Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 26-04-2023 Executado por icaro (administrador) em ICAROGLESTMAN (Dell Inc. G3 3590) (27-04-2023 18:11:53) Executando a partir de C:\Users\icaro\OneDrive\Área de Trabalho\FRST64.exe Perfis Carregados: icaro Plataforma: Microsoft Windows 11 Pro Versão 22H2 22621.1555 (X64) Idioma: Português (Brasil) Navegador padrão: Opera Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Users\icaro\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\icaro\AppData\Local\Programs\Opera GX\97.0.4719.89\opera_crashreporter.exe (explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe (explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe (Opera Norway AS -> Opera Software) C:\Users\icaro\AppData\Local\Programs\Opera GX\opera.exe <22> (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmig.inf_amd64_f1f00df48246f9a3\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Panda Security S.L. -> Panda Security S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe (services.exe ->) (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (services.exe ->) (Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (services.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe [1376856 2021-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [9926928 2023-03-03] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088752 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.) HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [186984 2022-11-02] (Panda Security S.L. -> Panda Security, S.L.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\73.0.4.0\GoogleDriveFS.exe [53181720 2023-04-10] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\73.0.4.0\GoogleDriveFS.exe [53181720 2023-04-10] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2631048 2023-04-24] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [Microsoft Edge Update] => C:\Users\icaro\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\MicrosoftEdgeUpdateCore.exe [263584 2023-04-05] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [Opera GX Stable] => C:\Users\icaro\AppData\Local\Programs\Opera GX\launcher.exe [2623896 2023-04-24] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37101520 2023-04-25] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5922056 2023-03-22] (Tonec Inc. -> Tonec Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\73.0.4.0\GoogleDriveFS.exe [53181720 2023-04-10] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\icaro\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\icaro\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [157858648 2023-03-11] (Bluestack Systems, Inc -> now.gg, Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [MicrosoftEdgeAutoLaunch_C5E1BBBC7F11E5A155071EC9E04DC8C2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139968 2023-04-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2422557223-345917283-3410814111-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\73.0.4.0\GoogleDriveFS.exe [53181720 2023-04-10] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2631048 2023-04-24] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\73.0.4.0\GoogleDriveFS.exe [53181720 2023-04-10] (Google LLC -> Google, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.138\Installer\chrmstp.exe [2023-04-20] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\Installer\chrmstp.exe [2023-04-20] (Brave Software, Inc. -> Brave Software, Inc.) ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {021B3F1A-2CE3-4626-A8E3-568C50E99C5C} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1675986748 => C:\Users\icaro\AppData\Local\Programs\Opera GX\launcher.exe [2623896 2023-04-24] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\icaro\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {25B86A55-4A45-473D-B368-C3ADB294A275} - não caminho do arquivo Task: {3A9F174D-4E9C-4901-8200-06C66B897235} - System32\Tasks\Opera GX scheduled Autoupdate 1673134739 => C:\Users\icaro\AppData\Local\Programs\Opera GX\launcher.exe [2623896 2023-04-24] (Opera Norway AS -> Opera Software) Task: {4F40AB21-157F-4E13-9556-37B43A9275DE} - System32\Tasks\GoogleUpdateTaskMachineCore{BBAE6754-E8AA-4BD4-BE11-4D519457843F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-07] (Google LLC -> Google