Computador abrindo vários notepad e pastas

Fred Oliveira · 15 de setembro de 2023

Salve, galera!

Então, estava usando o windows 7, resolvi formatar o pc para instalar o Win10, até aí tudo bem... Depois de umas configurações e instalações de programas padrões, o computador está iniciando vários arquivos e pastas.

O único programa "estranho" que instalei foi o Disk Drill.. Estava querendo tentar recuperar uns arquivos..

Até tentei excluir as entradas do gerenciador, mas sem sucesso.

Alguém poderia me ajudar como resolver isso?!

Tem umas imagens dos arquivos e pastas que abrem ao iniciar

Elias Pereira · 16 de setembro de 2023

Por favor, atente para o seguinte:

Sobre o Fórum: Este é um espaço privado, não público. Seu uso é um privilégio, não um direito;
O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
IMPORTANTE: Caso tenha programas de ativação do windows ou de compartilhamento to44ent, sugiro desinstalar. Só irei dar procedimento na analise após a remoção. Regras do forum;
Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
Respeite a ordem das instruções passadas;
Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

Regras da Área de Remoção de Malware << IMPORTANTE A LEITURA

Regras Gerais do Forum Clube do Hardware << IMPORTANTE A LEITURA

Siga os passos abaixo:

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

ETAPA 1

Faça o download do AdwCleaner de um dos links abaixo e salve no desktop.

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

http://www.bleepingcomputer.com/download/adwcleaner/

Clique em DOWNLOAD NOW para baixar o arquivo.

Execute o adwcleaner.exe

OBS: Usuários do Windows Vista, 7, 8/8.1 e windows 10 clique com o direito sobre o arquivo AdwCleaner.exe, depois clique em

Clique em VERIFICAR AGORA/SCAN NOW. Após o termino clique em LIMPAR/CLEAN e aguarde.

Será aberto o bloco de notas com o resultado.

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

ETAPA 2

Faça o download do ZHPCleaner no link abaixo e salve em sua Área de trabalho (Desktop)

https://www.majorgeeks.com/files/details/zhpcleaner.html

Execute o arquivo ZHPCleaner.exe Como Administrador

Clique no botão Scanner.
A ferramenta começara o exame do seu sistema.
Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
Em seguida clique no botão Reparar.
Será gerado um log chamado ZHPCleaner.txt

ATENÇÃO: Selecione, copie e cole o seu conteúdo na próxima resposta.

Fred Oliveira · 19 de setembro de 2023

ETAPA 1

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build:    08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    09-19-2023
# Duration: 00:00:02
# OS:       Windows 10 (Build 19045.3448)
# Cleaned: 22
# Failed:   0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted       C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted       C:\ProgramData\IObit\Advanced SystemCare
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted       C:\Users\frede\AppData\LocalLow\IObit\Advanced SystemCare
Deleted       C:\Users\frede\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\invalidprefs.js

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted       HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted       HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted       HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted       HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted       HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3613 octets] - [19/09/2023 15:20:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

ETAPA 2

<!DOCTYPE html>
<HTML>
<HEAD>
<meta charset="UTF-8" />
<h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">NEWS ZONE ANTIMALWARE</h1>
<A HREF="https://nicolascoolman.eu/2023/09/14/vulnerabilite-critique-corrigee-dans-firefox-et-thunderbird/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2021/03/Mozilla_Firefox-ZAM.jpg"TITLE=Correctif Mozilla width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/09/12/campagne-massive-de-phishing-sur-facebook-messenger/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2021/12/Phishing2.png"TITLE=Phishing-Botnet width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/09/11/60-000-personnes-infectees-par-lapplication-android-evil-telegram/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/04/GooglePlayStore-Android-Zone-Antimalware.png"TITLE=Evil Telegram width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/09/10/bulletin-de-securite-apple-du-07-septembre-2023/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2023/05/Apple.jpg"TITLE=Apple-Correctif width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/09/08/le-tag-revele-de-nouvelles-cyberattaques/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2023/07/GoogleCloudBuild.jpg"TITLE=Google-TAG width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/09/06/bulletin-de-securite-thunderbird-du-29-aout-2023/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2021/05/Mozilla-Thunderbird.jpg"TITLE=Mozilla-Thunderbird width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/08/31/demantelement-du-reseau-botnet-qakbot-qbot/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2019/03/Botnet-Zone-AntiMalware-ZAM.png"TITLE=Notnet Qbot width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/08/20/quel-langage-de-programmation-gratuit-choisir/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2023/08/Developpement.jpg"TITLE=Développement-Gratuit width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/08/13/les-avantages-et-les-inconvenients-dun-vpn/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2021/06/ProtonVPN-ZAM.jpg"TITLE=VPN-Avantages-Inconvénients width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/08/12/exploitation-dune-ancienne-faille-du-routeur-eol-zyxel/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2023/08/ZyXEL.jpg"TITLE=ZyXEL-Faille width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/08/11/exploitation-de-la-faille-de-securite-whirlpool/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2023/08/Barracuda.jpg"TITLE=Faille-Baracucuda width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/08/06/le-rancongiciel-clop-utilise-des-torrents/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2023/06/Clop.jpg"TITLE=Ransomware-Clop width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/08/04/avis-de-securite-firefox-du-01-aout-2023/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/M2-Firefox-ZoneAntimalware.png"TITLE=Firefox-Correctif width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/08/02/des-attaques-de-phishing-via-google-amp/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2023/07/GoogleCloudBuild.jpg"TITLE=Google-AMP-Pshishing width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/08/01/comment-reparer-une-touche-clavier-bloquee-en-permanence/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2023/07/ZoneAntimalware2.jpg"TITLE=Clavier-Bloqué width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/07/31/comment-reparer-les-ports-usb-dun-pc/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2017/10/windows10-laptop.png"TITLE=Port-USB-HS width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/07/31/avis-de-securite-solarwinds-de-juillet-2023/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2021/05/SolarWinds-ZAM.jpg"TITLE=SolarWinds-Correctif width=200 height=200</A>
<A HREF="https://nicolascoolman.eu/2023/07/30/zimbra-corrige-une-faille-critique-zero-day/" TARGET="_blank"><IMG SRC="https://nicolascoolman.eu/wp-content/uploads/2023/05/Zimbra.jpg"TITLE=Zimbra-Zero-Day width=200 height=200</A>
<A></A><h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">ZHPCleaner Report</h1></HEAD>
<BODY>
<PRE>
<SCRIPT LANGUAGE="Javascript">
document.writeln("~ ZHPCleaner v2023.9.16.44 by Nicolas Coolman (2023/09/16)");
document.writeln("~ Run by FRED (Administrator) (19/09/2023 15:34:10)");
document.writeln("~ Web: https://www.nicolascoolman.com");
document.writeln("~ Blog: https://nicolascoolman.eu/");
document.writeln("~ Facebook : https://www.facebook.com/nicolascoolman1");
document.writeln("~ State version : Version OK");
document.writeln("~ Certificate ZHPCleaner: Illegal");
document.writeln("~ Type : Repair");
document.writeln("~ Report : C:\\Users\\frede\\OneDrive\\Área de Trabalho\\ZHPCleaner (R).txt");
document.writeln("~ Quarantine : C:\\Users\\frede\\AppData\\Roaming\\ZHP\\ZHPCleaner_Reg.txt");
document.writeln("~ UAC : Activate");
document.writeln("~ Boot Mode : Normal (Normal boot)");
document.writeln("Windows 10 Pro, 64-bit (Build 19045)");
document.writeln("");
document.writeln("<b>---\\ Alternate Data Stream (ADS). (0)</b>");
document.writeln("~ No malicious or unnecessary items found. (ADS)");
document.writeln("");
document.writeln("<b>---\\ Services (0)</b>");
document.writeln("~ No malicious or unnecessary items found. (Service)");
document.writeln("");
document.writeln("<b>---\\ Browser internet (0)</b>");
document.writeln("");
document.writeln("<b>---\\ Hosts file (1)</b>");
document.writeln("~ The hosts file is legitimate (21)");
document.writeln("");
document.writeln("<b>---\\ Scheduled automatic tasks. (0)</b>");
document.writeln("~ No malicious or unnecessary items found. (Task)");
document.writeln("");
document.writeln("<b>---\\ Explorer ( File, Folder) (5)</b>");
document.writeln("MOVED folder: C:\\Users\\frede\\AppData\\Local\\Microsoft Edge\\User Data\\Default\\Cache\\Cache_Data =>.SUP.BrowserCache".fontcolor("#0d1df4"));
document.writeln("MOVED folder: C:\\Users\\frede\\AppData\\Local\\Opera Software\\Opera GX Stable\\User Data\\Default\\Cache\\Cache_Data =>.SUP.BrowserCache".fontcolor("#0d1df4"));
document.writeln("MOVED folder: C:\\Users\\frede\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\glxhh27h.default\\Cache2 =>.SUP.BrowserCache".fontcolor("#0d1df4"));
document.writeln("MOVED folder: C:\\Users\\frede\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\xwnk1ix3.default-release-1694716282409\\Cache2 =>.SUP.BrowserCache".fontcolor("#0d1df4"));
document.writeln("MOVED folder: C:\\ProgramData\\IObit\\ASCDownloader =>SUP.Optional.AdvancedSystemCare".fontcolor("#f20d47"));
document.writeln("");
document.writeln("<b>---\\ Registry ( Key, Value, Data) (2)</b>");
document.writeln("DELETED key*: [X64] HKLM\\SOFTWARE\\fc8d59a4-d44c-5521-b21d-0c8e14688f93 [] =>Adware.CrossRider".fontcolor("#f20d47"));
document.writeln("DELETED key*: HKLM\\Software\\Classes\\AllFileSystemObjects\\ShellEx\\ContextMenuHandlers\\Advanced SystemCare [{2803063F-4B8D-4dc6-8874-D1802487FE2D}] =>SUP.Optional.AdvancedSystemCare".fontcolor("#f20d47"));
document.writeln("");
document.writeln("<b>---\\ Summary of the elements found (3)</b>");
document.writeln("https://nicolascoolman.eu/2023/07/18/les-caches-et-historiques-de-navigateurs/ =>.SUP.BrowserCache".fontcolor("#0d1df4"));
document.writeln("https://nicolascoolman.eu/wp-content/uploads/2017/12/26/sup-advancedsystemcare/ =>SUP.Optional.AdvancedSystemCare".fontcolor("#f20d47"));
document.writeln("https://nicolascoolman.eu/2017/03/11/pup-optional-crossrider/ =>Adware.CrossRider".fontcolor("#f20d47"));
document.writeln("");
document.writeln("<b>---\\ Other deletions. (0)</b>");
document.writeln("~ Registry Keys Tracing deleted (0)");
document.writeln("~ Remove the old reports ZHPCleaner. (0)");
document.writeln("");
document.writeln("<b>---\\ Result of repair</b>");
document.writeln("~ Repair carried out successfully");
document.writeln("~ Microsoft Edge OK");
document.writeln("~ Mozilla Firefox OK");
document.writeln("~ Microsoft Internet Explorer OK");
document.writeln("~ Opera GX Stable OK");
document.writeln("");
document.writeln("<b>---\\ Statistics</b>");
document.writeln("~ Items scanned : 1410");
document.writeln("~ Items found : 0");
document.writeln("~ Items cancelled : 0");
document.writeln("~ Space saving (bytes) : 0");
document.writeln("~ Items options : 10/18");
document.writeln("");
document.writeln("<b>---\\ OPTIONS NOT ACTIVES</b>");
document.writeln("~ Temporary file analysis");
document.writeln("~ Temporary folder analysis");
document.writeln("~ Empty Folder CLSID Analysis");
document.writeln("~ Empty Other Folder Analysis");
document.writeln("~ Empty LocalLow Folder Analysis");
document.writeln("~ Empty Local Folder Analysis");
document.writeln("~ Obsolete Installer File Analysis");
document.writeln("~ Start browsers with extensions removed");
document.writeln("");
document.writeln("~ End of clean in 00h01mn24s");
document.writeln("");
document.writeln("<b>---\\ Reports (2)</b>");
document.writeln("ZHPCleaner-[S]-19092023-15_32_43.txt");
document.writeln("ZHPCleaner-[R]-19092023-15_35_34.txt");
</SCRIPT>
</PRE>
<h1 style="background-color: #1393ef; text-align: center; color: #ffffff; padding: 15px;">ZHPCleaner report End</h1></BODY>
</HTML>

Elias Pereira · 20 de setembro de 2023

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Clique com o direito sobre o arquivo FRST64.EXE, depois clique em http://i.imgur.com/VRIfczU.png .

Aceite o contrato e depois clique no botão Scan/Examinar.Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

Fred Oliveira · 20 de setembro de 2023

30 minutos atrás, Elias Pereira disse:

Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Clique com o direito sobre o arquivo FRST64.EXE, depois clique em http://i.imgur.com/VRIfczU.png .

Aceite o contrato e depois clique no botão Scan/Examinar.Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.

Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.

FRST

Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20-09-2023
Executado por FRED (administrador) em DESKTOP-5R0985U (ASUS All Series) (20-09-2023 08:45:36)
Executando a partir de C:\Users\frede\Downloads\FRST64.exe
Perfis Carregados: FRED
Plataforma: Microsoft Windows 10 Pro Versão 22H2 19045.3448 (X64) Idioma: Português (Brasil)
Navegador padrão: FF
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksdeui.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.16130.20766\OfficeClickToRun.exe
(C:\Users\frede\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\frede\AppData\Local\Programs\Opera GX\102.0.4880.55\opera_crashreporter.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.913.400_x64__8wekyb3d8bbwe\olk.exe
(Feitian Technologies Co., Ltd. -> EnterSafe) C:\Program Files (x86)\EnterSafe\ePass2003\ePassCertd_2003.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\frede\AppData\Local\Microsoft\Teams\current\Teams.exe <8>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Opera Norway AS -> Opera Software) C:\Users\frede\AppData\Local\Programs\Opera GX\opera.exe <20>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Sophos Ltd -> Sophos) C:\Program Files (x86)\Sophos\Connect\scvpn.exe
(services.exe ->) (The OpenVPN Project) [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\openvpnserv.exe
(services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2>
(Sophos Ltd -> Sophos) C:\Program Files (x86)\Sophos\Connect\GUI\scgui.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2336.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21570.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21570.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3385_none_7e1c800a7c81ffd9\TiWorker.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Sophos Connect] => C:\Program Files (x86)\Sophos\Connect\GUI\scgui.exe [2417504 2022-11-09] (Sophos Ltd -> Sophos)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ePass2003_std] => C:\Program Files (x86)\EnterSafe\ePass2003\ePassCertd_2003.exe [145728 2015-11-04] (Feitian Technologies Co., Ltd. -> EnterSafe)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2607648 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Run: [MicrosoftEdgeAutoLaunch_4ADCAF6337B08BB24359F3288BAFDE06] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210216 2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\frede\AppData\Local\Microsoft\Teams\Update.exe [2588640 2023-09-15] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Run: [Opera GX Stable] => C:\Users\frede\AppData\Local\Programs\Opera GX\launcher.exe [2686880 2023-09-14] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-08-17] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\frede\AppData\Local\Temp\\.opera []
Startup: C:\Users\frede\AppData\Local\Temp\\.ses [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\09864277-2604-43d2-806d-8b6759f69211.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\1152fb06-f7c3-414d-b194-be0cb6e072cb.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\12124_1135530441 []
Startup: C:\Users\frede\AppData\Local\Temp\\202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\2bebcc6b-0373-4a82-9c3c-4f633f1818ec.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\3733e91c-7a7a-4fd6-b71b-edcded051095.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\38e42cef-6d5c-4b2a-90c9-b1de5c20454a.tmp [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\417fca4f-f1b2-4fa5-aa54-4c19484873f3.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\4fda36cb-be7a-42b7-87d3-e8c8d0570451.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\51eb4af3-86cc-48e9-b61a-6706d3f296b2.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\522c766b-1722-4ddb-95da-da93f42cb5e8.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\59151bdf-4b1f-4ebc-87ee-f0f215f0a0b1.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\59b33ae3-5424-4f81-a21f-58fa11ee5785.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5a35201d-bfd3-4130-a704-5f49da8e3ec6.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5bdc4b9d-607d-42e0-999a-0408955618eb.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5e48ddcc-de10-40a0-82ea-02b66df41760.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\97b843d0-c173-440c-9c02-6576771e27cc.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\a55a4027-4e29-41c1-a53f-329c946024f1.tmp [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\Acrobat Distiller DC []
Startup: C:\Users\frede\AppData\Local\Temp\\AdobeARM.log [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\adobegc.log [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\ba28b3a2-bb8e-4ab3-8541-17f946c85f3f.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\d1fdf894-0f7c-4105-89e5-a7eb7e7b0e00.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\de15864a-3308-4b39-8199-bf6d2d994eb9.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\e584128a-0986-49b2-98e0-81fb72df4d3b.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\mat-debug-9120.log [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\mozilla-temp-files []

==================== Tarefas Agendadas (Whitelisted) =================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {8851C55D-7518-4C45-A2C6-1D984C01153D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {7A7ED4D0-CADE-4B5F-9EA4-23C158C748A9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DCAD2567-AF9D-4BBA-A39A-7718E447075D} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {12B4DE34-EEC5-4D83-AD29-66335DD7A8DE} - System32\Tasks\ASC_PerformanceMonitor => "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task (Nenhum Arquivo)
Task: {569F587A-AF73-465C-96C0-FFB76E65774E} - System32\Tasks\ASC_SkipUac_FRED => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" /SkipUac (Nenhum Arquivo)
Task: {74E57898-C707-43FE-A441-EE4A065E24FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FD2694A1-2B90-4E76-93D5-D3C22B67E5F3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "a1d70218-29b1-4fcd-8b3c-a662c94c36e7" --version "6.16.10662" --silent
Task: {93C3CCEA-A4D9-4FD4-8773-E14883376937} - System32\Tasks\CCleanerSkipUAC - FRED => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F861ABAF-AFD7-48D6-8FC0-A77ACF1C6333} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3966976 2021-08-04] (Easeware) [Arquivo não assinado]
Task: {7DB97EE3-9076-467A-A2BE-FB33B008DA3D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26299360 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCE46ED3-2387-4B66-B921-DC19D54FB632} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26299360 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FAC7744-7EB1-4C4E-B022-BE70E23AA9E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144240 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {51541E5E-2993-4D5E-B3D3-8AC0F5856B7D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144240 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {29C6DE00-ACB2-4FF2-8036-653B91ED5486} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168840 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F00AE6FA-74E5-4E0E-85CD-9FAE93D7A443} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4C2D4B5-0442-40E4-A4DF-387874465C58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C81B790-8BD9-4003-9CE0-82722CBE9ADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42A9B4DD-E829-4AB3-9592-E9740972DE67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {87EE82C5-BA94-4A6D-B42F-860462F3B641} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\TerminalSysInfo => %appdata%\\sysinfotool\\sitool.exe -st -tu 7 (Nenhum Arquivo)
Task: {D6B52F78-720D-4B5E-9F8C-12131710112C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {95BE468E-B866-4A3E-BAC4-C4109C55B5AA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {69FEA89A-9F0C-4AA3-96B5-021D704B053D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {217E78CB-7289-40B4-A856-08D6F9722617} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1659604029-2551903776-3631580782-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CB5256C-6F6E-45CC-8A93-1A710FC3A672} - System32\Tasks\Opera GX scheduled Autoupdate 1694727256 => C:\Users\frede\AppData\Local\Programs\Opera GX\launcher.exe [2686880 2023-09-14] (Opera Norway AS -> Opera Software)
Task: {A140C381-DC39-496E-9DDC-AB26E9B89E67} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1659604029-2551903776-3631580782-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\Windows\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 181.213.132.2 181.213.132.3
Tcpip\..\Interfaces\{22171db1-f239-4a3e-a5ee-73ee797952ce}: [DhcpNameServer] 181.213.132.2 181.213.132.3

