Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 11-10-2022 Executado por Geovane (administrador) em DESKTOP-C045OQG (Gigabyte Technology Co., Ltd. H110M-S2H DDR3) (11-10-2022 16:45:58) Executando a partir de C:\Users\Geova\Desktop Perfis Carregados: Geovane Plataforma: Microsoft Windows 10 Pro Versão 21H2 19044.2006 (X64) Idioma: Português (Brasil) Navegador padrão: FF Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe (explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (explorer.exe ->) (Last.fm) [Arquivo não assinado] C:\Program Files (x86)\Last.fm\Last.fm Desktop Scrobbler\Last.fm Desktop Scrobbler.exe (explorer.exe ->) (OP.GG -> OP.GG) C:\Users\Geova\AppData\Local\Programs\OP.GG\OP.GG.exe <12> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14> (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\5.3.102.0\McCSPServiceHost.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3> (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_22_7\mcapexe.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c43eff7079c4c90c\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.549981c3f5f10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [337720 2020-11-12] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [LeagueDisplays] => C:\Riot Games\LeagueDisplays\assistant\LeagueDisplaysAssistant.exe [406016 2019-05-08] () [Arquivo não assinado] HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126403424 2022-03-21] (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO HKU\S-1-5-21-1645501421-473079460-2763751000-1001\...\Run: [electron.app.OP.GG] => C:\Users\Geova\AppData\Local\Programs\OP.GG\OP.GG.exe [149021184 2022-10-07] (OP.GG -> OP.GG) HKU\S-1-5-21-1645501421-473079460-2763751000-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Geova\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-07-19] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-1645501421-473079460-2763751000-1001\...\Run: [Spotify] => C:\Windows.old\Users\Geova\AppData\Roaming\Spotify\Spotify.exe [20025272 2022-03-27] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-1645501421-473079460-2763751000-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4234088 2022-10-06] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-1645501421-473079460-2763751000-1001\...\Run: [Discord] => C:\Users\Geova\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-1645501421-473079460-2763751000-500\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630024 2022-10-10] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1645501421-473079460-2763751000-500\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Administrador\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-10-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\106.0.5249.103\Installer\chrmstp.exe [2022-10-06] (Google LLC -> Google LLC) Startup: C:\Users\Geova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Desktop Scrobbler.lnk [2022-09-11] ShortcutTarget: Last.fm Desktop Scrobbler.lnk -> C:\Users\Geova\AppData\Roaming\Microsoft\Installer\{B13709CB-85AE-4F45-BFF9-2CB2B7A78F83}\_19B259572BFCF696C10AAD.exe () [Arquivo não assinado] ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {1B533643-2798-4CCE-B760-676AAF224B41} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation) Task: {1BA52203-D45E-46EB-AE3E-BF98693EA66C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1645501421-473079460-2763751000-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-10] (Microsoft Corporation -> Microsoft Corporation) Task: {2F7E6EAD-E53E-41CB-9068-DE9D2D3666F3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {33CC86BE-4968-4FE4-92AD-07650C21321E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {39B64CDA-E0E9-4A3F-A27D-1C7DE38B7E56} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-30] (Microsoft Corporation -> Microsoft Corporation) Task: {41CA6920-3B4A-4919-8805-49E689163244} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {432AB3A4-9188-470F-8C3F-FAF5B58A3E26} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {49131ABD-FE68-4B78-8422-C34FD3E16C0F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {4BBBF9B4-0ACB-4B47-9020-214B9F24938B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-30] (Microsoft Corporation -> Microsoft Corporation) Task: {4C62E0A9-2FBF-4694-8B60-54B8758C98EC} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4092968 2022-09-08] (McAfee, LLC -> McAfee, LLC) Task: {51CBD629-DE75-4F91-AB87-B9DBA5D7D402} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-30] (Microsoft Corporation -> Microsoft Corporation) Task: {563BCA7D-2BCE-41EA-81A6-F731B6F1281F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1645501421-473079460-2763751000-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-10] (Microsoft Corporation -> Microsoft Corporation) Task: {58276738-D0B0-41C6-A877-79D8E017ED89} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.) Task: {6380E062-96A0-47FE-938E-EAF9F55DAE66} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [932376 2022-09-02] (McAfee, LLC -> McAfee, LLC) Task: {67BF342C-C77A-4555-B437-00EC92E8138E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {6C475E18-74FA-49CF-B381-6738A182E8E8} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [932376 2022-09-02] (McAfee, LLC -> McAfee, LLC) Task: {732D2000-1A9A-4E86-A719-E73F74433CCD} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {82EE8B24-302F-4287-A41E-E12E3DFF2480} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [432128 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {846E20A8-4C8F-4060-8CFA-8C48124CE095} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {898B15E4-5A5C-48CD-B2CB-57C93BC33FCF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-30] (Microsoft Corporation -> Microsoft Corporation) Task: {8B1E8E3D-9C30-4CCE-B894-28D385C97EC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2022-07-11] (Google LLC -> Google LLC) Task: {8D819884-E493-4ED3-AF87-CB64D0538A00} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {8DF8248A-8E00-47A6-9AFA-929E366FC9A3} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2022-07-13] (McAfee, Inc. -> McAfee, LLC.) Task: {96BCB298-45F9-4B7C-8C7C-FD45E5D78196} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2022-07-11] (Google LLC -> Google LLC) Task: {99536BD6-72E2-4D97-B39F-6CA8DF7C5F74} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation) Task: {9C67AD63-4F81-4C75-AEC5-CFAD5AF69216} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {AFF3669E-4E95-4C09-B1AB-ACB3B230DF68} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\Wsc Startup event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {AFFC8901-4D9E-4707-9925-2AB1DA45270B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [432128 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {B1AB3487-E78A-4ACC-B5A1-DF9D9D774FE6} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4165504 2022-10-10] (Microsoft Corporation -> Microsoft Corporation) Task: {CA33866D-B6E4-45AF-8E39-B627731535A8} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {DAACD6D3-D684-4816-AF1B-1B1D0B3A3D42} - System32\Tasks\update-S-1-5-21-1645501421-473079460-2763751000-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {E1D80FD9-6482-4CC3-A634-EEB78A5D6726} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-09-30] (Microsoft Corporation -> Microsoft Corporation) Task: {E4F4B9CC-67E7-4C96-9496-4FCC38667CFB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {F594CA5F-BBF3-45AC-9A91-E7B0EA08509D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BB68E547-79AF-4C60-B9E9-23E9FB5C4C35\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [448512 2022-09-13] (Microsoft Windows -> Microsoft Corporation) Task: {F69EBDBE-A14B-4CD9-9E30-AF921CE80AF7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-30] (Microsoft Corporation -> Microsoft Corporation) Task: {F732DA61-72F5-4C1B-A111-244C5ED448BC} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [768288 2022-03-24] (McAfee, LLC -> McAfee, LLC) Task: {FAD53170-F90A-4610-B0FF-B36A432FBA63} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\update-S-1-5-21-1645501421-473079460-2763751000-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{B5C62141-169B-417D-BE19-D9483CD76FA9}.job => C:\WINDOWS\system32\msfeedssync.