aplicativo do banco informando possibilidade de existencia de virus

alexmascaro · 3 de agosto de 2023

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 01-08-2023
Executado por Alex Mascaro (administrador) em ALEXMASCARO (INTEL H81) (03-08-2023 15:01:27)
Executando a partir de C:\Users\Alex Mascaro\Downloads\FRST64.exe
Perfis Carregados: Alex Mascaro
Plataforma: Microsoft Windows 10 Pro Versão 22H2 19045.3208 (X64) Idioma: Português (Brasil)
Navegador padrão: FF
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Users\Alex Mascaro\Desktop\adwcleaner.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_361\bin\javaw.exe
(services.exe ->) (Firebird Project) [Arquivo não assinado] C:\Imobzi Free\Firebird\Bin\fbguard.exe
(services.exe ->) (Firebird Project) [Arquivo não assinado] C:\Imobzi Free\Firebird\Bin\fbserver.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [CertificateRegistration] => C:\WINDOWS\system32\aetcrss1.exe [25088 2017-05-09] (A.E.T. Europe B.V.) [Arquivo não assinado]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2022-02-07] (Brother Industries, Ltd.) [Arquivo não assinado]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\Run: [CiscoSpark] => C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1530 2022-10-10] () [Arquivo não assinado]
HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Alex Mascaro\AppData\Local\WebEx\WebexHost.exe [8040032 2023-03-09] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-05-25] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\Run: [MicrosoftEdgeAutoLaunch_5062C5B0C03645C2AC376D3E80C6881B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.110\Installer\chrmstp.exe [2023-07-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2022-12-24] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shodo.lnk [2021-10-01]
ShortcutTarget: Shodo.lnk -> C:\Program Files (x86)\Shodo\shodo.exe (TRIBUNAL REGIONAL DO TRABALHO DA 12A REGIAO -> )
Startup: C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sysupdate.setup42b566140327.lnk [2023-07-14]
ShortcutAndArgument: sysupdate.setup42b566140327.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe => -windowstyle hidden -Command C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.exe C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.log <==== ATENÇÃO
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-09-21]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {C22A68E5-D59E-4326-8263-7641A7B1F076} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {B451C2FB-EB01-4635-8668-4BF5006DFCEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {F2ECE5B0-C5C6-4831-81B1-81A075987155} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {398B44AA-3C2F-460C-89DE-20BEBE719F63} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656184 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA61E86C-8CD1-4FBE-B7D9-28C03F5AC037} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656184 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CEA0B17E-8835-47BB-9C33-27B0D144C537} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158656 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {4318AEFE-63BA-4DB5-8F7D-06BE1B79F9C5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158656 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B42627F5-4462-47BE-AD3E-FE8B935BCE3C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {541FB926-681C-4469-82D5-FA332999F178} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78BD61F3-FCCB-4E68-B2A4-8C18CC9A02A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60267819-5C83-4A0A-BD16-11904B0CC907} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {731E95C5-3A08-4CE0-A839-FB5B9D0E3D48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8037A52-0E5B-46B2-AADF-A45603531510} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-08-03] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {42283D27-09CF-43A5-9459-829919D6BC58} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-08-03] (Mozilla Corporation -> Mozilla Foundation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: 127.0.0.1 assinador-desktop.serpro.gov.br
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{49a4576d-773e-4c7a-ae75-9b7b47a96e2f}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Alex Mascaro\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-03]
Edge Notifications: Default -> hxxps://www.oabsp.org.br
Edge Extension: (Edge relevant text changes) - C:\Users\Alex Mascaro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-01]

