Downloads\Documentos Escaneados.pdf 2022-04-21 11:04 - 2022-04-21 11:04 - 000995722 _____ C:\Users\Marcio\Downloads\EDITAL DO PRODIIC - 001-2022.pdf 2022-04-19 21:06 - 2022-04-19 21:06 - 000001820 _____ C:\Users\Marcio\Desktop\- Simulador Previdência Privada - v.2022 - Atalho.lnk 2022-04-18 15:24 - 2022-04-18 21:09 - 000020773 _____ C:\Users\Marcio\Downloads\NPS - Marcio de Freitas 01.xlsx 2022-04-18 12:54 - 2022-04-18 12:54 - 000066955 _____ C:\Users\Marcio\Downloads\WhatsApp Image 2022-04-18 at 12.54.17.jpeg 2022-04-18 11:27 - 2022-04-18 11:27 - 000260764 _____ C:\Users\Marcio\Downloads\FIX_II.pdf 2022-04-18 11:27 - 2022-04-18 11:27 - 000252251 _____ C:\Users\Marcio\Downloads\CONCEPT_V.pdf 2022-04-18 11:27 - 2022-04-18 11:27 - 000244823 _____ C:\Users\Marcio\Downloads\PREMIUM_IV.pdf 2022-04-18 08:47 - 2022-04-18 08:47 - 000065511 _____ C:\Users\Marcio\Downloads\WhatsApp Image 2022-04-18 at 08.40.25.jpeg 2022-04-17 18:35 - 2022-04-17 19:06 - 000000000 ____D C:\Users\Marcio\AppData\Local\WhatsApp 2022-04-14 15:30 - 2022-04-14 15:30 - 000000791 _____ C:\Users\Marcio\Downloads\bibliog.txt 2022-04-14 14:33 - 2022-04-14 14:33 - 000000799 _____ C:\Users\Public\Desktop\IRPF2022 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk 2022-04-14 14:32 - 2022-04-14 14:32 - 000000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2022 2022-04-14 14:32 - 2022-04-14 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2022 2022-04-14 12:01 - 2022-04-14 12:01 - 000934821 _____ C:\Users\Marcio\Downloads\Resumo-interno-Aqua-Capital-1.pdf 2022-04-14 08:39 - 2022-04-14 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-04-13 09:11 - 2022-04-13 09:11 - 432208703 _____ C:\Users\Marcio\Downloads\Treinamento O Novo Estetoscópio - Aula 06..mp4 2022-04-11 20:52 - 2022-04-11 20:52 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2022-04-11 20:52 - 2022-04-11 20:52 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2022-04-11 20:52 - 2022-04-11 20:52 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2022-04-11 20:52 - 2022-04-11 20:52 - 000045408 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2022-04-11 10:13 - 2022-04-13 09:40 - 000019678 _____ C:\Users\Marcio\Downloads\NPS - Marcio de Freitas 00.xlsx 2022-04-11 07:07 - 2022-04-11 07:08 - 461115733 _____ C:\Users\Marcio\Downloads\Treinamento O Novo Estetoscópio - Aula 05..mp4 2022-04-11 07:07 - 2022-04-11 07:07 - 141073160 _____ C:\Users\Marcio\Downloads\Treinamento O Novo Estetoscópio - Aula 04..mp4 2022-04-10 19:40 - 2022-04-10 19:40 - 001833479 _____ C:\Users\Marcio\Downloads\AV1 AMBULATÓRIO GRUPO B2 (1).pdf 2022-04-10 15:29 - 2022-04-10 15:29 - 000102719 _____ C:\Users\Marcio\Downloads\WhatsApp Image 2022-04-08 at 13.52.08.jpeg 2022-04-10 11:24 - 2022-04-10 11:29 - 001093228 _____ C:\Users\Marcio\Downloads\Questionário USG POCUS MEDCOF.pdf 2022-04-09 11:54 - 2022-04-09 11:54 - 271499291 _____ C:\Users\Marcio\Downloads\Treinamento O Novo Estetoscópio - Aula 03..mp4 2022-04-09 11:54 - 2022-04-09 11:54 - 181587344 _____ C:\Users\Marcio\Downloads\Treinamento O Novo Estetoscópio - Aula 02..mp4 2022-04-09 11:53 - 2022-04-09 11:53 - 115716090 _____ C:\Users\Marcio\Downloads\Treinamento O Novo Estetoscópio - Aula 01. (1).mp4 2022-04-08 07:17 - 2022-04-08 07:17 - 000013736 _____ C:\Users\Marcio\Downloads\PlanilhaModeloDesconto (1).xlsx 2022-04-07 21:01 - 2022-04-07 21:06 - 094357737 _____ C:\Users\Marcio\Downloads\Treinamento O Novo Estetoscópio - Aula 02..mp4.crdownload 2022-04-07 20:59 - 2022-04-07 21:11 - 230955122 _____ C:\Users\Marcio\Downloads\Aula #3 _ Manejando a Polifarmácia e a interação medicamentosa com segurança.mp4 2022-04-07 20:59 - 2022-04-07 21:09 - 214909222 _____ C:\Users\Marcio\Downloads\Aula #4 _ Como se Preparar para manejar Qualquer Idoso com Segurança e Resolutividade.mp4 2022-04-07 20:59 - 2022-04-07 21:02 - 097174687 _____ C:\Users\Marcio\Downloads\Aula #2 _ 7 Dicas Práticas para Facilitar o Atendimento ao Idoso que os livros não ensinam..mp4 2022-04-04 09:05 - 2022-04-04 09:06 - 296809341 _____ C:\Users\Marcio\Downloads\Aula #1 _ Os 8 maiores erros no atendimento ao idoso - e como evitá-los..mp4 2022-04-01 08:27 - 2022-04-02 12:13 - 001431137 _____ C:\Users\Marcio\Downloads\Nova Home.pdf 2022-03-31 20:49 - 2022-03-24 07:54 - 000386632 _____ (Google, Inc.) C:\Windows\system32\Drivers\googledrivefs3758.sys 2022-03-29 17:12 - 2022-03-29 17:12 - 007431168 _____ C:\Users\Marcio\Downloads\resumo_de_haircut10012022.xlsx 2022-03-28 09:23 - 2022-03-28 09:23 - 000077462 _____ C:\Users\Marcio\Downloads\WhatsApp Image 2022-03-27 at 10.14.28.jpeg 2022-03-25 11:03 - 2022-04-01 08:26 - 000548363 _____ C:\Users\Marcio\Downloads\Comissionamento VLGI Investimentos.pdf ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-04-22 20:14 - 2020-09-10 18:05 - 000111366 _____ C:\Windows\ZAM.krnl.trace 2022-04-22 20:14 - 2020-09-10 18:05 - 000082291 _____ C:\Windows\ZAM_Guard.krnl.trace 2022-04-22 20:08 - 2009-07-14 01:45 - 000026160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-04-22 20:08 - 2009-07-14 01:45 - 000026160 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-04-22 19:53 - 2018-05-30 11:59 - 000000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2022-04-22 19:53 - 2018-03-11 21:26 - 000000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini 2022-04-22 19:41 - 2019-08-10 09:41 - 000000913 _____ C:\Windows\Tasks\EPSON L3150 Series Update {8C314BFB-FC24-4D64-AC05-55DDFB06DD98}.job 2022-04-22 19:40 - 2015-04-29 13:50 - 000001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2022-04-22 19:40 - 2015-04-29 13:50 - 000000000 ____D C:\Program Files (x86)\Google 2022-04-22 19:35 - 2018-09-13 16:15 - 000001020 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2022-04-22 19:03 - 2016-12-05 20:50 - 000000000 ____D C:\Users\Marcio\AppData\LocalLow\Mozilla 2022-04-22 18:48 - 2015-12-02 08:42 - 000001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12cf6980b849c.job 2022-04-22 18:47 - 2015-09-17 17:41 - 000001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f18943ecc0cf.job 2022-04-22 18:46 - 2015-08-29 20:41 - 000001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e2b44b274404.job 2022-04-22 18:46 - 2015-07-14 17:41 - 000001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0be7567d17eaa.job 2022-04-22 18:46 - 2015-05-17 20:35 - 000001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d090fa37b3d89c.job 2022-04-22 18:18 - 2011-10-26 18:14 - 000711426 _____ C:\Windows\system32\prfh0416.dat 2022-04-22 18:18 - 2011-10-26 18:14 - 000152572 _____ C:\Windows\system32\prfc0416.dat 2022-04-22 