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{235d1a46-8dcb-480c-8343-66116cade67d}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{3e4a825d-2321-4478-8021-0e9a783304f4}: [DhcpNameServer] 192.168.93.39 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Geova\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-27] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] FireFox: ======== FF DefaultProfile: 6klb9i80.default FF ProfilePath: C:\Users\Geova\AppData\Roaming\Mozilla\Firefox\Profiles\6klb9i80.default [2022-10-10] FF ProfilePath: C:\Users\Geova\AppData\Roaming\Mozilla\Firefox\Profiles\jdsqqmzl.default-release [2022-10-11] FF Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\Geova\AppData\Roaming\Mozilla\Firefox\Profiles\jdsqqmzl.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-10-09] FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2022-09-22] (McAfee, LLC -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2022-09-22] (McAfee, LLC -> ) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN) Chrome: ======= CHR DefaultProfile: Profile 4 CHR Profile: C:\Users\Geova\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-10-06] CHR Profile: C:\Users\Geova\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-10-10] CHR Extension: (Stories App for Instagram) - C:\Users\Geova\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\angjmncdicjedpjcapomhnjeinkhdddf [2022-07-17] CHR Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\Geova\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Geova\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-09-03] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Geova\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-27] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Geova\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-12] CHR Profile: C:\Users\Geova\AppData\Local\Google\Chrome\User Data\System Profile [2022-10-06] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477392 2022-09-30] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-08-30] (EasyAntiCheat Oy -> Epic Games, Inc) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\FileSyncHelper.exe [3383704 2022-10-10] (Microsoft Corporation -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-27] (Malwarebytes Inc. -> Malwarebytes) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [822688 2022-09-21] (McAfee, LLC -> McAfee, LLC) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_22_7\McApExe.exe [815384 2022-09-15] (McAfee, LLC -> McAfee, LLC) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.3.102.0\\McCSPServiceHost.exe [3378784 2022-09-02] (McAfee, LLC -> McAfee, LLC) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC) R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1570072 2022-09-02] (McAfee, LLC -> McAfee, LLC) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.196.0918.0001\OneDriveUpdaterService.exe [3804040 2022-10-10] (Microsoft Corporation -> Microsoft Corporation) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4247192 2022-09-06] (McAfee, LLC -> McAfee, LLC) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.4-0\NisSrv.exe [3170592 2022-10-10] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.4-0\MsMpEng.exe [133544 2022-10-10] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c43eff7079c4c90c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c43eff7079c4c90c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77888 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) R3 CMUAC; C:\WINDOWS\System32\drivers\CMUAC.sys [613888 2014-10-09] (C-MEDIA ELECTRONICS INC. -> C-MEDIA) S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193488 2022-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [75216 2022-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-10-11] (Malwarebytes Inc. -> Malwarebytes) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476224 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349760 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84440 2022-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Trellix US LLC.) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [445504 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [920128 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [665424 2022-07-07] (Musarubra US LLC -> Trellix US LLC.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [119632 2022-07-07] (Musarubra US LLC -> Trellix US LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [112712 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [234584 2022-09-15] (Musarubra US LLC -> Trellix US LLC.) S3 MTsensor; C:\WINDOWS\System32\drivers\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> ) S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-06-29] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2022-07-19] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49152 2020-11-13] (Microsoft Corporation) [Arquivo não assinado] S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49584 2022-10-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [455936 2022-10-10] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95496 2022-10-10] (Microsoft Windows -> Microsoft Corporation) R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-09-27] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-10-11 16:45 - 2022-10-11 16:50 - 000029406 _____ C:\Users\Geova\Desktop\FRST.txt 2022-10-11 16:43 - 2022-10-11 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2022-10-11 16:39 - 2022-10-11 16:39 - 000193488 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2022-10-11 16:39 - 2022-10-11 16:39 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2022-10-11 16:39 - 2022-10-11 16:39 - 000075216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2022-10-11 16:26 - 2022-10-11 16:35 - 000007841 _____ C:\Users\Geova\Desktop\Fixlog.txt 2022-10-11 15:28 - 2022-10-11 15:28 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-10-09 16:53 - 2022-10-09 16:53 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk 2022-10-09 16:53 - 2022-10-09 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2022-10-09 16:52 - 2022-10-09 16:52 - 000000000 ____D C:\Program Files\iPod 2022-10-09 16:51 - 2022-10-09 16:52 - 000000000 ____D C:\Program Files\iTunes 2022-10-09 16:49 - 2022-10-09 16:49 - 000000000 ____D C:\Program Files\Bonjour 2022-10-09 16:49 - 2022-10-09 16:49 - 000000000 ____D C:\Program Files (x86)\Bonjour 2022-10-09 15:51 - 2022-10-10 08:43 - 000001272 _____ C:\Users\Geova\Desktop\ESET Online Scanner.lnk 2022-10-09 15:43 - 2022-10-10 08:43 - 000001378 _____ C:\Users\Geova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-10-09 15:43 - 2022-10-09 15:43 - 000000000 ____D C:\Users\Geova\AppData\Local\ESET 2022-10-09 15:42 - 2022-10-09 15:43 - 015274968 _____ (ESET) C:\Users\Geova\Desktop\esetonlinescanner.exe 2022-10-09 15:29 - 2022-10-10 12:57 - 000002702 _____ C:\Users\Geova\Desktop\ESETScan.txt 2022-10-09 14:36 - 2022-10-09 14:36 - 008551216 _____ (ESET) C:\Users\Geova\Desktop\eset_internet_security_live_installer.exe 2022-10-07 21:18 - 2022-10-09 15:47 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-10-06 16:32 - 2022-10-06 16:32 - 000000000 ____D C:\Users\Administrador\AppData\Local\PeerDistRepub 2022-10-06 15:15 - 2022-10-11 16:43 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-10-06 15:15 - 2022-10-11 16:42 - 000000000 ____D C:\Users\Geova\AppData\LocalLow\Mozilla 2022-10-06 15:15 - 2022-10-09 15:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-10-06 15:15 - 2022-10-08 09:08 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-10-06 15:15 - 2022-10-08 09:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-10-06 15:15 - 2022-10-06 15:15 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk 2022-10-06 15:15 - 2022-10-06 15:15 - 000000000 ____D C:\Users\Geova\AppData\Roaming\Mozilla 2022-10-06 15:15 - 2022-10-06 15:15 - 000000000 ____D C:\Users\Geova\AppData\Local\Mozilla 