FireFox:
========
FF DefaultProfile: njurssf0.default
FF ProfilePath: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\njurssf0.default [2022-08-30]
FF ProfilePath: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release [2023-08-03]
FF Homepage: Mozilla\Firefox\Profiles\8y16zz78.default-release -> www.aasp.org.br
FF Notifications: Mozilla\Firefox\Profiles\8y16zz78.default-release -> hxxps://tinder.com; hxxps://www.meutimao.com.br; hxxps://www.stonecarver.top; hxxps://web.whatsapp.com; hxxps://br.pinterest.com
FF Extension: (web.skype.com for Firefox) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\[email protected] [2021-10-11]
FF Extension: (Web PKI) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\[email protected] [2022-06-24] [UpdateUrl:hxxps://get.webpkiplugin.com/firefox-extensions]
FF Extension: (Web PKI) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\[email protected] [2021-12-10] [UpdateUrl:hxxps://get.webpkiplugin.com/firefox-extensions]
FF Extension: (Web Signer) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\[email protected] [2021-11-01] [UpdateUrl:hxxps://websigner.softplan.com.br/firefox-extensions]
FF Extension: (Web Signer) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\websigner@softplan_com_br.xpi [2023-03-02] [UpdateUrl:hxxps://websigner.softplan.com.br/firefox-extensions]
FF Extension: (Skype Web FF) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\{86052ad9-91cd-48ee-9b70-e5c497b370f3}.xpi [2022-01-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2023-08-03]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default [2023-08-01]
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Extension: (Certisign WebSigner Extension) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\acfifjfajpekbmhmjppnmmjgmhjkildl [2022-09-08]
CHR Extension: (Web Signer) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbafmabaelnnkondpfpjmdklbmfnbmol [2022-06-24]
CHR Extension: (Web PKI) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcngeagmmhegagicpcmpinaoklddcgon [2023-04-05]
CHR Extension: (Documentos Google off-line) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21]
CHR Extension: (Fiorilli Web Extension) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcbeidgfmkgomnehecnfelbcppoifoee [2022-04-26]
CHR Extension: (SerasaAssina – Portal Assinatura Digital) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepmidcidkjdmdppchlhaajdhbkhfgjl [2022-08-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-01]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S4 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-09-21] (philandro Software GmbH -> AnyDesk Software GmbH)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2021-12-06] (Brother Industries, Ltd.) [Arquivo não assinado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11867104 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
R2 FirebirdGuardianDefaultInstance; C:\Imobzi Free\Firebird\bin\fbguard.exe [98304 2015-07-27] (Firebird Project) [Arquivo não assinado]
R3 FirebirdServerDefaultInstance; C:\Imobzi Free\Firebird\bin\fbserver.exe [3735552 2015-07-27] (Firebird Project) [Arquivo não assinado]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10195200 2023-05-25] (Logitech Inc -> Logitech, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402216 2023-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15549240 2023-03-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1012024 2023-01-13] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2022-10-12] (Microsoft Corporation) [Arquivo não assinado]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 GemCCID; C:\WINDOWS\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-03-15] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-03-15] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-03-15] (Logitech Inc -> Logitech)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 MTsensor; C:\WINDOWS\System32\drivers\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2010-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-02] (Microsoft Windows -> Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [37840 2023-08-03] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [51160 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [34768 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [38816 2023-02-27] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-08-03 15:01 - 2023-08-03 15:02 - 000018825 _____ C:\Users\Alex Mascaro\Downloads\FRST.txt
2023-08-03 14:58 - 2023-08-03 15:01 - 000000000 ____D C:\FRST
2023-08-03 14:58 - 2023-08-03 14:58 - 000001542 _____ C:\Users\Alex Mascaro\Downloads\AdwCleaner[S01].txt
2023-08-03 14:55 - 2023-08-03 14:56 - 000000000 ____D C:\AdwCleaner
2023-08-03 14:53 - 2023-08-03 14:53 - 002700800 _____ (Farbar) C:\Users\Alex Mascaro\Downloads\FRST64.exe
2023-08-03 14:49 - 2023-08-03 14:49 - 008791352 _____ (Malwarebytes) C:\Users\Alex Mascaro\Desktop\adwcleaner.exe
2023-08-03 14:33 - 2023-08-03 14:33 - 000002244 _____ C:\Users\Alex Mascaro\Downloads\doc(73).pdf
2023-08-03 14:31 - 2023-08-03 14:31 - 000002723 _____ C:\Users\Alex Mascaro\Downloads\doc(72).pdf
2023-08-03 11:31 - 2023-08-03 11:31 - 001935468 _____ ( ) C:\Users\Alex Mascaro\Downloads\mvregclean_2022_(8.2)_br.exe
2023-08-03 11:31 - 2023-08-03 11:31 - 000001432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\MV RegClean 2022 (8.2).lnk
2023-08-03 11:31 - 2023-08-03 11:31 - 000001426 _____ C:\Users\Public\Desktop\MV RegClean 2022 (8.2).lnk
2023-08-03 11:31 - 2023-08-03 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security
2023-08-03 11:31 - 2023-08-03 11:31 - 000000000 ____D C:\Program Files (x86)\Marcos Velasco Security
2023-08-03 11:16 - 2023-08-03 11:16 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Local\mbam
2023-08-03 11:13 - 2023-08-03 11:13 - 002606880 _____ (Malwarebytes) C:\Users\Alex Mascaro\Downloads\MBSetup.exe
2023-08-03 09:14 - 2023-08-03 09:14 - 040890071 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011359-54.2021.5.15.0070-1.pdf
2023-08-03 07:05 - 2023-08-03 07:05 - 000072937 ____R C:\Users\Alex Mascaro\Downloads\MANIFESTACAO PAULO CIARLO 5014304-88.2023.4.03.0000.pdf
2023-08-01 17:23 - 2023-08-01 17:23 - 000030526 _____ C:\Users\Alex Mascaro\Downloads\Declaração de ITCMD.pdf
2023-08-01 17:05 - 2023-08-01 17:05 - 003263363 _____ C:\Users\Alex Mascaro\Downloads\Resolução SMF nº7.pdf
2023-08-01 17:00 - 2023-08-01 17:00 - 000398566 _____ C:\Users\Alex Mascaro\Downloads\laudo augusto (2).pdf
2023-08-01 17:00 - 2023-08-01 17:00 - 000398566 _____ C:\Users\Alex Mascaro\Downloads\laudo augusto (1).pdf
2023-08-01 16:59 - 2023-08-01 16:59 - 000398566 _____ C:\Users\Alex Mascaro\Downloads\laudo augusto.pdf
2023-08-01 09:55 - 2023-08-01 09:55 - 029190711 ____R C:\Users\Alex Mascaro\Downloads\1008639-16.2022.8.26.0132.pdf
2023-08-01 09:43 - 2023-08-01 09:43 - 000166008 _____ C:\Users\Alex Mascaro\Downloads\GuiaPagamento_22058181808_010820230943356229.PDF
2023-08-01 09:43 - 2023-08-01 09:43 - 000076120 _____ C:\Users\Alex Mascaro\Downloads\eSocial_Demonstrativo_Recibo_Julho_2023.pdf
2023-08-01 09:33 - 2023-08-01 09:33 - 000005143 _____ C:\Users\Alex Mascaro\Downloads\assinadordigital-1690893204994.jnlp
2023-08-01 09:17 - 2023-08-01 09:17 - 000084578 ____R C:\Users\Alex Mascaro\Downloads\Documento_493303e-1.pdf
2023-08-01 09:17 - 2023-08-01 09:17 - 000084578 _____ C:\Users\Alex Mascaro\Downloads\Documento_493303e.pdf
2023-07-31 16:24 - 2023-07-31 16:24 - 000044775 ____R C:\Users\Alex Mascaro\Downloads\nures9_goncalves.pdf
2023-07-31 16:06 - 2023-07-31 16:06 - 000043849 _____ C:\Users\Alex Mascaro\Downloads\23238477.pdf
2023-07-31 11:28 - 2023-07-31 11:29 - 000165887 ____R C:\Users\Alex Mascaro\Downloads\RE1276977Suspensaonacional.pdf
2023-07-31 11:27 - 2023-07-31 11:28 - 000151145 ____R C:\Users\Alex Mascaro\Downloads\Proposta para Associação a Green Eletron (2023) - 31.07.23.pdf
2023-07-31 10:43 - 2023-07-31 10:43 - 000997877 ____R C:\Users\Alex Mascaro\Downloads\c958d14d-1237-426a-9796-5a35b4ca68f7.pdf
2023-07-31 10:24 - 2023-07-31 10:24 - 000016774 _____ C:\Users\Alex Mascaro\Documents\Transgemeos - sicredi-1684509686577.pdf
2023-07-31 10:13 - 2023-07-31 10:13 - 000031413 ____R C:\Users\Alex Mascaro\Downloads\Boleto_2023_07_31_10_13_12.pdf
2023-07-31 07:27 - 2023-07-31 07:28 - 022189884 ____R C:\Users\Alex Mascaro\Downloads\Processo_0010391-19.2022.5.15.0028.pdf
2023-07-28 15:51 - 2023-07-28 15:51 - 000005252 ____R C:\Users\Alex Mascaro\Downloads\23234210.pdf
2023-07-28 14:55 - 2023-07-28 14:55 - 000084221 ____R C:\Users\Alex Mascaro\Downloads\stj_dje_20230427_0_36385390.pdf
2023-07-28 13:49 - 2023-07-28 13:49 - 004210968 ____R C:\Users\Alex Mascaro\Downloads\1001270-90.2023.8.26.0566-2.pdf
2023-07-28 11:43 - 2023-07-28 11:43 - 000074017 _____ C:\Users\Alex Mascaro\Downloads\0007363-28.2019.8.26.0566.pdf
2023-07-28 11:29 - 2023-07-28 11:29 - 000631919 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-133.pdf
2023-07-28 11:27 - 2023-07-28 11:27 - 000688631 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-132.pdf
2023-07-28 11:25 - 2023-07-28 11:25 - 000989631 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-131.pdf
2023-07-28 07:46 - 2023-07-28 07:46 - 004599866 ____R C:\Users\Alex Mascaro\Downloads\ATOrd_0010110-44.2023.5.15.0120_1grau.pdf
2023-07-28 07:07 - 2023-07-28 07:07 - 002786227 ____R C:\Users\Alex Mascaro\Downloads\ATOrd_0010191-90.2023.5.15.0120_1grau.pdf
2023-07-28 06:38 - 2023-07-28 06:38 - 000014538 ____R C:\Users\Alex Mascaro\Downloads\FRANCA SUPERIOR.pdf
2023-07-26 17:02 - 2023-07-26 17:02 - 000187275 _____ C:\Users\Alex Mascaro\Downloads\BELTRAN DECLARA QUE DR VITOR TRATA NOS MAL (1).ogv
2023-07-25 17:55 - 2023-07-25 17:55 - 002948886 _____ C:\Users\Alex Mascaro\Downloads\CONTRATO SOCIAL N° 03.pdf
2023-07-25 17:55 - 2023-07-25 17:55 - 002661895 _____ C:\Users\Alex Mascaro\Downloads\CONTRATO SOCIAL Nº6.pdf
2023-07-25 17:29 - 2023-07-25 17:30 - 000603448 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-130.pdf
2023-07-25 17:27 - 2023-07-25 17:27 - 000605049 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-129.pdf
2023-07-25 16:45 - 2023-07-25 16:45 - 001617045 ____R C:\Users\Alex Mascaro\Downloads\TRANSPARÊNCIA - SERVIDORES - 05_2023.pdf
2023-07-25 16:43 - 2023-07-25 16:43 - 000964510 ____R C:\Users\Alex Mascaro\Downloads\TRANSPARÊNCIA - SERVIDORES - 06_2023.pdf
2023-07-25 16:32 - 2023-07-25 16:32 - 000002580 ____R C:\Users\Alex Mascaro\Downloads\doc-39.pdf
2023-07-25 16:18 - 2023-07-25 16:18 - 000519764 ____R C:\Users\Alex Mascaro\Downloads\republicacao-resolucao-cnrm-n17-21-dezembro-2022.pdf
2023-07-25 16:16 - 2023-07-25 16:16 - 000351379 _____ C:\Users\Alex Mascaro\Downloads\EMPRESA SIMPLES DE CRÉDITO TIRA DUVIDAS.pdf
2023-07-25 16:14 - 2023-07-25 16:14 - 000442765 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-8.pdf
2023-07-25 16:14 - 2023-07-25 16:14 - 000440676 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-7.pdf
2023-07-25 16:14 - 2023-07-25 16:14 - 000440401 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-6.pdf
2023-07-25 16:10 - 2023-07-25 16:10 - 000207253 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-5.pdf
2023-07-25 16:09 - 2023-07-25 16:09 - 000146318 ____R C:\Users\Alex Mascaro\Downloads\RESOLUOCNRMN17DE21DEDEZEMBRODE2022_RESOLUOCNRMN17DE21DEDEZEMBRODE2022_DOUImprensaNacional.pdf
2023-07-25 16:07 - 2023-07-25 16:07 - 000338986 ____R C:\Users\Alex Mascaro\Downloads\Resolucao-CNRM-017-2022-12-21-1.pdf
2023-07-25 16:06 - 2023-07-25 16:08 - 000721224 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-4.pdf
2023-07-25 16:06 - 2023-07-25 16:06 - 000721224 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-3.pdf
2023-07-25 16:03 - 2023-07-25 16:03 - 002771494 ____R C:\Users\Alex Mascaro\Downloads\2022_12_26_ASSINADO_do2.pdf
2023-07-25 16:02 - 2023-07-25 16:02 - 000721224 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-1.pdf
2023-07-25 16:01 - 2023-07-25 16:01 - 000882303 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer.pdf
2023-07-25 16:00 - 2023-07-25 16:02 - 000202152 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-2.pdf
2023-07-25 15:43 - 2023-07-25 15:44 - 001592363 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-128.pdf
2023-07-25 15:04 - 2023-07-25 15:04 - 000007289 _____ C:\Users\Alex Mascaro\Downloads\23220141.pdf
2023-07-25 14:44 - 2023-07-25 14:44 - 000502458 _____ C:\Users\Alex Mascaro\Downloads\Matricula - Rodrigo.pdf
2023-07-25 14:44 - 2023-07-25 14:44 - 000502458 _____ C:\Users\Alex Mascaro\Downloads\e98981b0b87d4d71a5497b63b3fd9385.pdf
2023-07-25 09:51 - 2023-07-25 09:51 - 000017657 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_465_25_07_2023.pdf
2023-07-25 09:44 - 2023-07-25 09:44 - 000017568 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_464_25_07_2023.pdf
2023-07-25 09:43 - 2023-07-25 09:43 - 000017553 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_463_25_07_2023.pdf
2023-07-25 09:42 - 2023-07-25 09:42 - 000017554 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_462_25_07_2023.pdf
2023-07-25 09:31 - 2023-07-25 09:31 - 073829738 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011465-50.2020.5.15.0070-1.pdf
2023-07-24 15:48 - 2023-07-24 15:48 - 007239642 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011317-68.2022.5.15.0070-2.pdf
2023-07-24 15:46 - 2023-07-24 15:46 - 000070358 _____ C:\Users\Alex Mascaro\Downloads\23215279.pdf
2023-07-24 15:28 - 2023-07-24 15:28 - 040108181 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011359-54.2021.5.15.0070.pdf
2023-07-24 11:43 - 2023-07-24 15:22 - 000023415 ____R C:\Users\Alex Mascaro\Downloads\MON-1.pdf
2023-07-24 09:14 - 2023-07-24 09:14 - 002955744 ____R C:\Users\Alex Mascaro\Downloads\TCOT-041_2019_PT.pdf
2023-07-24 09:02 - 2023-07-24 09:02 - 000791592 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-127.pdf
2023-07-24 08:52 - 2023-07-24 08:52 - 000791593 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-126.pdf
2023-07-21 12:04 - 2023-07-21 12:04 - 003474024 _____ C:\Users\Alex Mascaro\Downloads\2194284-08.2022.8.26.0000(2).pdf
2023-07-21 11:42 - 2023-07-21 11:42 - 000856114 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-125.pdf
2023-07-21 11:41 - 2023-07-21 11:41 - 000920077 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-124.pdf
2023-07-21 11:41 - 2023-07-21 11:41 - 000591186 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-123.pdf
2023-07-21 11:26 - 2023-07-21 11:26 - 032048535 _____ C:\Users\Alex Mascaro\Downloads\1001404-32.2021.8.26.0132(4).pdf
2023-07-21 10:24 - 2023-07-21 10:24 - 000155776 ____R C:\Users\Alex Mascaro\Downloads\RES-330-CODIGO-DE-ETICA-CFBM.pdf
2023-07-21 10:23 - 2023-07-21 10:23 - 000893284 ____R C:\Users\Alex Mascaro\Downloads\CÓDIGO-DO-PROCESSO-ÉTICO-res-259_2015.pdf
2023-07-20 16:03 - 2023-07-20 16:03 - 000046307 ____R C:\Users\Alex Mascaro\Downloads\DECLARAÇÃO-DE-RENDA-–-AUTÔNOMO-PROFISSIONAL-LIBERAL.pdf
2023-07-20 16:03 - 2023-07-20 16:03 - 000005458 ____R C:\Users\Alex Mascaro\Downloads\3858_ce_315724_1.pdf
2023-07-20 15:38 - 2023-07-20 15:38 - 000568265 ____R C:\Users\Alex Mascaro\Downloads\5014304-88.2023.4.03.0000-1.pdf
2023-07-20 15:24 - 2023-07-20 15:24 - 000070420 ____R C:\Users\Alex Mascaro\Downloads\ciência .docx (2).pdf
2023-07-20 11:29 - 2023-07-20 11:29 - 000073732 ____R C:\Users\Alex Mascaro\Downloads\RENAJUD CANCELADO - VEÍCULA PLACA BQU7D79.pdf
2023-07-20 11:23 - 2023-07-20 11:23 - 006006656 ____R C:\Users\Alex Mascaro\Downloads\5000138-45.2018.4.03.6105.pdf
2023-07-20 11:22 - 2023-07-20 11:22 - 000009827 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-43.pdf
2023-07-20 11:22 - 2023-07-20 11:22 - 000005764 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-44.pdf
2023-07-20 11:21 - 2023-07-20 11:21 - 006490622 ____R C:\Users\Alex Mascaro\Downloads\06-3-23-Peticao-e documentos-Manasse-INSS.pdf
2023-07-20 06:30 - 2023-07-20 06:30 - 000035582 _____ C:\Users\Alex Mascaro\Documents\diagnosticoapp_20230720_063023.zip
2023-07-20 01:25 - 2023-07-20 01:25 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Sun
2023-07-20 01:25 - 2023-07-20 01:25 - 000000000 ____D C:\Users\Alex Mascaro\AppData\LocalLow\Sun
2023-07-19 16:58 - 2023-07-19 16:58 - 000001426 _____ C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-07-19 16:58 - 2023-07-19 16:58 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Local\ESET
2023-07-19 16:57 - 2023-07-19 16:57 - 015274968 _____ (ESET) C:\Users\Alex Mascaro\Downloads\esetonlinescanner.exe
2023-07-19 11:24 - 2023-07-19 11:24 - 030973809 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011353-47.2021.5.15.0070-1.pdf
2023-07-19 11:17 - 2023-07-19 11:17 - 000124129 ____R C:\Users\Alex Mascaro\Downloads\Documento_b41b95b.pdf
2023-07-19 11:16 - 2023-07-19 11:16 - 002526255 ____R C:\Users\Alex Mascaro\Downloads\Documento_1f80145.pdf
2023-07-19 09:57 - 2023-07-19 09:57 - 000972448 ____R C:\Users\Alex Mascaro\Downloads\5007757-32.2023.4.03.0000-1.pdf
2023-07-19 09:56 - 2023-07-19 09:57 - 000093107 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-42.pdf
2023-07-19 09:16 - 2023-07-19 09:16 - 001475288 ____R C:\Users\Alex Mascaro\Downloads\5025375-24.2022.4.03.0000.pdf
2023-07-19 09:16 - 2023-07-19 09:16 - 000078657 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-41.pdf
2023-07-19 08:38 - 2023-07-19 08:38 - 041865965 ____R C:\Users\Alex Mascaro\Downloads\Processo_0010467-97.2018.5.15.0120-1.pdf
2023-07-18 14:33 - 2023-07-18 14:34 - 000010780 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-40.pdf
2023-07-18 14:32 - 2023-07-18 14:33 - 000009827 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-39.pdf
2023-07-18 14:32 - 2023-07-18 14:32 - 000067444 ____R C:\Users\Alex Mascaro\Downloads\Petição 5000138-45.2018.4.03.6105.pdf
2023-07-18 13:47 - 2023-07-18 13:47 - 041865965 ____R C:\Users\Alex Mascaro\Downloads\Processo_0010467-97.2018.5.15.0120.pdf
2023-07-18 11:53 - 2023-07-18 11:53 - 000338986 ____R C:\Users\Alex Mascaro\Downloads\Resolucao-CNRM-017-2022-12-21.pdf
2023-07-18 11:26 - 2023-07-18 11:26 - 000028155 ____R C:\Users\Alex Mascaro\Downloads\0002689-77.2021.8.26.0132-1.pdf
2023-07-18 11:19 - 2023-07-18 11:19 - 000047758 ____R C:\Users\Alex Mascaro\Downloads\1011847-08.2022.8.26.0132.pdf
2023-07-18 11:17 - 2023-07-18 11:17 - 079584983 ____R C:\Users\Alex Mascaro\Downloads\0000373-38.2017.4.03.6136.pdf
2023-07-18 11:08 - 2023-07-18 11:08 - 000117040 _____ C:\Users\Alex Mascaro\Downloads\Morada Nova.pdf
2023-07-18 10:25 - 2023-07-18 10:25 - 000009451 _____ C:\Users\Alex Mascaro\Downloads\PGDASD-DECLARACAO-22480269202305001.pdf
2023-07-18 10:24 - 2023-07-18 10:24 - 000009197 _____ C:\Users\Alex Mascaro\Downloads\PGDASD-DECLARACAO-22480269202301001.pdf
2023-07-18 10:24 - 2023-07-18 10:24 - 000004047 _____ C:\Users\Alex Mascaro\Downloads\ComprovanteOpcaoRegime.pdf
2023-07-18 09:12 - 2023-07-18 09:12 - 000258031 _____ C:\Users\Alex Mascaro\Downloads\Documento_ba9146c.pdf
2023-07-17 17:39 - 2023-07-17 17:39 - 031160236 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011354-32.2021.5.15.0070-1.pdf
2023-07-17 14:56 - 2023-07-17 14:56 - 007586681 _____ C:\Users\Alex Mascaro\Downloads\1001404-32.2021.8.26.0132(3).pdf
2023-07-17 14:09 - 2023-07-17 14:09 - 000118408 _____ C:\Users\Alex Mascaro\Downloads\ConsultaOptantes(2).pdf
2023-07-17 09:09 - 2023-07-17 09:09 - 002231642 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-37.pdf
2023-07-17 09:09 - 2023-07-17 09:09 - 000052111 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-38.pdf
2023-07-17 07:55 - 2023-07-17 07:55 - 042719795 ____R C:\Users\Alex Mascaro\Downloads\4002991-19.2013.8.26.0132.pdf
2023-07-14 17:06 - 2023-07-14 17:06 - 000635433 ____R C:\Users\Alex Mascaro\Downloads\Documento_f46ac68.pdf
2023-07-14 15:21 - 2023-07-14 15:21 - 022434793 ____R C:\Users\Alex Mascaro\Downloads\ExCCJ_0011436-75.2019.5.15.0121_1grau.pdf
2023-07-14 13:38 - 2023-07-14 13:38 - 062892684 _____ C:\Users\Alex Mascaro\Downloads\ATOrd_0055100-33.2008.5.15.0028_1grau.pdf
2023-07-14 11:19 - 2023-07-14 11:19 - 000095213 ____R C:\Users\Alex Mascaro\Downloads\2FD7002E3A14390AC9AB996CCE093FAF.pdf
2023-07-14 11:01 - 2023-07-14 11:01 - 000078986 ____R C:\Users\Alex Mascaro\Downloads\Certidao-06411332860.pdf
2023-07-14 07:44 - 2023-07-14 07:45 - 087225311 _____ C:\Users\Alex Mascaro\Downloads\audiencia_82607610_1_V.asf
2023-07-14 07:11 - 2023-07-14 07:11 - 000414507 _____ C:\Users\Alex Mascaro\Downloads\0001000-68.2014.8.26.0673.pdf
2023-07-13 16:41 - 2023-07-13 16:41 - 001655637 ____R C:\Users\Alex Mascaro\Downloads\100556652713072023164154.pdf
2023-07-13 15:50 - 2023-07-13 15:50 - 072023356 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011465-50.2020.5.15.0070.pdf
2023-07-13 15:47 - 2023-07-13 15:48 - 000021631 _____ C:\Users\Alex Mascaro\Downloads\23176230.pdf
2023-07-13 15:29 - 2023-07-13 15:29 - 007104349 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011317-68.2022.5.15.0070-1.pdf
2023-07-13 15:28 - 2023-07-13 15:28 - 000101501 ____R C:\Users\Alex Mascaro\Downloads\Documento_a4de8e6.pdf
2023-07-13 15:27 - 2023-07-13 15:27 - 000039572 _____ C:\Users\Alex Mascaro\Downloads\1005030-88.2023.8.26.0132.pdf
2023-07-13 15:01 - 2023-07-13 15:01 - 005467650 ____R C:\Users\Alex Mascaro\Downloads\0001263-79.2014.4.03.6136-1.pdf
2023-07-13 15:00 - 2023-07-13 15:00 - 000147284 ____R C:\Users\Alex Mascaro\Downloads\0006950-71.2013.4.03.6136 -VALDIR FELIX DA SILVA-1.pdf
2023-07-13 14:59 - 2023-07-13 14:59 - 000272907 ____R C:\Users\Alex Mascaro\Downloads\0006950-71.2013.4.03.6136.pdf
2023-07-13 14:58 - 2023-07-13 14:59 - 000012369 ____R C:\Users\Alex Mascaro\Downloads\0006950-71.2013.4.03.6136_VOL_001-1-1.pdf
2023-07-13 14:55 - 2023-07-13 14:55 - 000033345 ____R C:\Users\Alex Mascaro\Downloads\Despacho.pdf
2023-07-13 14:32 - 2023-07-13 14:32 - 000008883 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-36.pdf
2023-07-12 14:37 - 2023-07-12 14:37 - 000155524 ____R C:\Users\Alex Mascaro\Downloads\Documento_30cccbb.pdf
2023-07-12 14:36 - 2023-07-12 14:37 - 000274237 ____R C:\Users\Alex Mascaro\Downloads\Documento_80d1c7d-1.pdf
2023-07-12 14:34 - 2023-07-12 14:34 - 000274237 ____R C:\Users\Alex Mascaro\Downloads\Documento_80d1c7d.pdf
2023-07-12 14:23 - 2023-07-12 14:23 - 000133222 ____R C:\Users\Alex Mascaro\Downloads\Documento_a973542.pdf
2023-07-12 14:23 - 2023-07-12 14:23 - 000101482 ____R C:\Users\Alex Mascaro\Downloads\Documento_ab0a957.pdf
2023-07-12 07:25 - 2023-07-12 07:25 - 000000000 ___HD C:\$WinREAgent
2023-07-12 06:57 - 2023-07-12 06:57 - 000400069 _____ C:\Users\Alex Mascaro\Downloads\Documento_82ecf29.pdf
2023-07-12 06:50 - 2023-07-12 06:50 - 000086780 ____R C:\Users\Alex Mascaro\Downloads\Documento_7a728d6.pdf
2023-07-10 13:49 - 2023-07-10 13:53 - 000001775 _____ C:\Users\Alex Mascaro\Desktop\GCAP 2023 - Ganhos de Capital 2023.lnk
2023-07-10 13:49 - 2023-07-10 13:49 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2023
2023-07-10 11:05 - 2023-07-10 11:05 - 000500428 _____ C:\Users\Alex Mascaro\Downloads\CONTRATO COMPRA E VENDA.pdf
2023-07-10 10:11 - 2023-07-10 10:11 - 000056655 _____ C:\Users\Alex Mascaro\Downloads\23158016.pdf
2023-07-10 09:38 - 2023-07-10 09:38 - 005924507 ____R C:\Users\Alex Mascaro\Downloads\ATSum_0010865-13.2023.5.15.0106_1grau.pdf
2023-07-10 09:30 - 2023-07-10 09:30 - 000078111 _____ C:\Users\Alex Mascaro\Downloads\Documento_f4ec5ee.pdf
2023-07-10 09:26 - 2023-07-10 09:26 - 027950787 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011353-47.2021.5.15.0070.pdf
2023-07-10 06:50 - 2023-07-10 06:50 - 000131632 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-122.pdf
2023-07-10 06:07 - 2023-07-10 06:07 - 000047033 ____R C:\Users\Alex Mascaro\Downloads\report-42.pdf
2023-07-07 14:30 - 2023-07-07 14:30 - 000131456 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-121.pdf
2023-07-07 14:29 - 2023-07-07 14:29 - 018116822 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-120.pdf
2023-07-07 13:51 - 2023-07-07 13:51 - 000251075 ____R C:\Users\Alex Mascaro\Downloads\13617-1.pdf
2023-07-07 13:45 - 2023-07-07 13:45 - 000514917 ____R C:\Users\Alex Mascaro\Downloads\9599.pdf
2023-07-07 13:31 - 2023-07-07 13:32 - 000363702 ____R C:\Users\Alex Mascaro\Downloads\12193.pdf
2023-07-07 13:31 - 2023-07-07 13:31 - 000251075 ____R C:\Users\Alex Mascaro\Downloads\13617.pdf
2023-07-07 12:06 - 2023-07-07 12:06 - 000196681 ____R C:\Users\Alex Mascaro\Downloads\Deliberacao.pdf
2023-07-07 12:06 - 2023-07-07 12:06 - 000084897 ____R C:\Users\Alex Mascaro\Downloads\Ementa.pdf
2023-07-07 12:03 - 2023-07-07 12:03 - 000500014 ____R C:\Users\Alex Mascaro\Downloads\IC 14.0718.0000692-2018-0 - Promoção de Arquivamento-1.pdf
2023-07-07 12:03 - 2023-07-07 12:03 - 000500014 ____R C:\Users\Alex Mascaro\Downloads\IC 14.0718.0000692-2018-0 - Promoção de Arquivamento.pdf
2023-07-07 11:59 - 2023-07-07 11:59 - 037494386 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011347-40.2021.5.15.0070-1.pdf
2023-07-07 10:33 - 2023-07-07 10:33 - 001049672 ____R C:\Users\Alex Mascaro\Downloads\edital_divulgacao_de_gabarito_03-2023__-_pindorama_27024708.pdf
2023-07-07 10:32 - 2023-07-07 10:32 - 000163681 ____R C:\Users\Alex Mascaro\Downloads\edital_divulgacao_de_gabarito___cp_04_2023__pindorama_27030020.pdf
2023-07-07 10:32 - 2023-07-07 10:32 - 000157750 ____R C:\Users\Alex Mascaro\Downloads\retificacao_do_edital_divulgacao_de_gabarito_03-2023__-_pind_30090907.pdf
2023-07-07 10:32 - 2023-07-07 10:32 - 000157651 ____R C:\Users\Alex Mascaro\Downloads\edital_divulgacao_de_gabarito_-__processo_seletivo__01-2023__27024801.pdf
2023-07-07 09:53 - 2023-07-07 09:53 - 000060026 ____R C:\Users\Alex Mascaro\Downloads\Documento_c70b6a0-1.pdf
2023-07-07 09:52 - 2023-07-07 09:52 - 002313470 _____ C:\Users\Alex Mascaro\Downloads\1008866-11.2019.8.26.0132(1).pdf
2023-07-07 06:55 - 2023-07-07 06:55 - 000186523 _____ C:\Users\Alex Mascaro\Downloads\1000608-19.2022.8.26.0128.pdf
2023-07-07 06:53 - 2023-07-07 06:53 - 000324733 _____ C:\Users\Alex Mascaro\Downloads\1003735-05.2020.8.26.0590.pdf
2023-07-06 18:22 - 2023-07-06 18:22 - 000069023 _____ C:\Users\Alex Mascaro\Downloads\1010191-26.2016.8.26.0132.pdf
2023-07-06 16:12 - 2023-07-06 16:12 - 000806902 ____R C:\Users\Alex Mascaro\Downloads\controle_de_entrega_iptu_2021.pdf
2023-07-06 15:58 - 2023-07-06 15:58 - 000212199 _____ C:\Users\Alex Mascaro\Downloads\23150868.pdf
2023-07-06 14:52 - 2023-07-06 14:52 - 000038757 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-35.pdf
2023-07-06 14:48 - 2023-07-06 14:48 - 000017510 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_461_06_07_2023.pdf
2023-07-06 14:46 - 2023-07-06 14:46 - 000006125 _____ C:\Users\Alex Mascaro\Downloads\NFSe_10924151PAKZDKTIQVELE1JOU3NL85HB.xml
2023-07-06 14:40 - 2023-07-06 14:40 - 000278012 _____ C:\Users\Alex Mascaro\Downloads\1018731-07.2022.8.26.0309.pdf
2023-07-06 07:36 - 2023-07-06 07:36 - 000060026 ____R C:\Users\Alex Mascaro\Downloads\Documento_c70b6a0.pdf
2023-07-06 07:20 - 2023-07-06 07:20 - 000015664 _____ C:\Users\Alex Mascaro\Documents\Boleto_GUSTAVOBOMFIMDOSSANTOS723.pdf
2023-07-06 07:19 - 2023-07-06 07:19 - 000015791 _____ C:\Users\Alex Mascaro\Documents\Boleto_CLAUDIOVALERIOPANTALIAO0723.pdf
2023-07-06 07:05 - 2023-07-06 07:05 - 000044759 _____ C:\Users\Alex Mascaro\Documents\comprovante Vagner1.pdf
2023-07-05 17:44 - 2023-07-05 17:44 - 000017484 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_460_05_07_2023.pdf
2023-07-05 17:42 - 2023-07-05 17:42 - 000017532 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_459_05_07_2023.pdf
2023-07-05 17:40 - 2023-07-05 17:40 - 000017574 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_458_05_07_2023.pdf
2023-07-05 17:34 - 2023-07-05 17:34 - 000017509 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_457_05_07_2023.pdf
2023-07-05 16:57 - 2023-07-05 16:57 - 001435912 _____ C:\Users\Alex Mascaro\Downloads\Fabricio Acassio Teodoro Leite.rar
2023-07-05 16:54 - 2023-07-05 16:54 - 031662560 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011560-75.2021.5.15.0028.pdf
2023-07-05 16:22 - 2023-07-05 16:22 - 000056141 _____ C:\Users\Alex Mascaro\Downloads\23146387.pdf
2023-07-05 15:53 - 2023-07-05 15:53 - 030349127 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011354-32.2021.5.15.0070.pdf
2023-07-05 15:48 - 2023-07-05 15:48 - 002661449 ____R C:\Users\Alex Mascaro\Downloads\Documento_daae9da.pdf
2023-07-05 15:37 - 2023-07-05 15:37 - 032730768 ____R C:\Users\Alex Mascaro\Downloads\Processo_0010907-39.2022.5.15.0028-2.pdf
2023-07-05 15:36 - 2023-07-05 15:36 - 000097842 ____R C:\Users\Alex Mascaro\Downloads\Documento_895c87f-1.pdf
2023-07-05 15:35 - 2023-07-05 15:35 - 000130092 ____R C:\Users\Alex Mascaro\Downloads\Documento_9701364.pdf
2023-07-05 15:24 - 2023-07-05 15:24 - 000014943 _____ C:\Users\Alex Mascaro\Downloads\doc(71).pdf
2023-07-05 11:53 - 2023-07-05 11:53 - 000270079 ____R C:\Users\Alex Mascaro\Downloads\29419910003550931_05083820000108_guia_stj.pdf
2023-07-05 07:52 - 2023-07-05 07:52 - 000016115 ____R C:\Users\Alex Mascaro\Downloads\report-41.pdf
2023-07-05 07:28 - 2023-07-05 07:28 - 000560456 ____R C:\Users\Alex Mascaro\Downloads\4134_texto_integral.pdf
2023-07-05 07:14 - 2023-07-05 07:14 - 001011421 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-119.pdf
2023-07-05 06:29 - 2023-07-05 06:29 - 000166344 _____ C:\Users\Alex Mascaro\Downloads\GuiaPagamento_22058181808_050720230629398738.PDF
2023-07-05 06:29 - 2023-07-05 06:29 - 000076117 _____ C:\Users\Alex Mascaro\Downloads\eSocial_Demonstrativo_Recibo_Junho_2023.pdf

