Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 08-05-2023 Executado por icaro (administrador) em ICAROGLESTMAN (Dell Inc. G3 3590) (08-05-2023 18:18:49) Executando a partir de C:\Users\icaro\OneDrive\Área de Trabalho\FRST64.exe Perfis Carregados: icaro Plataforma: Microsoft Windows 11 Pro Versão 22H2 22621.1555 (X64) Idioma: Português (Brasil) Navegador padrão: Opera Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler.exe (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler64.exe (C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2> (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Users\icaro\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\icaro\AppData\Local\Programs\Opera GX\97.0.4719.89\opera_crashreporter.exe (DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe (explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\74.0.3.0\crashpad_handler.exe <2> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe <7> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe (explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe (explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe (Opera Norway AS -> Opera Software) C:\Users\icaro\AppData\Local\Programs\Opera GX\opera.exe <22> (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5e2798bd2b2b2cda\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5e2798bd2b2b2cda\IntelCpHeciSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncHelper.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmig.inf_amd64_f1f00df48246f9a3\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe (services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_fdd83e4dd87bcfa1\RtkAudUService64.exe [1376856 2021-10-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [9926928 2023-03-03] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3088752 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-04] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-04] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2602888 2023-05-08] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [Microsoft Edge Update] => C:\Users\icaro\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\MicrosoftEdgeUpdateCore.exe [263584 2023-04-05] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [Opera GX Stable] => C:\Users\icaro\AppData\Local\Programs\Opera GX\launcher.exe [2623896 2023-04-24] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37123024 2023-05-04] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5924104 2023-04-05] (Tonec Inc. -> Tonec Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-04] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\icaro\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\icaro\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [157858648 2023-03-11] (Bluestack Systems, Inc -> now.gg, Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\Run: [MicrosoftEdgeAutoLaunch_C5E1BBBC7F11E5A155071EC9E04DC8C2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152224 2023-05-05] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2422557223-345917283-3410814111-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\73.0.4.0\GoogleDriveFS.exe [53181720 2023-04-10] (Google LLC -> Google, Inc.) HKU\S-1-5-21-2422557223-345917283-3410814111-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2602888 2023-05-08] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-05-04] (Google LLC -> Google, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.140\Installer\chrmstp.exe [2023-05-08] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\113.1.51.110\Installer\chrmstp.exe [2023-05-04] (Brave Software, Inc. -> Brave Software, Inc.) ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {021B3F1A-2CE3-4626-A8E3-568C50E99C5C} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1675986748 => C:\Users\icaro\AppData\Local\Programs\Opera GX\launcher.exe [2623896 2023-04-24] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\icaro\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {3A9F174D-4E9C-4901-8200-06C66B897235} - System32\Tasks\Opera GX scheduled Autoupdate 1673134739 => C:\Users\icaro\AppData\Local\Programs\Opera GX\launcher.exe [2623896 2023-04-24] (Opera Norway AS -> Opera Software) Task: {4E33F8DD-6428-4FDF-A6E0-E6470FED3739} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196744 2023-05-08] (Microsoft Corporation -> Microsoft Corporation) Task: {4F40AB21-157F-4E13-9556-37B43A9275DE} - System32\Tasks\GoogleUpdateTaskMachineCore{BBAE6754-E8AA-4BD4-BE11-4D519457843F} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-07] (Google LLC -> Google LLC) Task: {6271FF1F-5FD2-437C-9B5B-E00F9DE92B71} - System32\Tasks\GoogleUpdateTaskMachineUA{B8C7E393-6515-41DF-B597-6B5433C7B0F4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2023-01-07] (Google LLC -> Google LLC) Task: {64B973D2-6392-4434-82F2-73FEB921D294} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2422557223-345917283-3410814111-1001UA{FEB09405-67F3-4D07-AD6C-2487DA9254EA} => C:\Users\icaro\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-01-07] (Microsoft Corporation -> Microsoft Corporation) Task: {92DA46CF-48C2-4644-83DC-8E5FA1A62985} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1098400 ] (A-Volute SAS -> Nahimic) Task: {97E0C6A5-A736-4FE8-98F7-BA04FC6B6062} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\icaro\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-05-07] (ESET, spol. s r.o. -> ESET) Task: {A0DDED2C-EEAA-47E6-950C-710F2CAD56F1} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\icaro\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-05-07] (ESET, spol. s r.o. -> ESET) Task: {B278F510-2471-498B-A822-56E55BFB5E9B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2023-03-19] (Now.gg, INC -> BlueStack Systems, Inc.) Task: {C42E4BD3-CA05-4965-83EC-AB9712EC813A} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [837280 ] (A-Volute SAS -> Nahimic) Task: {C56DCF1B-1651-4FAE-AE94-FC2B00CC9B9F} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{9C3F9592-B218-427B-B7F7-9E501A4B77DC} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2023-01-07] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {D83ACBF0-7A80-4477-B32F-7AB1B1E30B32} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2422557223-345917283-3410814111-1001Core{C3FF36DD-D925-4848-97F5-70922C91FDCB} => C:\Users\icaro\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-01-07] (Microsoft Corporation -> Microsoft Corporation) Task: {E1EA489B-6251-468C-90FD-32E51F26CDB5} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2422557223-345917283-3410814111-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196744 2023-05-08] (Microsoft Corporation -> Microsoft Corporation) Task: {E8ADF653-D6BF-41A3-A33C-9932AD001B62} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{95755AE1-A896-4C19-ACA0-16D5226ADB14} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2023-01-07] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {FF45E724-E554-454F-A9AB-9296417C70C4} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2422557223-345917283-3410814111-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4196744 2023-05-08] (Microsoft Corporation -> Microsoft Corporation) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0 Tcpip\..\Interfaces\{3f6a5e19-7335-4b89-b98a-471ff95c4848}: [DhcpNameServer] 1.1.1.1 1.0.0.1 Tcpip\..\Interfaces\{ad104561-4e02-473b-9d48-6043acfd549a}: [DhcpNameServer] 192.168.0.1 0.0.0.0 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\icaro\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-08] Edge HomePage: Default -> hxxp://www.msn.com/?pc=DCTE Edge Extension: (Kaspersky Protection) - C:\Users\icaro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-04-24] Edge Extension: (Kaspersky Password Manager) - C:\Users\icaro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eolheccophlcbnkkbelcgminoojochgj [2023-04-24] Edge Extension: (Edge relevant text changes) - C:\Users\icaro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-24] Edge Extension: (IDM Integration Module) - C:\Users\icaro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2023-04-24] Edge HKU\S-1-5-21-2422557223-345917283-3410814111-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-21-2422557223-345917283-3410814111-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2023-04-05] Edge HKU\S-1-5-21-2422557223-345917283-3410814111-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\icaro\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\icaro\AppData\Roaming\IDM\idmmzcc5 [2023-01-07] [] [não assinado] FF HKU\S-1-5-21-2422557223-345917283-3410814111-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [] FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) Chrome: ======= CHR Profile: C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default [2023-05-08] CHR HomePage: Default -> hxxp://www.google.com.br/ CHR Extension: (Google Tradutor) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-04-24] CHR Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-04-26] CHR Extension: (Desprotetor.com - Desprotetor de links) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl [2023-04-24] CHR Extension: (Kaspersky Password Manager) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2023-04-24] CHR Extension: (Cuponomia - Cupom e