2022-10-06 15:13 - 2022-10-06 15:13 - 000351616 _____ (Mozilla) C:\Users\Geova\Downloads\Firefox Installer.exe 2022-10-06 13:57 - 2022-10-06 13:57 - 000000000 ____D C:\Users\Administrador\AppData\Local\Comms 2022-10-06 13:56 - 2022-10-06 14:22 - 000002404 _____ C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2022-10-06 13:56 - 2022-10-06 13:56 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Teams 2022-10-06 07:54 - 2022-10-11 16:48 - 000000000 ____D C:\FRST 2022-10-06 07:53 - 2022-10-11 15:17 - 002373120 _____ (Farbar) C:\Users\Geova\Desktop\FRST64.exe 2022-10-05 16:47 - 2022-10-05 16:48 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2022-10-05 10:28 - 2022-10-05 10:28 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk 2022-10-05 10:28 - 2022-10-05 10:28 - 000000000 ____D C:\Program Files\CPUID 2022-10-04 18:09 - 2022-10-11 15:17 - 000000000 ____D C:\Users\Geova\Desktop\FRST-OlderVersion 2022-10-04 18:06 - 2022-10-04 18:06 - 000001610 _____ C:\Users\Geova\Desktop\AdwCleaner[C00].txt 2022-10-04 18:02 - 2022-10-04 18:02 - 008791352 _____ (Malwarebytes) C:\Users\Geova\Desktop\adwcleaner (1).exe 2022-10-04 18:01 - 2022-10-04 18:04 - 000000000 ____D C:\AdwCleaner 2022-10-04 17:56 - 2022-10-04 17:56 - 008791352 _____ (Malwarebytes) C:\Users\Geova\Downloads\adwcleaner.exe 2022-10-04 17:43 - 2022-10-10 18:03 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1645501421-473079460-2763751000-500 2022-10-04 17:43 - 2022-10-06 13:57 - 000000000 ____D C:\Users\Administrador\AppData\Local\SquirrelTemp 2022-10-04 17:42 - 2022-10-04 17:42 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Apple Computer 2022-10-04 17:41 - 2022-10-04 17:41 - 000000000 ____D C:\Users\Administrador\AppData\Local\D3DSCache 2022-10-04 17:40 - 2022-10-04 17:40 - 000000000 ____D C:\Users\Administrador\AppData\Local\Publishers 2022-10-04 17:39 - 2022-10-06 14:02 - 000000000 ____D C:\Users\Administrador\AppData\Local\Packages 2022-10-04 17:39 - 2022-10-04 17:39 - 000000000 ___RD C:\Users\Administrador\3D Objects 2022-10-04 17:39 - 2022-10-04 17:39 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Adobe 2022-10-04 17:39 - 2022-10-04 17:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\NVIDIA 2022-10-04 17:39 - 2022-10-04 17:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\Google 2022-10-04 17:38 - 2022-10-04 17:39 - 000000000 ____D C:\Users\Administrador\AppData\Local\ConnectedDevicesPlatform 2022-10-04 17:38 - 2022-10-04 17:39 - 000000000 ____D C:\Users\Administrador 2022-10-04 17:38 - 2022-10-04 17:38 - 000000020 ___SH C:\Users\Administrador\ntuser.ini 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\Modelos 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\Meus Documentos 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\Menu Iniciar 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\Documents\Minhas Músicas 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\Documents\Minhas Imagens 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\Documents\Meus Vídeos 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\Dados de Aplicativos 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\Configurações Locais 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Histórico 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\AppData\Local\Dados de Aplicativos 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\Ambiente de Rede 2022-10-04 17:38 - 2022-10-04 17:38 - 000000000 _SHDL C:\Users\Administrador\Ambiente de Impressão 2022-10-04 17:38 - 2022-07-13 14:40 - 000000000 ___RD C:\Users\Administrador\OneDrive 2022-10-03 09:26 - 2022-10-03 09:27 - 000459506 _____ C:\Users\Geova\Desktop\Fatura_Visa_100254998352_10-2022.pdf 2022-10-02 17:17 - 2022-10-03 09:22 - 000000000 ____D C:\Users\Geova\AppData\Local\Discord 2022-10-02 17:17 - 2022-10-02 17:19 - 000000000 ____D C:\Users\Geova\AppData\Roaming\discord 2022-10-02 17:17 - 2022-10-02 17:17 - 000002227 _____ C:\Users\Geova\Desktop\Discord.lnk 2022-10-01 15:26 - 2022-10-11 16:37 - 098828288 