LLC) Task: {6271FF1F-5FD2-437C-9B5B-E00F9DE92B71} - System32\Tasks\GoogleUpdateTaskMachineUA{B8C7E393-6515-41DF-B597-6B5433C7B0F4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-07] (Google LLC -> Google LLC) Task: {64B973D2-6392-4434-82F2-73FEB921D294} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2422557223-345917283-3410814111-1001UA{FEB09405-67F3-4D07-AD6C-2487DA9254EA} => C:\Users\icaro\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-01-07] (Microsoft Corporation -> Microsoft Corporation) Task: {6AFEA625-2039-4D0E-B9F2-0089E1A15742} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-24] (Microsoft Corporation -> Microsoft Corporation) Task: {71CEC012-0E29-4844-8144-E62D7ADAA028} - System32\Tasks\Uninstaller_SkipUac_icaro => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [9396232 2022-12-23] (IObit CO., LTD -> IObit) Task: {92DA46CF-48C2-4644-83DC-8E5FA1A62985} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1098400 ] (A-Volute SAS -> Nahimic) Task: {B278F510-2471-498B-A822-56E55BFB5E9B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2023-03-19] (Now.gg, INC -> BlueStack Systems, Inc.) Task: {C42E4BD3-CA05-4965-83EC-AB9712EC813A} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [837280 ] (A-Volute SAS -> Nahimic) Task: {C56DCF1B-1651-4FAE-AE94-FC2B00CC9B9F} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{9C3F9592-B218-427B-B7F7-9E501A4B77DC} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2023-01-07] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {D83ACBF0-7A80-4477-B32F-7AB1B1E30B32} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2422557223-345917283-3410814111-1001Core{C3FF36DD-D925-4848-97F5-70922C91FDCB} => C:\Users\icaro\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-01-07] (Microsoft Corporation -> Microsoft Corporation) Task: {DA47EBFB-CBDE-42FA-AEBF-371320F86B2B} - não caminho do arquivo Task: {E1EA489B-6251-468C-90FD-32E51F26CDB5} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2422557223-345917283-3410814111-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-24] (Microsoft Corporation -> Microsoft Corporation) Task: {E8ADF653-D6BF-41A3-A33C-9932AD001B62} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{95755AE1-A896-4C19-ACA0-16D5226ADB14} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2023-01-07] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {FCAC687D-D3A0-4FBE-B810-629757DC2709} - \Microsoft\Windows\Autochk\Proxy -> Nenhum Arquivo <==== ATENÇÃO Task: {FEA67B0E-46AC-49E8-ADD4-0FCAAAABD649} - não caminho do arquivo Task: {FF45E724-E554-454F-A9AB-9296417C70C4} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2422557223-345917283-3410814111-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196728 2023-04-24] (Microsoft Corporation -> Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{3f6a5e19-7335-4b89-b98a-471ff95c4848}: [DhcpNameServer] 1.1.1.1 1.0.0.1 Tcpip\..\Interfaces\{ad104561-4e02-473b-9d48-6043acfd549a}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\icaro\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-27] Edge HomePage: Default -> hxxp://www.msn.com/?pc=DCTE Edge Extension: (Kaspersky Protection) - C:\Users\icaro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-04-24] Edge Extension: (Kaspersky Password Manager) - C:\Users\icaro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eolheccophlcbnkkbelcgminoojochgj [2023-04-24] Edge Extension: (Edge relevant text changes) - C:\Users\icaro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-24] Edge Extension: (IDM Integration Module) - C:\Users\icaro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2023-04-24] Edge HKU\S-1-5-21-2422557223-345917283-3410814111-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-21-2422557223-345917283-3410814111-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2023-03-22] Edge HKU\S-1-5-21-2422557223-345917283-3410814111-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\icaro\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\icaro\AppData\Roaming\IDM\idmmzcc5 [2023-01-07] [] [não assinado] FF HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [] FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) Chrome: ======= CHR Profile: C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default [2023-04-27] CHR