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-08-03 15:01 - 2021-10-01 00:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-03 14:59 - 2022-02-14 05:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-03 14:47 - 2021-10-01 01:02 - 001651882 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-03 14:47 - 2021-10-01 00:49 - 000715446 _____ C:\WINDOWS\system32\prfh0416.dat
2023-08-03 14:47 - 2021-10-01 00:49 - 000140602 _____ C:\WINDOWS\system32\prfc0416.dat
2023-08-03 14:47 - 2021-10-01 00:46 - 000000000 ____D C:\WINDOWS\INF
2023-08-03 14:40 - 2021-12-15 02:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-03 14:40 - 2021-10-01 01:39 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-03 14:39 - 2021-10-01 09:14 - 000000000 ____D C:\Users\Alex Mascaro\Documents\Arquivos do Outlook
2023-08-03 14:39 - 2021-10-01 01:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-08-03 14:38 - 2022-03-14 11:15 - 000037840 _____ (Topaz OFD) C:\WINDOWS\system32\Drivers\wsddfac.sys
2023-08-03 14:38 - 2021-10-01 13:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-08-03 14:38 - 2021-10-01 01:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-03 14:38 - 2021-10-01 00:56 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-03 14:38 - 2021-10-01 00:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-03 14:37 - 2021-10-02 10:24 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Word
2023-08-03 14:37 - 2021-10-01 00:43 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-03 14:27 - 2021-10-01 00:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-03 13:00 - 2021-10-01 00:47 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-03 13:00 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-03 12:00 - 2021-10-01 12:37 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Office
2023-08-03 11:26 - 2021-10-01 00:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-03 10:35 - 2021-10-01 01:00 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Local\Packages
2023-08-03 06:44 - 2021-10-01 01:59 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Excel
2023-08-03 06:39 - 2021-10-01 01:41 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-03 06:38 - 2021-10-01 01:49 - 000000000 ____D C:\Program Files\Microsoft Office
2023-08-03 06:20 - 2022-04-06 15:07 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Local\CrashDumps
2023-08-02 11:07 - 2021-10-01 00:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-02 03:13 - 2021-10-01 01:39 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-02 03:13 - 2021-10-01 01:39 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-08-01 16:33 - 2023-05-29 07:48 - 000000000 ____D C:\WinSysUpdate72360033226
2023-08-01 10:24 - 2021-11-08 13:19 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Teams
2023-08-01 10:22 - 2021-10-01 01:00 - 000000000 ___SD C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Credentials
2023-07-31 15:21 - 2023-02-03 17:00 - 000043688 _____ C:\Users\Alex Mascaro\Desktop\Controle Financeiro 2023.xlsx
2023-07-31 09:48 - 2021-10-01 01:44 - 000000000 ____D C:\ProgramData\Oracle
2023-07-29 10:55 - 2021-10-01 00:56 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-28 21:54 - 2023-06-10 11:19 - 000002447 _____ C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-28 21:54 - 2021-12-13 05:13 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1835089291-200718762-2277446861-1001
2023-07-28 21:54 - 2021-10-01 01:02 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1835089291-200718762-2277446861-1001
2023-07-27 20:14 - 2021-10-01 01:39 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-07-27 20:14 - 2021-10-01 01:39 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-07-27 07:17 - 2021-10-01 01:08 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-25 09:19 - 2021-10-01 14:01 - 000000000 ____D C:\Users\Alex Mascaro\.shodo
2023-07-19 15:26 - 2021-10-01 00:44 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-18 16:38 - 2022-05-13 15:23 - 000002189 _____ C:\Users\Alex Mascaro\Desktop\Itaú.lnk
2023-07-17 07:47 - 2023-06-27 11:27 - 000001308 _____ C:\Users\Alex Mascaro\Desktop\Microsoft Edge.lnk
2023-07-13 19:17 - 2021-10-01 01:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-13 19:16 - 2022-10-14 13:10 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-07-13 19:12 - 2021-10-01 01:07 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-13 19:02 - 2021-10-01 00:56 - 000439808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-13 19:01 - 2021-10-01 00:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-13 19:01 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-13 19:01 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-13 19:01 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-13 19:01 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-13 19:01 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-07-13 19:01 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-13 19:01 - 2021-10-01 00:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-07-12 07:31 - 2021-10-01 00:59 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-07-12 06:47 - 2022-03-28 13:54 - 000000000 ____D C:\Users\Alex Mascaro\.irpf
2023-07-10 21:49 - 2021-10-01 00:56 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-10 21:49 - 2021-10-01 00:56 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-10 17:58 - 2021-10-02 10:23 - 000002320 ____H C:\Users\Alex Mascaro\Documents\Default.rdp
2023-07-10 17:28 - 2021-10-01 00:49 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-07-10 13:49 - 2021-12-10 11:12 - 000000000 ___HD C:\Program Files (x86)\InstallJammer Registry
2023-07-10 13:49 - 2021-12-10 11:12 - 000000000 ____D C:\Arquivos de Programas RFB
2023-07-10 13:24 - 2022-05-19 10:27 - 000000000 ____D C:\Users\Alex Mascaro\.gcap