Edge:
=======
Edge Profile: C:\Users\frede\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-19]
Edge Extension: (Kaspersky Protection) - C:\Users\frede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-09-14]
Edge Extension: (Google Docs Offline) - C:\Users\frede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-19]
Edge Extension: (Edge relevant text changes) - C:\Users\frede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]
Edge HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: glxhh27h.default
FF ProfilePath: C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\glxhh27h.default [2023-09-15]
FF user.js: detected! => C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\glxhh27h.default\user.js [2023-09-15]
FF ProfilePath: C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409 [2023-09-20]
FF user.js: detected! => C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\user.js [2023-09-15]
FF Extension: (AdBlocker Ultimate) - C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\Extensions\[email protected] [2023-09-14]
FF Extension: (Ghostery – Bloqueador de anúncios para privacidade) - C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\Extensions\[email protected] [2023-09-14]
FF Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\Extensions\[email protected] [2023-09-15]
FF Extension: (Lightshot (Ferramenta de captura)) - C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}.xpi [2023-09-14]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-08-17]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2023-09-19]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-09-14] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-09-14] <==== ATENÇÃO

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001) Opera GXStable - "C:\Users\frede\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2022-08-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12513208 2023-07-26] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncHelper.exe [3518480 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.180.0828.0001\OneDriveUpdaterService.exe [3855376 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
R3 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Connect\openvpnserv.exe [147456 2022-04-22] (The OpenVPN Project) [Arquivo não assinado]
R2 scvpn; C:\Program Files (x86)\Sophos\Connect\scvpn.exe [1788768 2022-11-09] (Sophos Ltd -> Sophos)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 strongSwan; C:\Program Files (x86)\Sophos\Connect\charon-svc.exe [406452 2022-05-05] () [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1012024 2023-01-13] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AdvancedSystemCareService16; "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe" [X]

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [522504 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [739984 2023-08-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1860408 2023-08-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [235704 2023-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1049864 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\Windows\system32\DRIVERS\kltun.sys [86776 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [369432 2023-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [351912 2023-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [179816 2023-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [260512 2023-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 tapSophos; C:\Windows\System32\drivers\tapSophos.sys [36856 2022-02-21] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55872 2023-09-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [574872 2023-09-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-14] (Microsoft Windows -> Microsoft Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [55496 2023-09-19] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [51160 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [41816 2023-05-05] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [38816 2023-02-27] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X]
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-09-20 08:45 - 2023-09-20 08:46 - 000031649 _____ C:\Users\frede\Downloads\FRST.txt
2023-09-20 08:45 - 2023-09-20 08:46 - 000000000 ____D C:\FRST
2023-09-20 08:44 - 2023-09-20 08:44 - 002382848 _____ (Farbar) C:\Users\frede\Downloads\FRST64.exe
2023-09-19 20:21 - 2023-09-19 20:21 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-09-19 19:59 - 2023-09-19 20:00 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2023-09-19 19:59 - 2023-09-19 19:59 - 000000000 ____D C:\Users\frede\AppData\Local\SaRALogs
2023-09-19 19:58 - 2023-09-19 20:01 - 000000000 ____D C:\Users\frede\AppData\Local\Deployment
2023-09-19 19:58 - 2023-09-19 19:58 - 000000000 ____D C:\Users\frede\AppData\Local\Apps\2.0
2023-09-19 15:23 - 2023-09-19 15:35 - 000000000 ____D C:\Users\frede\AppData\Roaming\ZHP
2023-09-19 15:23 - 2023-09-19 15:23 - 000000000 ____D C:\Users\frede\AppData\Local\ZHP
2023-09-19 15:20 - 2023-09-19 15:21 - 000000000 ____D C:\AdwCleaner
2023-09-15 18:51 - 2023-09-15 18:50 - 000001306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2023-09-15 18:48 - 2023-09-15 18:49 - 000000000 ____D C:\Program Files (x86)\dotnet
2023-09-15 14:45 - 2023-05-05 08:22 - 000041816 ____N (Topaz OFD) C:\Windows\system32\Drivers\wsddpp.sys
2023-09-15 09:35 - 2023-09-15 09:35 - 001980992 _____ (Logitech, Inc.) C:\Windows\system32\LkmdfCoInst.dll
2023-09-15 09:35 - 2023-09-15 09:35 - 000113216 _____ (Logitech, Inc.) C:\Windows\system32\LMouFiltCoInst.dll
2023-09-15 09:35 - 2023-09-15 09:35 - 000063552 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LHidFilt.Sys
2023-09-15 09:35 - 2023-09-15 09:35 - 000054336 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LMouFilt.Sys
2023-09-15 09:35 - 2023-09-15 09:35 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2023-09-15 09:33 - 2023-09-15 10:22 - 000000436 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2023-09-15 09:33 - 2023-09-15 09:33 - 000003908 _____ C:\Windows\system32\Tasks\Driver Easy Scheduled Scan
2023-09-15 09:33 - 2023-09-15 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2023-09-15 09:33 - 2023-09-15 09:33 - 000000000 ____D C:\Program Files\Easeware
2023-09-15 09:32 - 2023-09-15 11:50 - 000003280 _____ C:\Windows\system32\Tasks\Optimize Push Notification Data File-S-1-5-21-1659604029-2551903776-3631580782-1001
2023-09-15 09:29 - 2023-09-15 09:33 - 000000000 ____D C:\Users\frede\AppData\Roaming\Easeware
2023-09-15 09:23 - 2023-09-15 09:23 - 096546816 _____ C:\Windows\system32\config\SOFTWARE.iobit
2023-09-15 09:23 - 2023-09-15 09:23 - 005472256 _____ C:\Windows\system32\config\DRIVERS.iobit
2023-09-15 09:23 - 2023-09-15 09:23 - 000581632 _____ C:\Windows\system32\config\DEFAULT.iobit
2023-09-15 09:23 - 2023-09-15 09:23 - 000086016 _____ C:\Windows\system32\config\SAM.iobit
2023-09-15 09:23 - 2023-09-15 09:23 - 000032768 _____ C:\Windows\system32\config\SECURITY.iobit
2023-09-15 09:20 - 2023-09-19 15:21 - 000000000 ____D C:\Users\frede\AppData\LocalLow\IObit
2023-09-15 09:20 - 2023-09-19 15:21 - 000000000 ____D C:\Program Files (x86)\IObit
2023-09-15 09:20 - 2023-09-15 09:21 - 000000000 ____D C:\ProgramData\ProductData
2023-09-15 09:20 - 2023-09-15 09:20 - 000003298 _____ C:\Windows\system32\Tasks\ASC_PerformanceMonitor
2023-09-15 09:20 - 2023-09-15 09:20 - 000003086 _____ C:\Windows\system32\Tasks\ASC_SkipUac_FRED
2023-09-15 09:20 - 2023-09-15 09:20 - 000000000 ____D C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}
2023-09-15 09:19 - 2023-09-19 15:35 - 000000000 ____D C:\ProgramData\IObit
2023-09-15 09:19 - 2023-09-19 15:21 - 000000000 ____D C:\Users\frede\AppData\Roaming\IObit
2023-09-15 09:05 - 2023-09-15 09:05 - 000001322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2023-09-15 09:05 - 2023-09-15 09:05 - 000000000 ____D C:\Users\frede\AppData\Roaming\GlarySoft
2023-09-15 09:05 - 2023-09-15 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2023-09-15 09:05 - 2023-09-15 09:05 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2023-09-15 08:07 - 2023-09-19 20:26 - 000000000 ____D C:\Program Files\CCleaner
2023-09-15 08:07 - 2023-09-19 19:26 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-09-15 08:07 - 2023-09-15 08:24 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-09-15 08:07 - 2023-09-15 08:07 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-09-15 08:07 - 2023-09-15 08:07 - 000002900 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - FRED
2023-09-15 08:07 - 2023-09-15 08:07 - 000000000 ____D C:\ProgramData\Piriform
2023-09-15 08:07 - 2023-09-15 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-09-15 00:39 - 2023-09-15 00:39 - 000000000 ___HD C:\$WinREAgent
2023-09-15 00:37 - 2023-09-15 00:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-15 00:34 - 2023-09-15 00:36 - 000000000 ____D C:\Windows\system32\MRT
2023-09-14 21:17 - 2023-09-14 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnterSafe
2023-09-14 21:17 - 2023-09-14 21:17 - 000000000 ____D C:\Program Files (x86)\EnterSafe
2023-09-14 21:17 - 2015-11-04 00:53 - 000000256 _____ C:\Windows\SysWOW64\eps2003csp11.sig
2023-09-14 21:17 - 2015-11-04 00:53 - 000000256 _____ C:\Windows\system32\eps2003csp11.sig
2023-09-14 21:17 - 2015-11-04 00:52 - 001413440 _____ (EnterSafe) C:\Windows\system32\eps2003csp11.dll
2023-09-14 21:17 - 2015-11-04 00:52 - 000865088 _____ (EnterSafe) C:\Windows\SysWOW64\eps2003csp11.dll
2023-09-14 21:17 - 2015-11-04 00:50 - 000048128 _____ (www.EnterSafe.com) C:\Windows\system32\eps2003csp11_s.dll
2023-09-14 21:17 - 2015-11-04 00:50 - 000010752 _____ (www.EnterSafe.com) C:\Windows\SysWOW64\eps2003csp11_s.dll
2023-09-14 21:15 - 2023-09-14 21:15 - 000000000 ____D C:\Users\frede\OneDrive\Documentos\Modelos Personalizados do Office
2023-09-14 21:05 - 2023-09-14 21:09 - 000000000 ____D C:\Users\frede\AppData\Roaming\utility-birdid
2023-09-14 21:05 - 2023-09-14 21:05 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente Desktop birdID.lnk
2023-09-14 21:05 - 2023-09-14 21:05 - 000000000 ____D C:\Users\frede\vault
2023-09-14 21:05 - 2023-09-14 21:05 - 000000000 ____D C:\Users\frede\AppData\Local\utility-birdid-updater
2023-09-14 21:05 - 2023-09-14 21:05 - 000000000 ____D C:\Program Files\Assistente Desktop birdID
2023-09-14 20:31 - 2023-09-19 15:19 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Excel
2023-09-14 20:26 - 2023-09-15 06:04 - 000000000 ____D C:\Users\frede\AppData\Roaming\SysInfoTool
2023-09-14 20:14 - 2023-09-14 20:14 - 000003530 _____ C:\Windows\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2023-09-14 20:14 - 2023-09-14 20:14 - 000003506 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2023-09-14 20:11 - 2023-09-14 20:28 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-09-14 20:11 - 2023-09-14 20:28 - 000000000 ____D C:\Users\frede\AppData\Local\Adobe
2023-09-14 20:11 - 2023-09-14 20:11 - 000000040 ____H C:\C416F53A1682
2023-09-14 20:11 - 2023-09-14 20:11 - 000000000 ____D C:\Users\frede\AppData\LocalLow\Adobe
2023-09-14 20:10 - 2023-09-14 20:10 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2023-09-14 20:10 - 2023-09-14 20:10 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2023-09-14 20:09 - 2023-09-14 20:28 - 000000000 ____D C:\ProgramData\Adobe
2023-09-14 20:09 - 2023-09-14 20:09 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-09-14 19:10 - 2023-09-14 19:10 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\MMC
2023-09-14 18:53 - 2023-09-14 18:53 - 000002548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security.lnk
2023-09-14 18:50 - 2023-09-14 18:50 - 000000000 ____D C:\Users\frede\AppData\Local\ToastNotificationManagerCompat
2023-09-14 18:45 - 2023-09-19 19:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2023-09-14 18:45 - 2023-09-15 18:51 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2023-09-14 18:45 - 2023-09-14 18:53 - 000000000 ____D C:\Program Files\Common Files\AV
2023-09-14 18:45 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2023-09-14 18:43 - 2023-09-14 20:29 - 000000000 ____D C:\Users\frede\AppData\Local\DiskDrill
2023-09-14 18:43 - 2023-09-14 18:43 - 000000000 ___HD C:\.cleverfiles
2023-09-14 18:43 - 2023-09-14 18:43 - 000000000 ____D C:\Users\frede\AppData\Local\CrashRpt
2023-09-14 18:43 - 2023-09-14 18:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2023-09-14 18:43 - 2023-09-14 18:43 - 000000000 ____D C:\ProgramData\CleverFiles
2023-09-14 18:42 - 2023-09-14 18:42 - 000000000 ____D C:\Users\frede\AppData\Local\D3DSCache
2023-09-14 18:40 - 2023-09-14 18:40 - 000000000 ____D C:\Users\frede\AppData\Local\OneDrive
2023-09-14 18:34 - 2023-09-15 08:51 - 000003592 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1694727256
2023-09-14 18:34 - 2023-09-14 18:34 - 000001432 _____ C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk
2023-09-14 18:34 - 2023-09-14 18:34 - 000000000 ____D C:\Users\frede\AppData\Local\Opera Software
2023-09-14 18:33 - 2023-09-14 18:33 - 000000018 _____ C:\Users\frede\AppData\Roaming\.cache9050425797200915815.dat
2023-09-14 18:33 - 2023-09-14 18:33 - 000000000 ____D C:\Users\frede\AppData\Roaming\Opera Software
2023-09-14 18:33 - 2023-09-14 18:33 - 000000000 ____D C:\Program Files\dotnet
2023-09-14 18:32 - 2023-09-15 18:48 - 000000000 ____D C:\ProgramData\Package Cache
2023-09-14 17:25 - 2023-09-14 17:25 - 000000000 ____D C:\Users\frede\AppData\LocalLow\Temp
2023-09-14 17:15 - 2023-09-19 20:21 - 000055496 _____ (Topaz OFD) C:\Windows\system32\Drivers\wsddfac.sys
2023-09-14 17:15 - 2023-09-14 17:16 - 000000000 ____D C:\ProgramData\Temp
2023-09-14 17:15 - 2023-09-14 17:15 - 000000000 ___HD C:\Program Files (x86)\Topaz OFD
2023-09-14 17:15 - 2023-09-14 17:15 - 000000000 ____D C:\Program Files\Topaz OFD
2023-09-14 17:15 - 2023-02-27 17:51 - 000038816 ____N (Topaz OFD) C:\Windows\system32\Drivers\wsddprm.sys
2023-09-14 17:15 - 2021-02-11 19:37 - 000051160 _____ (Topaz OFD) C:\Windows\system32\Drivers\wsddntf.sys
2023-09-14 17:14 - 2023-09-14 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2023-09-14 17:14 - 2023-09-14 17:14 - 000000000 ____D C:\Program Files (x86)\Sophos
2023-09-14 17:03 - 2023-09-20 08:41 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Teams
2023-09-14 17:03 - 2023-09-15 18:06 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-09-14 17:03 - 2023-09-15 06:56 - 000002368 _____ C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-09-14 17:02 - 2023-09-14 17:03 - 000000000 ____D C:\Users\frede\AppData\Local\SquirrelTemp
2023-09-14 16:44 - 2023-09-15 08:08 - 000000000 ____D C:\Users\frede\AppData\Local\CrashDumps
2023-09-14 16:44 - 2023-09-14 18:42 - 000000000 __SHD C:\ProgramData\presepuesto
2023-09-14 16:41 - 2023-09-14 16:41 - 000000000 ____D C:\Users\frede\AppData\Roaming\WinRAR
2023-09-14 16:40 - 2023-09-15 08:09 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-09-14 16:40 - 2023-09-15 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-09-14 16:40 - 2023-09-15 08:09 - 000000000 ____D C:\Program Files\WinRAR
2023-09-14 15:47 - 2023-09-15 17:40 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\UProof
2023-09-14 15:47 - 2023-09-14 15:47 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Proof
2023-09-14 15:45 - 2023-09-19 19:55 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Word
2023-09-14 15:45 - 2023-09-14 15:56 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Office
2023-09-14 15:45 - 2023-09-14 15:45 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\AddIns
2023-09-14 15:43 - 2023-09-14 17:03 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-09-14 15:43 - 2023-09-14 17:03 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-14 15:43 - 2023-09-14 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2023-09-14 15:43 - 2023-09-14 15:43 - 000000000 ___RD C:\Users\Default\OneDrive
2023-09-14 15:43 - 2023-09-14 15:43 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-09-14 15:43 - 2023-09-14 15:43 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2023-09-14 15:41 - 2023-09-14 15:41 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office
2023-09-14 15:37 - 2023-09-20 08:47 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-14 15:37 - 2023-09-14 15:37 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-09-14 15:34 - 2023-09-14 15:34 - 000000016 _____ C:\ProgramData\mntemp
2023-09-14 15:33 - 2023-09-14 18:32 - 000000000 ____D C:\ProgramData\Wondershare
2023-09-14 15:33 - 2023-09-14 15:34 - 000000000 ____D C:\Users\frede\AppData\Roaming\Wondershare
2023-09-14 15:33 - 2023-09-14 15:33 - 000000000 ____D C:\Users\frede\AppData\Local\PeerDistRepub
2023-09-14 15:31 - 2023-09-15 09:29 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-09-14 15:31 - 2023-09-14 15:31 - 000002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegação privativa do Firefox.lnk
2023-09-14 15:31 - 2023-09-14 15:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-14 15:28 - 2023-09-19 20:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-14 15:28 - 2023-09-14 15:31 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-14 15:28 - 2023-09-14 15:28 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2023-09-14 15:28 - 2023-09-14 15:28 - 000000000 ____D C:\Users\frede\AppData\Roaming\Mozilla
2023-09-14 15:28 - 2023-09-14 15:28 - 000000000 ____D C:\Users\frede\AppData\Local\Mozilla
2023-09-14 15:27 - 2023-09-19 20:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-14 15:21 - 2023-09-14 15:21 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Spelling
2023-09-14 15:19 - 2023-09-15 09:44 - 000000000 ____D C:\Users\frede\AppData\Local\PlaceholderTileLogoFolder
2023-09-14 15:19 - 2023-09-14 17:03 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1659604029-2551903776-3631580782-1001
2023-09-14 15:19 - 2023-09-14 15:19 - 000000000 ___HD C:\OneDriveTemp
2023-09-14 15:19 - 2023-09-14 15:19 - 000000000 ____D C:\Users\frede\AppData\Local\Comms
2023-09-14 15:18 - 2023-09-19 20:21 - 000000000 ___RD C:\Users\frede\OneDrive
2023-09-14 15:18 - 2023-09-14 15:18 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-09-14 15:17 - 2023-09-15 16:26 - 000000000 ____D C:\Users\frede\AppData\Local\Packages
2023-09-14 15:17 - 2023-09-15 00:38 - 000000000 ____D C:\ProgramData\Packages
2023-09-14 15:17 - 2023-09-14 20:12 - 000000000 ____D C:\Users\frede\AppData\Roaming\Adobe
2023-09-14 15:17 - 2023-09-14 20:00 - 000000000 ____D C:\Users\frede\AppData\Local\ConnectedDevicesPlatform
2023-09-14 15:17 - 2023-09-14 18:39 - 000000000 __SHD C:\Users\frede\IntelGraphicsProfiles
2023-09-14 15:17 - 2023-09-14 16:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ___SD C:\Users\frede\AppData\Roaming\Microsoft\Crypto
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ___RD C:\Users\frede\3D Objects
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Vault
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Network
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ____D C:\Users\frede\AppData\Local\VirtualStore
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ____D C:\Users\frede\AppData\Local\Publishers
2023-09-14 15:12 - 2023-09-19 19:30 - 000000000 ____D C:\Users\frede
2023-09-14 15:12 - 2023-09-14 18:40 - 000000000 ___SD C:\Users\frede\AppData\Roaming\Microsoft\Credentials
2023-09-14 15:12 - 2023-09-14 17:02 - 000000000 ___SD C:\Users\frede\AppData\Roaming\Microsoft\Protect
2023-09-14 15:12 - 2023-09-14 15:17 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Windows
2023-09-14 15:12 - 2023-09-14 15:12 - 000000020 ___SH C:\Users\frede\ntuser.ini
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Modelos
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Meus Documentos
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Menu Iniciar
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Dados de Aplicativos
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Configurações Locais
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\AppData\Local\Histórico
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\AppData\Local\Dados de Aplicativos
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Ambiente de Rede
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Ambiente de Impressão
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 ___SD C:\Users\frede\AppData\Roaming\Microsoft\SystemCertificates
2023-09-14 15:10 - 2023-09-19 20:25 - 001651882 _____ C:\Windows\system32\PerfStringBackup.INI
2023-09-14 15:10 - 2023-09-14 15:10 - 000000000 ____D C:\ProgramData\Realtek
2023-09-14 15:09 - 2023-09-14 20:00 - 000000000 ____D C:\Intel
2023-09-14 15:09 - 2023-09-14 15:09 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2023-09-14 15:09 - 2023-09-14 15:09 - 000000000 ____D C:\Program Files\Intel
2023-09-14 15:09 - 2023-09-14 15:09 - 000000000 ____D C:\Program Files (x86)\Intel
2023-09-14 15:09 - 2023-09-14 15:09 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Usuário Padrão
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Todos os Usuários
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Modelos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Meus Documentos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Menu Iniciar
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Dados de Aplicativos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Configurações Locais
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Ambiente de Rede
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Ambiente de Impressão
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\ProgramData\Modelos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\ProgramData\Menu Iniciar
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\ProgramData\Documentos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\ProgramData\Dados de Aplicativos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Program Files\Common Files\Sistema
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Program Files\Arquivos Comuns
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Documents and Settings
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Arquivos de Programas
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 ____D C:\Windows\CSC
2023-09-14 15:04 - 2023-09-20 08:43 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-14 15:04 - 2023-09-20 08:41 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-14 15:04 - 2023-09-19 20:21 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-14 15:04 - 2023-09-19 20:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-14 15:04 - 2023-09-16 21:05 - 000000000 ____D C:\Windows\Panther
2023-09-14 15:04 - 2023-09-15 06:00 - 000458368 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-14 15:04 - 2023-09-14 17:23 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-09-14 15:04 - 2023-09-14 15:31 - 000003674 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-14 15:04 - 2023-09-14 15:31 - 000003550 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-14 15:04 - 2023-09-14 15:04 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-09-14 15:04 - 2023-09-14 15:04 - 000000000 ____D C:\Windows\ServiceProfiles