Cashback) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidejehfgombmkfflghejpncblgfkagj [2023-05-05] CHR Extension: (VoiceNote II - Speech to text) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm [2023-04-24] CHR Extension: (New Tab Redirect) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2023-04-24] CHR Extension: (Vagalume) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipgcdnbeeiajinajlafjcdfhckglcopd [2023-04-24] CHR Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2023-04-24] CHR Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-04-24] CHR Extension: (Tradutor - traduzir e dicionário) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnlohknjofogcljbcknkakphddjpijak [2023-04-24] CHR Extension: (IDM Integration Module) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2023-04-24] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\icaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-24] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2023-04-05] CHR HKU\S-1-5-21-2422557223-345917283-3410814111-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKU\S-1-5-21-2422557223-345917283-3410814111-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2023-04-05] CHR HKU\S-1-5-21-2422557223-345917283-3410814111-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2023-04-05] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-2422557223-345917283-3410814111-1001) Opera GXStable - "C:\Users\icaro\AppData\Local\Programs\Opera GX\Launcher.exe" Brave: ======= BRA Profile: C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-05-08] BRA Extension: (Google Tradutor) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22] BRA Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-04-30] BRA Extension: (Desprotetor.com - Desprotetor de links) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl [2023-01-07] BRA Extension: (Kaspersky Password Manager) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2023-04-22] BRA Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-08] BRA Extension: (IDM Integration Module) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2023-01-08] BRA Extension: (Brave Local Data Files Updater) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-05-07] BRA Extension: (Brave NTP background images) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-01-07] BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications List (plaintext))) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-05-08] BRA Extension: (Brave NTP sponsored images) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\bpndlkddhgpmjengabcakadpcabgflca [2023-05-08] BRA Extension: (Wallet Data Files Updater) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-05-08] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-04-30] BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2023-01-07] BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-05-08] BRA Extension: (Brave Ad Block Updater (Adguard Spanish/Portuguese (plaintext))) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\meimhmgfbckapkbbbdaoefgnbppmkodp [2023-05-05] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-16] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\icaro\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-05-05] ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-03-13] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2023-01-07] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174976 2023-01-07] (Brave Software, Inc. -> BraveSoftware Inc.) S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\113.1.51.110\brave_vpn_helper.exe [3029808 2023-05-03] (Brave Software, Inc. -> Brave Software, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2023-01-07] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.) R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.086.0423.0001\FileSyncHelper.exe [3445624 2023-05-08] (Microsoft Corporation -> Microsoft Corporation) R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [11763072 2023-03-03] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-04-24] (Malwarebytes Inc. -> Malwarebytes) R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372512 2018-09-07] (Microsoft Corporation -> Microsoft Corporation) S3 NahimicService; C:\Windows\system32\NahimicService.exe [1926840 2022-07-15] (A-Volute SAS -> Nahimic) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.086.0423.0001\OneDriveUpdaterService.exe [3781496 2023-05-08] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [307224 2023-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613152 2018-09-07] (Microsoft Corporation -> Microsoft Corporation) S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [11060856 