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

AdwCleaner[S01].txt Addition.txt FRST.txt

Elias Pereira · 6 de agosto de 2023

Por favor, atente para o seguinte:

Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento to44ent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
Respeite a ordem das instruções passadas;
Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Regras da Área de Remoção de Malware << IMPORTANTE A LEITURA

Regras Gerais do Forum Clube do Hardware << IMPORTANTE A LEITURA

Siga os passos abaixo:

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

ETAPA 1

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em

Clique em VERIFICAR AGORA/SCAN NOW. Após o termino clique em LIMPAR/CLEAN e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

ETAPA 2

Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html

Execute o arquivo ZHPCleaner.exe Como Administrador

Clique no botão Scanner.
A ferramenta começara o exame do seu sistema.
Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
Em seguida clique no botão Reparar.
Será gerado um log chamado ZHPCleaner.txt

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

alexmascaro · 10 de agosto de 2023

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-09-2023
# Duration: 00:00:00
# OS:       Windows 10 (Build 19045.3324)
# Cleaned: 0
# Failed:   0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1420 octets] - [09/08/2023 16:46:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

~ ZHPCleaner v2023.8.6.37 by Nicolas Coolman (2023/08/06)
~ Run by Alex Mascaro (Administrator) (09/08/2023 16:48:58)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scan
~ Report : C:\Users\Alex Mascaro\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Alex Mascaro\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point :
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 19045)

---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.

---\\ Services (0)
~ No malicious or unnecessary items found.

---\\ Browser internet (9)
FOUND file: C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\History =>.SUP.BrowserHistoric
FOUND file: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\places.sqlite =>.SUP.BrowserHistoric
FOUND folder: C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
FOUND folder: C:\Users\Alex Mascaro\AppData\Local\Microsoft Edge\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
FOUND folder: C:\Users\Alex Mascaro\AppData\Local\Mozilla\Firefox\Profiles\njurssf0.default\Cache2 =>.SUP.BrowserCache
FOUND folder: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\njurssf0.default\places.sqlite =>.SUP.BrowserCache
FOUND folder: C:\Users\Alex Mascaro\AppData\Local\Mozilla\Firefox\Profiles\8y16zz78.default-release\Cache2 =>.SUP.BrowserCache
FOUND folder: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\places.sqlite =>.SUP.BrowserCache
FOUND: [8y16zz78.default-release] - user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.webpki-beta@lacunasoftware.com", tr[...] =>PUP.Optional.iBeta

---\\ Hosts file (1)
~ The hosts file is legitimate (23)

---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\ Explorer ( File, Folder) (5)
FOUND file: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\extensions\[email protected]    =>PUP.Optional.iBeta
FOUND file: C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>ChromiumPreference
FOUND file: C:\Users\Alex Mascaro\AppData\Local\Microsoft\Edge\User Data\Default\Preferences    =>ChromiumPreference
FOUND folder: C:\Users\Alex Mascaro\AppData\Local\Visicom Media\ManyCam =>.SUP.VisicomMedia
FOUND folder: C:\Users\Alex Mascaro\AppData\Local\Visicom Media =>.SUP.VisicomMedia

---\\ Registry ( Key, Value, Data) (1)
FOUND key: [X64] HKLM\SOFTWARE\Wow6432Node\Visicom Media [] =>.SUP.VisicomMedia

---\\ Summary of the elements found (5)
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserHistoric
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserCache
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>PUP.Optional.iBeta
https://nicolascoolman.eu/2020/10/01/preferences-navigateurs-chromium/ =>ChromiumPreference
https://nicolascoolman.eu/2017/03/18/superfluous-visicommedia/ =>.SUP.VisicomMedia

---\\ Result of repair
~ Any repair made
~ Google Chrome OK
~ Microsoft Edge OK
~ Mozilla Firefox OK
~ Microsoft Internet Explorer OK

---\\ Statistics
~ Items scanned : 120406
~ Items found : 17
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 10/18

---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of search in 00h18mn53s

---\\ Reports (2)
ZHPCleaner-[S]-03082023-15_34_56.txt
ZHPCleaner-[S]-09082023-17_07_51.txt

~ ZHPCleaner v2023.8.6.37 by Nicolas Coolman (2023/08/06)
~ Run by Alex Mascaro (Administrator) (10/08/2023 06:21:32)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\Alex Mascaro\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\Alex Mascaro\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 19045)

---\\ Alternate Data Stream (ADS). (0)
~ No malicious or unnecessary items found.

---\\ Services (0)
~ No malicious or unnecessary items found.

---\\ Browser internet (1)
DELETED: [8y16zz78.default-release] - user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.webpki-beta@lacunasoftware.com", tr[...] =>PUP.Optional.iBeta

---\\ Hosts file (1)
~ The hosts file is legitimate (23)

---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.

---\\ Explorer ( File, Folder) (12)
MOVED file: C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\History    =>.SUP.BrowserHistoric
MOVED file: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\places.sqlite    =>.SUP.BrowserHistoric
MOVED file: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\extensions\[email protected]    =>PUP.Optional.iBeta
MOVED file: C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Preferences    =>Préférences Chromium
MOVED file: C:\Users\Alex Mascaro\AppData\Local\Microsoft\Edge\User Data\Default\Preferences    =>Préférences Chromium
MOVED folder: C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
MOVED folder: C:\Users\Alex Mascaro\AppData\Local\Microsoft Edge\User Data\Default\Cache\Cache_Data =>.SUP.BrowserCache
MOVED folder: C:\Users\Alex Mascaro\AppData\Local\Mozilla\Firefox\Profiles\njurssf0.default\Cache2 =>.SUP.BrowserCache
MOVED folder: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\njurssf0.default\places.sqlite =>.SUP.BrowserCache
MOVED folder: C:\Users\Alex Mascaro\AppData\Local\Mozilla\Firefox\Profiles\8y16zz78.default-release\Cache2 =>.SUP.BrowserCache
MOVED folder: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\places.sqlite =>.SUP.BrowserCache
MOVED folder: C:\Users\Alex Mascaro\AppData\Local\Visicom Media =>.SUP.VisicomMedia

---\\ Registry ( Key, Value, Data) (1)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Visicom Media [] =>.SUP.VisicomMedia

---\\ Summary of the elements found (5)
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>PUP.Optional.iBeta
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserHistoric
https://nicolascoolman.eu/forum/Topic/repaquetage-et-infection/ =>Préférences Chromium
https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserCache
https://nicolascoolman.eu/2017/03/18/superfluous-visicommedia/ =>.SUP.VisicomMedia

---\\ Other deletions. (0)
~ Registry Keys Tracing deleted (0)
~ Remove the old reports ZHPCleaner. (0)

---\\ Result of repair
~ Repair carried out successfully
~ Google Chrome OK
~ Microsoft Edge OK
~ Mozilla Firefox OK
~ Microsoft Internet Explorer OK

---\\ Statistics
~ Items scanned : 1813
~ Items found : 0
~ Items cancelled : 0
~ Space saving (bytes) : 0
~ Items options : 10/18

---\\ OPTIONS NOT ACTIVES
~ Temporary file analysis
~ Temporary folder analysis
~ Empty Folder CLSID Analysis
~ Empty Other Folder Analysis
~ Empty LocalLow Folder Analysis
~ Empty Local Folder Analysis
~ Obsolete Installer File Analysis
~ Start browsers with extensions removed

~ End of clean in 00h00mn45s

---\\ Reports (3)
ZHPCleaner-[S]-03082023-15_34_56.txt
ZHPCleaner-[S]-09082023-17_07_51.txt
ZHPCleaner-[R]-10082023-06_22_17.txt

Elias Pereira · 12 de agosto de 2023

Execute novamente o FRST.

Abra cada log em separado, copie e cole na sua proxima resposta.

alexmascaro · 14 de agosto de 2023

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 12-08-2023
Executado por Alex Mascaro (14-08-2023 06:34:00)
Executando a partir de C:\Users\Alex Mascaro\Downloads
Microsoft Windows 10 Pro Versão 22H2 19045.3324 (X64) (2021-10-01 03:57:55)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-1835089291-200718762-2277446861-500 - Administrator - Disabled)
Alex Mascaro (S-1-5-21-1835089291-200718762-2277446861-1001 - Administrator - Enabled) => C:\Users\Alex Mascaro
Convidado (S-1-5-21-1835089291-200718762-2277446861-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1835089291-200718762-2277446861-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1835089291-200718762-2277446861-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 23.003.20269 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 7.0.14 - AnyDesk Software GmbH)
Aplicativo Itaú (HKLM-x32\...\{D0A058D6-4688-4E33-8894-8951D057990E}) (Version: 1.0.182 - Banco Itaú)
Apresentações (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\c982e50b6fea0ba128cfd7a25aecd2ec) (Version: 1.0 - Google\Chrome)
Arquivo do WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Assinador Serpro (HKLM-x32\...\{4A283050-2DB0-4E39-BBDC-4DD835B8AA44}_is1) (Version: 4.0.2 - SERPRO- Serviço Federal de Processamento de dados)
Brother MFL-Pro Suite MFC-L2740DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Cisco Webex Meetings (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\ActiveTouchMeetingClient) (Version: 43.2.0 - Cisco Webex LLC)
EFD Contribuições PVA (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\EFD Contribuições PVA) (Version: PVA - )
Fiorilli Web Extension Client (HKLM\...\Fiorilli Web Extension Client_is1) (Version: 1.3 - )
GCAP 2021 - Ganhos de Capital 2021 (HKLM-x32\...\GCAP2021) (Version: 1.3 - Receita Federal do Brasil)
GCAP 2022 - Ganhos de Capital 2022 (HKLM-x32\...\GCAP2022) (Version: 1.0 - Receita Federal do Brasil)
GCAP 2023 - Ganhos de Capital 2023 (HKLM-x32\...\GCAP2023) (Version: 1.1 - Receita Federal do Brasil)
Gmail (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\e90a2c795b229c08b61672e6a3ac48c7) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.171 - Google LLC)
Google Drive (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\a6768d7f8a8dde2baaa908a145408c4f) (Version: 1.0 - Google\Chrome)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
IRPF 2023 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País (HKLM\...\6908-8355-8468-2086) (Version: 1.2 - Receita Federal do Brasil)
IRPF2021 (HKLM-x32\...\IRPF2021) (Version: 1.9 - Receita Federal do Brasil)
IRPF2022 (HKLM-x32\...\IRPF2022) (Version: 1.2 - Receita Federal do Brasil)
Java 8 Update 381 (HKLM-x32\...\{77924AE4-039E-4CA4-87B4-2F32180381F0}) (Version: 8.0.3810.9 - Oracle Corporation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.4.407679 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.203 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.203 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - pt-br (HKLM\...\ProPlusRetail - pt-br) (Version: 16.0.16626.20170 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\Teams) (Version: 1.6.00.12455 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127 (HKLM\...\{8678BA04-D161-45BE-ACA4-CC5D13073F35}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127 (HKLM\...\{7DC387B8-E6A2-480C-8EF9-A6E51AE81C19}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 116.0.2 (x64 pt-BR)) (Version: 116.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 92.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.16626.20170 - Microsoft Corporation) Hidden
PC-CCID (HKLM\...\{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}) (Version: 2.0.0 - Gemalto)
Planilhas (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\fc80e4ccaf02f858576bd19a43a713c6) (Version: 1.0 - Google\Chrome)
SafeSign 64-bits (HKLM\...\{2DF407D3-A8AD-4ACF-BFD5-5F7D42EC62FD}) (Version: 3.0.124 - A.E.T. Europe B.V.)
Serasa Assina - Módulo Assinatura Digital (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\SerasaExtension) (Version: 1.8.9 - Serasa Experian)
Shodo-1.1.2 (HKLM-x32\...\{89E553A2-6799-4BE1-822B-66DF4CCFC2B8}) (Version: 1.1.2 - Conselho Superior da Justiça do Trabalho)
StatusMonitor (HKLM-x32\...\{D9584EB4-1D28-4BD1-8F81-6E097C0827EE}) (Version: 1.33.1.0 - Brother Industries, Ltd.) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.44.5 - TeamViewer)
Textos (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\55f7056a1b7ef622cacb186b9893706b) (Version: 1.0 - Google\Chrome)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Verificação de integridade do PC Windows (HKLM\...\{2403B2D2-1FDC-497D-B181-F53D079FEAAA}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Warsaw 2.38.0.11 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.38.0.11 - Topaz)
Web PKI (HKLM-x32\...\{00E72C88-7A97-68EC-0A06-3EF6B5296E6E}) (Version: 2.12.1.0 - Lacuna Software)
Web Signer (HKLM-x32\...\{B858A05C-EAA9-A860-EC80-EFADDAFAADAA}) (Version: 2.11.1.0 - Softplan Sistemas)
Webex (HKLM\...\{8F890AE0-BE0A-5ED9-B406-F7459B3390F9}) (Version: 42.10.0.23814 - Cisco Systems, Inc)
WebSigner Extension (HKLM-x32\...\{193EB203-846D-FB51-B1D6-31E017F0D344}) (Version: 2.9.0.1 - Certisign)
YouTube (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\f8f0bde9a01bc31aac47853a299d5884) (Version: 1.0 - Google\Chrome)
Zoom (HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\ZoomUMX) (Version: 5.15.5 (19404) - Zoom Vídeo Communications, Inc.)