HomePage: Default -> hxxp://www.google.com.br/ CHR Extension: (Google Tradutor) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-04-24] CHR Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-04-26] CHR Extension: (Desprotetor.com - Desprotetor de links) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl [2023-04-24] CHR Extension: (Kaspersky Password Manager) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2023-04-24] CHR Extension: (Cuponomia - Cupom e Cashback) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidejehfgombmkfflghejpncblgfkagj [2023-04-24] CHR Extension: (VoiceNote II - Speech to text) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm [2023-04-24] CHR Extension: (New Tab Redirect) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2023-04-24] CHR Extension: (Vagalume) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipgcdnbeeiajinajlafjcdfhckglcopd [2023-04-24] CHR Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2023-04-24] CHR Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-04-24] CHR Extension: (Tradutor - traduzir e dicionário) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnlohknjofogcljbcknkakphddjpijak [2023-04-24] CHR Extension: (IDM Integration Module) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2023-04-24] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-24] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2023-03-22] CHR HKU\S-1-5-21-2422557223-345917283-3410814111-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKU\S-1-5-21-2422557223-345917283-3410814111-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2023-03-22] CHR HKU\S-1-5-21-2422557223-345917283-3410814111-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2023-03-22] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-2422557223-345917283-3410814111-1001) Opera GXStable - "C:\Users\icaro\AppData\Local\Programs\Opera GX\Launcher.exe" Brave: ======= BRA Profile: C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-04-25] BRA Extension: (Google Tradutor) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22] BRA Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-03-14] BRA Extension: (Desprotetor.com - Desprotetor de links) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl [2023-01-07] BRA Extension: (Kaspersky Password Manager) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2023-04-22] BRA Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-08] BRA Extension: (IDM Integration Module) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2023-01-08] BRA Extension: (Brave Local Data Files Updater) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-04-24] BRA Extension: (Brave NTP background images) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-01-07] BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications List (plaintext))) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-04-24] BRA Extension: (Brave NTP sponsored images) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\bpndlkddhgpmjengabcakadpcabgflca [2023-04-25] BRA Extension: (Wallet Data Files Updater) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-04-24] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-04-20] BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2023-01-07] BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-04-24] BRA Extension: (Brave Ad Block Updater (Adguard Spanish/Portuguese (plaintext))) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\meimhmgfbckapkbbbdaoefgnbppmkodp [2023-04-24] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-16] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-04-20] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-03-13] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2023-01-07] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2023-01-07] (Brave Software, Inc. -> BraveSoftware Inc.) S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\brave_vpn_helper.exe [3015472 2023-04-19] (Brave Software, Inc. -> Brave Software, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2023-01-07] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.076.0409.0001\FileSyncHelper.exe [3472776 2023-04-24] (Microsoft Corporation -> Microsoft Corporation) S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [167432 2022-10-20] (IObit CO., LTD -> IObit) R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [11763072 2023-03-03] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-04-24] (Malwarebytes Inc. -> Malwarebytes) R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372512 2018-09-07] (Microsoft Corporation -> Microsoft Corporation) S3 NahimicService; C:\Windows\system32\NahimicService.exe [1926840 2022-07-15] (A-Volute SAS -> Nahimic) R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [118504 2022-10-31] (Panda Security S.L. -> Panda Security, S.L.) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.076.0409.0001\OneDriveUpdaterService.exe [3808120 2023-04-24] (Microsoft Corporation -> Microsoft Corporation) S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-19] (AnchorFree Inc -> ) S2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.) R2 pselamsvc; C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe [195224 2022-09-26] (Panda Security S.L. -> Panda Security S.L.) R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [78840 2022-11-02] (Panda Security S.L. -> Panda Security, S.L.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [307224 2023-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613152 2018-09-07] (Microsoft Corporation -> Microsoft Corporation) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11060856 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-23] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-23] (Microsoft Windows Publisher -> Microsoft Corporation) S3 BraveElevationService1d926c610c58014; "C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\elevation_service.exe" [X] R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmig.inf_amd64_f1f00df48246f9a3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmig.inf_amd64_f1f00df48246f9a3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 aftap0901; C:\Windows\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project) R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [322304 2023-03-19] (Bluestack Systems, Inc -> Bluestack System Inc.) R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell) R0 fse; C:\Windows\System32\drivers\fse.sys [218464 2023-03-15] (Microsoft Windows -> Microsoft Corporation) R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R2 IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [171512 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Tonec Inc.) S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [41536 2022-08-17] (Microsoft Windows Hardware Compatibility Publisher -> IObit Information Technology) R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2022-10-20] (IObit Information Technology -> IObit) R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2022-10-20] (IObit Information Technology -> IObit) R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2022-10-20] (IObit Information Technology -> IObit) R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2023-04-07] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 MpKslc32343fd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D7E5341F-CBB6-4209-8CE4-5878E225E3AD}\MpKslDrv.sys [211208 2023-04-23] (Microsoft Windows -> Microsoft Corporation) R0 MsSecCore; C:\Windows\System32\drivers\msseccore.sys [71024 2023-04-11] (Microsoft Windows -> Microsoft Corporation) S3 MsSecWfp; C:\Windows\System32\drivers\mssecwfp.sys [62800 2023-04-11] (Microsoft Windows -> Microsoft Corporation) R1 NemuDrv; C:\Program Files\NemuVbox\LoadedDrivers\NemuDrv.sys [299240 2022-01-12] (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) R1 NNSDNS; C:\Windows\system32\DRIVERS\NNSDNS.sys [146184 2022-11-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [215264 2022-11-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [128744 2022-11-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [146664 2022-11-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [151152 2022-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Panda Security, S.L.) R1 NNSNHWFP; C:\Windows\system32\DRIVERS\NNSNHWFP.sys [211208 2022-12-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [164568 2022-11-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [137960 2022-11-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [407264 2022-11-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [575720 