Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-12-2022 Executado por pc (administrador) em DESKTOP-AP76TOC (ASUSTeK Computer Inc. K42F) (05-01-2023 11:10:09) Executando a partir de C:\Users\pc\Downloads Perfis Carregados: pc Plataforma: Microsoft Windows 10 Pro Versão 21H2 19044.2364 (X64) Idioma: Português (Brasil) Navegador padrão: Edge Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files\snba\nbmss.exe ->) (Gamsoft Sistemas de Informação Ltda. -> ) C:\Program Files\snba\nbage.exe (C:\Program Files\snba\nbmss.exe ->) (Gamsoft Sistemas de Informação Ltda. -> ) C:\Program Files\snba\nbblo.exe (C:\Program Files\snba\nbmss.exe ->) (Gamsoft Sistemas de Informação Ltda. -> ) C:\Program Files\snba\nbmon.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe (C:\Users\pc\AppData\Roaming\TeraBox\chromenativemessaginghost.exe ->) (FLEXTECH INC. -> Flextech Inc.) C:\Users\pc\AppData\Roaming\TeraBox\terabox.exe (C:\Users\pc\AppData\Roaming\TeraBox\terabox.exe ->) (FLEXTECH INC. -> Flextech Inc.) C:\Users\pc\AppData\Roaming\TeraBox\teraboxhost.exe <2> (C:\Users\pc\AppData\Roaming\TeraBox\terabox.exe ->) (FLEXTECH INC. -> Flextech Inc.) C:\Users\pc\AppData\Roaming\TeraBox\teraboxrender.exe <2> (C:\Users\pc\AppData\Roaming\TeraBox\terabox.exe ->) (FLEXTECH INC. -> Flextech Inc.) C:\Users\pc\AppData\Roaming\TeraBox\teraboxwebservice.exe (cmd.exe ->) (FLEXTECH INC. -> ) C:\Users\pc\AppData\Roaming\TeraBox\chromenativemessaginghost.exe (explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <29> (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe (services.exe ->) (Gamsoft Sistemas de Informação Ltda. -> ) C:\Program Files\snba\nbhss.exe (services.exe ->) (Gamsoft Sistemas de Informação Ltda. -> ) C:\Program Files\snba\nbmss.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe (services.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe (services.exe ->) (Qustodio Technologies SL -> Qustodio Technologies) C:\Program Files (x86)\Qustodio\qproxy\qengine.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [QAppTray] => C:\Program Files (x86)\Qustodio\qapp\QAppTray.exe [5817888 2022-09-23] (Qustodio Technologies SL -> Qustodio Technologies) HKLM-x32\...\Run: [] => [X] HKLM\...\RunOnce: [!DelFileOnNextRebootAv avkmgr] => CMD /C DEL /F /Q "C:\Windows\system32\drivers\avkmgr*.av.old" (Nenhum Arquivo) HKLM\...\RunOnce: [!DelFileOnNextRebootAv avipbb] => CMD /C DEL /F /Q "C:\Windows\system32\drivers\avipbb*.av.old" (Nenhum Arquivo) HKLM\...\RunOnce: [!DelFileOnNextRebootAv avgntflt] => CMD /C DEL /F /Q "C:\Windows\system32\drivers\avgntflt*.av.old" (Nenhum Arquivo) HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o (Nenhum Arquivo) HKU\S-1-5-21-2273827914-2714859868-4238975439-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [49496 2022-07-03] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-2273827914-2714859868-4238975439-1001\...\Run: [MicrosoftEdgeAutoLaunch_72FC07CE8FBC282A90F28F3BD5668C8E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2273827914-2714859868-4238975439-1001\...\Run: [] => [X] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-15] (Google LLC -> Google LLC) BootExecute: autocheck autochk * ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {026AD9E6-54FD-4CD1-B9AF-E9E6F99A791B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {058218E7-3F5B-4BEF-9744-C7CA2D251CFB} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [21127512 2022-07-23] (Goversoft LLC -> Goversoft LLC) Task: {0F76141C-6D76-43E3-ABA1-336ED9572CA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1040AA2A-788E-4C62-AD25-9C89E9757BE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1EB41696-B5C4-4BCD-BB8C-5103BC999BE5} - System32\Tasks\GoogleUpdateTaskMachineCore{5C3CD016-EE44-448E-9401-AD24FFE2FE78} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-07-20] (Google LLC -> Google LLC) Task: {244C291A-B79F-48F9-808D-BCB97C1E7E09} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {32073318-7465-4B11-9113-A7DB001B85CB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-18] (Microsoft Corporation -> Microsoft Corporation) Task: {523D9FC6-236C-44AB-943D-09ECB0861026} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-18] (Microsoft Corporation -> Microsoft Corporation) Task: {68F450C7-139F-4466-A0CF-9EDA355D1792} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-18] (Microsoft Corporation -> Microsoft Corporation) Task: {69843C0A-FC4D-45AA-B2C0-6EA7F6849BF9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Nenhum Arquivo) Task: {7B9C8965-C49F-4EE9-A328-37B984E29220} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-18] (Microsoft Corporation -> Microsoft Corporation) Task: {7F1D972C-D2CD-419E-BC80-36EA469D38CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {880CDDCC-CDA9-4792-8F5E-ECED44E31A72} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {9FEF0A77-D9A6-44E4-AFA8-58BD226544EA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-10] (Microsoft Corporation -> Microsoft Corporation) Task: {BB75B137-1334-49CD-A4DA-723384850C83} - System32\Tasks\GoogleUpdateTaskMachineUA{CF8B9B22-D8E7-4C0D-9C17-412BCDE47C85} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-07-20] (Google LLC -> Google LLC) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.18.1 8.8.8.8 Tcpip\..\Interfaces\{57f0de33-819b-4008-adc0-fdebdd94c86e}: [NameServer] 185.228.168.10,185.228.169.11 Tcpip\..\Interfaces\{57f0de33-819b-4008-adc0-fdebdd94c86e}: [DhcpNameServer] 192.168.18.1 8.8.8.8 Tcpip\..\Interfaces\{6a920497-7d54-4ce0-8a9c-6d2f55142cc9}: [NameServer] 185.228.168.10,185.228.169.11 Tcpip\..\Interfaces\{6a920497-7d54-4ce0-8a9c-6d2f55142cc9}: [DhcpNameServer] 192.168.18.1 8.8.8.8 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\pc\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-05] Edge Notifications: Default -> hxxps://guiadoestudante.abril.com.br; hxxps://meet.google.com Edge Extension: (TeraBox Download Assistant) - C:\Users\pc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2022-12-30] Edge Extension: (Absolute Enable Right Click & Copy) - C:\Users\pc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\enkbbdhdmbpfohfkfmdmjkpmolkbelgl [2022-10-20] Edge Extension: (PiP - Picture in Picture Plus) - C:\Users\pc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gokdpnhaggoioddclnnlpjfnkdinjjcc [2022-09-19] Edge Extension: (Limpar histórico e cache da Web) - C:\Users\pc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ojilnhojiihncgjnnpphppnmflflhbcg [2022-07-25] Edge Extension: (Bloqueador de anúncio do AdGuard) - C:\Users\pc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2022-12-22] Edge HKU\S-1-5-21-2273827914-2714859868-4238975439-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\pc\AppData\Roaming\TeraBox\terabox_ext_chrome.crx [2022-12-09] Edge HKU\S-1-5-21-2273827914-2714859868-4238975439-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default [2023-01-05] CHR Extension: (Bloqueador de anúncio do AdGuard) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2022-12-30] CHR Extension: (Limpar histórico, cache e cookies do Chrome ™) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cakkgjilijphcjidigenbhegiajbaocp [2022-08-20] CHR Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-12-30] CHR Extension: (TeraBox Download Assistant) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2022-12-30] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-21] CHR HKU\S-1-5-21-2273827914-2714859868-4238975439-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\pc\AppData\Roaming\TeraBox\terabox_ext_chrome.crx [2022-12-09] CHR HKLM-x32\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\pc\AppData\Roaming\TeraBox\terabox_ext_chrome.crx [2022-12-09] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12540928 2022-12-18] (Microsoft Corporation -> Microsoft Corporation) R2 DpsiBSvc; c:\program files\snba\nbhss.exe [2841104 2022-06-20] (Gamsoft Sistemas de Informação Ltda. -> ) S2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [883544 2022-07-03] (Glarysoft LTD -> Glarysoft Ltd) S3 GUPMService; C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe [74064 2022-07-03] (Glarysoft LTD -> Glarysoft Ltd) R2 qengine; C:\Program Files (x86)\Qustodio\qproxy\qengine.exe [5621288 2022-09-22] (Qustodio Technologies SL -> Qustodio Technologies) R2 qupdate; C:\Program Files (x86)\Qustodio\qapp\QUpdateService.exe [2348064 2022-09-23] (Qustodio Technologies SL -> Qustodio Technologies) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2022-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SL2Svc; c:\program