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2023-09-20 08:44 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness
2023-09-20 08:43 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-20 08:43 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-19 20:25 - 2019-12-07 11:53 - 000715446 _____ C:\Windows\system32\prfh0416.dat
2023-09-19 20:25 - 2019-12-07 11:53 - 000140602 _____ C:\Windows\system32\prfc0416.dat
2023-09-19 20:25 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF
2023-09-19 20:20 - 2019-12-07 06:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-09-19 20:19 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\NDF
2023-09-15 16:26 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp
2023-09-15 16:11 - 2019-12-07 06:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-09-15 06:03 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\appcompat
2023-09-15 01:02 - 2019-12-07 11:56 - 000000000 ___SD C:\Windows\system32\AppV
2023-09-15 01:02 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemResources
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\setup
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\oobe
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\bcastdvr
2023-09-15 00:53 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\servicing
2023-09-14 18:45 - 2019-12-07 06:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-09-14 17:23 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-09-14 15:43 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-09-14 15:33 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\ServiceState
2023-09-14 15:12 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-09-14 15:06 - 2019-12-07 11:54 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-09-14 15:06 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\spool
2023-09-14 15:06 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Windows NT
2023-09-14 15:04 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\USOPrivate
2023-09-14 15:03 - 2019-12-07 06:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template

==================== Arquivos na raiz de alguns diretórios ========

2023-09-14 18:33 - 2023-09-14 18:33 - 000000018 _____ () C:\Users\frede\AppData\Roaming\.cache9050425797200915815.dat
2023-09-14 20:10 - 2023-09-14 20:10 - 000000410 _____ () C:\Users\frede\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================

Addition.txt

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 20-09-2023
Executado por FRED (20-09-2023 08:49:49)
Executando a partir de C:\Users\frede\Downloads
Microsoft Windows 10 Pro Versão 22H2 19045.3448 (X64) (2023-09-14 18:06:21)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-1659604029-2551903776-3631580782-500 - Administrator - Disabled)
Convidado (S-1-5-21-1659604029-2551903776-3631580782-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1659604029-2551903776-3631580782-503 - Limited - Disabled)
FRED (S-1-5-21-1659604029-2551903776-3631580782-1001 - Administrator - Enabled) => C:\Users\frede
WDAGUtilityAccount (S-1-5-21-1659604029-2551903776-3631580782-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assistente de Recuperação e Suporte da Microsoft (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\4336df8a13b91f17) (Version: 17.1.495.21 - Microsoft Corporation)
Assistente Desktop birdID 2.2.0 (HKLM\...\{fc8d59a4-d44c-5521-b21d-0c8e14688f93}) (Version: 2.2.0 - Vaultid Criptografia e Identificação)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
Driver Easy 5.7.0 (HKLM\...\DriverEasy_is1) (Version: 5.7.0 - Easeware)
ePass2003 (HKLM-x32\...\ePass2003-4FE7-A218-48BDAE051E2B_std) (Version: 1.1.15.1104 - EnterSafe)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky)
Microsoft .NET Host - 6.0.21 (x86) (HKLM-x32\...\{A9F8F2E3-D3A4-4D90-9800-F689932ECE89}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.8 (x64) (HKLM\...\{19FCE07F-2A75-44AC-9EA5-8E29FE2F8DBE}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.21 (x86) (HKLM-x32\...\{EF4A37DD-21FE-43E9-89D1-1C699CC197AC}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.8 (x64) (HKLM\...\{174E0D7C-F2C9-49A2-83FB-95A0FE6FA023}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.21 (x86) (HKLM-x32\...\{B8ED272B-5F2D-4FF5-A7CA-C73552D7FB0F}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.8 (x64) (HKLM\...\{B45C77BA-0B4E-4FBB-99B9-9774ECBE20AA}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft 365 Apps para Grandes Empresas - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.16130.20766 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.36 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.180.0828.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Teams) (Version: 1.6.00.24078 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x86) (HKLM-x32\...\{33e692e6-1f06-4c3d-8981-738c129e0b2c}) (Version: 6.0.21.32717 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.21 (x86) (HKLM-x32\...\{F25834D2-0460-4995-8585-8E41BD074159}) (Version: 48.87.64723 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.8 (x64) (HKLM\...\{3133BC55-90BD-4B87-82A2-6670B3CAFB81}) (Version: 56.35.63153 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.8 (x64) (HKLM-x32\...\{d260fcb6-95b8-4c81-8e07-ce75876ffca2}) (Version: 7.0.8.32619 - Microsoft Corporation)
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 117.0.1 (x64 pt-BR)) (Version: 117.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 117.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20714 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20766 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.16130.20714 - Microsoft Corporation) Hidden
Opera GX Stable 102.0.4880.55 (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Opera GX 102.0.4880.55) (Version: 102.0.4880.55 - Opera Software)
Registry Repair 5.0.1.132 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.132 - Glarysoft Ltd)
Sophos Connect (HKLM-x32\...\{5010C740-B95D-4D2B-8831-87792C59BCE8}) (Version: 2.2.90.1104 - Sophos Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.18681 - Microsoft Corporation)
Warsaw 2.38.0.11 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.38.0.11 - Topaz)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corporation)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.913.400_x64__8wekyb3d8bbwe [2023-09-19] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0 [2023-09-19] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2336.7.0_x64__cv1g1gvanyjgm [2023-09-15] (WhatsApp Inc.) [Startup Task]
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.918.726.409_neutral__8wekyb3d8bbwe [2023-09-18] (Microsoft Corporation)

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1659604029-2551903776-3631580782-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\frede\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23213.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1659604029-2551903776-3631580782-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\frede\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Atalhos & WMI ========================

==================== Módulos Carregados (Whitelisted) =============

2015-03-16 19:34 - 2015-03-16 19:34 - 000010240 _____ () [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\AcroTray.ptb
2022-02-21 12:40 - 2022-02-21 12:40 - 000124416 _____ () [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\davici.dll
2020-08-17 18:45 - 2020-08-17 18:45 - 000021504 _____ (Adobe Systems Inc.) [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\Acrobat Elements\ContextMenuShim64.ptb
2022-03-29 12:09 - 2022-03-29 12:09 - 002863233 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\libcrypto-1_1.dll
2022-03-29 12:09 - 2022-03-29 12:09 - 000887222 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\libssl-1_1.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aDXs4 [3506]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [7666]

==================== Modo de Segurança (Whitelisted) ==================

==================== Associação (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\sharepoint.com -> hxxps://conselhoarquitetura-files.sharepoint.com

==================== Hosts Conteúdo: =========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Outras Áreas ===========================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 181.213.132.2 - 181.213.132.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall do Windows está habilitado.

Network Binding:
=============
Ethernet: Topaz OFD Network Monitor -> nt_wsddntf (enabled)
Ethernet 2: Topaz OFD Network Monitor -> nt_wsddntf (enabled)

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Se uma entrada for incluída na fixlist, será removida.)

MSCONFIG\Services: cfbackd => 2
MSCONFIG\Services: strongSwan => 3
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => ".ses"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "cv_debug.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "DDInstall.cpccLog.txt"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "wsWAE.log.2023-09-14"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "{39930BA9-D54B-4734-AA75-FA772E1149C4} - OProcSessId.dat"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "Disk_Drill_5.3.826.0_20230914202317.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "Disk_Drill_5.3.826.0_20230914202317_001_DD.Setup.x64.msi.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "d7f621e8-9a86-42f6-a933-23b606537707.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "5e48ddcc-de10-40a0-82ea-02b66df41760.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "a55a4027-4e29-41c1-a53f-329c946024f1.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\Run: => "Opera GX Stable"

==================== Regras do Firewall (Whitelisted) ================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [{120C831A-FA27-4EA3-A195-205D75894521}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEAA9933-261A-4042-982F-3B3CE033456A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2A5771EF-180E-43BC-B8C7-E41267460CCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{29D5778F-C31D-4A84-95B5-47B133A3B8CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A80F4BFA-D49A-49A2-A9DC-32E3687B947C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D597FA09-2501-4A24-AB50-84F0E7488044}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D49E9327-69C7-4E91-9393-F3066A61247E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3F8730B3-4F86-4DA6-97DC-E0AF1996D6C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EE712276-2B28-4FF2-BAF5-ECCBF2ADB8E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1D3ED616-F35C-4F7A-A8CE-4551CD577ECB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{053798F0-0DE3-44EF-BCE8-77B1D6351882}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{692300A0-C1CF-47B8-97DD-4C26BB77E733}C:\users\frede\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\frede\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{758C5D8E-C1AD-448C-B5DB-DB756A48601F}C:\users\frede\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\frede\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{6EF0EDBE-144F-45A2-A6BE-77D7186915EE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F5C66C61-2120-47B4-ADC9-CBE1251CE7C5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC325608-3537-4A95-BD37-C07B783ADC2B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE528378-46B3-45B8-97EA-3017E8E9FFAA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{374C0C77-BBA8-4E75-9C0A-BB3F6743388C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Pontos de Restauração =========================

18-09-2023 00:12:55 Ponto de Verificação Agendado
19-09-2023 15:33:51 ZHPcleaner

==================== Dispositivos Apresentando Falhas No Gerenciador ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Erros no Log de eventos: ========================

Erros em Aplicativos:
==================
Error: (09/19/2023 04:09:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa olk.exe versão 1.2023.831.400 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 3714

Hora de Início: 01d9eb2cac030d8d

Hora de Término: 4294967295

Caminho do Aplicativo: C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.831.400_x64__8wekyb3d8bbwe\olk.exe

ID do Relatório: 730f91a0-c17c-4729-88dd-4833ea5efd69

Nome completo do pacote com falha: Microsoft.OutlookForWindows_1.2023.831.400_x64__8wekyb3d8bbwe

ID do aplicativo relativo ao pacote com falha: Microsoft.OutlookforWindows

Tipo com falha: Quiesce

Error: (09/19/2023 03:30:18 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (09/18/2023 07:41:32 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (09/18/2023 12:04:26 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (09/16/2023 08:57:54 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (09/15/2023 03:30:18 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (09/14/2023 08:07:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Adobe.Acrobat.Pro.DC.v2020.012.20043.exe versão 1.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.

ID do Processo: 2090

Hora de Início: 01d9e76029fad6da

Hora de Término: 4294967295

Caminho do Aplicativo: D:\Programas\Nova pasta\Adobe.Acrobat.Pro.DC.v2020.012.20043.exe

ID do Relatório: 9d05a793-7d02-477b-a35a-0100598f6a17

Nome completo do pacote com falha:

ID do aplicativo relativo ao pacote com falha:

Tipo com falha: Top level window is idle

Error: (09/14/2023 07:58:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_Audiosrv, versão: 10.0.19041.1806, carimbo de data/hora: 0x7dcad237
Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.2788, carimbo de data/hora: 0x2f715b17
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000038314
ID do processo com falha: 0x960
Hora de início do aplicativo com falha: 0x01d9e7594e3a0034
Caminho do aplicativo com falha: C:\Windows\System32\svchost.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll
ID do Relatório: dcaed3de-c338-4e39-aa5f-06e45adc4aec
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:

Erros de Sistema:
=============
Error: (09/19/2023 08:27:17 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-5R0985U)
Description: Não é possível iniciar o servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. O erro:
"2147942767"
Aconteceu ao iniciar este comando:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (09/19/2023 08:21:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço AdvancedSystemCareService16 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (09/19/2023 07:45:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço AdvancedSystemCareService16 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (09/19/2023 07:45:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 19:23:58 do dia ‎19/‎09/‎2023 não era esperado.

Error: (09/19/2023 07:23:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço AdvancedSystemCareService16 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.

Error: (09/19/2023 07:23:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 18:45:55 do dia ‎19/‎09/‎2023 não era esperado.

Error: (09/19/2023 07:23:49 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORIDADE NT)
Description: 3221225684Ocorrência de erro fatal em processamento de dados de restauração.

Error: (09/19/2023 03:22:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SASDIFSV devido ao seguinte erro:
O Windows não pode verificar a assinatura digital deste arquivo. Talvez uma alteração recente de hardware ou software tenha instalado um arquivo com uma assinatura incorreta ou danificado, ou talvez o arquivo seja um software mal-intencionado de origem desconhecida.

Windows Defender:
================
Date: 2023-09-19 12:49:45
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {FDBC9051-BAB2-4057-A533-3901563A0847}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-09-18 19:48:59
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {F784C764-9745-4D96-BB6E-0F2BE6867E55}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-09-18 00:11:53
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {C215CD98-D3A5-47EA-BBC0-883847D9D7E4}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-09-16 12:21:24
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {63899000-78D2-41E4-9F53-675C9D6AD423}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

Date: 2023-09-15 18:31:59
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {50D607A6-6720-4772-81FC-4B69B014E743}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA

CodeIntegrity:
===============
Date: 2023-09-20 08:42:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2023-09-19 20:36:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe) attempted to load \Device\HarddiskVolume5\Program Files\Topaz OFD\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-09-19 20:36:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe) attempted to load \Device\HarddiskVolume5\Program Files\Topaz OFD\Warsaw\wslbscr64.dll that did not meet the Microsoft signing level requirements.

Date: 2023-09-19 20:22:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume5\Program Files\Topaz OFD\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.