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-10-01 15:14 - 2022-10-01 15:26 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2022-09-30 18:04 - 2022-09-30 18:05 - 000145842 _____ C:\Users\Geova\Desktop\FdC-y8NX0AIUkLl.jpeg 2022-09-27 23:17 - 2022-09-28 05:18 - 000000000 ____D C:\KVRT2020_Data 2022-09-27 23:16 - 2022-09-27 23:17 - 121528888 _____ (AO Kaspersky Lab) C:\Users\Geova\Downloads\KVRT.exe 2022-09-27 23:15 - 2022-09-27 23:15 - 000000308 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{B5C62141-169B-417D-BE19-D9483CD76FA9}.job 2022-09-27 23:12 - 2022-09-27 23:12 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2022-09-27 23:09 - 2022-09-27 23:09 - 000000000 ____D C:\WINDOWS\pss 2022-09-27 17:43 - 2022-09-27 17:43 - 000000000 ____D C:\Users\Geova\AppData\Local\mbam 2022-09-27 17:42 - 2022-09-29 16:17 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-09-27 17:42 - 2022-09-27 17:42 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-09-27 17:42 - 2022-09-27 17:42 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-09-27 17:42 - 2022-09-27 17:41 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-09-27 17:42 - 2022-09-27 17:41 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-09-27 17:41 - 2022-09-27 17:41 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-09-27 17:41 - 2022-09-27 17:41 - 000000000 ____D C:\Program Files\Malwarebytes 2022-09-27 17:39 - 2022-09-27 17:39 - 002638472 _____ (Malwarebytes) C:\Users\Geova\Downloads\MBSetup (1).exe 2022-09-27 17:20 - 2022-09-27 23:07 - 000000106 _____ C:\Users\Geova\Desktop\LINK.txt 2022-09-27 16:34 - 2022-09-27 16:34 - 000029680 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\wintun.sys 2022-09-23 22:38 - 2022-09-23 22:38 - 000000000 ____D C:\Users\Geova\AppData\Local\Yandex 2022-09-22 13:16 - 2022-10-04 17:44 - 000000000 ____D C:\Users\Geova\Documents\Arquivos do Outlook 2022-09-16 17:04 - 2022-09-16 17:04 - 000027056 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_238834533790841.dll 2022-09-13 19:59 - 2022-09-13 19:59 - 000011813 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-09-13 19:58 - 2022-09-13 19:58 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll 2022-09-13 19:58 - 2022-09-13 19:58 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2022-09-13 19:58 - 2022-09-13 19:58 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-09-13 19:57 - 2022-09-13 19:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-09-13 18:39 - 2022-09-13 18:39 - 000000000 ___HD C:\$WinREAgent 2022-09-11 16:08 - 2022-09-11 16:08 - 000003067 _____ C:\Users\Geova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Last.fm Desktop Scrobbler.lnk 2022-09-11 16:08 - 2022-09-11 16:08 - 000000000 ____D C:\Program Files (x86)\Last.fm 2022-09-11 14:30 - 2022-09-11 14:30 - 000001636 _____ C:\Users\Public\Desktop\4Videosoft Video Converter.lnk 2022-09-11 14:30 - 2022-09-11 14:30 - 000000000 ____D C:\Users\Geova\Documents\4Videosoft Studio 2022-09-11 14:30 - 2022-09-11 14:30 - 000000000 ____D C:\Users\Geova\AppData\Roaming\NVIDIA 2022-09-11 14:30 - 2022-09-11 14:30 - 000000000 ____D C:\Users\Geova\AppData\Local\4Videosoft Studio 2022-09-11 14:30 - 2022-09-11 14:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Videosoft 2022-09-11 14:30 - 2022-09-11 14:30 - 000000000 ____D C:\ProgramData\4Videosoft Studio 2022-09-11 14:30 - 2022-09-11 14:30 - 000000000 ____D C:\Program Files (x86)\4Videosoft Studio 2022-09-11 14:29 - 2022-09-11 14:29 - 051452024 _____ (4Videosoft Studio ) C:\Users\Geova\Downloads\ts-converter.exe 2022-09-11 14:26 - 2022-09-11 14:29 - 000000000 ____D C:\Users\Geova\AppData\Roaming\vlc 2022-09-11 14:25 - 2022-09-11 14:25 - 000001139 _____ C:\Users\Public\Desktop\VLC media player.lnk 2022-09-11 14:24 - 2022-09-11 14:24 - 042075856 _____ C:\Users\Geova\Downloads\vlc-3.0.17.4-win32.exe 2022-09-11 14:24 - 2022-09-11 14:24 - 000000000 ____D C:\Program Files (x86)\VideoLAN ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-10-11 16:42 - 2022-07-31 00:05 - 000000000 ____D C:\Users\Geova\AppData\Local\CrashDumps 