files\snba\nbmss.exe [9761808 2022-06-20] (Gamsoft Sistemas de Informação Ltda. -> ) S3 TeraBoxUtility; C:\Users\pc\AppData\Roaming\TeraBox\YunUtilityService.exe [113520 2023-01-03] (FLEXTECH INC. -> Flextech Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [30720 2022-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd) R3 NETJME; C:\Windows\System32\drivers\NETJME.sys [137728 2019-12-07] (Microsoft Windows -> JMicron Technology Corp.) R1 qwdf64; C:\Windows\system32\Drivers\qwdf64.sys [41872 2022-06-28] (Qustodio Technologies, SL -> Qustodio Technologies) R1 qwdr64; C:\Windows\system32\Drivers\qwdr64.sys [55696 2022-06-28] (Qustodio Technologies, SL -> Qustodio Technologies) R2 qwfp; C:\Windows\system32\Drivers\qwfp64.sys [47640 2022-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Qustodio Technologies) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-01-05 11:10 - 2023-01-05 11:11 - 000017518 _____ C:\Users\pc\Downloads\FRST.txt 2023-01-05 11:09 - 2023-01-05 11:10 - 000000000 ____D C:\FRST 2023-01-05 11:08 - 2023-01-05 11:08 - 002376192 _____ (Farbar) C:\Users\pc\Downloads\FRST64.exe 2023-01-05 11:05 - 2023-01-05 11:05 - 000002272 _____ C:\Users\pc\Desktop\AdwCleaner[C01].txt 2023-01-05 11:03 - 2023-01-05 11:03 - 008791352 _____ (Malwarebytes) C:\Users\pc\Downloads\adwcleaner.exe 2023-01-05 10:49 - 2023-01-05 10:49 - 002542312 _____ (Malwarebytes) C:\Users\pc\Downloads\ (1).exe 2023-01-05 10:48 - 2023-01-05 10:48 - 001385160 _____ () C:\Users\pc\Downloads\Baixaki_Malwarebytes Anti-Malware_v4.160.750.60.4.exe 2023-01-05 10:44 - 2023-01-05 10:44 - 002542312 _____ (Malwarebytes) C:\Users\pc\Downloads\.exe 2023-01-05 10:43 - 2023-01-05 10:43 - 001385160 _____ () C:\Users\pc\Downloads\Baixaki_Malwarebytes Anti-Malware_v4.16.07.506.04.exe 2023-01-05 10:37 - 2022-12-13 12:21 - 000046704 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys.20231134630273.av.old 2023-01-05 10:35 - 2023-01-05 10:35 - 000000000 ____D C:\Users\pc\AppData\Local\GUI 2023-01-05 09:35 - 2023-01-05 11:05 - 000000000 ____D C:\AdwCleaner 2023-01-05 09:32 - 2023-01-05 09:32 - 000000000 ____D C:\Program Files\Malwarebytes 2023-01-05 09:31 - 2023-01-05 09:31 - 002542312 _____ (Malwarebytes) C:\Users\pc\Downloads\MBSetup.exe 2023-01-01 20:07 - 2023-01-01 20:07 - 050927071 _____ C:\Users\pc\Downloads\MABOM - APH.pdf 2022-12-30 23:07 - 2022-12-30 23:07 - 000000000 ____D C:\TeraBoxDownload 2022-12-30 23:06 - 2022-12-30 23:06 - 000000913 _____ C:\Users\pc\Desktop\TeraBox.lnk 2022-12-30 23:06 - 2022-12-30 23:06 - 000000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeraBox 2022-12-30 23:05 - 2023-01-04 21:38 - 000000000 ____D C:\Users\pc\AppData\Roaming\TeraBox 2022-12-19 19:54 - 2022-12-19 19:54 - 000000000 ____D C:\Users\pc\Downloads\Originals 2022-12-19 16:15 - 2022-12-19 16:15 - 000902312 _____ C:\Users\pc\Downloads\MARTINS, M. Z. - A INFLUÊNCIA DO USO DA PORNOGRAFIA VIRTUAL NO DESEMPENHO SEXUAL E [...].pdf 2022-12-19 16:15 - 2022-12-19 16:15 - 000782477 _____ C:\Users\pc\Downloads\TCC Pornografia Oficial-Versão Final_Ana Luisa Pires Padu.pdf 2022-12-15 17:13 - 2022-12-15 17:15 - 1644087116 _____ C:\Users\pc\Downloads\Web Aula - Tratamento das Disfunções Sexuais Masculinas e Femininas - 2º Dia.mp4 2022-12-15 14:52 - 2022-12-15 14:54 - 1392862091 _____ C:\Users\pc\Downloads\Web Aula - Tratamento das Disfunções Sexuais Masculinas e Femininas - 1º Dia.mp4 2022-12-13 19:28 - 2022-12-13 19:28 - 000000000 ___HD C:\$WinREAgent 2022-12-12 11:31 - 2022-12-12 11:31 - 000374004 _____ C:\Users\pc\Downloads\Davidson Jones Guimarães_certificado (1).pdf 2022-12-12 11:29 - 2022-12-12 11:29 - 000659807 _____ C:\Users\pc\Downloads\Davidson Jones Guimarães_certificado.pdf 2022-12-10 08:16 - 2023-01-02 06:31 - 000000000 ____D C:\Users\pc\AppData\Local\CrashDumps ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-01-05 11:12 - 2022-07-25 08:02 - 000013104 _____ C:\Windows\SysWOW64\qengineOff.ini 2023-01-05 11:12 - 2022-07-25 08:02 - 000013104 _____ C:\Windows\system32\qengineOff.ini 2023-01-05 11:07 - 2022-08-02 14:30 - 000000000 ____D C:\ProgramData\Qustodio 2023-01-05 11:05 - 2022-06-20 09:32 - 000000000 ___HD C:\Program Files\snba 2023-01-05 10:46 - 2019-12-07 06:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2023-01-05 10:16 - 2019-12-07 04:00 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-01-05 09:34 - 2022-07-20 17:43 - 000000000 ____D C:\Program Files (x86)\Google 2023-01-05 09:21 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-01-05 08:31 - 2019-12-07 11:53 - 000715644 _____ C:\Windows\system32\prfh0416.dat 2023-01-05 08:31 - 2019-12-07 11:53 - 000140800 _____ C:\Windows\system32\prfc0416.dat 2023-01-05 08:31 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF 2023-01-05 08:31 - 2019-12-07 04:09 - 001651882 _____ C:\Windows\system32\PerfStringBackup.INI 2023-01-05 08:24 - 2022-07-25 08:02 - 000000000 ____D C:\ProgramData\boost_interprocess 2023-01-05 08:24 - 2019-12-07 04:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-01-05 08:23 - 2019-12-07 04:00 - 000008192 ___SH C:\DumpStack.log.tmp 2023-01-04 23:16 - 2019-12-07 06:03 - 000262144 _____ C:\Windows\system32\config\BBI 2023-01-04 22:03 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-01-04 22:03 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness 2023-01-04 21:47 - 2019-12-07 04:01 - 000003674 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-01-04 21:47 - 2019-12-07 04:01 - 000003550 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-01-02 06:20 - 2022-06-20 09:29 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2023-01-02 06:20 - 2022-06-20 09:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2023-01-02 06:19 - 2022-07-15 17:40 - 000000000 ____D C:\Users\pc\AppData\Roaming\uTorrent Web 2023-01-02 06:09 - 2022-08-16 18:47 - 000000000 ____D C:\Users\pc\AppData\Local\BitTorrentHelper 2022-12-30 22:33 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\LiveKernelReports 2022-12-30 20:37 - 2022-08-29 10:17 - 000000000 ____D C:\Users\pc\AppData\Roaming\vlc 2022-12-27 19:29 - 2022-07-20 17:43 - 000000000 ____D C:\Program Files\Google 2022-12-27 08:48 - 2019-12-07 04:05 - 000000000 ____D C:\Users\pc 2022-12-19 19:52 - 2022-08-24 16:06 - 000057344 ____H C:\Users\pc\Downloads\photothumb.db 2022-12-19 14:59 - 2019-12-07 04:05 - 000000000 ____D C:\Users\pc\AppData\Local\Packages 2022-12-19 11:52 - 2022-08-25 18:38 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk 2022-12-18 09:45 - 2019-12-07 04:01 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-12-18 09:43 - 2022-06-18 11:25 - 000000000 ____D C:\Program Files\Microsoft Office 2022-12-17 06:10 - 2022-07-15 17:40 - 000001864 _____ C:\Users\pc\Desktop\uTorrent Web.lnk 2022-12-17 06:10 - 2022-07-15 17:40 - 000001850 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk 2022-12-15 20:17 - 2022-07-20 17:44 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-12-14 23:42 - 2022-09-18 10:51 - 000304248 _____ C:\Windows\system32\FNTCACHE.DAT 2022-12-14 23:41 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ___SD C:\Windows\system32\UNP 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemResources 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemApps 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\WinMetadata 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\lv-LV 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\lt-LT 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\et-EE 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\es-MX 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\Dism 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\Provisioning 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\bcastdvr 2022-12-14 23:41 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\System 2022-12-13 19:44 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp 2022-12-13 19:38 - 2019-12-07 04:05 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2022-12-13 19:11 - 2022-06-20 11:50 - 000000000 ____D C:\Windows\system32\MRT 2022-12-13 19:07 - 2022-06-20 11:50 - 148633544 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2022-12-10 14:08 - 2022-06-18 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2022-12-09 06:25 - 2022-06-24 20:06 - 000000000 ____D C:\Users\pc\AppData\Local\ElevatedDiagnostics 2022-12-09 06:06 - 2019-12-07 04:00 - 000000000 ____D C:\Windows\system32\Drivers\wd ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================