18:18 - 2009-07-14 02:13 - 001657088 _____ C:\Windows\system32\PerfStringBackup.INI 2022-04-22 18:18 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf 2022-04-22 18:14 - 2018-09-13 16:15 - 000001016 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2022-04-22 18:14 - 2017-06-01 11:34 - 000028376 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys 2022-04-22 18:14 - 2015-08-29 20:41 - 000001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e2b44ad79d16.job 2022-04-22 18:14 - 2015-07-14 17:41 - 000001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0be756769bc21.job 2022-04-22 18:14 - 2015-05-17 20:35 - 000001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d090fa377ab796.job 2022-04-22 18:14 - 2015-04-29 13:50 - 000001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2022-04-22 18:14 - 2011-12-11 10:42 - 000000000 ____D C:\ProgramData\clear.fi 2022-04-22 18:14 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-04-22 09:05 - 2022-02-09 11:03 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-04-22 07:44 - 2013-03-08 19:45 - 000000000 ____D C:\Program Files\Java 2022-04-22 07:43 - 2012-06-07 18:09 - 000000000 ____D C:\Users\Marcio\AppData\Roaming\uTorrent 2022-04-22 07:38 - 2019-03-04 15:24 - 000000000 ____D C:\Users\Marcio\AppData\Local\BitTorrentHelper 2022-04-21 12:35 - 2019-12-26 14:22 - 000000000 ____D C:\Users\Marcio\.irpf 2022-04-21 11:37 - 2021-09-09 21:52 - 000002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2022-04-21 11:37 - 2021-09-09 21:52 - 000001858 _____ C:\Users\Default\Desktop\Google Slides.lnk 2022-04-21 11:37 - 2021-09-09 21:52 - 000001858 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2022-04-21 11:37 - 2021-09-09 21:52 - 000001846 _____ C:\Users\Default\Desktop\Google Docs.lnk 2022-04-20 05:30 - 2016-02-02 19:43 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d15e0b283ce9ba 2022-04-20 05:30 - 2015-12-02 08:42 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d12cf697c616e6 2022-04-18 22:11 - 2019-12-26 21:44 - 000000000 ____D C:\Users\Marcio\.receitanet 2022-04-17 19:06 - 2022-03-06 10:24 - 000000000 ____D C:\Users\Marcio\AppData\Roaming\WhatsApp 2022-04-17 19:06 - 2022-03-06 10:24 - 000000000 ____D C:\Users\Marcio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2022-04-17 18:35 - 2021-08-25 17:58 - 000000000 ____D C:\Users\Marcio\AppData\Local\SquirrelTemp 2022-04-17 17:36 - 2020-01-19 07:06 - 000002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-04-16 14:52 - 2009-07-14 02:08 - 000032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2022-04-15 21:50 - 2018-12-11 10:46 - 000006126 _____ C:\Users\Marcio\Desktop\PREV PRIV.txt 2022-04-14 18:42 - 2015-04-29 13:53 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-04-14 14:33 - 2012-03-10 13:37 - 000000000 ___HD C:\Program Files (x86)\InstallJammer Registry 2022-04-14 11:08 - 2014-12-19 09:01 - 000035738 _____ C:\Users\Marcio\Desktop\Rateio +Fibra.xlsx 2022-04-14 09:33 - 2020-11-11 21:01 - 000000000 ____D C:\Users\Marcio\Desktop\Pagamentos 2022-04-14 08:39 - 2018-09-13 16:15 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-04-14 08:22 - 2020-01-11 19:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-04-14 08:20 - 2011-10-26 12:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-04-13 21:29 - 2020-05-23 06:36 - 000000000 ____D C:\Users\Marcio\AppData\Roaming\Apowersoft 2022-04-13 18:39 - 2016-12-04 12:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-04-13 18:39 - 2014-12-11 08:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-04-13 08:23 - 2021-10-17 06:11 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-04-13 08:23 - 2020-10-09 20:28 - 000004978 _____ C:\Windows\wininit.ini 2022-04-12 22:50 - 2013-09-08 10:30 - 000000000 ____D C:\Windows\system32\MRT 2022-04-12 22:18 - 2012-02-04 19:07 - 143823848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-04-06 08:29 - 2020-01-19 07:05 - 000003518 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-04-06 08:29 - 2020-01-19 07:05 - 000003390 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-03-31 22:30 - 2017-10-20 08:02 - 000000000 ____D C:\Users\Marcio\Desktop\XP Invest - Planilhas 2022-03-29 17:50 - 2020-08-26 20:14 - 000107944 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys 2022-03-29 17:50 - 2016-11-17 22:00 - 000044968 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys 2022-03-29 17:50 - 2016-04-13 13:31 - 000056880 _____ (ESET) C:\Windows\system32\Drivers\EpfwLWF.sys 2022-03-29 17:50 - 2012-11-28 09:07 - 000111624 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys 2022-03-29 17:50 - 2012-10-08 08:21 - 000226264 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys 2022-03-29 17:50 - 2012-10-08 08:21 - 000183888 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys 2022-03-29 17:50 - 2012-10-08 08:21 - 000070776 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys 2022-03-27 13:26 - 2017-09-20 08:27 - 000000000 ____D C:\Users\Marcio\AppData\Local\CrashDumps 2022-03-23 21:20 - 2022-02-11 09:25 - 012777274 _____ C:\Users\Marcio\Downloads\Guia+de+Previdência+e+Vida_Fev_2022_2.1_VersãoFinal.xlsb ==================== Arquivos na raiz de alguns diretórios ======== 2020-04-15 17:02 - 2020-04-15 17:02 - 000019170 _____ () C:\Users\Marcio\AppData\Roaming\UserTile.png 2017-05-18 20:18 - 2017-05-18 20:18 - 000000000 ____H () C:\Users\Marcio\AppData\Local\AppUpdate.log 2020-03-31 17:10 - 2020-10-21 19:01 - 000005632 _____ () C:\Users\Marcio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-10 16:10 - 2021-08-06 06:58 - 000007606 _____ () C:\Users\Marcio\AppData\Local\Resmon.ResmonCfg 2018-03-02 09:31 - 2018-10-28 08:00 - 000211968 _____ () C:\Users\Marcio\AppData\Local\WebpageIcons.db 2018-04-22 20:46 - 2018-04-22 20:48 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{36031B69-7713-4EF3-94E8-92EA9FB63736} 2021-06-27 05:59 - 2021-06-27 05:59 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{3B561A74-CCCE-48BB-BD25-936CFBC88142} 2015-07-24 12:42 - 2015-07-24 12:42 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{491CC074-0BDD-4B8D-B86C-DAF6F9D4AAB2} 2020-12-10 03:38 - 2020-12-10 03:38 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{4C2A2A4A-C968-4B63-8734-478A2AD2AD4C} 2017-08-30 12:31 - 2017-08-30 12:32 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{537DFF3A-94A2-46A8-994C-A8B386F79CF7} 2022-03-10 21:24 - 2022-03-10 21:24 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{575796C6-88E0-4535-8A89-28468A375065} 2022-03-10 21:24 - 2022-03-10 21:24 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{59FB1FCE-DEBE-4362-ABF1-EEE05D4C2D6A} 