Packages:
=========
Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-02-03] (Microsoft Corporation)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8040.0_x64__8wekyb3d8bbwe [2023-08-09] (Microsoft Studios) [MS Ad]

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1835089291-200718762-2277446861-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Alex Mascaro\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23117.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1835089291-200718762-2277446861-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Alex Mascaro\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2009-08-16] () [Arquivo não assinado]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext32.dll [2009-08-16] () [Arquivo não assinado]
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2009-08-16] () [Arquivo não assinado]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext32.dll [2009-08-16] () [Arquivo não assinado]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Nenhum Arquivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [Arquivo não assinado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2009-08-16] () [Arquivo não assinado]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext32.dll [2009-08-16] () [Arquivo não assinado]

==================== Codecs (Whitelisted) ====================

==================== Atalhos & WMI ========================

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 12-08-2023
Executado por Alex Mascaro (administrador) em ALEXMASCARO (INTEL H81) (14-08-2023 06:32:44)
Executando a partir de C:\Users\Alex Mascaro\Downloads\FRST64.exe
Perfis Carregados: Alex Mascaro
Plataforma: Microsoft Windows 10 Pro Versão 22H2 19045.3324 (X64) Idioma: Português (Brasil)
Navegador padrão: FF
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AutoIt Consulting Ltd -> AutoIt Team) C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.exe
(Brother Industries, Ltd.) [Arquivo não assinado] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_2\RdrCEF.exe <8>
(C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Shodo\shodo.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Java\jre-1.8\bin\javaw.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(explorer.exe ->) (A.E.T. Europe B.V.) [Arquivo não assinado] C:\Windows\System32\aetcrss1.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(explorer.exe ->) (TRIBUNAL REGIONAL DO TRABALHO DA 12A REGIAO -> ) C:\Program Files (x86)\Shodo\shodo.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <19>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Brother Industries, Ltd.) [Arquivo não assinado] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Firebird Project) [Arquivo não assinado] C:\Imobzi Free\Firebird\Bin\fbguard.exe
(services.exe ->) (Firebird Project) [Arquivo não assinado] C:\Imobzi Free\Firebird\Bin\fbserver.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [CertificateRegistration] => C:\WINDOWS\system32\aetcrss1.exe [25088 2017-05-09] (A.E.T. Europe B.V.) [Arquivo não assinado]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145344 2019-07-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3146752 2022-02-07] (Brother Industries, Ltd.) [Arquivo não assinado]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\Run: [CiscoSpark] => C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1530 2022-10-10] () [Arquivo não assinado]
HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Alex Mascaro\AppData\Local\WebEx\WebexHost.exe [8040032 2023-03-09] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-05-25] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-1835089291-200718762-2277446861-1001\...\Run: [MicrosoftEdgeAutoLaunch_5062C5B0C03645C2AC376D3E80C6881B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-08-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\115.0.5790.171\Installer\chrmstp.exe [2023-08-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
Startup: C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Shodo.lnk [2021-10-01]
ShortcutTarget: Shodo.lnk -> C:\Program Files (x86)\Shodo\shodo.exe (TRIBUNAL REGIONAL DO TRABALHO DA 12A REGIAO -> )
Startup: C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sysupdate.setup42b566140327.lnk [2023-07-14]
ShortcutAndArgument: sysupdate.setup42b566140327.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe => -windowstyle hidden -Command C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.exe C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.log <==== ATENÇÃO
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-09-21]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {1FFFFC02-9AB2-4101-ADAA-85D1E6293461} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {B451C2FB-EB01-4635-8668-4BF5006DFCEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {F2ECE5B0-C5C6-4831-81B1-81A075987155} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {C32FC8C8-0439-4739-9CCF-635DFD17235C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E432D1C3-D0C4-41FC-844D-8F2EB75657FE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B564DD9-2B71-412D-8FE1-AD36D0990963} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1BA378A-4623-438D-B981-DC14027D4A5E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E96C8395-22E6-4F28-A4DE-1FB749228C80} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {541FB926-681C-4469-82D5-FA332999F178} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78BD61F3-FCCB-4E68-B2A4-8C18CC9A02A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60267819-5C83-4A0A-BD16-11904B0CC907} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {731E95C5-3A08-4CE0-A839-FB5B9D0E3D48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8037A52-0E5B-46B2-AADF-A45603531510} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-08-09] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {42283D27-09CF-43A5-9459-829919D6BC58} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-09] (Mozilla Corporation -> Mozilla Foundation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: 127.0.0.1 assinador-desktop.serpro.gov.br
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{49a4576d-773e-4c7a-ae75-9b7b47a96e2f}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Alex Mascaro\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-11]
Edge Extension: (Edge relevant text changes) - C:\Users\Alex Mascaro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-08]