==================== Informações da Memória ===========================

BIOS: American Megatrends Inc. 2201 03/09/2015
placa-mãe: ASUSTeK COMPUTER INC. H81M-A/BR
Processador: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentagem de memória em uso: 46%
RAM física total: 16255.85 MB
RAM física disponível: 8732.98 MB
Virtual Total: 19199.85 MB
Virtual disponível: 10620.07 MB

==================== Drives ================================

Drive () (Fixed) (Total:111.15 GB) (Free:64.03 GB) (Model: HP SSD S700 120GB ATA Device) NTFS
Drive d: (Backup) (Fixed) (Total:833.85 GB) (Free:657.64 GB) (Model: ST1000DM010-2EP102 ATA Device) NTFS
Drive f: (Programas) (Fixed) (Total:97.66 GB) (Free:83.56 GB) (Model: ST1000DM010-2EP102 ATA Device) NTFS

\\?\Volume{e529d0f6-00bb-4550-9414-b8a0c9020dd7}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{805af017-a1bb-4ead-9b4f-8283b97bec0e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabela de Partições ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D6DE6085)
Partition 1: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: B79CD228)

Partition: GPT.

==================== Fim de Addition.txt =======================

Elias Pereira · 20 de setembro de 2023

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Startup: C:\Users\frede\AppData\Local\Temp\\.opera []
Startup: C:\Users\frede\AppData\Local\Temp\\.ses [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\09864277-2604-43d2-806d-8b6759f69211.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\1152fb06-f7c3-414d-b194-be0cb6e072cb.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\12124_1135530441 []
Startup: C:\Users\frede\AppData\Local\Temp\\202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\2bebcc6b-0373-4a82-9c3c-4f633f1818ec.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\3733e91c-7a7a-4fd6-b71b-edcded051095.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\38e42cef-6d5c-4b2a-90c9-b1de5c20454a.tmp [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\417fca4f-f1b2-4fa5-aa54-4c19484873f3.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\4fda36cb-be7a-42b7-87d3-e8c8d0570451.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\51eb4af3-86cc-48e9-b61a-6706d3f296b2.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\522c766b-1722-4ddb-95da-da93f42cb5e8.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\59151bdf-4b1f-4ebc-87ee-f0f215f0a0b1.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\59b33ae3-5424-4f81-a21f-58fa11ee5785.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5a35201d-bfd3-4130-a704-5f49da8e3ec6.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5bdc4b9d-607d-42e0-999a-0408955618eb.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5e48ddcc-de10-40a0-82ea-02b66df41760.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\97b843d0-c173-440c-9c02-6576771e27cc.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\a55a4027-4e29-41c1-a53f-329c946024f1.tmp [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\Acrobat Distiller DC []
Startup: C:\Users\frede\AppData\Local\Temp\\AdobeARM.log [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\adobegc.log [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\ba28b3a2-bb8e-4ab3-8541-17f946c85f3f.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\d1fdf894-0f7c-4105-89e5-a7eb7e7b0e00.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\de15864a-3308-4b39-8199-bf6d2d994eb9.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\e584128a-0986-49b2-98e0-81fb72df4d3b.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\mat-debug-9120.log [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\mozilla-temp-files []
Task: {8851C55D-7518-4C45-A2C6-1D984C01153D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {7A7ED4D0-CADE-4B5F-9EA4-23C158C748A9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DCAD2567-AF9D-4BBA-A39A-7718E447075D} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {12B4DE34-EEC5-4D83-AD29-66335DD7A8DE} - System32\Tasks\ASC_PerformanceMonitor => "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe"  /Task (Nenhum Arquivo)
Task: {569F587A-AF73-465C-96C0-FFB76E65774E} - System32\Tasks\ASC_SkipUac_FRED => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe"  /SkipUac (Nenhum Arquivo)
Task: {74E57898-C707-43FE-A441-EE4A065E24FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FD2694A1-2B90-4E76-93D5-D3C22B67E5F3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "a1d70218-29b1-4fcd-8b3c-a662c94c36e7" --version "6.16.10662" --silent
Task: {93C3CCEA-A4D9-4FD4-8773-E14883376937} - System32\Tasks\CCleanerSkipUAC - FRED => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F861ABAF-AFD7-48D6-8FC0-A77ACF1C6333} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3966976 2021-08-04] (Easeware) [Arquivo não assinado]
Task: {7DB97EE3-9076-467A-A2BE-FB33B008DA3D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26299360 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCE46ED3-2387-4B66-B921-DC19D54FB632} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26299360 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FAC7744-7EB1-4C4E-B022-BE70E23AA9E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144240 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {51541E5E-2993-4D5E-B3D3-8AC0F5856B7D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144240 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {29C6DE00-ACB2-4FF2-8036-653B91ED5486} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168840 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F00AE6FA-74E5-4E0E-85CD-9FAE93D7A443} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4C2D4B5-0442-40E4-A4DF-387874465C58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C81B790-8BD9-4003-9CE0-82722CBE9ADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42A9B4DD-E829-4AB3-9592-E9740972DE67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {87EE82C5-BA94-4A6D-B42F-860462F3B641} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\TerminalSysInfo => %appdata%\\sysinfotool\\sitool.exe  -st -tu 7 (Nenhum Arquivo)
Task: {D6B52F78-720D-4B5E-9F8C-12131710112C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {95BE468E-B866-4A3E-BAC4-C4109C55B5AA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {69FEA89A-9F0C-4AA3-96B5-021D704B053D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {217E78CB-7289-40B4-A856-08D6F9722617} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1659604029-2551903776-3631580782-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CB5256C-6F6E-45CC-8A93-1A710FC3A672} - System32\Tasks\Opera GX scheduled Autoupdate 1694727256 => C:\Users\frede\AppData\Local\Programs\Opera GX\launcher.exe [2686880 2023-09-14] (Opera Norway AS -> Opera Software)
Task: {A140C381-DC39-496E-9DDC-AB26E9B89E67} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1659604029-2551903776-3631580782-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\Windows\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-09-14] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-09-14] <==== ATENÇÃO
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X]
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aDXs4 [3506]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [7666]
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => ".ses"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "cv_debug.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "DDInstall.cpccLog.txt"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "wsWAE.log.2023-09-14"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "{39930BA9-D54B-4734-AA75-FA772E1149C4} - OProcSessId.dat"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "Disk_Drill_5.3.826.0_20230914202317.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "Disk_Drill_5.3.826.0_20230914202317_001_DD.Setup.x64.msi.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "d7f621e8-9a86-42f6-a933-23b606537707.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "5e48ddcc-de10-40a0-82ea-02b66df41760.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "a55a4027-4e29-41c1-a53f-329c946024f1.tmp"

CMD: ipconfig /flushdns
CMD: netsh advfirewall reset
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow

RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Clique com o direito sobre o arquivo FRST.EXE, depois clique em http://i.imgur.com/VRIfczU.png

Clique no botão

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

Fred Oliveira · 20 de setembro de 2023

@Elias Pereira

22 minutos atrás, Elias Pereira disse:

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está no CODE abaixo:

CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Startup: C:\Users\frede\AppData\Local\Temp\\.opera []
Startup: C:\Users\frede\AppData\Local\Temp\\.ses [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\09864277-2604-43d2-806d-8b6759f69211.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\1152fb06-f7c3-414d-b194-be0cb6e072cb.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\12124_1135530441 []
Startup: C:\Users\frede\AppData\Local\Temp\\202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\2bebcc6b-0373-4a82-9c3c-4f633f1818ec.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\3733e91c-7a7a-4fd6-b71b-edcded051095.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\38e42cef-6d5c-4b2a-90c9-b1de5c20454a.tmp [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\417fca4f-f1b2-4fa5-aa54-4c19484873f3.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\4fda36cb-be7a-42b7-87d3-e8c8d0570451.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\51eb4af3-86cc-48e9-b61a-6706d3f296b2.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\522c766b-1722-4ddb-95da-da93f42cb5e8.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\59151bdf-4b1f-4ebc-87ee-f0f215f0a0b1.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\59b33ae3-5424-4f81-a21f-58fa11ee5785.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5a35201d-bfd3-4130-a704-5f49da8e3ec6.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5bdc4b9d-607d-42e0-999a-0408955618eb.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5e48ddcc-de10-40a0-82ea-02b66df41760.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\97b843d0-c173-440c-9c02-6576771e27cc.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\a55a4027-4e29-41c1-a53f-329c946024f1.tmp [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\Acrobat Distiller DC []
Startup: C:\Users\frede\AppData\Local\Temp\\AdobeARM.log [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\adobegc.log [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\ba28b3a2-bb8e-4ab3-8541-17f946c85f3f.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\d1fdf894-0f7c-4105-89e5-a7eb7e7b0e00.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\de15864a-3308-4b39-8199-bf6d2d994eb9.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\e584128a-0986-49b2-98e0-81fb72df4d3b.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\mat-debug-9120.log [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\mozilla-temp-files []
Task: {8851C55D-7518-4C45-A2C6-1D984C01153D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {7A7ED4D0-CADE-4B5F-9EA4-23C158C748A9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DCAD2567-AF9D-4BBA-A39A-7718E447075D} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {12B4DE34-EEC5-4D83-AD29-66335DD7A8DE} - System32\Tasks\ASC_PerformanceMonitor => "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe"  /Task (Nenhum Arquivo)
Task: {569F587A-AF73-465C-96C0-FFB76E65774E} - System32\Tasks\ASC_SkipUac_FRED => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe"  /SkipUac (Nenhum Arquivo)
Task: {74E57898-C707-43FE-A441-EE4A065E24FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FD2694A1-2B90-4E76-93D5-D3C22B67E5F3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "a1d70218-29b1-4fcd-8b3c-a662c94c36e7" --version "6.16.10662" --silent
Task: {93C3CCEA-A4D9-4FD4-8773-E14883376937} - System32\Tasks\CCleanerSkipUAC - FRED => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F861ABAF-AFD7-48D6-8FC0-A77ACF1C6333} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3966976 2021-08-04] (Easeware) [Arquivo não assinado]
Task: {7DB97EE3-9076-467A-A2BE-FB33B008DA3D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26299360 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCE46ED3-2387-4B66-B921-DC19D54FB632} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26299360 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FAC7744-7EB1-4C4E-B022-BE70E23AA9E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144240 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {51541E5E-2993-4D5E-B3D3-8AC0F5856B7D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144240 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {29C6DE00-ACB2-4FF2-8036-653B91ED5486} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168840 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F00AE6FA-74E5-4E0E-85CD-9FAE93D7A443} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4C2D4B5-0442-40E4-A4DF-387874465C58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C81B790-8BD9-4003-9CE0-82722CBE9ADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42A9B4DD-E829-4AB3-9592-E9740972DE67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {87EE82C5-BA94-4A6D-B42F-860462F3B641} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\TerminalSysInfo => %appdata%\\sysinfotool\\sitool.exe  -st -tu 7 (Nenhum Arquivo)
Task: {D6B52F78-720D-4B5E-9F8C-12131710112C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {95BE468E-B866-4A3E-BAC4-C4109C55B5AA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {69FEA89A-9F0C-4AA3-96B5-021D704B053D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {217E78CB-7289-40B4-A856-08D6F9722617} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1659604029-2551903776-3631580782-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CB5256C-6F6E-45CC-8A93-1A710FC3A672} - System32\Tasks\Opera GX scheduled Autoupdate 1694727256 => C:\Users\frede\AppData\Local\Programs\Opera GX\launcher.exe [2686880 2023-09-14] (Opera Norway AS -> Opera Software)
Task: {A140C381-DC39-496E-9DDC-AB26E9B89E67} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1659604029-2551903776-3631580782-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\Windows\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-09-14] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-09-14] <==== ATENÇÃO
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X]
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aDXs4 [3506]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [7666]
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => ".ses"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "cv_debug.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "DDInstall.cpccLog.txt"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "wsWAE.log.2023-09-14"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "{39930BA9-D54B-4734-AA75-FA772E1149C4} - OProcSessId.dat"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "Disk_Drill_5.3.826.0_20230914202317.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "Disk_Drill_5.3.826.0_20230914202317_001_DD.Setup.x64.msi.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "d7f621e8-9a86-42f6-a933-23b606537707.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "5e48ddcc-de10-40a0-82ea-02b66df41760.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "a55a4027-4e29-41c1-a53f-329c946024f1.tmp"

CMD: ipconfig /flushdns
CMD: netsh advfirewall reset
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow

RemoveProxy:
EmptyTemp:
CreateRestorePoint:

Salve este arquivo na na sua área de trabalho com o nome fixlist

OBS: É de extrema importância que o arquivo "fixlist" seja salvo na sua Área de Trabalho/Desktop. Verifique também se o FRST.exe encontra-se na Área de Trabalho/Desktop.

** Clique com o direito sobre o arquivo FRST.EXE, depois clique em http://i.imgur.com/VRIfczU.png

Clique no botão

Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.

Abra o arquivo Fixlog.txt, copie e cole seu conteudo na sua proxima resposta.

Alguma coisa não deu certo. Esse "fixlist" é para ser salvo como .txt mesmo?

Executei os passos seguintes, mas só gerou os mesmo arquivos do passo anterior (FRST e Addition)

Elias Pereira · 20 de setembro de 2023

3 horas atrás, Fred Oliveira disse:

Alguma coisa não deu certo. Esse "fixlist" é para ser salvo como .txt mesmo?

É para ser salvo como fixlist. O windows poe a extensão .txt automaticamente. Caso não coloque, salve como .txt

O FRST.exe deve estar no mesmo local do arquivo fixlist.txt

Fred Oliveira · 21 de setembro de 2023

3 horas atrás, Elias Pereira disse:

É para ser salvo como fixlist. O windows poe a extensão .txt automaticamente. Caso não coloque, salve como .txt

O FRST.exe deve estar no mesmo local do arquivo fixlist.txt

Fixlog.txt

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 20-09-2023
Executado por FRED (20-09-2023 22:10:34) Run:1
Executando a partir de C:\Users\frede\OneDrive\Área de Trabalho
Perfis Carregados: FRED
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Startup: C:\Users\frede\AppData\Local\Temp\\.opera []
Startup: C:\Users\frede\AppData\Local\Temp\\.ses [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\09864277-2604-43d2-806d-8b6759f69211.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\1152fb06-f7c3-414d-b194-be0cb6e072cb.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\12124_1135530441 []
Startup: C:\Users\frede\AppData\Local\Temp\\202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\2bebcc6b-0373-4a82-9c3c-4f633f1818ec.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\3733e91c-7a7a-4fd6-b71b-edcded051095.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\38e42cef-6d5c-4b2a-90c9-b1de5c20454a.tmp [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\417fca4f-f1b2-4fa5-aa54-4c19484873f3.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\4fda36cb-be7a-42b7-87d3-e8c8d0570451.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\51eb4af3-86cc-48e9-b61a-6706d3f296b2.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\522c766b-1722-4ddb-95da-da93f42cb5e8.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\59151bdf-4b1f-4ebc-87ee-f0f215f0a0b1.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\59b33ae3-5424-4f81-a21f-58fa11ee5785.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5a35201d-bfd3-4130-a704-5f49da8e3ec6.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5bdc4b9d-607d-42e0-999a-0408955618eb.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5e48ddcc-de10-40a0-82ea-02b66df41760.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\97b843d0-c173-440c-9c02-6576771e27cc.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\a55a4027-4e29-41c1-a53f-329c946024f1.tmp [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\Acrobat Distiller DC []
Startup: C:\Users\frede\AppData\Local\Temp\\AdobeARM.log [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\adobegc.log [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\ba28b3a2-bb8e-4ab3-8541-17f946c85f3f.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\d1fdf894-0f7c-4105-89e5-a7eb7e7b0e00.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\de15864a-3308-4b39-8199-bf6d2d994eb9.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\e584128a-0986-49b2-98e0-81fb72df4d3b.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\mat-debug-9120.log [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\mozilla-temp-files []
Task: {8851C55D-7518-4C45-A2C6-1D984C01153D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {7A7ED4D0-CADE-4B5F-9EA4-23C158C748A9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DCAD2567-AF9D-4BBA-A39A-7718E447075D} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {12B4DE34-EEC5-4D83-AD29-66335DD7A8DE} - System32\Tasks\ASC_PerformanceMonitor => "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task (Nenhum Arquivo)
Task: {569F587A-AF73-465C-96C0-FFB76E65774E} - System32\Tasks\ASC_SkipUac_FRED => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" /SkipUac (Nenhum Arquivo)
Task: {74E57898-C707-43FE-A441-EE4A065E24FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FD2694A1-2B90-4E76-93D5-D3C22B67E5F3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "a1d70218-29b1-4fcd-8b3c-a662c94c36e7" --version "6.16.10662" --silent
Task: {93C3CCEA-A4D9-4FD4-8773-E14883376937} - System32\Tasks\CCleanerSkipUAC - FRED => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F861ABAF-AFD7-48D6-8FC0-A77ACF1C6333} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3966976 2021-08-04] (Easeware) [Arquivo não assinado]
Task: {7DB97EE3-9076-467A-A2BE-FB33B008DA3D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26299360 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCE46ED3-2387-4B66-B921-DC19D54FB632} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26299360 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FAC7744-7EB1-4C4E-B022-BE70E23AA9E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144240 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {51541E5E-2993-4D5E-B3D3-8AC0F5856B7D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144240 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {29C6DE00-ACB2-4FF2-8036-653B91ED5486} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168840 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F00AE6FA-74E5-4E0E-85CD-9FAE93D7A443} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4C2D4B5-0442-40E4-A4DF-387874465C58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C81B790-8BD9-4003-9CE0-82722CBE9ADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42A9B4DD-E829-4AB3-9592-E9740972DE67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {87EE82C5-BA94-4A6D-B42F-860462F3B641} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\TerminalSysInfo => %appdata%\\sysinfotool\\sitool.exe -st -tu 7 (Nenhum Arquivo)
Task: {D6B52F78-720D-4B5E-9F8C-12131710112C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {95BE468E-B866-4A3E-BAC4-C4109C55B5AA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {69FEA89A-9F0C-4AA3-96B5-021D704B053D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {217E78CB-7289-40B4-A856-08D6F9722617} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1659604029-2551903776-3631580782-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CB5256C-6F6E-45CC-8A93-1A710FC3A672} - System32\Tasks\Opera GX scheduled Autoupdate 1694727256 => C:\Users\frede\AppData\Local\Programs\Opera GX\launcher.exe [2686880 2023-09-14] (Opera Norway AS -> Opera Software)
Task: {A140C381-DC39-496E-9DDC-AB26E9B89E67} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1659604029-2551903776-3631580782-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\Windows\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-09-14] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-09-14] <==== ATENÇÃO
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X]
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aDXs4 [3506]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [7666]
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => ".ses"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "cv_debug.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "DDInstall.cpccLog.txt"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "wsWAE.log.2023-09-14"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "{39930BA9-D54B-4734-AA75-FA772E1149C4} - OProcSessId.dat"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "Disk_Drill_5.3.826.0_20230914202317.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "Disk_Drill_5.3.826.0_20230914202317_001_DD.Setup.x64.msi.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "d7f621e8-9a86-42f6-a933-23b606537707.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "5e48ddcc-de10-40a0-82ea-02b66df41760.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "a55a4027-4e29-41c1-a53f-329c946024f1.tmp"