2022-11-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [125672 2022-11-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [335064 2022-11-06] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [198376 2022-11-02] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) S0 psinelam; C:\Windows\System32\DRIVERS\psinelam.sys [26080 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [176360 2022-11-02] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [218856 2022-11-02] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [150760 2022-11-02] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [162536 2022-11-02] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [130280 2022-11-02] (WatchGuard Technologies, Inc. -> Panda Security, S.L.) U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72984 2019-02-20] (Panda Security S.L. -> Panda Security, S.L.) S4 RsFx0321; C:\Windows\System32\DRIVERS\RsFx0321.sys [258720 2018-07-25] (Microsoft Corporation -> Microsoft Corporation) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22292248 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.) R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2022-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2023-03-15] (Microsoft Windows -> ) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2023-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [497920 2023-04-23] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-23] (Microsoft Windows -> Microsoft Corporation) S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X] S3 WinRing0_1_2_0; \??\C:\Users\icaro\AppData\Local\Temp\WinRing0x64.sys [X] <==== ATENÇÃO ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-04-27 18:11 - 2023-04-27 18:12 - 000000000 ____D C:\FRST 2023-04-27 18:09 - 2023-04-27 18:09 - 000834714 _____ C:\Windows\system32\prfh0416.dat 2023-04-27 18:09 - 2023-04-27 18:09 - 000188724 _____ C:\Windows\system32\prfc0416.dat 2023-04-27 18:07 - 2023-04-27 18:09 - 000000000 ____D C:\AdwCleaner 2023-04-27 18:02 - 2019-02-20 02:31 - 000072984 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys 2023-04-25 17:20 - 2023-04-25 17:20 - 006845928 _____ (EnigmaSoft Limited) C:\ProgramData\EsgInstallerResumeAction_7c2eac93b7c112843a9de22aaa1d5c40.exe 2023-04-25 17:20 - 2023-04-25 17:20 - 000001344 _____ C:\EsgInstallerResumeAction_7c2eac93b7c112843a9de22aaa1d5c40 2023-04-25 10:34 - 2023-04-25 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker 2023-04-25 10:18 - 2023-04-25 10:18 - 000004212 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1673134739 2023-04-25 10:18 - 2023-04-25 10:18 - 000001434 _____ C:\Users\icaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk 2023-04-25 00:21 - 2023-04-25 00:21 - 000034160 _____ C:\Users\icaro\Downloads\relatório-de-consultas-serasa-13-07-2022-16-49-18.pdf 2023-04-24 23:47 - 2023-04-24 23:47 - 000020875 _____ C:\Users\icaro\Downloads\Códigos de recuperação de verificação em 2 passos.eml 2023-04-24 22:43 - 2023-04-24 22:43 - 000000000 ____D C:\Users\icaro\AppData\Local\mbam 2023-04-24 22:42 - 2023-04-27 18:03 - 000000000 ____D C:\Users\icaro\AppData\Local\Malwarebytes 2023-04-24 22:42 - 2023-04-24 22:42 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-04-24 22:41 - 2023-04-24 22:41 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-04-24 22:41 - 2023-04-24 22:41 - 000000000 ____D C:\Program Files\Malwarebytes 2023-04-24 16:24 - 2023-04-24 16:24 - 000004406 _____ C:\native log.txt 2023-04-24 16:21 - 2023-04-24 16:25 - 000002934 _____ C:\spyhunter.fix.old 2023-04-24 16:12 - 2023-04-24 16:12 - 000000000 ____D C:\sh5ldr 2023-04-24 16:12 - 2023-04-24 16:12 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited 2023-04-24 16:11 - 2023-04-25 17:20 - 000000000 ____D C:\Program Files\EnigmaSoft 2023-04-24 16:06 - 2023-04-24 16:06 - 000000000 ____D C:\Users\icaro\AppData\Local\Yandex 2023-04-24 16:05 - 2023-04-24 16:04 - 000180224 _____ C:\ProgramData\43123456438454689647428289 2023-04-24 16:04 - 2023-04-24 16:04 - 000180224 _____ C:\ProgramData\19120917905962578647326547 2023-04-24 15:51 - 2023-04-24 15:51 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk 2023-04-24 15:50 - 2023-04-24 15:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome 2023-04-24 15:50 - 2022-12-06 07:53 - 000211208 