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-05] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-05] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmig.inf_amd64_f1f00df48246f9a3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmig.inf_amd64_f1f00df48246f9a3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 aftap0901; C:\Windows\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project) R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [322304 2023-03-19] (Bluestack Systems, Inc -> Bluestack System Inc.) R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R0 fse; C:\Windows\System32\drivers\fse.sys [218464 2023-03-15] (Microsoft Windows -> Microsoft Corporation) R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R2 IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [171512 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Tonec Inc.) S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [41536 2022-08-17] (Microsoft Windows Hardware Compatibility Publisher -> IObit Information Technology) R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2023-04-07] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt11.sys [232072 2023-05-08] (Malwarebytes Inc. -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77736 2023-05-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181816 2023-05-08] (Malwarebytes Inc. -> Malwarebytes) R0 MsSecCore; C:\Windows\System32\drivers\msseccore.sys [71024 2023-04-11] (Microsoft Windows -> Microsoft Corporation) S3 MsSecWfp; C:\Windows\System32\drivers\mssecwfp.sys [62800 2023-04-11] (Microsoft Windows -> Microsoft Corporation) R1 NemuDrv; C:\Program Files\NemuVbox\LoadedDrivers\NemuDrv.sys [299240 2022-01-12] (NetEase(Hangzhou) Network Co. Ltd. -> NetEase Corporation) S4 RsFx0321; C:\Windows\System32\DRIVERS\RsFx0321.sys [258720 2018-07-25] (Microsoft Corporation -> Microsoft Corporation) R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22292248 2023-03-10] (Riot Games, Inc. -> Riot Games, Inc.) R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2022-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2023-03-15] (Microsoft Windows -> ) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2023-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [498944 2023-05-05] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-05] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-05-08 18:14 - 2023-05-08 18:14 - 000232072 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt11.sys 2023-05-08 18:14 - 2023-05-08 18:14 - 000181816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2023-05-08 18:12 - 2023-05-08 18:12 - 000844066 _____ C:\Windows\system32\prfh0416.dat 2023-05-08 18:12 - 2023-05-08 18:12 - 000186976 _____ C:\Windows\system32\prfc0416.dat 2023-05-08 17:32 - 2023-05-08 17:32 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2023-05-08 17:32 - 2023-05-08 17:32 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-05-07 17:57 - 2023-05-07 17:57 - 000003854 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn 2023-05-07 17:57 - 2023-05-07 17:57 - 000003412 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime 2023-05-07 17:21 - 2023-05-07 17:21 - 000002826 _____ C:\Users\icaro\OneDrive\Documentos\Eset.txt 2023-05-07 09:36 - 2023-05-07 09:36 - 000001394 _____ C:\Users\icaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2023-05-07 09:36 - 2023-05-07 09:36 - 000000000 ____D C:\Users\icaro\AppData\Local\ESET 2023-05-05 17:30 - 2023-05-05 17:30 - 000000024 _____ C:\Windows\PSENDGU.TMP 2023-05-04 23:57 - 2023-05-04 23:57 - 000286634 _____ C:\Users\icaro\OneDrive\Documentos\Imposto de renda 2023.pdf 2023-05-04 23:49 - 2023-05-04 23:49 - 000018322 _____ C:\Users\icaro\OneDrive\Documentos\09872649669-IRPF-A-2022-2021-ORIGI.DEC 2023-05-04 23:40 - 2023-05-04 23:40 - 000018322 _____ C:\Users\icaro\OneDrive\Documentos\09872649669-IRPF-A-2022-2021-ORIGI.BAK 2023-05-04 23:40 - 2023-05-04 23:40 - 000017738 _____ C:\Users\icaro\OneDrive\Documentos\09872649669-IRPF-A-2022-2021-ORIGI.DBK 2023-05-04 23:35 - 2023-05-04 23:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2023 2023-05-04 23:30 - 2023-05-04 23:58 - 000000000 ____D C:\Users\icaro\.receitanet 2023-05-04 23:18 - 2023-05-04 23:36 - 000000000 ____D C:\Users\icaro\.irpf 2023-05-04 23:18 - 2023-05-04 23:18 - 000000000 ____D C:\Users\icaro\.rfb 2023-05-04 18:29 - 2023-05-04 18:29 - 000641138 _____ C:\Users\icaro\Downloads\Novo-Documento_1.jpeg 2023-05-04 18:29 - 2023-05-04 18:29 - 000515898 _____ C:\Users\icaro\Downloads\Novo-Documento_2.jpeg 2023-05-04 17:52 - 2023-05-04 17:52 - 001157121 _____ C:\Users\icaro\Downloads\(Sem assunto) (1).zip 2023-05-04 17:52 - 2023-05-04 17:52 - 