CMD: ipconfig /flushdns
CMD: netsh advfirewall reset
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow

RemoveProxy:
EmptyTemp:
CreateRestorePoint:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\.opera" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\.ses" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\09864277-2604-43d2-806d-8b6759f69211.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\1152fb06-f7c3-414d-b194-be0cb6e072cb.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\12124_1135530441" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\2bebcc6b-0373-4a82-9c3c-4f633f1818ec.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\3733e91c-7a7a-4fd6-b71b-edcded051095.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\38e42cef-6d5c-4b2a-90c9-b1de5c20454a.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\417fca4f-f1b2-4fa5-aa54-4c19484873f3.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\4fda36cb-be7a-42b7-87d3-e8c8d0570451.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\51eb4af3-86cc-48e9-b61a-6706d3f296b2.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\522c766b-1722-4ddb-95da-da93f42cb5e8.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\59151bdf-4b1f-4ebc-87ee-f0f215f0a0b1.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\59b33ae3-5424-4f81-a21f-58fa11ee5785.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\5a35201d-bfd3-4130-a704-5f49da8e3ec6.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\5bdc4b9d-607d-42e0-999a-0408955618eb.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\5e48ddcc-de10-40a0-82ea-02b66df41760.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\97b843d0-c173-440c-9c02-6576771e27cc.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\a55a4027-4e29-41c1-a53f-329c946024f1.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\Acrobat Distiller DC" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\AdobeARM.log" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\adobegc.log" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\ba28b3a2-bb8e-4ab3-8541-17f946c85f3f.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\d1fdf894-0f7c-4105-89e5-a7eb7e7b0e00.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\de15864a-3308-4b39-8199-bf6d2d994eb9.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\e584128a-0986-49b2-98e0-81fb72df4d3b.tmp" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\mat-debug-9120.log" => não encontrado (a)
"C:\Users\frede\AppData\Local\Temp\\mozilla-temp-files" => não encontrado (a)
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8851C55D-7518-4C45-A2C6-1D984C01153D}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8851C55D-7518-4C45-A2C6-1D984C01153D}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A7ED4D0-CADE-4B5F-9EA4-23C158C748A9}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A7ED4D0-CADE-4B5F-9EA4-23C158C748A9}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\AdobeGCInvoker-1.0 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeGCInvoker-1.0" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCAD2567-AF9D-4BBA-A39A-7718E447075D}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCAD2567-AF9D-4BBA-A39A-7718E447075D}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe-Genuine-Software-Integrity-Scheduler-1.0" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{12B4DE34-EEC5-4D83-AD29-66335DD7A8DE}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12B4DE34-EEC5-4D83-AD29-66335DD7A8DE}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\ASC_PerformanceMonitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC_PerformanceMonitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{569F587A-AF73-465C-96C0-FFB76E65774E}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{569F587A-AF73-465C-96C0-FFB76E65774E}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\ASC_SkipUac_FRED => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC_SkipUac_FRED" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{74E57898-C707-43FE-A441-EE4A065E24FE}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74E57898-C707-43FE-A441-EE4A065E24FE}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\CCleaner Update => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD2694A1-2B90-4E76-93D5-D3C22B67E5F3}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD2694A1-2B90-4E76-93D5-D3C22B67E5F3}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\CCleanerCrashReporting => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerCrashReporting" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93C3CCEA-A4D9-4FD4-8773-E14883376937}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93C3CCEA-A4D9-4FD4-8773-E14883376937}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\CCleanerSkipUAC - FRED => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC - FRED" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F861ABAF-AFD7-48D6-8FC0-A77ACF1C6333}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F861ABAF-AFD7-48D6-8FC0-A77ACF1C6333}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Driver Easy Scheduled Scan => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Easy Scheduled Scan" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DB97EE3-9076-467A-A2BE-FB33B008DA3D}" => não encontrado (a)
C:\Windows\System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates 2.0" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCE46ED3-2387-4B66-B921-DC19D54FB632}" => não encontrado (a)
C:\Windows\System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office ClickToRun Service Monitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8FAC7744-7EB1-4C4E-B022-BE70E23AA9E5}" => não encontrado (a)
C:\Windows\System32\Tasks\Microsoft\Office\Office Feature Updates => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51541E5E-2993-4D5E-B3D3-8AC0F5856B7D}" => não encontrado (a)
C:\Windows\System32\Tasks\Microsoft\Office\Office Feature Updates Logon => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates Logon" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29C6DE00-ACB2-4FF2-8036-653B91ED5486}" => não encontrado (a)
C:\Windows\System32\Tasks\Microsoft\Office\Office Performance Monitor => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Performance Monitor" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F00AE6FA-74E5-4E0E-85CD-9FAE93D7A443}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F00AE6FA-74E5-4E0E-85CD-9FAE93D7A443}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4C2D4B5-0442-40E4-A4DF-387874465C58}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4C2D4B5-0442-40E4-A4DF-387874465C58}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C81B790-8BD9-4003-9CE0-82722CBE9ADC}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C81B790-8BD9-4003-9CE0-82722CBE9ADC}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42A9B4DD-E829-4AB3-9592-E9740972DE67}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42A9B4DD-E829-4AB3-9592-E9740972DE67}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender\Windows Defender Verification" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87EE82C5-BA94-4A6D-B42F-860462F3B641}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87EE82C5-BA94-4A6D-B42F-860462F3B641}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\TerminalSysInfo => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\TerminalSysInfo" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6B52F78-720D-4B5E-9F8C-12131710112C}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6B52F78-720D-4B5E-9F8C-12131710112C}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Background Update 308046B0AF4A39CB" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95BE468E-B866-4A3E-BAC4-C4109C55B5AA}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95BE468E-B866-4A3E-BAC4-C4109C55B5AA}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69FEA89A-9F0C-4AA3-96B5-021D704B053D}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69FEA89A-9F0C-4AA3-96B5-021D704B053D}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\OneDrive Per-Machine Standalone Update Task => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Per-Machine Standalone Update Task" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{217E78CB-7289-40B4-A856-08D6F9722617}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{217E78CB-7289-40B4-A856-08D6F9722617}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\OneDrive Reporting Task-S-1-5-21-1659604029-2551903776-3631580782-1001 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-1659604029-2551903776-3631580782-1001" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8CB5256C-6F6E-45CC-8A93-1A710FC3A672}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CB5256C-6F6E-45CC-8A93-1A710FC3A672}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Opera GX scheduled Autoupdate 1694727256 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera GX scheduled Autoupdate 1694727256" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A140C381-DC39-496E-9DDC-AB26E9B89E67}" => removido (a) com sucesso.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A140C381-DC39-496E-9DDC-AB26E9B89E67}" => removido (a) com sucesso.
C:\Windows\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1659604029-2551903776-3631580782-1001 => movido com sucesso
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Push Notification Data File-S-1-5-21-1659604029-2551903776-3631580782-1001" => removido (a) com sucesso.
C:\Windows\Tasks\CCleanerCrashReporting.job => movido com sucesso
C:\Windows\Tasks\Driver Easy Scheduled Scan.job => movido com sucesso
C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => movido com sucesso
C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => movido com sucesso
HKLM\System\CurrentControlSet\Services\cpuz154 => removido (a) com sucesso.
cpuz154 => o serviço removido (a) com sucesso.
HKLM\System\CurrentControlSet\Services\iobit_monitor_server2021 => removido (a) com sucesso.
iobit_monitor_server2021 => o serviço removido (a) com sucesso.
C:\ProgramData => ":chnpbmzkyg" ADS removido (a) com sucesso.
C:\ProgramData => ":YXVtLmh6aQ" ADS removido (a) com sucesso.
C:\Windows\system32\Drivers\wsddfac.sys => ":X5ZN8aDXs4" ADS removido (a) com sucesso.
"C:\Users\All Users" => ":chnpbmzkyg" ADS não encontrado (a).
"C:\Users\All Users" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\Users\Todos os Usuários" => ":chnpbmzkyg" ADS não encontrado (a).
"C:\Users\Todos os Usuários" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\ProgramData\Dados de Aplicativos" => ":chnpbmzkyg" ADS não encontrado (a).
"C:\ProgramData\Dados de Aplicativos" => ":YXVtLmh6aQ" ADS não encontrado (a).
"C:\Users\frede\AppData\Local\Temp\\.ses" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\.ses" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\cv_debug.log" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\cv_debug.log" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\DDInstall.cpccLog.txt" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\DDInstall.cpccLog.txt" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\wsWAE.log.2023-09-14" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\wsWAE.log.2023-09-14" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\{39930BA9-D54B-4734-AA75-FA772E1149C4} - OProcSessId.dat" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\{39930BA9-D54B-4734-AA75-FA772E1149C4} - OProcSessId.dat" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\Disk_Drill_5.3.826.0_20230914202317.log" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\Disk_Drill_5.3.826.0_20230914202317.log" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\Disk_Drill_5.3.826.0_20230914202317_001_DD.Setup.x64.msi.log" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\Disk_Drill_5.3.826.0_20230914202317_001_DD.Setup.x64.msi.log" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\d7f621e8-9a86-42f6-a933-23b606537707.tmp" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\d7f621e8-9a86-42f6-a933-23b606537707.tmp" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\5e48ddcc-de10-40a0-82ea-02b66df41760.tmp" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\5e48ddcc-de10-40a0-82ea-02b66df41760.tmp" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp" => removido (a) com sucesso.
"C:\Users\frede\AppData\Local\Temp\\a55a4027-4e29-41c1-a53f-329c946024f1.tmp" => não encontrado (a)
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\a55a4027-4e29-41c1-a53f-329c946024f1.tmp" => removido (a) com sucesso.

========= ipconfig /flushdns =========

Configura‡Æo de IP do Windows

Libera‡Æo do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========

========= netsh advfirewall reset =========

Ok.

========= Fim de CMD: =========

========= DISM /Online /Cleanup-Image /RestoreHealth =========

Ferramenta de Gerenciamento e Manuten‡Æo de Imagens de Implanta‡Æo
VersÆo: 10.0.19041.844

VersÆo da Imagem: 10.0.19045.3448

[== 3.8% ]

[== 4.8% ]

[== 5.1% ]

[=== 5.8% ]

[=== 6.5% ]

[==== 7.5% ]

[==== 8.4% ]

[===== 8.9% ]

[===== 9.1% ]

[===== 10.0% ]

[====== 11.0% ]

[====== 11.2% ]

[======= 12.2% ]

[======= 13.1% ]

[======== 14.1% ]

[======== 15.1% ]

[========= 16.1% ]

[========= 17.1% ]

[========== 17.8% ]

[========== 18.8% ]

[=========== 19.8% ]

[============ 20.8% ]

[============ 21.7% ]

[============ 22.3% ]

[============= 23.0% ]

[============= 23.6% ]

[============= 23.8% ]

[============= 23.9% ]

[============== 24.7% ]

[============== 25.7% ]

[=============== 26.6% ]

[================ 27.6% ]

[================ 28.6% ]

[================= 29.4% ]

[================= 30.1% ]

[================== 31.1% ]

[================== 31.5% ]

[================== 32.4% ]

[=================== 32.9% ]

[=================== 33.9% ]

[==================== 34.6% ]

[==================== 34.7% ]

[==================== 34.8% ]

[==================== 35.8% ]

[==================== 36.1% ]

[===================== 37.0% ]

[===================== 37.1% ]

[===================== 37.7% ]

[====================== 38.0% ]

[====================== 39.0% ]

[======================= 39.8% ]

[======================= 40.2% ]

[======================= 40.5% ]

[======================= 40.9% ]

[======================= 41.1% ]

[======================== 41.6% ]

[======================== 41.9% ]

[======================== 42.3% ]

[========================= 43.2% ]

[========================= 43.3% ]

[========================= 43.4% ]

[========================= 44.3% ]

[========================= 44.8% ]

[========================== 45.1% ]

[========================== 45.6% ]

[===========================46.6% ]

[===========================47.5% ]

[===========================48.1% ]

[===========================49.0% ]

[===========================50.0% ]

[===========================50.9% ]

[===========================51.9% ]

[===========================52.9% ]

[===========================53.4% ]

[===========================53.5% ]

[===========================53.6% ]

[===========================53.7% ]

[===========================53.8% ]

[===========================53.9% ]

[===========================54.0% ]

[===========================54.1% ]

[===========================54.2% ]

[===========================54.3% ]

[===========================54.4% ]

[===========================54.6% ]

[===========================54.7% ]

[===========================54.8% ]

[===========================54.9% ]

[===========================55.0% ]

[===========================55.1% ]

[===========================55.2% ]

[===========================55.3% ]

[===========================55.4% ]

[===========================55.5% ]

[===========================55.7% ]

[===========================55.8% ]

[===========================56.0% ]

[===========================56.3% ]

[===========================56.5% ]

[===========================56.6% ]

[===========================56.7% ]

[===========================56.9%= ]

[===========================57.0%= ]

[===========================57.1%= ]

[===========================57.5%= ]

[===========================58.3%= ]

[===========================59.3%== ]

[===========================60.3%== ]

[===========================62.3%==== ]

[===========================84.9%================= ]

[==========================100.0%==========================]
Opera‡Æo de restaura‡Æo conclu¡da com ˆxito.
A opera‡Æo foi conclu¡da com ˆxito.

========= Fim de CMD: =========

========= SFC /scannow =========

Iniciando verificação de arquivos. O processo levará alguns minutos para ser concluído.

Iniciando fase de verificação de verificação do sistema.

Verificação 0% concluída.
Verificação 1% concluída.
Verificação 1% concluída.
Verificação 2% concluída.
Verificação 3% concluída.
Verificação 3% concluída.
Verificação 4% concluída.
Verificação 5% concluída.
Verificação 5% concluída.
Verificação 6% concluída.
Verificação 7% concluída.
Verificação 7% concluída.
Verificação 8% concluída.
Verificação 9% concluída.
Verificação 9% concluída.
Verificação 10% concluída.
Verificação 11% concluída.
Verificação 11% concluída.
Verificação 12% concluída.
Verificação 13% concluída.
Verificação 13% concluída.
Verificação 14% concluída.
Verificação 15% concluída.
Verificação 15% concluída.
Verificação 16% concluída.
Verificação 17% concluída.
Verificação 17% concluída.
Verificação 18% concluída.
Verificação 19% concluída.
Verificação 19% concluída.
Verificação 20% concluída.
Verificação 20% concluída.
Verificação 21% concluída.
Verificação 22% concluída.
Verificação 22% concluída.
Verificação 23% concluída.
Verificação 24% concluída.
Verificação 24% concluída.
Verificação 25% concluída.
Verificação 26% concluída.
Verificação 26% concluída.
Verificação 27% concluída.
Verificação 28% concluída.
Verificação 28% concluída.
Verificação 29% concluída.
Verificação 30% concluída.
Verificação 30% concluída.
Verificação 31% concluída.
Verificação 32% concluída.
Verificação 32% concluída.
Verificação 33% concluída.
Verificação 34% concluída.
Verificação 34% concluída.
Verificação 35% concluída.
Verificação 36% concluída.
Verificação 36% concluída.
Verificação 37% concluída.
Verificação 38% concluída.
Verificação 38% concluída.
Verificação 39% concluída.
Verificação 40% concluída.
Verificação 40% concluída.
Verificação 41% concluída.
Verificação 41% concluída.
Verificação 42% concluída.
Verificação 43% concluída.
Verificação 43% concluída.
Verificação 44% concluída.
Verificação 45% concluída.
Verificação 45% concluída.
Verificação 46% concluída.
Verificação 47% concluída.
Verificação 47% concluída.
Verificação 48% concluída.
Verificação 49% concluída.
Verificação 49% concluída.
Verificação 50% concluída.
Verificação 51% concluída.
Verificação 51% concluída.
Verificação 52% concluída.
Verificação 53% concluída.
Verificação 53% concluída.
Verificação 54% concluída.
Verificação 55% concluída.
Verificação 55% concluída.
Verificação 56% concluída.
Verificação 57% concluída.
Verificação 57% concluída.
Verificação 58% concluída.
Verificação 59% concluída.
Verificação 59% concluída.
Verificação 60% concluída.
Verificação 60% concluída.
Verificação 61% concluída.
Verificação 62% concluída.
Verificação 62% concluída.
Verificação 63% concluída.
Verificação 64% concluída.
Verificação 64% concluída.
Verificação 65% concluída.
Verificação 66% concluída.
Verificação 66% concluída.
Verificação 67% concluída.
Verificação 68% concluída.
Verificação 68% concluída.
Verificação 69% concluída.
Verificação 70% concluída.
Verificação 70% concluída.
Verificação 71% concluída.
Verificação 72% concluída.
Verificação 72% concluída.
Verificação 73% concluída.
Verificação 74% concluída.
Verificação 74% concluída.
Verificação 75% concluída.
Verificação 76% concluída.
Verificação 76% concluída.
Verificação 77% concluída.
Verificação 78% concluída.
Verificação 78% concluída.
Verificação 79% concluída.
Verificação 80% concluída.
Verificação 80% concluída.
Verificação 81% concluída.
Verificação 81% concluída.
Verificação 82% concluída.
Verificação 83% concluída.
Verificação 83% concluída.
Verificação 84% concluída.
Verificação 85% concluída.
Verificação 85% concluída.
Verificação 86% concluída.
Verificação 87% concluída.
Verificação 87% concluída.
Verificação 88% concluída.
Verificação 89% concluída.
Verificação 89% concluída.
Verificação 90% concluída.
Verificação 91% concluída.
Verificação 91% concluída.
Verificação 92% concluída.
Verificação 93% concluída.
Verificação 93% concluída.
Verificação 94% concluída.
Verificação 95% concluída.
Verificação 95% concluída.
Verificação 96% concluída.
Verificação 97% concluída.
Verificação 97% concluída.
Verificação 98% concluída.
Verificação 99% concluída.
Verificação 99% concluída.
Verificação 100% concluída.