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnsnhwfp.sys 2023-04-24 15:50 - 2022-11-06 07:24 - 000575720 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnsprv.sys 2023-04-24 15:50 - 2022-11-06 07:24 - 000407264 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnsprot.sys 2023-04-24 15:50 - 2022-11-06 07:24 - 000335064 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnsstrm.sys 2023-04-24 15:50 - 2022-11-06 07:24 - 000215264 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnshttp.sys 2023-04-24 15:50 - 2022-11-06 07:24 - 000164568 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnspicc.sys 2023-04-24 15:50 - 2022-11-06 07:24 - 000146664 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnsids.sys 2023-04-24 15:50 - 2022-11-06 07:24 - 000146184 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnsdns.sys 2023-04-24 15:50 - 2022-11-06 07:24 - 000137960 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnspop3.sys 2023-04-24 15:50 - 2022-11-06 07:24 - 000128744 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnshttps.sys 2023-04-24 15:50 - 2022-11-06 07:24 - 000125672 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\nnssmtp.sys 2023-04-24 15:50 - 2022-11-02 20:33 - 000218856 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINKNC.sys 2023-04-24 15:50 - 2022-11-02 20:33 - 000198376 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINAflt.sys 2023-04-24 15:50 - 2022-11-02 20:33 - 000176360 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINFile.sys 2023-04-24 15:50 - 2022-11-02 20:33 - 000162536 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINProt.sys 2023-04-24 15:50 - 2022-11-02 20:33 - 000150760 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINProc.sys 2023-04-24 15:50 - 2022-11-02 20:33 - 000130280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINReg.sys 2023-04-24 13:16 - 2023-04-24 13:16 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-04-24 13:16 - 2023-04-24 13:16 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-04-19 20:57 - 2023-04-24 15:50 - 000000000 ____D C:\Program Files (x86)\Panda Security 2023-04-19 20:56 - 2023-04-24 15:50 - 000000000 ____D C:\ProgramData\Panda Security 2023-04-11 21:38 - 2023-04-11 21:38 - 000000000 ____D C:\Windows\system32\Drivers\mde 2023-04-09 18:53 - 2023-04-26 22:07 - 000000000 ____D C:\ProgramData\BlueStacks_nxt 2023-04-09 18:53 - 2023-04-09 18:53 - 000000000 ____D C:\Program Files\BlueStacks_nxt 2023-04-09 18:52 - 2023-04-09 18:52 - 025202679 _____ C:\Users\icaro\Downloads\TVE Mobile_3.1.0_20221115_mobile.apk 2023-04-07 13:28 - 2023-04-07 13:28 - 000000758 _____ C:\Users\icaro\AppData\Roaming\Microsoft\Windows\Start Menu\LDMultiPlayer.lnk 2023-04-07 13:28 - 2023-04-07 13:28 - 000000712 _____ C:\Users\icaro\AppData\Roaming\Microsoft\Windows\Start Menu\LDPlayer9.lnk 2023-04-07 13:28 - 2023-04-07 13:28 - 000000000 ____D C:\Users\icaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer9 2023-04-07 13:28 - 2023-04-07 13:28 - 000000000 ____D C:\Users\icaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDMultiPlayer 2023-04-07 13:27 - 2023-04-07 13:28 - 000000000 ____D C:\Program Files\ldplayer9box 2023-04-07 13:27 - 2023-04-07 13:27 - 025306517 _____ C:\Users\icaro\Downloads\mfc_web_stb_PROD_3.1.0_20230306 (1).apk 2023-04-05 18:43 - 2023-04-05 18:43 - 000000000 ____D C:\ProgramData\BraveSoftware 2023-03-30 23:04 - 2023-03-30 23:04 - 000059744 _____ C:\Users\icaro\Downloads\Logo Designer de Unhas Estiloso Rosa (4).zip 2023-03-30 23:04 - 2023-03-30 23:04 - 000000000 ____D C:\Users\icaro\Downloads\Logo Designer de Unhas Estiloso Rosa (4) 2023-03-30 23:00 - 2023-03-30 23:00 - 000000000 ____D C:\Users\icaro\Downloads\Logo Designer de Unhas Estiloso Rosa (3) 2023-03-30 22:59 - 2023-03-30 22:59 - 000060358 _____ C:\Users\icaro\Downloads\Logo Designer de Unhas Estiloso Rosa (3).zip 2023-03-30 22:54 - 2023-03-30 22:54 - 000052007 _____ C:\Users\icaro\Downloads\Logo Designer de Unhas Estiloso Rosa (2).zip 2023-03-30 22:54 - 2023-03-30 22:54 - 000000000 ____D C:\Users\icaro\Downloads\Logo Designer de Unhas Estiloso Rosa (2) 2023-03-30 22:48 - 2023-03-30 22:48 - 000000000 ____D C:\Users\icaro\Downloads\Logo Designer de Unhas Estiloso Rosa (1) 2023-03-30 22:46 - 2023-03-30 22:46 - 000142641 _____ C:\Users\icaro\Downloads\Logo Designer de Unhas Estiloso