FireFox:
========
FF DefaultProfile: njurssf0.default
FF ProfilePath: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\njurssf0.default [2022-08-30]
FF ProfilePath: C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release [2023-08-14]
FF Homepage: Mozilla\Firefox\Profiles\8y16zz78.default-release -> www.aasp.org.br
FF Notifications: Mozilla\Firefox\Profiles\8y16zz78.default-release -> hxxps://tinder.com; hxxps://www.meutimao.com.br; hxxps://www.stonecarver.top; hxxps://web.whatsapp.com; hxxps://br.pinterest.com
FF Extension: (web.skype.com for Firefox) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\[email protected] [2021-10-11]
FF Extension: (Web PKI) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\[email protected] [2021-12-10] [UpdateUrl:hxxps://get.webpkiplugin.com/firefox-extensions]
FF Extension: (Web Signer) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\[email protected] [2021-11-01] [UpdateUrl:hxxps://websigner.softplan.com.br/firefox-extensions]
FF Extension: (Web Signer) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\websigner@softplan_com_br.xpi [2023-03-02] [UpdateUrl:hxxps://websigner.softplan.com.br/firefox-extensions]
FF Extension: (Skype Web FF) - C:\Users\Alex Mascaro\AppData\Roaming\Mozilla\Firefox\Profiles\8y16zz78.default-release\Extensions\{86052ad9-91cd-48ee-9b70-e5c497b370f3}.xpi [2022-01-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-08-01] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2023-08-08]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default [2023-08-14]
CHR Notifications: Default -> hxxps://web.skype.com
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Extension: (Certisign WebSigner Extension) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\acfifjfajpekbmhmjppnmmjgmhjkildl [2022-09-08]
CHR Extension: (Web Signer) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbafmabaelnnkondpfpjmdklbmfnbmol [2022-06-24]
CHR Extension: (Web PKI) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcngeagmmhegagicpcmpinaoklddcgon [2023-04-05]
CHR Extension: (Documentos Google off-line) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21]
CHR Extension: (Fiorilli Web Extension) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcbeidgfmkgomnehecnfelbcppoifoee [2022-04-26]
CHR Extension: (SerasaAssina – Portal Assinatura Digital) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepmidcidkjdmdppchlhaajdhbkhfgjl [2022-08-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Alex Mascaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-01]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S4 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-09-21] (philandro Software GmbH -> AnyDesk Software GmbH)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [321536 2021-12-06] (Brother Industries, Ltd.) [Arquivo não assinado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878368 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
R2 FirebirdGuardianDefaultInstance; C:\Imobzi Free\Firebird\bin\fbguard.exe [98304 2015-07-27] (Firebird Project) [Arquivo não assinado]
R3 FirebirdServerDefaultInstance; C:\Imobzi Free\Firebird\bin\fbserver.exe [3735552 2015-07-27] (Firebird Project) [Arquivo não assinado]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10195200 2023-05-25] (Logitech Inc -> Logitech, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [17845048 2023-07-31] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1012024 2023-01-13] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2022-10-12] (Microsoft Corporation) [Arquivo não assinado]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 GemCCID; C:\WINDOWS\System32\Drivers\GemCCID.sys [119680 2009-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2023-03-15] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2023-03-15] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2023-03-15] (Logitech Inc -> Logitech)
S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 MTsensor; C:\WINDOWS\System32\drivers\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2010-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-02] (Microsoft Windows -> Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [37840 2023-08-08] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [51160 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [41816 2023-05-05] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [38816 2023-02-27] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-08-14 06:22 - 2023-08-14 06:22 - 000603664 ____R C:\Users\Alex Mascaro\Downloads\1010522-08.2016.8.26.0132.pdf
2023-08-14 06:21 - 2023-08-14 06:32 - 000044275 _____ C:\Users\Alex Mascaro\Downloads\Addition.txt
2023-08-14 06:20 - 2023-08-14 06:33 - 000021926 _____ C:\Users\Alex Mascaro\Downloads\FRST.txt
2023-08-14 06:19 - 2023-08-14 06:33 - 000000000 ____D C:\FRST
2023-08-14 06:18 - 2023-08-14 06:18 - 002385408 _____ (Farbar) C:\Users\Alex Mascaro\Downloads\FRST64.exe
2023-08-11 13:59 - 2023-08-11 13:59 - 001002454 _____ C:\Users\Alex Mascaro\Downloads\Roberta - CEF.pdf
2023-08-11 13:39 - 2023-08-11 13:39 - 000042977 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-52.pdf
2023-08-11 13:37 - 2023-08-11 13:38 - 000043371 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-51.pdf
2023-08-11 13:37 - 2023-08-11 13:37 - 000043371 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-50.pdf
2023-08-11 10:54 - 2023-08-11 10:54 - 000738696 ____R C:\Users\Alex Mascaro\Downloads\termo_rescisao-1.pdf
2023-08-11 10:00 - 2023-08-11 10:00 - 000092135 _____ C:\Users\Alex Mascaro\Downloads\Documento_161b001.pdf
2023-08-10 17:37 - 2023-08-10 17:37 - 001235236 _____ C:\Users\Alex Mascaro\Downloads\Terreno à venda no Parque Residencial Agudo Romão, Catanduva - Imobiliária Pró Imóveis.pdf
2023-08-10 15:18 - 2023-08-10 15:18 - 000055472 ____R C:\Users\Alex Mascaro\Downloads\Certidao4058658.pdf
2023-08-10 13:58 - 2023-08-10 13:59 - 000738696 ____R C:\Users\Alex Mascaro\Downloads\termo_rescisao.pdf
2023-08-10 11:39 - 2023-08-10 11:39 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome
2023-08-10 11:09 - 2023-08-10 11:14 - 000073553 ____R C:\Users\Alex Mascaro\Downloads\formulario-recurso-a-jrps-digitavel-pdf.pdf
2023-08-10 09:41 - 2023-08-10 09:41 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-08-10 06:58 - 2023-08-10 06:58 - 000028333 ____R C:\Users\Alex Mascaro\Downloads\TRT15_ceat_60469095000119.pdf
2023-08-10 06:22 - 2023-08-10 06:22 - 000011401 _____ C:\Users\Alex Mascaro\Desktop\ZHPCleaner (R).html
2023-08-10 06:22 - 2023-08-10 06:22 - 000004137 _____ C:\Users\Alex Mascaro\Desktop\ZHPCleaner (R).txt
2023-08-09 17:07 - 2023-08-09 17:07 - 000011258 _____ C:\Users\Alex Mascaro\Desktop\ZHPCleaner (S).html
2023-08-09 17:07 - 2023-08-09 17:07 - 000004055 _____ C:\Users\Alex Mascaro\Desktop\ZHPCleaner (S).txt
2023-08-09 16:47 - 2023-08-09 16:48 - 000000923 _____ C:\Users\Alex Mascaro\Desktop\ZHPCleaner.lnk
2023-08-09 16:46 - 2023-08-09 16:46 - 000000000 ____D C:\AdwCleaner
2023-08-09 16:45 - 2023-08-09 16:45 - 003343008 _____ (Nicolas Coolman) C:\Users\Alex Mascaro\Desktop\ZHPCleaner.exe
2023-08-09 16:44 - 2023-08-09 16:44 - 008791352 _____ (Malwarebytes) C:\Users\Alex Mascaro\Desktop\adwcleaner_8.4.0.exe
2023-08-09 16:14 - 2023-08-09 16:14 - 006958842 ____R C:\Users\Alex Mascaro\Downloads\manual-do-sero-1.pdf
2023-08-09 16:13 - 2023-08-09 16:13 - 000045186 _____ C:\Users\Alex Mascaro\Downloads\inscricao (1).pdf
2023-08-09 15:44 - 2023-08-09 15:44 - 000009673 _____ C:\Users\Alex Mascaro\Downloads\23273687.pdf
2023-08-09 15:19 - 2023-08-09 15:19 - 000927248 _____ C:\Users\Alex Mascaro\Downloads\5-Contrato Social Loterica.pdf
2023-08-09 15:19 - 2023-08-09 15:19 - 000134921 _____ C:\Users\Alex Mascaro\Downloads\Cnpjreva_Comprovante - loterica.pdf
2023-08-09 14:45 - 2023-08-09 14:45 - 003887508 ____R C:\Users\Alex Mascaro\Downloads\ATOrd_0010692-26.2023.5.15.0029_1grau.pdf
2023-08-09 14:23 - 2023-08-09 14:23 - 026759779 ____R C:\Users\Alex Mascaro\Downloads\Processo_0010046-16.2023.5.15.0029-1.pdf
2023-08-09 14:03 - 2023-08-09 14:16 - 009055436 ____R C:\Users\Alex Mascaro\Downloads\Processo_0010776-69.2021.5.15.0070.pdf
2023-08-09 13:55 - 2023-08-09 13:55 - 000010897 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-49.pdf
2023-08-09 09:23 - 2023-08-09 09:23 - 000241790 ____R C:\Users\Alex Mascaro\Downloads\JF3R_CertidaoInteiroTeor_20230000000506_09fev2023_175659-1.pdf
2023-08-09 09:15 - 2023-08-09 09:15 - 000010897 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-48.pdf
2023-08-09 07:54 - 2023-08-09 09:09 - 000477357 ____R C:\Users\Alex Mascaro\Downloads\supensão indeterminada 5001466-52.2019.4.03.6112.pdf
2023-08-09 07:51 - 2023-08-09 07:51 - 000241790 ____R C:\Users\Alex Mascaro\Downloads\JF3R_CertidaoInteiroTeor_20230000000506_09fev2023_175659.pdf
2023-08-09 07:51 - 2023-08-09 07:51 - 000138401 ____R C:\Users\Alex Mascaro\Downloads\Pesquisa Qualificada - SAEC.pdf
2023-08-09 07:50 - 2023-08-09 07:50 - 000141308 ____R C:\Users\Alex Mascaro\Downloads\Petição resultado Arisp positivo - penhora do bem.pdf
2023-08-08 16:17 - 2023-08-08 16:17 - 000000000 ___HD C:\$WinREAgent
2023-08-07 16:21 - 2023-08-07 16:21 - 010768064 ____R C:\Users\Alex Mascaro\Downloads\1009669-62.2017.8.26.0132.pdf
2023-08-07 16:19 - 2023-08-07 16:19 - 005217890 ____R C:\Users\Alex Mascaro\Downloads\0001750-53.2021.4.03.6314-1691435939725-196516-processo.pdf
2023-08-07 16:04 - 2023-08-07 16:04 - 001230097 ____R C:\Users\Alex Mascaro\Downloads\Auto de Penhora Luis Gustavo.pdf
2023-08-07 16:03 - 2023-08-07 16:03 - 000012477 ____R C:\Users\Alex Mascaro\Downloads\0001305-60.2016.4.03.6136_VOL_001-1.pdf
2023-08-07 15:58 - 2023-08-07 15:58 - 001996594 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-47.pdf
2023-08-07 15:57 - 2023-08-07 15:58 - 000012705 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-46.pdf
2023-08-07 15:29 - 2023-08-07 15:29 - 001994692 _____ C:\Users\Alex Mascaro\Downloads\VID-20230804-WA0003.mp4
2023-08-07 11:20 - 2023-08-07 11:20 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Sun
2023-08-07 11:20 - 2023-08-07 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-08-07 11:20 - 2023-08-07 11:20 - 000000000 ____D C:\Program Files (x86)\Java
2023-08-07 11:20 - 2023-06-14 14:22 - 000170624 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2023-08-07 10:47 - 2023-08-07 10:47 - 059671656 _____ (Oracle Corporation) C:\Users\Alex Mascaro\Downloads\jre-8u381-windows-i586.exe
2023-08-07 09:43 - 2023-08-07 09:43 - 000077884 _____ C:\Users\Alex Mascaro\Downloads\Certidao-29934802000150-20230807.pdf
2023-08-07 06:55 - 2023-08-07 06:55 - 000050125 _____ C:\Users\Alex Mascaro\Downloads\1011922-36.2023.8.26.0577.pdf
2023-08-04 17:32 - 2023-08-04 17:32 - 000166581 ____R C:\Users\Alex Mascaro\Downloads\880eb45d76d59e58e5a824758264edd0.pdf
2023-08-04 17:16 - 2023-08-04 17:16 - 000000850 _____ C:\DelFix.txt
2023-08-04 16:57 - 2023-08-04 16:57 - 000516080 ____R C:\Users\Alex Mascaro\Downloads\0000721-40.2022.8.26.0370-1.pdf
2023-08-04 16:48 - 2023-08-04 16:48 - 000245536 ____R C:\Users\Alex Mascaro\Downloads\0000721-40.2022.8.26.0370.pdf
2023-08-04 10:16 - 2023-08-04 10:16 - 001320036 _____ C:\Users\Alex Mascaro\Downloads\Documento_44326a2.pdf
2023-08-04 10:03 - 2023-08-04 10:03 - 000416120 ____R C:\Users\Alex Mascaro\Downloads\Documento_2750f9b.pdf
2023-08-04 09:56 - 2023-08-04 09:56 - 000461820 ____R C:\Users\Alex Mascaro\Downloads\ATOrd_1000401-24.2023.5.02.0089_1grau.pdf
2023-08-04 09:55 - 2023-08-04 09:55 - 000366609 ____R C:\Users\Alex Mascaro\Downloads\ATSum_1000843-79.2023.5.02.0706_1grau.pdf
2023-08-04 09:45 - 2023-08-04 09:45 - 000043649 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-45.pdf
2023-08-04 09:44 - 2023-08-04 09:44 - 000111037 ____R C:\Users\Alex Mascaro\Downloads\5002433-88.2019_manifestacao destino valores depositados-1.pdf
2023-08-04 09:44 - 2023-08-04 09:44 - 000111037 ____R C:\Users\Alex Mascaro\Downloads\5002433-88.2019_manifestacao destino valores depositados.pdf
2023-08-04 09:32 - 2023-08-04 09:32 - 000017596 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_469_04_08_2023.pdf
2023-08-04 09:23 - 2023-08-04 09:23 - 000017546 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_468_04_08_2023.pdf
2023-08-04 09:22 - 2023-08-04 09:22 - 000017492 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_467_04_08_2023.pdf
2023-08-04 09:21 - 2023-08-04 09:21 - 000017531 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_466_04_08_2023.pdf
2023-08-03 17:07 - 2023-08-03 17:09 - 002839690 ____R C:\Users\Alex Mascaro\Downloads\ATOrd_0010191-90.2023.5.15.0120_1grau-1.pdf
2023-08-03 16:48 - 2023-08-03 16:48 - 000005233 _____ C:\Users\Alex Mascaro\Downloads\23254982.pdf
2023-08-03 16:02 - 2023-08-03 16:02 - 000047032 _____ C:\Users\Alex Mascaro\Downloads\report(3).pdf
2023-08-03 15:58 - 2023-08-03 15:58 - 000015666 _____ C:\Users\Alex Mascaro\Documents\Boleto_GUSTAVOBOMFIMDOSSANTOS823.pdf
2023-08-03 15:57 - 2023-08-03 15:57 - 000015674 _____ C:\Users\Alex Mascaro\Documents\Boleto_CLAUDIOVALERIOPANTALIAO823.pdf
2023-08-03 15:46 - 2023-08-03 15:46 - 000015799 _____ C:\Users\Alex Mascaro\Downloads\report(2).pdf
2023-08-03 15:17 - 2023-08-10 06:22 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\ZHP
2023-08-03 15:17 - 2023-08-03 15:17 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Local\ZHP
2023-08-03 14:33 - 2023-08-03 14:33 - 000002244 _____ C:\Users\Alex Mascaro\Downloads\doc(73).pdf
2023-08-03 14:31 - 2023-08-03 14:31 - 000002723 _____ C:\Users\Alex Mascaro\Downloads\doc(72).pdf
2023-08-03 11:31 - 2023-08-03 11:31 - 001935468 _____ ( ) C:\Users\Alex Mascaro\Downloads\mvregclean_2022_(8.2)_br.exe
2023-08-03 11:16 - 2023-08-03 11:16 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Local\mbam
2023-08-03 11:13 - 2023-08-03 11:13 - 002606880 _____ (Malwarebytes) C:\Users\Alex Mascaro\Downloads\MBSetup.exe
2023-08-03 09:14 - 2023-08-03 09:14 - 040890071 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011359-54.2021.5.15.0070-1.pdf
2023-08-03 07:05 - 2023-08-03 07:05 - 000072937 ____R C:\Users\Alex Mascaro\Downloads\MANIFESTACAO PAULO CIARLO 5014304-88.2023.4.03.0000.pdf
2023-08-01 17:23 - 2023-08-01 17:23 - 000030526 _____ C:\Users\Alex Mascaro\Downloads\Declaração de ITCMD.pdf
2023-08-01 17:05 - 2023-08-01 17:05 - 003263363 _____ C:\Users\Alex Mascaro\Downloads\Resolução SMF nº7.pdf
2023-08-01 17:00 - 2023-08-01 17:00 - 000398566 _____ C:\Users\Alex Mascaro\Downloads\laudo augusto (2).pdf
2023-08-01 17:00 - 2023-08-01 17:00 - 000398566 _____ C:\Users\Alex Mascaro\Downloads\laudo augusto (1).pdf
2023-08-01 16:59 - 2023-08-01 16:59 - 000398566 _____ C:\Users\Alex Mascaro\Downloads\laudo augusto.pdf
2023-08-01 09:55 - 2023-08-01 09:55 - 029190711 ____R C:\Users\Alex Mascaro\Downloads\1008639-16.2022.8.26.0132.pdf
2023-08-01 09:43 - 2023-08-01 09:43 - 000166008 _____ C:\Users\Alex Mascaro\Downloads\GuiaPagamento_22058181808_010820230943356229.PDF
2023-08-01 09:43 - 2023-08-01 09:43 - 000076120 _____ C:\Users\Alex Mascaro\Downloads\eSocial_Demonstrativo_Recibo_Julho_2023.pdf
2023-08-01 09:33 - 2023-08-01 09:33 - 000005143 _____ C:\Users\Alex Mascaro\Downloads\assinadordigital-1690893204994.jnlp
2023-08-01 09:17 - 2023-08-01 09:17 - 000084578 ____R C:\Users\Alex Mascaro\Downloads\Documento_493303e-1.pdf
2023-08-01 09:17 - 2023-08-01 09:17 - 000084578 _____ C:\Users\Alex Mascaro\Downloads\Documento_493303e.pdf
2023-07-31 16:24 - 2023-07-31 16:24 - 000044775 ____R C:\Users\Alex Mascaro\Downloads\nures9_goncalves.pdf
2023-07-31 16:06 - 2023-07-31 16:06 - 000043849 _____ C:\Users\Alex Mascaro\Downloads\23238477.pdf
2023-07-31 11:28 - 2023-07-31 11:29 - 000165887 ____R C:\Users\Alex Mascaro\Downloads\RE1276977Suspensaonacional.pdf
2023-07-31 11:27 - 2023-07-31 11:28 - 000151145 ____R C:\Users\Alex Mascaro\Downloads\Proposta para Associação a Green Eletron (2023) - 31.07.23.pdf
2023-07-31 10:43 - 2023-07-31 10:43 - 000997877 ____R C:\Users\Alex Mascaro\Downloads\c958d14d-1237-426a-9796-5a35b4ca68f7.pdf
2023-07-31 10:24 - 2023-07-31 10:24 - 000016774 _____ C:\Users\Alex Mascaro\Documents\Transgemeos - sicredi-1684509686577.pdf
2023-07-31 10:13 - 2023-07-31 10:13 - 000031413 ____R C:\Users\Alex Mascaro\Downloads\Boleto_2023_07_31_10_13_12.pdf
2023-07-31 07:27 - 2023-07-31 07:28 - 022189884 ____R C:\Users\Alex Mascaro\Downloads\Processo_0010391-19.2022.5.15.0028.pdf
2023-07-28 15:51 - 2023-07-28 15:51 - 000005252 ____R C:\Users\Alex Mascaro\Downloads\23234210.pdf
2023-07-28 14:55 - 2023-07-28 14:55 - 000084221 ____R C:\Users\Alex Mascaro\Downloads\stj_dje_20230427_0_36385390.pdf
2023-07-28 13:49 - 2023-07-28 13:49 - 004210968 ____R C:\Users\Alex Mascaro\Downloads\1001270-90.2023.8.26.0566-2.pdf
2023-07-28 11:43 - 2023-07-28 11:43 - 000074017 _____ C:\Users\Alex Mascaro\Downloads\0007363-28.2019.8.26.0566.pdf
2023-07-28 11:29 - 2023-07-28 11:29 - 000631919 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-133.pdf
2023-07-28 11:27 - 2023-07-28 11:27 - 000688631 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-132.pdf
2023-07-28 11:25 - 2023-07-28 11:25 - 000989631 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-131.pdf
2023-07-28 07:46 - 2023-07-28 07:46 - 004599866 ____R C:\Users\Alex Mascaro\Downloads\ATOrd_0010110-44.2023.5.15.0120_1grau.pdf
2023-07-28 07:07 - 2023-07-28 07:07 - 002786227 ____R C:\Users\Alex Mascaro\Downloads\ATOrd_0010191-90.2023.5.15.0120_1grau.pdf
2023-07-28 06:38 - 2023-07-28 06:38 - 000014538 ____R C:\Users\Alex Mascaro\Downloads\FRANCA SUPERIOR.pdf
2023-07-26 17:02 - 2023-07-26 17:02 - 000187275 _____ C:\Users\Alex Mascaro\Downloads\BELTRAN DECLARA QUE DR VITOR TRATA NOS MAL (1).ogv
2023-07-25 17:55 - 2023-07-25 17:55 - 002948886 _____ C:\Users\Alex Mascaro\Downloads\CONTRATO SOCIAL N° 03.pdf
2023-07-25 17:55 - 2023-07-25 17:55 - 002661895 _____ C:\Users\Alex Mascaro\Downloads\CONTRATO SOCIAL Nº6.pdf
2023-07-25 17:29 - 2023-07-25 17:30 - 000603448 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-130.pdf
2023-07-25 17:27 - 2023-07-25 17:27 - 000605049 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-129.pdf
2023-07-25 16:45 - 2023-07-25 16:45 - 001617045 ____R C:\Users\Alex Mascaro\Downloads\TRANSPARÊNCIA - SERVIDORES - 05_2023.pdf
2023-07-25 16:43 - 2023-07-25 16:43 - 000964510 ____R C:\Users\Alex Mascaro\Downloads\TRANSPARÊNCIA - SERVIDORES - 06_2023.pdf
2023-07-25 16:32 - 2023-07-25 16:32 - 000002580 ____R C:\Users\Alex Mascaro\Downloads\doc-39.pdf
2023-07-25 16:18 - 2023-07-25 16:18 - 000519764 ____R C:\Users\Alex Mascaro\Downloads\republicacao-resolucao-cnrm-n17-21-dezembro-2022.pdf
2023-07-25 16:16 - 2023-07-25 16:16 - 000351379 _____ C:\Users\Alex Mascaro\Downloads\EMPRESA SIMPLES DE CRÉDITO TIRA DUVIDAS.pdf
2023-07-25 16:14 - 2023-07-25 16:14 - 000442765 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-8.pdf
2023-07-25 16:14 - 2023-07-25 16:14 - 000440676 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-7.pdf
2023-07-25 16:14 - 2023-07-25 16:14 - 000440401 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-6.pdf
2023-07-25 16:10 - 2023-07-25 16:10 - 000207253 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-5.pdf
2023-07-25 16:09 - 2023-07-25 16:09 - 000146318 ____R C:\Users\Alex Mascaro\Downloads\RESOLUOCNRMN17DE21DEDEZEMBRODE2022_RESOLUOCNRMN17DE21DEDEZEMBRODE2022_DOUImprensaNacional.pdf
2023-07-25 16:07 - 2023-07-25 16:07 - 000338986 ____R C:\Users\Alex Mascaro\Downloads\Resolucao-CNRM-017-2022-12-21-1.pdf
2023-07-25 16:06 - 2023-07-25 16:08 - 000721224 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-4.pdf
2023-07-25 16:06 - 2023-07-25 16:06 - 000721224 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-3.pdf
2023-07-25 16:03 - 2023-07-25 16:03 - 002771494 ____R C:\Users\Alex Mascaro\Downloads\2022_12_26_ASSINADO_do2.pdf
2023-07-25 16:02 - 2023-07-25 16:02 - 000721224 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-1.pdf
2023-07-25 16:01 - 2023-07-25 16:01 - 000882303 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer.pdf
2023-07-25 16:00 - 2023-07-25 16:02 - 000202152 ____R C:\Users\Alex Mascaro\Downloads\INPDFViewer-2.pdf
2023-07-25 15:43 - 2023-07-25 15:44 - 001592363 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-128.pdf
2023-07-25 15:04 - 2023-07-25 15:04 - 000007289 _____ C:\Users\Alex Mascaro\Downloads\23220141.pdf
2023-07-25 14:44 - 2023-07-25 14:44 - 000502458 _____ C:\Users\Alex Mascaro\Downloads\Matricula - Rodrigo.pdf
2023-07-25 14:44 - 2023-07-25 14:44 - 000502458 _____ C:\Users\Alex Mascaro\Downloads\e98981b0b87d4d71a5497b63b3fd9385.pdf
2023-07-25 09:51 - 2023-07-25 09:51 - 000017657 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_465_25_07_2023.pdf
2023-07-25 09:44 - 2023-07-25 09:44 - 000017568 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_464_25_07_2023.pdf
2023-07-25 09:43 - 2023-07-25 09:43 - 000017553 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_463_25_07_2023.pdf
2023-07-25 09:42 - 2023-07-25 09:42 - 000017554 _____ C:\Users\Alex Mascaro\Downloads\NFS-e_462_25_07_2023.pdf
2023-07-25 09:31 - 2023-07-25 09:31 - 073829738 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011465-50.2020.5.15.0070-1.pdf
2023-07-24 15:48 - 2023-07-24 15:48 - 007239642 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011317-68.2022.5.15.0070-2.pdf
2023-07-24 15:46 - 2023-07-24 15:46 - 000070358 _____ C:\Users\Alex Mascaro\Downloads\23215279.pdf
2023-07-24 15:28 - 2023-07-24 15:28 - 040108181 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011359-54.2021.5.15.0070.pdf
2023-07-24 11:43 - 2023-07-24 15:22 - 000023415 ____R C:\Users\Alex Mascaro\Downloads\MON-1.pdf
2023-07-24 09:14 - 2023-07-24 09:14 - 002955744 ____R C:\Users\Alex Mascaro\Downloads\TCOT-041_2019_PT.pdf
2023-07-24 09:02 - 2023-07-24 09:02 - 000791592 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-127.pdf
2023-07-24 08:52 - 2023-07-24 08:52 - 000791593 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-126.pdf
2023-07-21 12:04 - 2023-07-21 12:04 - 003474024 _____ C:\Users\Alex Mascaro\Downloads\2194284-08.2022.8.26.0000(2).pdf
2023-07-21 11:42 - 2023-07-21 11:42 - 000856114 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-125.pdf
2023-07-21 11:41 - 2023-07-21 11:41 - 000920077 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-124.pdf
2023-07-21 11:41 - 2023-07-21 11:41 - 000591186 ____R C:\Users\Alex Mascaro\Downloads\VisualizaTicket-123.pdf
2023-07-21 11:26 - 2023-07-21 11:26 - 032048535 _____ C:\Users\Alex Mascaro\Downloads\1001404-32.2021.8.26.0132(4).pdf
2023-07-21 10:24 - 2023-07-21 10:24 - 000155776 ____R C:\Users\Alex Mascaro\Downloads\RES-330-CODIGO-DE-ETICA-CFBM.pdf
2023-07-21 10:23 - 2023-07-21 10:23 - 000893284 ____R C:\Users\Alex Mascaro\Downloads\CÓDIGO-DO-PROCESSO-ÉTICO-res-259_2015.pdf
2023-07-20 16:03 - 2023-07-20 16:03 - 000046307 ____R C:\Users\Alex Mascaro\Downloads\DECLARAÇÃO-DE-RENDA-–-AUTÔNOMO-PROFISSIONAL-LIBERAL.pdf
2023-07-20 16:03 - 2023-07-20 16:03 - 000005458 ____R C:\Users\Alex Mascaro\Downloads\3858_ce_315724_1.pdf
2023-07-20 15:38 - 2023-07-20 15:38 - 000568265 ____R C:\Users\Alex Mascaro\Downloads\5014304-88.2023.4.03.0000-1.pdf
2023-07-20 15:24 - 2023-07-20 15:24 - 000070420 ____R C:\Users\Alex Mascaro\Downloads\ciência .docx (2).pdf
2023-07-20 11:29 - 2023-07-20 11:29 - 000073732 ____R C:\Users\Alex Mascaro\Downloads\RENAJUD CANCELADO - VEÍCULA PLACA BQU7D79.pdf
2023-07-20 11:23 - 2023-07-20 11:23 - 006006656 ____R C:\Users\Alex Mascaro\Downloads\5000138-45.2018.4.03.6105.pdf
2023-07-20 11:22 - 2023-07-20 11:22 - 000009827 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-43.pdf
2023-07-20 11:22 - 2023-07-20 11:22 - 000005764 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-44.pdf
2023-07-20 11:21 - 2023-07-20 11:21 - 006490622 ____R C:\Users\Alex Mascaro\Downloads\06-3-23-Peticao-e documentos-Manasse-INSS.pdf
2023-07-20 06:30 - 2023-07-20 06:30 - 000035582 _____ C:\Users\Alex Mascaro\Documents\diagnosticoapp_20230720_063023.zip
2023-07-20 01:25 - 2023-07-20 01:25 - 000000000 ____D C:\Users\Alex Mascaro\AppData\LocalLow\Sun
2023-07-19 16:58 - 2023-07-19 16:58 - 000001426 _____ C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-07-19 16:58 - 2023-07-19 16:58 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Local\ESET
2023-07-19 16:57 - 2023-07-19 16:57 - 015274968 _____ (ESET) C:\Users\Alex Mascaro\Downloads\esetonlinescanner.exe
2023-07-19 11:24 - 2023-07-19 11:24 - 030973809 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011353-47.2021.5.15.0070-1.pdf
2023-07-19 11:17 - 2023-07-19 11:17 - 000124129 ____R C:\Users\Alex Mascaro\Downloads\Documento_b41b95b.pdf
2023-07-19 11:16 - 2023-07-19 11:16 - 002526255 ____R C:\Users\Alex Mascaro\Downloads\Documento_1f80145.pdf
2023-07-19 09:57 - 2023-07-19 09:57 - 000972448 ____R C:\Users\Alex Mascaro\Downloads\5007757-32.2023.4.03.0000-1.pdf
2023-07-19 09:56 - 2023-07-19 09:57 - 000093107 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-42.pdf
2023-07-19 09:16 - 2023-07-19 09:16 - 001475288 ____R C:\Users\Alex Mascaro\Downloads\5025375-24.2022.4.03.0000.pdf
2023-07-19 09:16 - 2023-07-19 09:16 - 000078657 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-41.pdf
2023-07-19 08:38 - 2023-07-19 08:38 - 041865965 ____R C:\Users\Alex Mascaro\Downloads\Processo_0010467-97.2018.5.15.0120-1.pdf
2023-07-18 14:33 - 2023-07-18 14:34 - 000010780 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-40.pdf
2023-07-18 14:32 - 2023-07-18 14:33 - 000009827 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-39.pdf
2023-07-18 14:32 - 2023-07-18 14:32 - 000067444 ____R C:\Users\Alex Mascaro\Downloads\Petição 5000138-45.2018.4.03.6105.pdf
2023-07-18 13:47 - 2023-07-18 13:47 - 041865965 ____R C:\Users\Alex Mascaro\Downloads\Processo_0010467-97.2018.5.15.0120.pdf
2023-07-18 11:53 - 2023-07-18 11:53 - 000338986 ____R C:\Users\Alex Mascaro\Downloads\Resolucao-CNRM-017-2022-12-21.pdf
2023-07-18 11:26 - 2023-07-18 11:26 - 000028155 ____R C:\Users\Alex Mascaro\Downloads\0002689-77.2021.8.26.0132-1.pdf
2023-07-18 11:19 - 2023-07-18 11:19 - 000047758 ____R C:\Users\Alex Mascaro\Downloads\1011847-08.2022.8.26.0132.pdf
2023-07-18 11:17 - 2023-07-18 11:17 - 079584983 ____R C:\Users\Alex Mascaro\Downloads\0000373-38.2017.4.03.6136.pdf
2023-07-18 11:08 - 2023-07-18 11:08 - 000117040 _____ C:\Users\Alex Mascaro\Downloads\Morada Nova.pdf
2023-07-18 10:25 - 2023-07-18 10:25 - 000009451 _____ C:\Users\Alex Mascaro\Downloads\PGDASD-DECLARACAO-22480269202305001.pdf
2023-07-18 10:24 - 2023-07-18 10:24 - 000009197 _____ C:\Users\Alex Mascaro\Downloads\PGDASD-DECLARACAO-22480269202301001.pdf
2023-07-18 10:24 - 2023-07-18 10:24 - 000004047 _____ C:\Users\Alex Mascaro\Downloads\ComprovanteOpcaoRegime.pdf
2023-07-18 09:12 - 2023-07-18 09:12 - 000258031 _____ C:\Users\Alex Mascaro\Downloads\Documento_ba9146c.pdf
2023-07-17 17:39 - 2023-07-17 17:39 - 031160236 ____R C:\Users\Alex Mascaro\Downloads\Processo_0011354-32.2021.5.15.0070-1.pdf
2023-07-17 14:56 - 2023-07-17 14:56 - 007586681 _____ C:\Users\Alex Mascaro\Downloads\1001404-32.2021.8.26.0132(3).pdf
2023-07-17 14:09 - 2023-07-17 14:09 - 000118408 _____ C:\Users\Alex Mascaro\Downloads\ConsultaOptantes(2).pdf
2023-07-17 09:09 - 2023-07-17 09:09 - 002231642 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-37.pdf
2023-07-17 09:09 - 2023-07-17 09:09 - 000052111 ____R C:\Users\Alex Mascaro\Downloads\documentoProcessual-38.pdf
2023-07-17 07:55 - 2023-07-17 07:55 - 042719795 ____R C:\Users\Alex Mascaro\Downloads\4002991-19.2013.8.26.0132.pdf