2022-10-11 16:42 - 2022-07-12 17:51 - 000000000 ____D C:\Users\Geova\AppData\Roaming\opgg-electron-app 2022-10-11 16:42 - 2022-07-11 19:38 - 000000000 ____D C:\Program Files (x86)\Google 2022-10-11 16:40 - 2022-07-11 15:00 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-11 16:38 - 2022-07-11 15:54 - 000000000 ____D C:\ProgramData\NVIDIA 2022-10-11 16:38 - 2022-07-11 15:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-10-11 16:38 - 2021-03-13 05:45 - 000008192 ___SH C:\DumpStack.log.tmp 2022-10-11 16:37 - 2022-07-11 14:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2022-10-11 16:33 - 2022-07-11 15:06 - 000758962 _____ C:\WINDOWS\system32\prfh0416.dat 2022-10-11 16:33 - 2022-07-11 15:06 - 000147908 _____ C:\WINDOWS\system32\prfc0416.dat 2022-10-11 16:12 - 2022-07-11 15:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-10-11 13:00 - 2022-07-13 11:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee 2022-10-11 12:15 - 2022-07-11 15:00 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-11 12:15 - 2022-07-11 15:00 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-10-10 23:03 - 2022-08-27 14:47 - 000000000 ____D C:\Program Files (x86)\Steam 2022-10-10 22:43 - 2022-07-11 15:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-10-10 22:13 - 2022-07-13 14:51 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-10-10 18:03 - 2022-07-13 14:40 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2022-10-10 18:03 - 2022-07-13 14:39 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-10-10 18:03 - 2022-07-12 17:56 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1645501421-473079460-2763751000-1001 2022-10-10 18:00 - 2022-07-12 14:18 - 000000000 ____D C:\ProgramData\Riot Games 2022-10-10 15:10 - 2022-08-08 13:03 - 000000000 ____D C:\Users\Geova\AppData\Roaming\Telegram Desktop 2022-10-09 18:08 - 2022-09-09 21:09 - 000000000 ____D C:\Users\Geova\AppData\Roaming\Apple Music 2022-10-09 15:45 - 2022-07-11 15:00 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-10-09 15:45 - 2022-07-11 14:59 - 000000000 ____D C:\WINDOWS\INF 2022-10-08 15:34 - 2022-07-11 14:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-10-08 09:10 - 2021-03-13 05:58 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-10-08 09:10 - 2021-03-13 05:58 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2022-10-07 17:04 - 2022-07-11 17:31 - 000000000 ____D C:\Users\Geova\AppData\Local\D3DSCache 2022-10-07 00:00 - 2022-07-11 16:04 - 000000000 ____D C:\Users\Geova 2022-10-06 13:57 - 2022-07-11 15:00 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-10-06 12:30 - 2021-07-20 22:12 - 000000000 ____D C:\Users\Geova\AppData\LocalLow\Temp 2022-10-06 12:15 - 2022-09-08 22:07 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2022-10-06 08:04 - 2021-04-24 14:43 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-10-06 08:04 - 2021-04-24 14:43 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2022-10-05 16:47 - 2022-08-30 18:31 - 000000000 ____D C:\Users\Geova\AppData\Roaming\EasyAntiCheat 2022-10-05 09:55 - 2022-07-12 16:59 - 000000000 ____D C:\Users\Geova\AppData\Local\PlaceholderTileLogoFolder 2022-10-04 18:30 - 2022-07-11 17:09 - 000000000 ____D C:\ProgramData\Packages 2022-10-04 18:30 - 2022-07-11 17:07 - 000000000 ____D C:\Users\Geova\AppData\Local\Packages 2022-10-04 17:45 - 2021-03-13 13:22 - 000000000 ___RD C:\Users\Geova\OneDrive 2022-10-04 17:39 - 2022-07-11 15:00 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-10-04 17:39 - 2021-03-13 13:19 - 000000000 __RHD C:\Users\Public\AccountPictures 2022-10-02 17:17 - 2022-07-13 14:47 - 000000000 ____D C:\Users\Geova\AppData\Local\SquirrelTemp 2022-10-02 17:17 - 2021-04-05 01:01 - 000000000 ____D C:\Users\Geova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2022-10-01 15:28 - 2022-07-13 11:50 - 000000000 ____D C:\Program Files (x86)\McAfee 2022-09-30 22:56 - 2022-07-25 19:08 - 000000000 ____D C:\Users\Geova\AppData\Local\Apple Computer 2022-09-30 18:35 - 2022-07-13 11:48 - 000000000 ____D C:\Program Files\Common