Rosa.zip 2023-03-30 22:46 - 2023-03-30 22:46 - 000141200 _____ C:\Users\icaro\Downloads\Logo Designer de Unhas Estiloso Rosa (1).zip 2023-03-30 22:37 - 2023-03-30 22:37 - 000047011 _____ C:\Users\icaro\Downloads\WhatsApp Image 2023-03-30 at 10.37.27 PM.jpeg 2023-03-30 22:37 - 2023-03-30 22:37 - 000031064 _____ C:\Users\icaro\Downloads\WhatsApp Image 2023-03-30 at 10.33.16 PM (1).jpeg 2023-03-30 22:33 - 2023-03-30 22:33 - 000031064 _____ C:\Users\icaro\Downloads\WhatsApp Image 2023-03-30 at 10.33.16 PM.jpeg 2023-03-30 22:21 - 2023-03-30 22:21 - 000305990 _____ C:\Users\icaro\Downloads\_Currículo icaro-1 (1).pdf 2023-03-30 21:49 - 2023-03-30 21:49 - 000068220 _____ C:\Users\icaro\Downloads\_Currículo icaro resumido.pdf ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-04-27 18:10 - 2023-01-07 20:52 - 000000000 ____D C:\Program Files (x86)\IObit 2023-04-27 18:10 - 2023-01-07 20:29 - 000000000 ____D C:\ProgramData\NVIDIA 2023-04-27 18:10 - 2023-01-07 20:22 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-04-27 18:09 - 2023-01-07 20:36 - 001975576 _____ C:\Windows\system32\PerfStringBackup.INI 2023-04-27 18:09 - 2023-01-07 20:21 - 000000000 ____D C:\Windows\INF 2023-04-27 18:05 - 2023-02-26 14:17 - 000000001 _____ C:\Windows\vgkbootstatus.dat 2023-04-27 18:04 - 2023-01-07 20:55 - 000000000 ____D C:\Program Files (x86)\Google 2023-04-27 18:04 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\SystemTemp 2023-04-27 18:02 - 2023-01-07 20:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-04-27 18:02 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\ServiceState 2023-04-27 18:01 - 2023-01-07 20:19 - 000786432 _____ C:\Windows\system32\config\BBI 2023-04-27 18:00 - 2022-09-21 13:58 - 000000000 ___SD C:\Users\icaro\AppData\Roaming\Microsoft\Credentials 2023-04-26 19:37 - 2023-01-07 20:34 - 000000000 ____D C:\Users\icaro\AppData\Local\Packages 2023-04-26 19:27 - 2023-03-14 15:50 - 000000000 ____D C:\ProgramData\boost_interprocess 2023-04-26 19:25 - 2023-03-14 16:06 - 000000000 ____D C:\Users\icaro\AppData\Local\BlueStacks X 2023-04-26 18:35 - 2023-01-19 20:04 - 000003446 _____ C:\Windows\SysWOW64\pubfreeware.ini 2023-04-26 18:28 - 2023-01-07 20:22 - 000000000 ___HD C:\Program Files\WindowsApps 2023-04-26 18:28 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\AppReadiness 2023-04-26 17:50 - 2023-01-07 20:29 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-04-26 17:50 - 2022-09-21 14:03 - 000000000 ___RD C:\Users\icaro\OneDrive 2023-04-25 10:38 - 2022-09-21 13:53 - 000012288 ___SH C:\DumpStack.log.tmp 2023-04-25 10:37 - 2023-01-07 21:17 - 000000000 ____D C:\Users\icaro\AppData\Roaming\DMCache 2023-04-25 10:34 - 2023-01-07 20:52 - 000000000 ____D C:\ProgramData\IObit 2023-04-25 10:15 - 2023-01-10 17:44 - 000000000 ____D C:\Windows\system32\MRT 2023-04-25 01:39 - 2023-01-07 20:31 - 000000000 ____D C:\Users\icaro 2023-04-24 23:12 - 2023-01-07 20:40 - 000000000 ____D C:\Users\icaro\AppData\Local\D3DSCache 2023-04-24 22:46 - 2023-01-14 10:46 - 000001535 _____ C:\Windows\system32\config\VSMIDK 2023-04-24 22:42 - 2023-01-07 20:22 - 000000000 ___HD C:\Windows\ELAMBKUP 2023-04-24 16:20 - 2022-09-21 16:49 - 000000000 ____D C:\Users\glest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2023-04-24 16:05 - 2023-01-21 11:17 - 000000000 ____D C:\Users\icaro\AppData\Local\CrashDumps 2023-04-24 15:54 - 2023-01-07 21:11 - 000000000 ____D C:\ProgramData\ProductData 2023-04-24 15:48 - 2023-02-27 13:52 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-04-24 13:16 - 2023-02-22 14:25 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2422557223-345917283-3410814111-1002 2023-04-24 13:16 - 2023-01-07 20:36 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2422557223-345917283-3410814111-1001 2023-04-23 09:53 - 2023-01-07 21:07 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-04-23 09:52 - 2023-01-07 20:32 - 000000000 ____D C:\Windows\system32\Drivers\wd 2023-04-22 13:27 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\system32\SecurityHealth 2023-04-21 20:43 - 2023-01-07 20:55 - 000003960 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{B8C7E393-6515-41DF-B597-6B5433C7B0F4} 2023-04-21 20:43 - 2023-01-07 20:55 - 000003836 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{BBAE6754-E8AA-4BD4-BE11-4D519457843F} 