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-08-14 06:18 - 2021-12-15 02:42 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-14 06:18 - 2021-10-01 01:39 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-14 06:10 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-14 06:09 - 2022-02-14 05:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-14 06:08 - 2021-10-01 00:56 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-14 06:06 - 2021-10-01 01:49 - 000000000 ____D C:\Program Files\Microsoft Office
2023-08-11 17:37 - 2021-10-01 09:14 - 000000000 ____D C:\Users\Alex Mascaro\Documents\Arquivos do Outlook
2023-08-11 17:37 - 2021-10-01 00:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-11 16:51 - 2022-10-14 13:10 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-08-11 16:51 - 2021-10-19 07:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-11 16:33 - 2021-10-01 00:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-11 16:01 - 2021-10-02 10:24 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Word
2023-08-11 14:01 - 2021-10-01 01:59 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Excel
2023-08-11 06:21 - 2021-10-01 00:47 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-10 10:53 - 2023-05-25 14:32 - 000407972 _____ C:\Users\Alex Mascaro\Documents\21929392800-IRPF-2023-2022-origi-imagem-declaracao.pdf
2023-08-10 10:53 - 2023-05-25 14:31 - 000036101 _____ C:\Users\Alex Mascaro\Documents\21929392800-IRPF-2023-2022-origi-imagem-recibo.pdf
2023-08-10 10:52 - 2022-03-28 13:54 - 000000000 ____D C:\Users\Alex Mascaro\.irpf
2023-08-10 09:41 - 2021-10-04 08:57 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Zoom
2023-08-10 09:38 - 2021-10-01 01:02 - 001651882 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-10 09:38 - 2021-10-01 00:49 - 000715446 _____ C:\WINDOWS\system32\prfh0416.dat
2023-08-10 09:38 - 2021-10-01 00:49 - 000140602 _____ C:\WINDOWS\system32\prfc0416.dat
2023-08-10 09:38 - 2021-10-01 00:46 - 000000000 ____D C:\WINDOWS\INF
2023-08-10 06:30 - 2022-07-16 15:57 - 000000000 ____D C:\Program Files (x86)\LeitorXml
2023-08-09 16:47 - 2021-10-01 01:41 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-09 16:47 - 2021-10-01 01:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-08-09 16:47 - 2021-10-01 01:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-09 09:10 - 2021-10-01 01:00 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Local\Packages
2023-08-08 17:45 - 2021-10-01 01:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-08 17:41 - 2021-10-01 01:07 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-08 17:34 - 2022-03-14 11:15 - 000037840 _____ (Topaz OFD) C:\WINDOWS\system32\Drivers\wsddfac.sys
2023-08-08 17:34 - 2021-10-01 13:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-08-08 17:34 - 2021-10-01 00:56 - 000439808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-08 17:34 - 2021-10-01 00:56 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-08 17:34 - 2021-10-01 00:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-08 17:33 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-08 17:33 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-08 17:33 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-08 17:33 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-08 17:33 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-08 17:33 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-08 17:33 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-08 17:33 - 2021-10-01 00:47 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-08 17:33 - 2021-10-01 00:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-08 17:33 - 2021-10-01 00:43 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-08 16:27 - 2021-10-01 00:44 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-08 16:24 - 2021-10-01 00:59 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-08 03:20 - 2021-10-01 01:39 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-08-08 03:20 - 2021-10-01 01:39 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-08-07 10:47 - 2022-04-06 15:07 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Local\CrashDumps
2023-08-07 06:42 - 2023-06-10 11:19 - 000002447 _____ C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-07 06:42 - 2021-12-13 05:13 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1835089291-200718762-2277446861-1001
2023-08-07 06:42 - 2021-10-01 01:02 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1835089291-200718762-2277446861-1001
2023-08-04 18:21 - 2021-10-01 12:37 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Office
2023-08-03 11:26 - 2021-10-01 00:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-02 11:07 - 2021-10-01 00:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-02 03:13 - 2021-10-01 01:39 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-02 03:13 - 2021-10-01 01:39 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-08-01 16:33 - 2023-05-29 07:48 - 000000000 ____D C:\WinSysUpdate72360033226
2023-08-01 10:24 - 2021-11-08 13:19 - 000000000 ____D C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Teams
2023-08-01 10:22 - 2021-10-01 01:00 - 000000000 ___SD C:\Users\Alex Mascaro\AppData\Roaming\Microsoft\Credentials
2023-07-31 15:21 - 2023-02-03 17:00 - 000043688 _____ C:\Users\Alex Mascaro\Desktop\Controle Financeiro 2023.xlsx
2023-07-31 09:48 - 2021-10-01 01:44 - 000000000 ____D C:\ProgramData\Oracle
2023-07-27 07:17 - 2021-10-01 01:08 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-25 09:19 - 2021-10-01 14:01 - 000000000 ____D C:\Users\Alex Mascaro\.shodo
2023-07-18 16:38 - 2022-05-13 15:23 - 000002189 _____ C:\Users\Alex Mascaro\Desktop\Itaú.lnk
2023-07-17 07:47 - 2023-06-27 11:27 - 000001308 _____ C:\Users\Alex Mascaro\Desktop\Microsoft Edge.lnk