000000000 ____D C:\Users\icaro\Downloads\(Sem assunto) (1) 2023-05-04 17:50 - 2023-05-04 17:50 - 005427670 _____ C:\Users\icaro\Downloads\iloveimg-compressed.zip 2023-05-04 17:50 - 2023-05-04 17:50 - 000000000 ____D C:\Users\icaro\Downloads\iloveimg-compressed 2023-05-04 17:47 - 2023-05-04 17:47 - 016291487 _____ C:\Users\icaro\Downloads\(Sem assunto).zip 2023-05-04 17:47 - 2023-05-04 17:47 - 000000000 ____D C:\Users\icaro\Downloads\(Sem assunto) 2023-04-28 22:00 - 2023-04-28 22:00 - 000084790 _____ C:\Users\icaro\Downloads\relatório-statement-report-27-04-2023-20-34-54.pdf 2023-04-27 18:23 - 2023-05-04 18:42 - 000000000 ____D C:\KVRT2020_Data 2023-04-27 18:11 - 2023-05-08 18:19 - 000000000 ____D C:\FRST 2023-04-27 18:07 - 2023-04-27 18:09 - 000000000 ____D C:\AdwCleaner 2023-04-25 10:34 - 2023-04-25 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker 2023-04-25 10:18 - 2023-04-25 10:18 - 000004212 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1673134739 2023-04-25 10:18 - 2023-04-25 10:18 - 000001434 _____ C:\Users\icaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk 2023-04-25 00:21 - 2023-04-25 00:21 - 000034160 _____ C:\Users\icaro\Downloads\relatório-de-consultas-serasa-13-07-2022-16-49-18.pdf 2023-04-24 23:47 - 2023-04-24 23:47 - 000020875 _____ C:\Users\icaro\Downloads\Códigos de recuperação de verificação em 2 passos.eml 2023-04-24 22:43 - 2023-04-24 22:43 - 000000000 ____D C:\Users\icaro\AppData\Local\mbam 2023-04-24 22:42 - 2023-05-08 18:14 - 000000000 ____D C:\Users\icaro\AppData\Local\Malwarebytes 2023-04-24 22:42 - 2023-04-24 22:42 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-04-24 22:41 - 2023-04-24 22:41 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-04-24 22:41 - 2023-04-24 22:41 - 000000000 ____D C:\Program Files\Malwarebytes 2023-04-24 16:05 - 2023-04-24 16:04 - 000180224 _____ C:\ProgramData\43123456438454689647428289 2023-04-24 16:04 - 2023-04-24 16:04 - 000180224 _____ C:\ProgramData\19120917905962578647326547 2023-04-11 21:38 - 2023-04-11 21:38 - 000000000 ____D C:\Windows\system32\Drivers\mde 2023-04-09 18:53 - 2023-05-07 20:02 - 000000000 ____D C:\ProgramData\BlueStacks_nxt 2023-04-09 18:53 - 2023-04-09 18:53 - 000000000 ____D C:\Program Files\BlueStacks_nxt 2023-04-09 18:52 - 2023-04-09 18:52 - 025202679 _____ C:\Users\icaro\Downloads\TVE Mobile_3.1.0_20221115_mobile.apk ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-05-08 18:16 - 2023-02-26 14:17 - 000000001 _____ C:\Windows\vgkbootstatus.dat 2023-05-08 18:16 - 2023-01-07 20:55 - 000000000 ____D C:\Program Files (x86)\Google 2023-05-08 18:14 - 2023-01-07 20:32 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-05-08 18:14 - 2023-01-07 20:29 - 000000000 ____D C:\ProgramData\NVIDIA 2023-05-08 18:14 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\SystemTemp 2023-05-08 18:14 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\ServiceState 2023-05-08 18:14 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\AppReadiness 2023-05-08 18:14 - 2023-01-07 20:22 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-05-08 18:14 - 2022-09-21 14:03 - 000000000 ___RD C:\Users\icaro\OneDrive 2023-05-08 18:13 - 2023-01-07 21:17 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager 2023-05-08 18:13 - 2023-01-07 20:19 - 000786432 _____ C:\Windows\system32\config\BBI 2023-05-08 18:12 - 2023-01-07 20:34 - 000000000 ____D C:\Users\icaro\AppData\Local\Packages 2023-05-08 18:09 - 2023-01-07 20:19 - 000000000 ____D C:\Windows\CbsTemp 2023-05-08 17:52 - 2023-01-07 20:40 - 000000000 ____D C:\Users\icaro\AppData\Local\D3DSCache 2023-05-08 17:49 - 2023-01-07 21:17 - 000000000 ____D C:\Users\icaro\AppData\Roaming\DMCache 2023-05-08 17:49 - 2023-01-07 20:55 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-05-08 17:47 - 2023-01-07 21:17 - 000000000 ____D C:\Users\icaro\AppData\Roaming\IDM 2023-05-08 17:32 - 2023-02-27 13:52 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2023-05-08 17:32 - 2023-02-22 14:25 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2422557223-345917283-3410814111-1002 2023-05-08 17:32 - 2023-01-07 20:36 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2422557223-345917283-3410814111-1001 2023-05-08 17:32 - 2023-01-07 20:22 - 000000000 ___HD C:\Program Files\WindowsApps 2023-05-08 17:31 - 2023-01-07 20:29 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-05-08 17:31 - 2022-09-21 13:58 - 000000000 ___SD C:\Users\icaro\AppData\Roaming\Microsoft\Credentials 2023-05-07 20:07 - 2023-03-14 16:06 - 000000000 ____D C:\Users\icaro\AppData\Local\BlueStacks X 2023-05-07 20:02 - 2023-03-14 15:50 - 000000000 ____D C:\ProgramData\boost_interprocess 2023-05-07 10:02 - 2023-04-07 