2023-04-20 19:43 - 2023-01-07 20:55 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-04-20 19:43 - 2023-01-07 20:37 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2023-04-20 19:38 - 2023-02-14 18:20 - 000000000 ____D C:\Windows\system32\Drivers\Kaspersky4Win-21-9 2023-04-19 20:56 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2023-04-19 20:56 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\system32\GroupPolicy 2023-04-19 19:47 - 2023-01-09 22:58 - 000000000 ____D C:\Program Files\Common Files\AV 2023-04-19 19:47 - 2023-01-07 20:34 - 000000000 ____D C:\ProgramData\Packages 2023-04-19 19:47 - 2023-01-07 20:19 - 000032768 _____ C:\Windows\system32\config\ELAM 2023-04-14 18:14 - 2023-02-16 21:54 - 000000000 ____D C:\Users\icaro\Downloads\Telegram Desktop 2023-04-12 01:24 - 2023-01-10 17:44 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2023-04-11 21:39 - 2023-01-07 20:29 - 000294232 _____ C:\Windows\system32\FNTCACHE.DAT 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\UUS 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\SystemResources 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\system32\oobe 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\system32\appraiser 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\ShellExperiences 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\ShellComponents 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\Provisioning 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\bcastdvr 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-04-11 21:31 - 2023-01-07 20:19 - 000000000 ____D C:\Windows\CbsTemp 2023-04-11 21:28 - 2023-01-07 20:31 - 003211776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2023-04-10 19:39 - 2022-09-21 14:46 - 000000000 ___SD C:\Users\glest\AppData\Roaming\Microsoft\Credentials 2023-04-10 17:52 - 2023-02-22 14:28 - 000000000 ____D C:\Users\glest\AppData\Local\D3DSCache 2023-04-10 17:43 - 2023-01-07 21:19 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2023-04-10 17:38 - 2022-09-21 14:49 - 000000000 ___RD C:\Users\glest\OneDrive 2023-04-10 17:37 - 2022-09-21 14:46 - 000000000 ___SD C:\Users\glest\AppData\Roaming\Microsoft\Protect 2023-04-09 18:54 - 2023-03-14 16:05 - 000003934 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt 2023-04-09 18:53 - 2023-03-14 15:48 - 000000000 ____D C:\Users\Public\BlueStacks 2023-04-09 18:53 - 2023-03-14 15:48 - 000000000 ____D C:\Users\icaro\AppData\Local\Bluestacks 2023-04-07 13:35 - 2023-03-14 15:49 - 000000000 ____D C:\Program Files (x86)\BlueStacks X 2023-04-07 13:30 - 2023-03-14 12:54 - 000000000 ____D C:\Users\icaro\AppData\Roaming\XuanZhi9 2023-04-07 13:29 - 2023-03-14 12:57 - 000000000 ____D C:\Users\icaro\.Ld9VirtualBox 2023-04-05 19:24 - 2023-01-07 20:31 - 000000000 ____D C:\Users\icaro\AppData\Roaming\Microsoft\Windows 2023-04-05 18:49 - 2023-01-07 20:37 - 000004010 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2422557223-345917283-3410814111-1001UA{FEB09405-67F3-4D07-AD6C-2487DA9254EA} 2023-04-05 18:49 - 2023-01-07 20:37 - 000003946 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2422557223-345917283-3410814111-1001Core{C3FF36DD-D925-4848-97F5-70922C91FDCB} 2023-04-04 19:09 - 2022-09-21 17:41 - 000000000 ____D C:\Users\icaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2023-03-31 18:24 - 2023-01-07 20:55 - 000003750 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{F20604D3-55AD-408C-AA40-D99EF2A6B934} 2023-03-31 18:24 - 2023-01-07 20:55 - 000003626 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{46428BE6-3D46-469E-8137-FA70E0DA8CBA} ==================== Arquivos na raiz de alguns diretórios ======== 2023-04-25 17:20 - 2023-04-25 17:20 - 006845928 _____ (EnigmaSoft Limited) C:\ProgramData\EsgInstallerResumeAction_7c2eac93b7c112843a9de22aaa1d5c40.exe 2023-03-14 12:57 - 2023-03-14 12:57 - 000000068 _____ () C:\Users\icaro\AppData\Roaming\changzhi_leidian.data 2023-01-17 14:55 - 2023-01-24 20:13 - 000000000 _____ () C:\Users\icaro\AppData\Local\Temptable.xml ==================== FCheck ================================ (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) FCheck: C:\Windows\SysWOW64\version_IObitDel.dll [2023-01-07] <==== ATENÇÃO (zero byte Arquivo/Pasta) ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================