A Proteção de Recursos do Windows encontrou arquivos corrompidos e os reparou com êxito.

Para reparos online, os detalhes são incluídos no arquivo de log CBS localizado em

windir\Logs\CBS\CBS.log. Por exemplo, C:\Windows\Logs\CBS\CBS.log. Para reparos

offline, os detalhes são incluídos no arquivo de log fornecido pelo sinalizador /OFFLOGFILE.

========= Fim de CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removido (a) com sucesso.
"HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removido (a) com sucesso.

========= Fim de RemoveProxy: =========

Ponto de Restauração criado com sucesso.

=========== EmptyTemp: ==========

FlushDNS => completado
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8456927 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 9132992 B
Edge => 0 B
Firefox => 555388523 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1176 B
frede => 4006783 B

RecycleBin => 0 B
EmptyTemp: => 551.3 MB de dados temporários Removidos.

================================

O sistema precisou ser reiniciado.

==== Fim de Fixlog 22:16:43 ====

Elias Pereira · 21 de setembro de 2023

Faça o download ESET Online Scanner e salve no seu Desktop
https://www.eset.com/us/home/online-scanner/

Clique direito em esetonlinescanner_enu.exe e execute como administrador
Clique em Computer Scan
Clique em Full scan
Selecione Enable ESET to detect and quarantine potentially unwanted applications
Clique em Start scan
Quando terminar, salve o resultado no seu desktop como ESETScan.txt
Clique Continue e depois em Close

Abra o arquivo ESETScan.txt, copie e cole o conteudo na sua proxima resposta.

Fred Oliveira · 22 de setembro de 2023

12 horas atrás, Elias Pereira disse:

Faça o download ESET Online Scanner e salve no seu Desktop
https://www.eset.com/us/home/online-scanner/

Clique direito em esetonlinescanner_enu.exe e execute como administrador

Clique em Computer Scan

Clique em Full scan

Selecione Enable ESET to detect and quarantine potentially unwanted applications

Clique em Start scan

Quando terminar, salve o resultado no seu desktop como ESETScan.txt

Clique Continue e depois em Close

Abra o arquivo ESETScan.txt, copie e cole o conteudo na sua proxima resposta.

21/09/2023 22:09:08
Arquivos rastreados: 378706
Arquivos detectados: 17
Arquivos limpos: 17
Tempo total do rastreamento 00:44:19
Status do rastreamento: Concluído
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\amtlib.dll uma variante de Win32/HackTool.Crack.EM Aplicação potencialmente insegura limpo por exclusão

C:\Users\frede\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\Cache2\entries\8F0BDD7AD280407BD546260B992FB0B2C525BE26 HTML/ScrInject.B trojan excluído

D:\BKP_FRED\Docs\FRED\P E N D R I V E\Adobe Acrobat Pro DC 2022.001.20142 (Ativado) 2022\Adobe Acrobat Pro DC 2022.001.20142.exe uma variante de Win32/HackTool.Silentall.N Aplicação potencialmente insegura limpo por exclusão

D:\Programas\Adobe Illustrator\App\Ai\Support Files\Contents\Windows\amtlib.dll Win64/HackTool.Crack.CX Aplicação potencialmente insegura limpo por exclusão

D:\Programas\CCleaner - PREMIUM\CCleaner.5.43.6522\CCleaner.Business.Crack.exe Win32/HackTool.Crack.HT Aplicação potencialmente insegura limpo por exclusão

D:\Programas\CCleaner - PREMIUM\CCleaner.5.43.6522\CCleaner.Professional.Crack.exe Win32/HackTool.Crack.HT Aplicação potencialmente insegura limpo por exclusão

D:\Programas\CCleaner - PREMIUM\CCleaner.5.43.6522\CCleaner.Technician.Crack.exe Win32/HackTool.Crack.HT Aplicação potencialmente insegura limpo por exclusão

D:\Programas\CCleaner - PREMIUM\Malwarebytes\Malwarebytes Anti-Malware 3.7.1.2839.exe uma variante de Win32/HostsEditor.A Aplicação potencialmente insegura,uma variante de Win32/HackTool.Crack.KN Aplicação potencialmente insegura limpo por exclusão

D:\Programas\Nova pasta\Adobe.Acrobat.Pro.DC.v2020.012.20043.exe várias detecções,BAT/HostsChanger.A Aplicação potencialmente insegura,Win32/AdRepack.A.Gen trojan,uma variante de Win32/Keygen.HA Aplicação potencialmente insegura,uma variante de Win32/HackTool.Crack.EM Aplicação potencialmente insegura limpo por exclusão

D:\Programas\uTorrent Pro 3.5.5 Build 45341\Crack files are here\Cracked PC Software,s Direct Download Links.url LNK/Agent.CH trojan limpo por exclusão

D:\Programas\uTorrent Pro 3.5.5 Build 45341\Cracked PC Software,s Direct Download Links.url LNK/Agent.CH trojan limpo por exclusão

D:\Programas\uTorrent Pro 3.5.5 Build 45341\uTorrent.exe uma variante de Win32/uTorrent.C Aplicação potencialmente não desejado,uma variante de MSIL/WebCompanion.A Aplicação potencialmente não desejado,uma variante de Win32/WebCompanion.B Aplicação potencialmente não desejado limpo por exclusão

D:\Programas\daemon-tools-5-0-1-multi-win.exe uma variante de Win32/DiscSoft.A Aplicação potencialmente não desejado,uma variante de Win32/Yandex.P Aplicação potencialmente não desejado limpo por exclusão

F:\Adobe Acrobat PRO DC 2020.009.20063 FULL [www.TheWindowsForum.com]\adobe.snr.patch.v2.0-painter.exe uma variante de Win32/HackTool.Patcher.CH Aplicação potencialmente insegura limpo por exclusão

F:\IObit Driver Booster Pro 8.1 GUSTAVORHTECH\ativador\Iobit driver booster crack.exe uma variante de MSIL/Kryptik.AIBT trojan limpo por exclusão

F:\IObit Driver Booster Pro 8.1 GUSTAVORHTECH\Crack\Loader-IDB.exe uma variante de Win32/HackTool.Patcher.AD Aplicação potencialmente insegura excluído

F:\scoped_dir13696_517528097\Andy_47.260_1096_26_x64.exe uma variante de MSIL/Adaware.D Aplicação potencialmente não desejado,uma variante de Win32/WebCompanion.D Aplicação potencialmente não desejado,uma variante de MSIL/Adaware.A Aplicação potencialmente não desejado,uma variante de MSIL/WebCompanion.H Aplicação potencialmente não desejado limpo por exclusão

Elias Pereira · 22 de setembro de 2023

Os problemas iniciais ainda ocorrem?

Fred Oliveira · 22 de setembro de 2023

12 horas atrás, Elias Pereira disse:

Os problemas iniciais ainda ocorrem?

Então, reduziram as pastas e notepad que abrem.. Agora são só esses do anexo.

Elias Pereira · 23 de setembro de 2023

Poste o conteudo dessses logs na sua proxima resposta.

Fred Oliveira · 25 de setembro de 2023

Em 23/09/2023 às 07:38, Elias Pereira disse:

Poste o conteudo dessses logs na sua proxima resposta.

Hoje voltou a abrir as mesmas pastas e notepad´s

Elias Pereira · 25 de setembro de 2023

Preciso do conteudo desses logs. Após cada arquivo abrir na inicialização, copie e cole o conteudo na sua proxima resposta.

Fred Oliveira · 25 de setembro de 2023

10 minutos atrás, Elias Pereira disse:

Preciso do conteudo desses logs. Após cada arquivo abrir na inicialização, copie e cole o conteudo na sua proxima resposta.