13:28 - 000000000 ____D C:\Users\icaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer9 2023-05-07 09:23 - 2023-01-07 21:07 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-05-05 17:44 - 2023-01-07 20:36 - 001967296 _____ C:\Windows\system32\PerfStringBackup.INI 2023-05-05 17:44 - 2023-01-07 20:21 - 000000000 ____D C:\Windows\INF 2023-05-05 17:36 - 2023-01-13 19:10 - 000000000 ____D C:\Users\icaro\AppData\LocalLow\Temp 2023-05-05 17:30 - 2023-01-14 10:46 - 000001535 _____ C:\Windows\system32\config\VSMIDK 2023-05-05 00:00 - 2023-01-07 20:32 - 000000000 ____D C:\Windows\system32\Drivers\wd 2023-05-04 23:35 - 2022-09-21 14:26 - 000000000 ____D C:\Arquivos de Programas RFB 2023-05-04 23:30 - 2023-01-07 20:31 - 000000000 ____D C:\Users\icaro 2023-05-04 18:48 - 2023-01-07 20:19 - 000032768 _____ C:\Windows\system32\config\ELAM 2023-05-04 17:39 - 2023-01-07 21:19 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2023-05-04 17:39 - 2023-01-07 20:37 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2023-05-04 17:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\system32\SecurityHealth 2023-04-27 22:40 - 2023-01-27 19:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-04-27 18:10 - 2023-01-07 20:52 - 000000000 ____D C:\Program Files (x86)\IObit 2023-04-26 18:35 - 2023-01-19 20:04 - 000003446 _____ C:\Windows\SysWOW64\pubfreeware.ini 2023-04-25 10:38 - 2022-09-21 13:53 - 000012288 ___SH C:\DumpStack.log.tmp 2023-04-25 10:34 - 2023-01-07 20:52 - 000000000 ____D C:\ProgramData\IObit 2023-04-25 10:15 - 2023-01-10 17:44 - 000000000 ____D C:\Windows\system32\MRT 2023-04-24 22:42 - 2023-01-07 20:22 - 000000000 ___HD C:\Windows\ELAMBKUP 2023-04-24 16:20 - 2022-09-21 16:49 - 000000000 ____D C:\Users\glest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2023-04-24 16:05 - 2023-01-21 11:17 - 000000000 ____D C:\Users\icaro\AppData\Local\CrashDumps 2023-04-24 15:54 - 2023-01-07 21:11 - 000000000 ____D C:\ProgramData\ProductData 2023-04-21 20:43 - 2023-01-07 20:55 - 000003960 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{B8C7E393-6515-41DF-B597-6B5433C7B0F4} 2023-04-21 20:43 - 2023-01-07 20:55 - 000003836 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{BBAE6754-E8AA-4BD4-BE11-4D519457843F} 2023-04-20 19:38 - 2023-02-14 18:20 - 000000000 ____D C:\Windows\system32\Drivers\Kaspersky4Win-21-9 2023-04-19 20:56 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2023-04-19 20:56 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\system32\GroupPolicy 2023-04-19 19:47 - 2023-01-09 22:58 - 000000000 ____D C:\Program Files\Common Files\AV 2023-04-19 19:47 - 2023-01-07 20:34 - 000000000 ____D C:\ProgramData\Packages 2023-04-14 18:14 - 2023-02-16 21:54 - 000000000 ____D C:\Users\icaro\Downloads\Telegram Desktop 2023-04-12 01:24 - 2023-01-10 17:44 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2023-04-11 21:39 - 2023-01-07 20:29 - 000294232 _____ C:\Windows\system32\FNTCACHE.DAT 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\UUS 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\SystemResources 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\system32\oobe 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\system32\appraiser 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\ShellExperiences 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\ShellComponents 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\Provisioning 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Windows\bcastdvr 2023-04-11 21:38 - 2023-01-07 20:22 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2023-04-11 21:28 - 2023-01-07 20:31 - 003211776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2023-04-10 19:39 - 2022-09-21 14:46 - 000000000 ___SD C:\Users\glest\AppData\Roaming\Microsoft\Credentials 2023-04-10 17:52 - 2023-02-22 14:28 - 000000000 ____D C:\Users\glest\AppData\Local\D3DSCache 2023-04-10 17:38 - 2022-09-21 14:49 - 000000000 ___RD C:\Users\glest\OneDrive 2023-04-10 17:37 - 2022-09-21 14:46 - 000000000 ___SD C:\Users\glest\AppData\Roaming\Microsoft\Protect 2023-04-09 18:54 - 2023-03-14 16:05 - 000003934 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt 2023-04-09 18:53 - 2023-03-14 15:48 - 000000000 ____D C:\Users\Public\BlueStacks 2023-04-09 18:53 - 2023-03-14 15:48 - 000000000 ____D C:\Users\icaro\AppData\Local\Bluestacks ==================== Arquivos na raiz de alguns diretórios ======== 2023-03-14 12:57 - 2023-03-14 12:57 - 000000068 _____ () C:\Users\icaro\AppData\Roaming\changzhi_leidian.data 2023-01-17 14:55 - 2023-01-24 20:13 - 000000000 _____ () C:\Users\icaro\AppData\Local\Temptable.xml ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================