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

Elias Pereira · 14 de agosto de 2023

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.exe C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.log <==== ATENÇÃO
Task: {1FFFFC02-9AB2-4101-ADAA-85D1E6293461} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {B451C2FB-EB01-4635-8668-4BF5006DFCEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {F2ECE5B0-C5C6-4831-81B1-81A075987155} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {C32FC8C8-0439-4739-9CCF-635DFD17235C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E432D1C3-D0C4-41FC-844D-8F2EB75657FE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B564DD9-2B71-412D-8FE1-AD36D0990963} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1BA378A-4623-438D-B981-DC14027D4A5E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E96C8395-22E6-4F28-A4DE-1FB749228C80} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {541FB926-681C-4469-82D5-FA332999F178} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78BD61F3-FCCB-4E68-B2A4-8C18CC9A02A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60267819-5C83-4A0A-BD16-11904B0CC907} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {731E95C5-3A08-4CE0-A839-FB5B9D0E3D48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8037A52-0E5B-46B2-AADF-A45603531510} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-08-09] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {42283D27-09CF-43A5-9459-829919D6BC58} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-09] (Mozilla Corporation -> Mozilla Foundation)
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Clique com o direito sobre o arquivo FRST.EXE, depois clique em http://i.imgur.com/VRIfczU.png

Clique no botão

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

alexmascaro · 14 de agosto de 2023

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 12-08-2023
Executado por Alex Mascaro (14-08-2023 13:40:23) Run:1
Executando a partir de C:\Users\Alex Mascaro\Desktop
Perfis Carregados: Alex Mascaro
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.exe C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.log <==== ATENÇÃO
Task: {1FFFFC02-9AB2-4101-ADAA-85D1E6293461} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {B451C2FB-EB01-4635-8668-4BF5006DFCEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {F2ECE5B0-C5C6-4831-81B1-81A075987155} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-01] (Google LLC -> Google LLC)
Task: {C32FC8C8-0439-4739-9CCF-635DFD17235C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E432D1C3-D0C4-41FC-844D-8F2EB75657FE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B564DD9-2B71-412D-8FE1-AD36D0990963} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1BA378A-4623-438D-B981-DC14027D4A5E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2023-08-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E96C8395-22E6-4F28-A4DE-1FB749228C80} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {541FB926-681C-4469-82D5-FA332999F178} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78BD61F3-FCCB-4E68-B2A4-8C18CC9A02A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {60267819-5C83-4A0A-BD16-11904B0CC907} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {731E95C5-3A08-4CE0-A839-FB5B9D0E3D48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8037A52-0E5B-46B2-AADF-A45603531510} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-08-09] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {42283D27-09CF-43A5-9459-829919D6BC58} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-09] (Mozilla Corporation -> Mozilla Foundation)
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
"C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.exe C:\WinSysUpdate72360033226\Panasonic.Accenture.08471.9605.470.log <==== ATENÇÃO" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1FFFFC02-9AB2-4101-ADAA-85D1E6293461}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FFFFC02-9AB2-4101-ADAA-85D1E6293461}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B451C2FB-EB01-4635-8668-4BF5006DFCEC}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B451C2FB-EB01-4635-8668-4BF5006DFCEC}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2ECE5B0-C5C6-4831-81B1-81A075987155}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2ECE5B0-C5C6-4831-81B1-81A075987155}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C32FC8C8-0439-4739-9CCF-635DFD17235C}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C32FC8C8-0439-4739-9CCF-635DFD17235C}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates 2.0" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E432D1C3-D0C4-41FC-844D-8F2EB75657FE}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E432D1C3-D0C4-41FC-844D-8F2EB75657FE}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B564DD9-2B71-412D-8FE1-AD36D0990963}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B564DD9-2B71-412D-8FE1-AD36D0990963}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B1BA378A-4623-438D-B981-DC14027D4A5E}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1BA378A-4623-438D-B981-DC14027D4A5E}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Feature Updates Logon => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates Logon" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E96C8395-22E6-4F28-A4DE-1FB749228C80}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E96C8395-22E6-4F28-A4DE-1FB749228C80}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Office\Office Performance Monitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Performance Monitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\MareBackup" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2}" => não encontrado (a)
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\MareBackup" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\MareBackup" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7111FDC2-D28D-4F8A-AD3E-06D53F06EFF2}" => não encontrado (a)
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\MareBackup" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\MareBackup" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{541FB926-681C-4469-82D5-FA332999F178}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{541FB926-681C-4469-82D5-FA332999F178}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78BD61F3-FCCB-4E68-B2A4-8C18CC9A02A9}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78BD61F3-FCCB-4E68-B2A4-8C18CC9A02A9}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{60267819-5C83-4A0A-BD16-11904B0CC907}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60267819-5C83-4A0A-BD16-11904B0CC907}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{731E95C5-3A08-4CE0-A839-FB5B9D0E3D48}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{731E95C5-3A08-4CE0-A839-FB5B9D0E3D48}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Verification" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8037A52-0E5B-46B2-AADF-A45603531510}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8037A52-0E5B-46B2-AADF-A45603531510}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Background Update 308046B0AF4A39CB" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42283D27-09CF-43A5-9459-829919D6BC58}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42283D27-09CF-43A5-9459-829919D6BC58}" => removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" => removido (a) com sucesso.

========= ipconfig /flushdns =========

Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-1835089291-200718762-2277446861-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-1835089291-200718762-2277446861-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.

========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

FlushDNS => completado
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 189495585 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 22635125 B
Edge => 0 B
Chrome => 314479271 B
Firefox => 49231274 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7514 B
NetworkService => 1653866 B
Alex Mascaro => 7428347705 B

RecycleBin => 101753294 B
EmptyTemp: => 7.6 GB de dados temporários Removidos.

================================

O sistema precisou ser reiniciado.

==== Fim de Fixlog 13:56:46 ====

Elias Pereira · 14 de agosto de 2023

O aplicativo ainda informa malware?

alexmascaro · 14 de agosto de 2023

.. ainda continua informando a existencia

arquivo.pdf

Elias Pereira · 14 de agosto de 2023

Faça o download ESET Online Scanner e salve no seu Desktop
https://www.eset.com/us/home/online-scanner/

Clique direito em esetonlinescanner_enu.exe e execute como administrador
Clique em Computer Scan
Clique em Full scan
Selecione Enable ESET to detect and quarantine potentially unwanted applications
Clique em Start scan
Quando terminar, salve o resultado no seu desktop como ESETScan.txt
Clique Continue e depois em Close

Abra o arquivo ESETScan.txt, copie e cole o conteudo na sua proxima resposta.

alexmascaro · 16 de agosto de 2023

deu negativo a busca... falou que não detectou

Elias Pereira · 16 de agosto de 2023

O aplicativo pode estar informando um falso-positivo.

Remova o aplicativo completamente, acesse o site do banco e baixe novamente o aplicativo e instale.

alexmascaro · 17 de agosto de 2023

desinstalei o app e instalei de novo...

mensagem abaixo continua

Aviso:
Identificamos um comportamento suspeito neste computador e para sua segurança as transações estão bloqueadas temporariamente.

Solicitamos que realize suas transações por outro computador ou pelo App Itaú Empresas no celular ou tablet, disponível para IOS e Android.
Procure um técnico de sua confiança para que seja realizada atualização de antivírus. Mantenha sempre o sistema operacional do seu computador atualizado.
Após a correção desta fragilidade seu computador será liberado.
Em caso de dúvidas ligue para a Central de Relacionamento Itaú Empresas 0300 100 7575

Elias Pereira · 17 de agosto de 2023

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
Powershell: Get-Content $env:SystemRoot\System32\Drivers\etc\hosts
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Clique com o direito sobre o arquivo FRST.EXE e execute como administrador.

Clique no botão FIX/CORRIGIR

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

Em pesquisas sobre o problema com o app do banco, foi solicitado que o roteador wireless fosse resetado. Caso tu possa fazer isso, tente esse procedimento.

alexmascaro · 18 de agosto de 2023

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 17-08-2023 01
Executado por Alex Mascaro (18-08-2023 06:52:25) Run:1
Executando a partir de C:\Users\Alex Mascaro\Desktop
Perfis Carregados: Alex Mascaro
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
Powershell: Get-Content $env:SystemRoot\System32\Drivers\etc\hosts
CMD: ipconfig /flushdns
RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.

========= Get-Content $env:SystemRoot\System32\Drivers\etc\hosts =========

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

127.0.0.1 assinador-desktop.serpro.gov.br

========= Fim de Powershell: =========

========= ipconfig /flushdns =========

Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-1835089291-200718762-2277446861-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-1835089291-200718762-2277446861-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.

========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

FlushDNS => completado
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26452667 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => -124420 B
Edge => 0 B
Chrome => 188409166 B
Firefox => 43601796 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Alex Mascaro => 139992709 B

RecycleBin => 0 B
EmptyTemp: => 380 MB de dados temporários Removidos.

================================

O sistema precisou ser reiniciado.

==== Fim de Fixlog 06:53:05 ====

Elias Pereira · 18 de agosto de 2023

20 horas atrás, Elias Pereira disse:

Em pesquisas sobre o problema com o app do banco, foi solicitado que o roteador wireless fosse resetado. Caso tu possa fazer isso, tente esse procedimento.

Chegou a realizar esse procedimento?

alexmascaro · 18 de agosto de 2023

54 minutos atrás, Elias Pereira disse:

Chegou a realizar esse procedimento?

Esse eu não consegui fazer.... se tiver um tutorial talvez conseguiria

Elias Pereira · 18 de agosto de 2023

Qual a marca e modelo do roteador?

alexmascaro · 18 de agosto de 2023

Tp link wr840 , de 2 antenas , 300mg

Elias Pereira · 19 de agosto de 2023

Faça um backup das configurações do roteador antes do reset.

Após isso, siga os passos do link abaixo.
https://www.tp-link.com/br/support/faq/497/

alexmascaro · 22 de agosto de 2023

Fiz o procedimento e consegui acessar o app do Itau.

muito obrigado.

Elias Pereira · 22 de agosto de 2023

Bacana!!

Se não tiver mais duvidas, clique em "Denunciar" e diga que seu post foi resolvido.

Turco · 25 de agosto de 2023

Problema resolvido!

Caso o autor necessite, o mesmo será reaberto, para isso deverá entrar em contato com um Analista de Segurança ou Coordenador solicitando o desbloqueio.