09/20/23 22:21:08:271 | [INFO] | | | | AdobeGCInvokerUtilityHelper | | | 9744 | AdobeGCInvokerUtility : inside getLatestGCApplication
09/20/23 22:21:08:273 | [INFO] | | | | AdobeGCUpdater | | | 9744 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/20/23 22:21:08:274 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9744 | Perform WF started
09/20/23 22:21:08:274 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9744 | Perform WF completed
09/20/23 22:21:08:274 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9744 | AdobeGCInvokerUtility :inside waitForCFUCallBack.
09/20/23 22:21:08:274 | [DEBUG] | | | | AdobeGCInvokerUtilityHelper | | | 9760 | Trying to acquire the semaphore
09/20/23 22:21:08:274 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 9760 | Semaphore acquired
09/20/23 22:21:08:274 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9760 | Threaded CFU Started
09/20/23 22:21:08:274 | [INFO] | | | | AdobeGCUpdater | | | 9760 | Get client install path Started
09/20/23 22:21:08:277 | [INFO] | | | | AdobeGCUpdater | | | 9760 | Get client install path Ended
09/20/23 22:21:08:277 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9760 | Client sanitization started
09/20/23 22:21:08:277 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9760 | Signature Self Signing Check
09/20/23 22:21:08:409 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9760 | Signature found
09/20/23 22:21:08:409 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9760 | Found valid signature, checking if signed by Adobe or not
09/20/23 22:21:08:488 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9760 | Signature found
09/20/23 22:21:08:498 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9760 | Client app successfully signed
09/20/23 22:21:08:503 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9760 | Client sanitization ended
09/20/23 22:21:08:514 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9760 | Threaded CFU Ended
09/20/23 22:21:08:514 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9760 | Semaphore signalled
09/20/23 22:21:09:075 | [INFO] | | | | AdobeGCUpdater | | | 9848 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/20/23 22:21:09:076 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9848 | Perform WF started
09/20/23 22:21:09:076 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9848 | Perform WF completed
09/20/23 22:21:09:076 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 9928 | Trying to acquire the semaphore
09/20/23 22:21:09:076 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 9928 | Semaphore acquired
09/20/23 22:21:09:076 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9928 | Threaded CFU Started
09/20/23 22:21:09:076 | [INFO] | | | | AdobeGCUpdater | | | 9928 | Get client install path Started
09/20/23 22:21:09:077 | [INFO] | | | | AdobeGCUpdater | | | 9928 | Get client install path Ended
09/20/23 22:21:09:077 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9928 | Client sanitization started
09/20/23 22:21:09:077 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9928 | Signature Self Signing Check
09/20/23 22:21:09:196 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9928 | Signature found
09/20/23 22:21:09:196 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9928 | Found valid signature, checking if signed by Adobe or not
09/20/23 22:21:09:290 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9744 | AdobeGCInvokerUtility : AdobeGC_CFUCallbackFn is invoked
09/20/23 22:21:09:290 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9744 | AdobeGCInvokerUtility : inside invokeGCApplication.
09/20/23 22:21:09:291 | [INFO] | | | | AdobeGCUpdater | | | 9744 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/20/23 22:21:09:292 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 9744 | Trying to acquire the semaphore
09/20/23 22:21:09:317 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9928 | Signature found
09/20/23 22:21:09:326 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9928 | Client app successfully signed
09/20/23 22:21:09:327 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9928 | Client sanitization ended
09/20/23 22:21:09:331 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9928 | Threaded CFU Ended
09/20/23 22:21:09:332 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9928 | Semaphore signalled
09/20/23 22:21:09:332 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 9744 | Semaphore acquired
09/20/23 22:21:09:332 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | Perform WF started
09/20/23 22:21:09:350 | [ERROR] | | | | AdobeGCUpdaterIC | | | 9744 | Time flag read
09/20/23 22:21:09:350 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | GCInvokerNextClientLaunchTimestamp from cache 1695248669
09/20/23 22:21:09:350 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | GCInvokerNextClientLaunchTimestamp cached 1695248669 , curr 1695259269 res = 1
09/20/23 22:21:09:350 | [INFO] | | | | AdobeGCUpdater | | | 9744 | Get client install path Started
09/20/23 22:21:09:351 | [INFO] | | | | AdobeGCUpdater | | | 9744 | Get client install path Ended
09/20/23 22:21:09:351 | [INFO] | | | | AdobeGCUpdater | | | 9744 | Get client launcher install path Started
09/20/23 22:21:09:352 | [INFO] | | | | AdobeGCUpdater | | | 9744 | Get client launcher install path Ended
09/20/23 22:21:09:353 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 9744 | Get XML path Started
09/20/23 22:21:09:353 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 9744 | Create XML Started
09/20/23 22:21:09:353 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 9744 | Adding generic details Started
09/20/23 22:21:09:353 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 9744 | Adding generic details Ended
09/20/23 22:21:09:353 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 9744 | Create XML Ended
09/20/23 22:21:09:353 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 9744 | Storing XML Started
09/20/23 22:21:09:354 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 9744 | Storing XML Ended
09/20/23 22:21:09:354 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 9744 | Storing XML Started
09/20/23 22:21:09:355 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 9744 | Storing XML Ended
09/20/23 22:21:09:355 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 9744 | Get XML path Ended
09/20/23 22:21:09:355 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | Invoking GC client started
09/20/23 22:21:09:356 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | override path for acrobat is 0
09/20/23 22:21:09:356 | [INFO] | | | | AdobeGCUpdater | | | 9744 | Get client install path Started
09/20/23 22:21:09:356 | [INFO] | | | | AdobeGCUpdater | | | 9744 | Get client install path Ended
09/20/23 22:21:09:356 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | path found is C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
09/20/23 22:21:09:380 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | Invoking GC client completed
09/20/23 22:21:09:380 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | SaveGCInvokerNextLaunchTimestamp
09/20/23 22:21:09:380 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | SaveGCInvokerNextLaunchTimestamp Wait Period 86400
09/20/23 22:21:09:390 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | SaveGCInvokerNextLaunchTimestamp Wait Period Xtnd 1695345669
09/20/23 22:21:09:390 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | Perform WF completed
09/20/23 22:21:09:390 | [INFO] | | | | AdobeGCUpdaterIC | | | 9744 | Semaphore signalled
09/20/23 22:21:09:390 | [INFO] | | | | AdobeGCUpdater | | | 9744 | ***********AdobeGC Updater library End*******************
09/20/23 22:21:09:390 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9744 | AdobeGCInvokerUtility : AdobeGC_ReleaseRef called.
09/20/23 22:21:09:609 | [INFO] | | | | AdobeGCClientMain | | | 10028 | *********** Adobe GCClient Launched = 8.3.0.61 ************
09/20/23 22:21:09:610 | [INFO] | | | | AdobeGCClientMain | | | 10028 | Initiating workflow
09/20/23 22:21:09:610 | [INFO] | | | | AdobeGCClientMain | | | 10028 | Client request processing started
09/20/23 22:21:09:611 | [INFO] | | | | AdobeGCClientMain | | | 10028 | Lock acquired, continue with the workflow
09/20/23 22:21:09:617 | [INFO] | | | | AdobeGCClientImpl | | | 10028 | Initializing client workflow
09/20/23 22:21:09:618 | [DEBUG] | | | | AdobeGCClientImpl | | | 10028 | Trying to acquire the semaphore
09/20/23 22:21:09:618 | [DEBUG] | | | | AdobeGCClientImpl | | | 10028 | Semaphore acquired
09/20/23 22:21:09:618 | [DEBUG] | | | | AdobeGCClientImpl | | | 10028 | AdobeGCClient invoked from Scheduler entry, sleeping for 5 minutes to avoid disk overusage
09/20/23 22:21:10:089 | [INFO] | | | | AdobeGCUpdater | | | 9848 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/20/23 22:21:10:089 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 9848 | Trying to acquire the semaphore
09/20/23 22:21:10:089 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 9848 | Semaphore acquired
09/20/23 22:21:10:089 | [INFO] | | | | AdobeGCUpdaterIC | | | 9848 | Perform WF started
09/20/23 22:21:10:089 | [INFO] | | | | AdobeGCUpdaterIC | | | 9848 | Invocation agent is CSUpdater
09/20/23 22:21:10:089 | [INFO] | | | | AdobeGCUpdaterIC | | | 9848 | Not invoking client
09/20/23 22:21:10:089 | [INFO] | | | | AdobeGCUpdaterIC | | | 9848 | Perform WF completed
09/20/23 22:21:10:089 | [INFO] | | | | AdobeGCUpdaterIC | | | 9848 | Semaphore signalled
09/20/23 22:21:10:090 | [INFO] | | | | AdobeGCUpdater | | | 9848 | ***********AdobeGC Updater library End*******************
09/20/23 22:31:09:641 | [DEBUG] | | | | AdobeGCClientImpl | | | 10028 | Country is allowllisted
09/20/23 22:31:09:677 | [DEBUG] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Getting list of installed Flash Player plugins
09/20/23 22:31:09:707 | [INFO] | | | | AdobeGCHDWrapper | | | 10028 | Getting list of NGL based installed products
09/20/23 22:31:09:707 | [INFO] | | | | AdobeGCHDWrapper | | | 10028 | Querying for all HD based installed products
09/20/23 22:31:09:928 | [INFO] | | | | AdobeGCHDWrapper | | | 10028 | Failed to fetch list of installed products
09/20/23 22:31:09:937 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Getting machine id
09/20/23 22:31:09:938 | [INFO] | | | | SLCoreService | | | 10028 | Starting up SLCore 2.0 Release (build 2.0.1.360321).
09/20/23 22:31:09:938 | [ERROR] | | | | SLCoreService | | | 10028 | user based licensing: 0
09/20/23 22:31:09:938 | [INFO] | | | | SLCoreService | | | 10028 | Service construction took 0.3 ms and succeed.
09/20/23 22:31:09:979 | [INFO] | | | | SLCoreService | | | 10028 | Shutting down SLCore 2.0 Release (build 2.0.1.360321).
09/20/23 22:31:09:979 | [INFO] | | | | SLCoreService | | | 10028 | Service destruction took 0.1 ms and succeed.
09/20/23 22:31:09:979 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | machine id is 1/pf0Nd70yCK52av80jHRFAFwXUcwqAN
09/20/23 22:31:09:990 | [ERROR] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Last updateCheck request status read : Success,0
09/20/23 22:31:09:992 | [ERROR] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Last update check attempted timestamp read : 1695257925000
09/20/23 22:31:09:993 | [ERROR] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Failed to read client source of installation: 3
09/20/23 22:31:09:995 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Successfully fetched all replay write status records
09/20/23 22:31:09:995 | [DEBUG] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Products installed on the machine, sending fetch rules
09/20/23 22:31:09:995 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Fetching Rules started
09/20/23 22:31:09:996 | [INFO] | | | | DispatchClientLib | | | 10028 | __OOBELIB_LOG_FILE__
09/20/23 22:31:09:996 | [INFO] | | | | DispatchClientLib | | | 10028 | Dispatch table loaded from path: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\dispatchtable.xml
09/20/23 22:31:09:997 | [INFO] | | | | DispatchClientLib | | | 10028 | (re)load Local Dispatch Table status-[0].
09/20/23 22:31:09:997 | [INFO] | | | | DispatchClientLib | | | 10028 | Scope : [2]
09/20/23 22:31:09:998 | [INFO] | | | | DispatchClientLib | | | 10028 | Setting scope to GM
09/20/23 22:31:09:998 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | AdobeIALClient 1.0 Release (build 1.0.6.3) initializing session...
09/20/23 22:31:09:998 | [INFO] | | | | AdobeGCClientNSLookup | | | 10028 | Verifying if server domain is blocked
09/20/23 22:31:09:999 | [INFO] | | | | DispatchClientLib | | | 10028 | EndPoint requested: [FetchRulesV2]
09/20/23 22:31:09:999 | [INFO] | | | | DispatchClientLib | | | 10028 | Length of the URL: [50]
09/20/23 22:31:09:999 | [INFO] | | | | DispatchClientLib | | | 10028 | Returning from getEndpointAddr: [0]
09/20/23 22:31:09:999 | [INFO] | | | | DispatchClientLib | | | 10028 | EndPoint requested: [FetchRulesV2]
09/20/23 22:31:09:999 | [INFO] | | | | DispatchClientLib | | | 10028 | Length of the URL: [50]
09/20/23 22:31:09:999 | [INFO] | | | | DispatchClientLib | | | 10028 | URL found [https://genuine.adobe.com/server/services/rules/v2]
09/20/23 22:31:09:999 | [INFO] | | | | DispatchClientLib | | | 10028 | Returning from getEndpointAddr: [0]
09/20/23 22:31:10:284 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | HTTPCommunicationAgent::processMessage is https://genuine.adobe.com/server/services/rules/v2 (extURL=)
09/20/23 22:31:13:463 | [INFO] | | | | AdobeGCIALWrapper | | | 1380 | HTTP Request Status code 200.
09/20/23 22:31:13:468 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | HTTPCommunicationAgent- Return Code:[0] response size-[4121] time taken-[3183.89]ms.
09/20/23 22:31:13:500 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | successfully cleared replay write status from database
09/20/23 22:31:13:539 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Parsing response successful
09/20/23 22:31:13:539 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Parsing successful
09/20/23 22:31:13:539 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | AdobeGC Fetching rules status - [0] took - [3541.72]ms.
09/20/23 22:31:13:539 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Rules successfully fetched
09/20/23 22:31:13:539 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Closing AdobeIALClient 1.0 Release (build 1.0.6.3) session.
09/20/23 22:31:13:540 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Fetching Rules ended
09/20/23 22:31:13:540 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Checking if update is required or not
09/20/23 22:31:13:540 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Latest Client version: 8.3.0.61
09/20/23 22:31:13:625 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Signature found
09/20/23 22:31:13:625 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Found valid signature, checking if signed by Adobe or not
09/20/23 22:31:13:664 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Signature found
09/20/23 22:31:13:672 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Client app successfully signed
09/20/23 22:31:13:673 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Client Health Status is 0
09/20/23 22:31:13:673 | [DEBUG] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | Update not Required
09/20/23 22:31:13:674 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | SetNextUpdateCheckDate
09/20/23 22:31:13:674 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | SetNextUpdateCheckDate Wait Period 86400
09/20/23 22:31:13:679 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 10028 | SetNextUpdateCheckDate Wait Period Xtnd 1695346273
09/20/23 22:31:13:688 | [INFO] | | | | AdobeGCPostRulesWorkflowImpl | | | 10028 | Machine is non- targeted; SaveIsTargetFlagInSLCache
09/20/23 22:31:13:693 | [INFO] | | | | AdobeGCPostRulesWorkflowImpl | | | 10028 | Machine is non-OOC targeted; SaveIsTargetFlagInSLCache
09/20/23 22:31:13:702 | [DEBUG] | | | | AdobeGCVersionWrapper | | | 10028 | No input file path data
09/20/23 22:31:13:702 | [DEBUG] | | | | AdobeGCWorkflowImpl | | | 10028 | No Active LEID found
09/20/23 22:31:13:705 | [INFO] | | | | AdobeGCOOCImpl | | | 10028 | checking if valid ooc invocation
09/20/23 22:31:13:705 | [INFO] | | | | AdobeGCOOCImpl | | | 10028 | checking if ooc enabled
09/20/23 22:31:13:706 | [INFO] | | | | AdobeGCOOCImpl | | | 10028 | checking if ooc enabled
09/20/23 22:31:13:708 | [INFO] | | | | AdobeGCRulesEngine | | | 10028 | Processing of rules started
09/20/23 22:31:13:708 | [INFO] | | | | SLCoreService | | | 10028 | Starting up SLCore 2.0 Release (build 2.0.1.360321).
09/20/23 22:31:13:708 | [ERROR] | | | | SLCoreService | | | 10028 | user based licensing: 0
09/20/23 22:31:13:708 | [INFO] | | | | SLCoreService | | | 10028 | Service construction took 0.1 ms and succeed.
09/20/23 22:31:13:708 | [INFO] | | | | SLCoreService | | | 10028 | Syncing to license store...
09/20/23 22:31:13:717 | [INFO] | | | | DispatchClientLib | | | 10028 | Dispatch table loaded from path: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\dispatchtable.xml
09/20/23 22:31:13:718 | [INFO] | | | | DispatchClientLib | | | 10028 | (re)load Local Dispatch Table status-[0].
09/20/23 22:31:13:718 | [INFO] | | | | DispatchClientLib | | | 10028 | Scope : [2]
09/20/23 22:31:13:718 | [INFO] | | | | DispatchClientLib | | | 10028 | Setting scope to GM
09/20/23 22:31:13:718 | [INFO] | | | | DispatchClientLib | | | 10028 | EndPoint requested: [IngestAnalytics]
09/20/23 22:31:13:718 | [INFO] | | | | DispatchClientLib | | | 10028 | Length of the URL: [0]
09/20/23 22:31:13:718 | [INFO] | | | | DispatchClientLib | | | 10028 | Returning from getEndpointAddr: [0]
09/20/23 22:31:13:744 | [INFO] | | | | SLCoreService | | | 10028 | Found client mkey.
09/20/23 22:31:13:766 | [INFO] | | | | SLCoreService | | | 10028 | Loading license references...
09/20/23 22:31:13:766 | [INFO] | | | | SLCoreService | | | 10028 | Found 0 license file(s)
09/20/23 22:31:13:766 | [INFO] | | | | SLCoreService | | | 10028 | License store synchronization took 58.4 ms and succeed.
09/20/23 22:31:13:766 | [DEBUG] | | | | AdobeGCRulesEngine | | | 10028 | Fetching App Launch Path of all LEIDS started
09/20/23 22:31:13:768 | [DEBUG] | | | | AdobeGCRulesEngine | | | 10028 | pdbOpenSession Failed , pdbStatus : 4
09/20/23 22:31:13:768 | [INFO] | | | | AdobeGCSpecificRulesEngine | | | 10028 | Processing of specific rules started
09/20/23 22:31:13:768 | [INFO] | | | | AdobeGCLicenseRuleImpl | | | 10028 | Processing of license rule started
09/20/23 22:31:13:768 | [INFO] | | | | AdobeGCLicenseRuleImpl | | | 10028 | No licenses found on machine
09/20/23 22:31:13:768 | [INFO] | | | | AdobeGCLicenseRuleImpl | | | 10028 | Processing of license rule completed
09/20/23 22:31:13:768 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of Signature Rule started
09/20/23 22:31:13:769 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | App launch path not found in cache for : V7{}AcrobatCont-12-Win-GM
09/20/23 22:31:13:769 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of signature rule V2 completed
09/20/23 22:31:13:769 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of Signature Rule started
09/20/23 22:31:13:771 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing the signature rule with app executable path fetched from cache
09/20/23 22:31:13:771 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | App Executable path fetched from cache : C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
09/20/23 22:31:13:822 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Signature found
09/20/23 22:31:13:822 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Found valid signature, checking if signed by Adobe or not
09/20/23 22:31:13:868 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Signature found
09/20/23 22:31:13:872 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Client app successfully signed
09/20/23 22:31:13:892 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of Signature Rule started
09/20/23 22:31:13:894 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | App launch path not found in cache for : V7{}AcrobatCont-12-Win-GM
09/20/23 22:31:13:894 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of signature rule V2 completed
09/20/23 22:31:13:894 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of Signature Rule started
09/20/23 22:31:13:895 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | App launch path not found in cache for : V7{}AcrobatCont-12-Win-GM
09/20/23 22:31:13:895 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of signature rule V2 completed
09/20/23 22:31:13:895 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of Signature Rule started
09/20/23 22:31:13:896 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | App launch path not found in cache for : V7{}AcrobatCont-12-Win-GM
09/20/23 22:31:13:896 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of signature rule V2 completed
09/20/23 22:31:13:896 | [INFO] | | | | AdobeGCSpecificRulesEngine | | | 10028 | Processing of specific rules completed
09/20/23 22:31:13:896 | [INFO] | | | | AdobeGCGenericRulesEngine | | | 10028 | Processing of generic rules started
09/20/23 22:31:13:896 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of Signature Rule started
09/20/23 22:31:13:897 | [ERROR] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Failed to fetch appExecutablePath for LEID: , file: OOBE/PDApp/P6/adobe_oobelib.dll. Error: 3
09/20/23 22:31:13:986 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Signature found
09/20/23 22:31:13:986 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Found valid signature, checking if signed by Adobe or not
09/20/23 22:31:14:011 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Signature found
09/20/23 22:31:14:012 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Client app successfully signed
09/20/23 22:31:14:025 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of signature rule V2 completed
09/20/23 22:31:14:025 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of Signature Rule started
09/20/23 22:31:14:027 | [ERROR] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Failed to fetch appExecutablePath for LEID: , file: OOBE/PDApp/P7/adobe_oobelib.dll. Error: 3
09/20/23 22:31:14:138 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Signature found
09/20/23 22:31:14:138 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Found valid signature, checking if signed by Adobe or not
09/20/23 22:31:14:178 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Signature found
09/20/23 22:31:14:182 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 10028 | Client app successfully signed
09/20/23 22:31:14:200 | [INFO] | | | | AdobeGCSignatureRuleImpl | | | 10028 | Processing of signature rule V2 completed
09/20/23 22:31:14:200 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:200 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:200 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:201 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:202 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:202 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:202 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:202 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:202 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:202 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:202 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:202 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:202 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:203 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:204 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:205 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:206 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:206 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:206 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:206 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:206 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:206 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:206 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:206 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:206 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:207 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:207 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:207 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:207 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:207 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:207 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:207 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:207 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:208 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:208 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:208 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:208 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:208 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:208 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:208 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:208 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:208 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:208 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:209 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule started