Files\McAfee 2022-09-30 18:33 - 2022-07-13 11:54 - 000003300 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon 2022-09-30 18:33 - 2022-07-13 11:50 - 000000000 ____D C:\Program Files\McAfee 2022-09-30 17:55 - 2022-07-13 14:26 - 000000000 ____D C:\Program Files\Microsoft Office 2022-09-29 15:30 - 2022-07-15 12:11 - 000000000 ____D C:\Users\Geova\AppData\Local\BitTorrentHelper 2022-09-27 16:35 - 2022-07-13 11:47 - 000000000 ____D C:\ProgramData\McAfee 2022-09-27 16:34 - 2022-03-08 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portugol Studio 2022-09-27 16:34 - 2021-11-11 18:36 - 000002217 _____ C:\Users\Geova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2022-09-27 16:34 - 2021-05-24 01:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer 2022-09-27 16:34 - 2021-05-10 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClownfishVoiceChanger 2022-09-27 16:34 - 2021-05-06 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2022-09-27 16:34 - 2021-04-01 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8 2022-09-27 16:34 - 2021-04-01 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2022-09-27 16:34 - 2021-03-31 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Havit Audio Center 2022-09-27 16:34 - 2021-03-23 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Instagiffer 2022-09-15 02:25 - 2022-07-13 11:48 - 001168952 _____ (McAfee, LLC) C:\WINDOWS\system32\mfevtps.exe 2022-09-15 02:25 - 2022-02-09 13:57 - 000920128 _____ (Trellix US LLC.) C:\WINDOWS\system32\Drivers\mfehidk.sys 2022-09-15 02:25 - 2022-02-09 13:57 - 000476224 _____ (Trellix US LLC.) C:\WINDOWS\system32\Drivers\mfeaack.sys 2022-09-15 02:25 - 2022-02-09 13:57 - 000445504 _____ (Trellix US LLC.) C:\WINDOWS\system32\Drivers\mfefirek.sys 2022-09-15 02:25 - 2022-02-09 13:57 - 000349760 _____ (Trellix US LLC.) C:\WINDOWS\system32\Drivers\mfeavfk.sys 2022-09-15 02:25 - 2022-02-09 13:57 - 000234584 _____ (Trellix US LLC.) C:\WINDOWS\system32\Drivers\mfewfpk.sys 2022-09-15 02:25 - 2022-02-09 13:57 - 000112712 _____ (Trellix US LLC.) C:\WINDOWS\system32\Drivers\mfeplk.sys 2022-09-15 02:25 - 2022-02-09 13:57 - 000084440 _____ (Trellix US LLC.) C:\WINDOWS\system32\Drivers\mfeelamk.sys 2022-09-15 02:25 - 2022-02-09 13:57 - 000077888 _____ (Trellix US LLC.) C:\WINDOWS\system32\Drivers\cfwids.sys 2022-09-14 12:07 - 2022-07-11 16:27 - 001741820 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-09-14 00:20 - 2022-07-11 15:35 - 000438888 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-09-14 00:16 - 2022-07-11 15:00 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-09-14 00:16 - 2022-07-11 15:00 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-09-14 00:16 - 2022-07-11 15:00 - 000000000 ____D C:\WINDOWS\SystemResources 2022-09-14 00:16 - 2022-07-11 15:00 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-09-14 00:16 - 2022-07-11 15:00 - 000000000 ____D C:\WINDOWS\system32\setup 2022-09-14 00:16 - 2022-07-11 15:00 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-09-14 00:16 - 2022-07-11 15:00 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-09-14 00:15 - 2022-07-11 15:00 - 000000000 ____D C:\WINDOWS\Provisioning 2022-09-14 00:15 - 2022-07-11 15:00 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-09-14 00:15 - 2022-07-11 15:00 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-09-13 20:10 - 2022-07-11 14:52 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-09-13 19:56 - 2022-07-11 15:54 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-09-13 17:36 - 2022-08-31 17:04 - 000000000 ____D C:\Users\Geova\Documents\ENEM 2022-09-13 17:01 - 2022-07-14 10:52 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-09-13 16:44 - 2022-07-14 10:51 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Arquivos na raiz de alguns diretórios ======== 2022-07-12 15:16 - 2022-07-12 15:16 - 000000003 _____ () C:\Users\Geova\AppData\Local\updater.log 2022-07-12 15:16 - 2022-07-12 15:16 - 000000424 _____ () C:\Users\Geova\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================