2022-03-10 21:24 - 2022-03-10 21:24 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{74C2F40B-7A5D-4F5B-8881-35F138117E13} 2021-08-22 10:49 - 2021-08-22 10:49 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{7D6DB728-BEEC-4D7F-BDCA-E4D97A540EFF} 2020-12-10 03:43 - 2020-12-10 03:43 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{901E9A11-35BD-48C7-805B-19AD8B5F9788} 2021-06-27 05:59 - 2021-06-27 05:59 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{95E581C6-C919-454D-B8CC-C5992F5B0FB5} 2022-03-10 21:24 - 2022-03-10 21:24 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{A063E408-80B5-48F5-9D27-FB9D9832B0DD} 2015-07-24 12:42 - 2015-07-24 12:42 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{B8A1E03B-A318-4A29-889B-6803826F94F9} 2015-07-24 12:42 - 2015-07-24 12:42 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{C040E248-AC0D-4AF3-AF4C-AC8B60B8E9E8} 2019-08-19 07:44 - 2019-08-19 07:44 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{C05F748C-563D-4A02-93AA-55FBE5B3D5AF} 2019-08-20 18:09 - 2019-08-20 18:09 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{D1D1AA92-2377-4CBA-829A-DA3F2108E167} 2022-03-10 21:24 - 2022-03-10 21:24 - 000000000 _____ () C:\Users\Marcio\AppData\Local\{DEB46126-7BF2-4375-A240-6B72C2454F6A} ==================== FLock ============================== 2020-01-08 01:09 C:\Windows\system32\concrt140.dll 2016-09-14 14:31 C:\Windows\system32\enppmon.dll 2016-09-14 14:31 C:\Windows\system32\enppui.dll 2016-09-14 14:31 C:\Windows\system32\ensppmon.dll 2016-09-14 14:31 C:\Windows\system32\ensppui.dll 2011-03-15 03:03 C:\Windows\system32\E_YD4BUNE.DLL 2017-07-14 04:13 C:\Windows\system32\E_YLMBUNE.DLL 2020-01-08 01:09 C:\Windows\system32\mfc140.dll 2020-01-08 01:09 C:\Windows\system32\mfc140chs.dll 2020-01-08 01:09 C:\Windows\system32\mfc140cht.dll 2020-01-08 01:09 C:\Windows\system32\mfc140deu.dll 2020-01-08 01:10 C:\Windows\system32\mfc140enu.dll 2020-01-08 01:10 C:\Windows\system32\mfc140esn.dll 2020-01-08 01:09 C:\Windows\system32\mfc140fra.dll 2020-01-08 01:09 C:\Windows\system32\mfc140ita.dll 2020-01-08 01:09 C:\Windows\system32\mfc140jpn.dll 2020-01-08 01:09 C:\Windows\system32\mfc140kor.dll 2020-01-08 01:09 C:\Windows\system32\mfc140rus.dll 2020-01-08 01:09 C:\Windows\system32\mfc140u.dll 2020-01-08 01:16 C:\Windows\system32\mfcm140.dll 2020-01-08 01:16 C:\Windows\system32\mfcm140u.dll 2020-01-08 01:10 C:\Windows\system32\msvcp140.dll 2020-01-08 01:09 C:\Windows\system32\msvcp140_1.dll 2020-01-08 01:09 C:\Windows\system32\msvcp140_2.dll 2019-03-27 10:16 C:\Windows\system32\msvcp140_clr0400.dll 2020-01-08 01:09 C:\Windows\system32\msvcp140_codecvt_ids.dll 2019-03-27 10:16 C:\Windows\system32\ucrtbase_clr0400.dll 2020-01-08 01:09 C:\Windows\system32\vcamp140.dll 2020-01-08 01:09 C:\Windows\system32\vccorlib140.dll 2020-01-08 01:09 C:\Windows\system32\vcomp140.dll 2020-01-08 01:09 C:\Windows\system32\vcruntime140.dll 2020-01-08 01:09 C:\Windows\system32\vcruntime140_1.dll 2019-03-27 10:16 C:\Windows\system32\vcruntime140_clr0400.dll 2018-01-03 11:51 C:\Windows\system32\WindowsAccessBridge-643637007.dll ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) LastRegBack: 2022-04-08 20:30 ==================== Fim de FRST.txt ========================