09/20/23 22:31:14:209 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Setting status as valid for hostfile rule
09/20/23 22:31:14:209 | [INFO] | | | | AdobeGCHostfileRuleImpl | | | 10028 | Processing of hostfile rule completed
09/20/23 22:31:14:209 | [INFO] | | | | AdobeGCGenericRulesEngine | | | 10028 | Processing of generic rules completed
09/20/23 22:31:14:209 | [INFO] | | | | SLCoreService | | | 10028 | Shutting down SLCore 2.0 Release (build 2.0.1.360321).
09/20/23 22:31:14:217 | [INFO] | | | | SLCoreService | | | 10028 | Service destruction took 8.2 ms and succeed.
09/20/23 22:31:14:217 | [INFO] | | | | AdobeGCRulesEngine | | | 10028 | Processing of rules completed
09/20/23 22:31:14:217 | [INFO] | | | | AdobeGCRulesEngine | | | 10028 | Processing of NGL rules started
09/20/23 22:31:14:217 | [INFO] | | | | AdobeGCRulesEngine | | | 10028 | Exited successfully from CreateNGLAppLaunchPathMap
09/20/23 22:31:14:217 | [DEBUG] | | | | AdobeGCRulesEngine | | | 10028 | Entered CreateNGLAppASNPMap function
09/20/23 22:31:14:218 | [DEBUG] | | | | AdobeGCRulesEngine | | | 10028 | successfully fetched list of asnps
09/20/23 22:31:14:218 | [INFO] | | | | AdobeGCRulesEngine | | | 10028 | Processing of NGL rules completed
09/20/23 22:31:14:218 | [INFO] | | | | AdobeGCOOCImpl | | | 10028 | getting ooc invocation agent
09/20/23 22:31:14:218 | [INFO] | | | | AdobeGCOOCImpl | | | 10028 | checking if ooc enabled
09/20/23 22:31:14:220 | [INFO] | | | | SLCoreService | | | 10028 | Starting up SLCore 2.0 Release (build 2.0.1.360321).
09/20/23 22:31:14:220 | [ERROR] | | | | SLCoreService | | | 10028 | user based licensing: 0
09/20/23 22:31:14:220 | [INFO] | | | | SLCoreService | | | 10028 | Service construction took 0.1 ms and succeed.
09/20/23 22:31:14:244 | [INFO] | | | | SLCoreService | | | 10028 | Shutting down SLCore 2.0 Release (build 2.0.1.360321).
09/20/23 22:31:14:244 | [INFO] | | | | SLCoreService | | | 10028 | Service destruction took 0.1 ms and succeed.
09/20/23 22:31:14:268 | [INFO] | | | | AdobeGCClientMain | | | 10028 | Headless Thor is not installed.
09/20/23 22:31:14:269 | [INFO] | | | | AdobeGCClientMain | | | 10028 | Adobe Creative Cloud UI is not installed.
09/20/23 22:31:14:275 | [DEBUG] | | | | AdobeGCPostRulesWorkflowImpl | | | 10028 | Payload cannot be fetched from the LEID , PCDClientStatus : 7
09/20/23 22:31:14:280 | [DEBUG] | | | | AdobeGCPostRulesWorkflowImpl | | | 10028 | Payload cannot be fetched from the LEID , PCDClientStatus : 7
09/20/23 22:31:14:284 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Posting Rules data started
09/20/23 22:31:14:284 | [INFO] | | | | DispatchClientLib | | | 10028 | Dispatch table loaded from path: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\dispatchtable.xml
09/20/23 22:31:14:285 | [INFO] | | | | DispatchClientLib | | | 10028 | (re)load Local Dispatch Table status-[0].
09/20/23 22:31:14:285 | [INFO] | | | | DispatchClientLib | | | 10028 | Scope : [2]
09/20/23 22:31:14:285 | [INFO] | | | | DispatchClientLib | | | 10028 | Setting scope to GM
09/20/23 22:31:14:285 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | AdobeIALClient 1.0 Release (build 1.0.6.3) initializing session...
09/20/23 22:31:14:285 | [INFO] | | | | AdobeGCClientNSLookup | | | 10028 | Verifying if server domain is blocked
09/20/23 22:31:14:287 | [INFO] | | | | DispatchClientLib | | | 10028 | EndPoint requested: [PostRulesData]
09/20/23 22:31:14:287 | [INFO] | | | | DispatchClientLib | | | 10028 | Length of the URL: [50]
09/20/23 22:31:14:287 | [INFO] | | | | DispatchClientLib | | | 10028 | Returning from getEndpointAddr: [0]
09/20/23 22:31:14:287 | [INFO] | | | | DispatchClientLib | | | 10028 | EndPoint requested: [PostRulesData]
09/20/23 22:31:14:287 | [INFO] | | | | DispatchClientLib | | | 10028 | Length of the URL: [50]
09/20/23 22:31:14:287 | [INFO] | | | | DispatchClientLib | | | 10028 | URL found [https://genuine.adobe.com/server/services/check/v1]
09/20/23 22:31:14:287 | [INFO] | | | | DispatchClientLib | | | 10028 | Returning from getEndpointAddr: [0]
09/20/23 22:31:14:291 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | HTTPCommunicationAgent::processMessage is https://genuine.adobe.com/server/services/check/v1 (extURL=)
09/20/23 22:31:15:002 | [INFO] | | | | AdobeGCIALWrapper | | | 12796 | HTTP Request Status code 200.
09/20/23 22:31:15:003 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | HTTPCommunicationAgent- Return Code:[0] response size-[347] time taken-[712.13]ms.
09/20/23 22:31:15:004 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Parsing response successful
09/20/23 22:31:15:004 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Parsing successful
09/20/23 22:31:15:004 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | AdobeGC Posting rules data status - [0] took - [718.88]ms.
09/20/23 22:31:15:004 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Rules data successfully posted
09/20/23 22:31:15:004 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Closing AdobeIALClient 1.0 Release (build 1.0.6.3) session.
09/20/23 22:31:15:004 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Posting Rules data ended
09/20/23 22:31:15:004 | [DEBUG] | | | | AdobeGCNotificationWorkflowImpl | | | 10028 | Posting rules succeeded and wait duration found
09/20/23 22:31:15:046 | [INFO] | | | | AdobeGCCheckSuppressPostRule | | | 10028 | SaveNextPostRuleRequestTimestampInSLCache Wait Period 1296000
09/20/23 22:31:15:055 | [INFO] | | | | AdobeGCCheckSuppressPostRule | | | 10028 | NextPostRulesRequestTimestamp Wait Period Xtnd 1696555875
09/20/23 22:31:15:061 | [INFO] | | | | AdobeGCNotifAuditEvents | | | 10028 | Sending notification audit evens
09/20/23 22:31:15:063 | [ERROR] | | | | AdobeGCNotifAuditEvents | | | 10028 | Failed to fetch NextNotifAuditEventsTimestamp. Error: 3
09/20/23 22:31:15:065 | [ERROR] | | | | SQLiteServiceManagerLog | | | 10028 | sqlite3_get_table failed error code: 1, extended error code:1, error message: no such table: NotifAuditEvents
09/20/23 22:31:15:065 | [ERROR] | | | | AdobeGCNotifAuditEvents | | | 10028 | Failed to fetch notification audit events. Error: 2
09/20/23 22:31:15:069 | [INFO] | | | | SLCoreService | | | 10028 | Starting up SLCore 2.0 Release (build 2.0.1.360321).
09/20/23 22:31:15:069 | [ERROR] | | | | SLCoreService | | | 10028 | user based licensing: 0
09/20/23 22:31:15:069 | [INFO] | | | | SLCoreService | | | 10028 | Service construction took 0.2 ms and succeed.
09/20/23 22:31:15:100 | [INFO] | | | | SLCoreService | | | 10028 | Shutting down SLCore 2.0 Release (build 2.0.1.360321).
09/20/23 22:31:15:100 | [INFO] | | | | SLCoreService | | | 10028 | Service destruction took 0.1 ms and succeed.
09/20/23 22:31:15:108 | [INFO] | | | | AdobeGCValidatorAnalytics | | | 10028 | Fetching validator analytics
09/20/23 22:31:15:108 | [INFO] | | | | AdobeGCValidatorAnalytics | | | 10028 | Validator analytics JSON file does not exist
09/20/23 22:31:15:110 | [INFO] | | | | AdobeGCMachineEvents | | | 10028 | Successfully fetched all records
09/20/23 22:31:15:110 | [ERROR] | | | | AdobeGCIALWrapper | | | 10028 | Sending machine events
09/20/23 22:31:15:110 | [INFO] | | | | DispatchClientLib | | | 10028 | Dispatch table loaded from path: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\dispatchtable.xml
09/20/23 22:31:15:110 | [INFO] | | | | DispatchClientLib | | | 10028 | (re)load Local Dispatch Table status-[0].
09/20/23 22:31:15:110 | [INFO] | | | | DispatchClientLib | | | 10028 | Scope : [2]
09/20/23 22:31:15:110 | [INFO] | | | | DispatchClientLib | | | 10028 | Setting scope to GM
09/20/23 22:31:15:110 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | AdobeIALClient 1.0 Release (build 1.0.6.3) initializing session...
09/20/23 22:31:15:111 | [INFO] | | | | AdobeGCClientNSLookup | | | 10028 | Verifying if server domain is blocked
09/20/23 22:31:15:112 | [INFO] | | | | DispatchClientLib | | | 10028 | EndPoint requested: [MachineEvents]
09/20/23 22:31:15:112 | [INFO] | | | | DispatchClientLib | | | 10028 | Length of the URL: [58]
09/20/23 22:31:15:112 | [INFO] | | | | DispatchClientLib | | | 10028 | Returning from getEndpointAddr: [0]
09/20/23 22:31:15:113 | [INFO] | | | | DispatchClientLib | | | 10028 | EndPoint requested: [MachineEvents]
09/20/23 22:31:15:113 | [INFO] | | | | DispatchClientLib | | | 10028 | Length of the URL: [58]
09/20/23 22:31:15:113 | [INFO] | | | | DispatchClientLib | | | 10028 | URL found [https://genuine.adobe.com/server/services/machineevents/v1]
09/20/23 22:31:15:113 | [INFO] | | | | DispatchClientLib | | | 10028 | Returning from getEndpointAddr: [0]
09/20/23 22:31:15:116 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | HTTPCommunicationAgent::processMessage is https://genuine.adobe.com/server/services/machineevents/v1 (extURL=)
09/20/23 22:31:15:824 | [INFO] | | | | AdobeGCIALWrapper | | | 1380 | HTTP Request Status code 200.
09/20/23 22:31:15:825 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | HTTPCommunicationAgent- Return Code:[0] response size-[327] time taken-[708.98]ms.
09/20/23 22:31:15:826 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Parsing response successful
09/20/23 22:31:15:826 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | AdobeGC sending machine event- [0] took - [715.28]ms.
09/20/23 22:31:15:826 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | machine events successfully sent to server
09/20/23 22:31:15:826 | [INFO] | | | | AdobeGCIALWrapper | | | 10028 | Closing AdobeIALClient 1.0 Release (build 1.0.6.3) session.
09/20/23 22:31:15:844 | [INFO] | | | | AdobeGCMachineEvents | | | 10028 | successfully cleared product launch events from database
09/20/23 22:31:15:844 | [INFO] | | | | AdobeGCMachineEvents | | | 10028 | SetNextMachineEventsTimestamp
09/20/23 22:31:15:844 | [INFO] | | | | AdobeGCMachineEvents | | | 10028 | SetNextMachineEventsTimestamp Wait Period 86400
09/20/23 22:31:15:853 | [INFO] | | | | AdobeGCMachineEvents | | | 10028 | SetNextMachineEventsTimestamp Wait Period Xtnd 1695346275
09/20/23 22:31:15:855 | [INFO] | | | | AdobeGCPHEvents | | | 10028 | Sending PH Data
09/20/23 22:31:15:859 | [INFO] | | | | AdobeGCPHEvents | | | 10028 | PH-GC File does not exist
09/20/23 22:31:15:859 | [INFO] | | | | AdobeGCClientImpl | | | 10028 | Semaphore signalled
09/20/23 22:31:15:863 | [DEBUG] | | | | AdobeGCClientImpl | | | 10028 | AdobeGC folder is empty, Deleting Folder
09/20/23 22:31:15:863 | [INFO] | | | | AdobeGCClientMain | | | 10028 | Client request processing completed
09/20/23 22:31:15:864 | [INFO] | | | | AdobeGCClientMain | | | 10028 | *********** Adobe GCClient Launch Ended ************
09/21/23 21:16:22:397 | [INFO] | | | | AdobeGCInvokerUtilityHelper | | | 10904 | AdobeGCInvokerUtility : inside getLatestGCApplication
09/21/23 21:16:22:398 | [INFO] | | | | AdobeGCUpdater | | | 10904 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/21/23 21:16:22:399 | [INFO] | | | | AdobeGCUpdaterCFU | | | 10904 | Perform WF started
09/21/23 21:16:22:400 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 12156 | Trying to acquire the semaphore
09/21/23 21:16:22:400 | [INFO] | | | | AdobeGCUpdaterCFU | | | 10904 | Perform WF completed
09/21/23 21:16:22:400 | [DEBUG] | | | | AdobeGCInvokerUtilityHelper | | | 12156 | Semaphore acquired
09/21/23 21:16:22:400 | [ERROR] | | | | AdobeGCUpdaterCFU | | | 10904 | AdobeGCInvokerUtility :inside waitForCFUCallBack.
09/21/23 21:16:22:400 | [INFO] | | | | AdobeGCUpdaterCFU | | | 12156 | Threaded CFU Started
09/21/23 21:16:22:400 | [INFO] | | | | AdobeGCUpdater | | | 12156 | Get client install path Started
09/21/23 21:16:22:403 | [INFO] | | | | AdobeGCUpdater | | | 12156 | Get client install path Ended
09/21/23 21:16:22:403 | [INFO] | | | | AdobeGCUpdaterCFU | | | 12156 | Client sanitization started
09/21/23 21:16:22:403 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 12156 | Signature Self Signing Check
09/21/23 21:16:22:546 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 12156 | Signature found
09/21/23 21:16:22:546 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 12156 | Found valid signature, checking if signed by Adobe or not
09/21/23 21:16:22:625 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 12156 | Signature found
09/21/23 21:16:22:637 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 12156 | Client app successfully signed
09/21/23 21:16:22:642 | [INFO] | | | | AdobeGCUpdaterCFU | | | 12156 | Client sanitization ended
09/21/23 21:16:22:649 | [INFO] | | | | AdobeGCUpdaterCFU | | | 12156 | Threaded CFU Ended
09/21/23 21:16:22:649 | [INFO] | | | | AdobeGCUpdaterCFU | | | 12156 | Semaphore signalled
09/21/23 21:16:23:140 | [INFO] | | | | AdobeGCUpdater | | | 3348 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/21/23 21:16:23:141 | [INFO] | | | | AdobeGCUpdaterCFU | | | 3348 | Perform WF started
09/21/23 21:16:23:141 | [INFO] | | | | AdobeGCUpdaterCFU | | | 3348 | Perform WF completed
09/21/23 21:16:23:141 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 6152 | Trying to acquire the semaphore
09/21/23 21:16:23:141 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 6152 | Semaphore acquired
09/21/23 21:16:23:142 | [INFO] | | | | AdobeGCUpdaterCFU | | | 6152 | Threaded CFU Started
09/21/23 21:16:23:142 | [INFO] | | | | AdobeGCUpdater | | | 6152 | Get client install path Started
09/21/23 21:16:23:142 | [INFO] | | | | AdobeGCUpdater | | | 6152 | Get client install path Ended
09/21/23 21:16:23:142 | [INFO] | | | | AdobeGCUpdaterCFU | | | 6152 | Client sanitization started
09/21/23 21:16:23:142 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 6152 | Signature Self Signing Check
09/21/23 21:16:23:263 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 6152 | Signature found
09/21/23 21:16:23:263 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 6152 | Found valid signature, checking if signed by Adobe or not
09/21/23 21:16:23:372 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 6152 | Signature found
09/21/23 21:16:23:397 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 6152 | Client app successfully signed
09/21/23 21:16:23:397 | [INFO] | | | | AdobeGCUpdaterCFU | | | 6152 | Client sanitization ended
09/21/23 21:16:23:402 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 10904 | AdobeGCInvokerUtility : AdobeGC_CFUCallbackFn is invoked
09/21/23 21:16:23:402 | [INFO] | | | | AdobeGCUpdaterCFU | | | 6152 | Threaded CFU Ended
09/21/23 21:16:23:402 | [INFO] | | | | AdobeGCUpdaterCFU | | | 6152 | Semaphore signalled
09/21/23 21:16:23:402 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 10904 | AdobeGCInvokerUtility : inside invokeGCApplication.
09/21/23 21:16:23:403 | [INFO] | | | | AdobeGCUpdater | | | 10904 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/21/23 21:16:23:404 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 10904 | Trying to acquire the semaphore
09/21/23 21:16:23:404 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 10904 | Semaphore acquired
09/21/23 21:16:23:404 | [INFO] | | | | AdobeGCUpdaterIC | | | 10904 | Perform WF started
09/21/23 21:16:23:413 | [INFO] | | | | AdobeGCUpdaterIC | | | 10904 | isOOCTargeted flag read
09/21/23 21:16:23:419 | [ERROR] | | | | AdobeGCUpdaterIC | | | 10904 | Time flag read
09/21/23 21:16:23:419 | [INFO] | | | | AdobeGCUpdaterIC | | | 10904 | GCInvokerNextClientLaunchTimestamp from cache 1695345669
09/21/23 21:16:23:420 | [INFO] | | | | AdobeGCUpdaterIC | | | 10904 | GCInvokerNextClientLaunchTimestamp cached 1695345669 , curr 1695341783 res = 0
09/21/23 21:16:23:420 | [INFO] | | | | AdobeGCUpdaterIC | | | 10904 | Invocation agent is GC Invoker Utility at logon and time is not elapsed
09/21/23 21:16:23:420 | [INFO] | | | | AdobeGCUpdaterIC | | | 10904 | Not invoking client
09/21/23 21:16:23:420 | [INFO] | | | | AdobeGCUpdaterIC | | | 10904 | Perform WF completed
09/21/23 21:16:23:420 | [INFO] | | | | AdobeGCUpdaterIC | | | 10904 | Semaphore signalled
09/21/23 21:16:23:420 | [INFO] | | | | AdobeGCUpdater | | | 10904 | ***********AdobeGC Updater library End*******************
09/21/23 21:16:23:420 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 10904 | AdobeGCInvokerUtility : AdobeGC_ReleaseRef called.
09/21/23 21:16:24:154 | [INFO] | | | | AdobeGCUpdater | | | 3348 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/21/23 21:16:24:155 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 3348 | Trying to acquire the semaphore
09/21/23 21:16:24:155 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 3348 | Semaphore acquired
09/21/23 21:16:24:155 | [INFO] | | | | AdobeGCUpdaterIC | | | 3348 | Perform WF started
09/21/23 21:16:24:155 | [INFO] | | | | AdobeGCUpdaterIC | | | 3348 | Invocation agent is CSUpdater
09/21/23 21:16:24:155 | [INFO] | | | | AdobeGCUpdaterIC | | | 3348 | Not invoking client
09/21/23 21:16:24:155 | [INFO] | | | | AdobeGCUpdaterIC | | | 3348 | Perform WF completed
09/21/23 21:16:24:155 | [INFO] | | | | AdobeGCUpdaterIC | | | 3348 | Semaphore signalled
09/21/23 21:16:24:155 | [INFO] | | | | AdobeGCUpdater | | | 3348 | ***********AdobeGC Updater library End*******************
09/22/23 20:49:24:671 | [INFO] | | | | AdobeGCInvokerUtilityHelper | | | 12684 | AdobeGCInvokerUtility : inside getLatestGCApplication
09/22/23 20:49:24:672 | [INFO] | | | | AdobeGCUpdater | | | 12684 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/22/23 20:49:24:672 | [INFO] | | | | AdobeGCUpdaterCFU | | | 12684 | Perform WF started
09/22/23 20:49:24:672 | [INFO] | | | | AdobeGCUpdaterCFU | | | 12684 | Perform WF completed
09/22/23 20:49:24:672 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 12684 | AdobeGCInvokerUtility :inside waitForCFUCallBack.
09/22/23 20:49:24:672 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 2964 | Trying to acquire the semaphore
09/22/23 20:49:24:672 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 2964 | Semaphore acquired
09/22/23 20:49:24:672 | [INFO] | | | | AdobeGCUpdaterCFU | | | 2964 | Threaded CFU Started
09/22/23 20:49:24:672 | [INFO] | | | | AdobeGCUpdater | | | 2964 | Get client install path Started
09/22/23 20:49:24:675 | [INFO] | | | | AdobeGCUpdater | | | 2964 | Get client install path Ended
09/22/23 20:49:24:675 | [INFO] | | | | AdobeGCUpdaterCFU | | | 2964 | Client sanitization started
09/22/23 20:49:24:675 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 2964 | Signature Self Signing Check
09/22/23 20:49:24:781 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 2964 | Signature found
09/22/23 20:49:24:782 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 2964 | Found valid signature, checking if signed by Adobe or not
09/22/23 20:49:24:853 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 2964 | Signature found
09/22/23 20:49:24:862 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 2964 | Client app successfully signed
09/22/23 20:49:24:862 | [INFO] | | | | AdobeGCUpdaterCFU | | | 2964 | Client sanitization ended
09/22/23 20:49:24:874 | [INFO] | | | | AdobeGCUpdaterCFU | | | 2964 | Threaded CFU Ended
09/22/23 20:49:24:874 | [INFO] | | | | AdobeGCUpdaterCFU | | | 2964 | Semaphore signalled
09/22/23 20:49:25:350 | [INFO] | | | | AdobeGCUpdater | | | 11488 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/22/23 20:49:25:350 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11488 | Perform WF started
09/22/23 20:49:25:350 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11488 | Perform WF completed
09/22/23 20:49:25:350 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 5652 | Trying to acquire the semaphore
09/22/23 20:49:25:350 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 5652 | Semaphore acquired
09/22/23 20:49:25:350 | [INFO] | | | | AdobeGCUpdaterCFU | | | 5652 | Threaded CFU Started
09/22/23 20:49:25:350 | [INFO] | | | | AdobeGCUpdater | | | 5652 | Get client install path Started
09/22/23 20:49:25:351 | [INFO] | | | | AdobeGCUpdater | | | 5652 | Get client install path Ended
09/22/23 20:49:25:351 | [INFO] | | | | AdobeGCUpdaterCFU | | | 5652 | Client sanitization started
09/22/23 20:49:25:351 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 5652 | Signature Self Signing Check
09/22/23 20:49:25:458 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 5652 | Signature found
09/22/23 20:49:25:458 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 5652 | Found valid signature, checking if signed by Adobe or not
09/22/23 20:49:25:533 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 5652 | Signature found
09/22/23 20:49:25:539 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 5652 | Client app successfully signed
09/22/23 20:49:25:540 | [INFO] | | | | AdobeGCUpdaterCFU | | | 5652 | Client sanitization ended
09/22/23 20:49:25:544 | [INFO] | | | | AdobeGCUpdaterCFU | | | 5652 | Threaded CFU Ended
09/22/23 20:49:25:544 | [INFO] | | | | AdobeGCUpdaterCFU | | | 5652 | Semaphore signalled
09/22/23 20:49:25:686 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 12684 | AdobeGCInvokerUtility : AdobeGC_CFUCallbackFn is invoked
09/22/23 20:49:25:687 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 12684 | AdobeGCInvokerUtility : inside invokeGCApplication.
09/22/23 20:49:25:687 | [INFO] | | | | AdobeGCUpdater | | | 12684 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/22/23 20:49:25:688 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 12684 | Trying to acquire the semaphore
09/22/23 20:49:25:688 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 12684 | Semaphore acquired
09/22/23 20:49:25:688 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | Perform WF started
09/22/23 20:49:25:698 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | isOOCTargeted flag read
09/22/23 20:49:25:707 | [ERROR] | | | | AdobeGCUpdaterIC | | | 12684 | Time flag read
09/22/23 20:49:25:707 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | GCInvokerNextClientLaunchTimestamp from cache 1695345669
09/22/23 20:49:25:707 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | GCInvokerNextClientLaunchTimestamp cached 1695345669 , curr 1695426565 res = 1
09/22/23 20:49:25:708 | [INFO] | | | | AdobeGCUpdater | | | 12684 | Get client install path Started
09/22/23 20:49:25:708 | [INFO] | | | | AdobeGCUpdater | | | 12684 | Get client install path Ended
09/22/23 20:49:25:708 | [INFO] | | | | AdobeGCUpdater | | | 12684 | Get client launcher install path Started
09/22/23 20:49:25:709 | [INFO] | | | | AdobeGCUpdater | | | 12684 | Get client launcher install path Ended
09/22/23 20:49:25:710 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 12684 | Get XML path Started
09/22/23 20:49:25:711 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 12684 | Create XML Started
09/22/23 20:49:25:711 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 12684 | Adding generic details Started
09/22/23 20:49:25:711 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 12684 | Adding generic details Ended
09/22/23 20:49:25:711 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 12684 | Create XML Ended
09/22/23 20:49:25:711 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 12684 | Storing XML Started
09/22/23 20:49:25:711 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 12684 | Storing XML Ended
09/22/23 20:49:25:711 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 12684 | Storing XML Started
09/22/23 20:49:25:712 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 12684 | Storing XML Ended
09/22/23 20:49:25:712 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 12684 | Get XML path Ended
09/22/23 20:49:25:712 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | Invoking GC client started
09/22/23 20:49:25:712 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | override path for acrobat is 0
09/22/23 20:49:25:712 | [INFO] | | | | AdobeGCUpdater | | | 12684 | Get client install path Started
09/22/23 20:49:25:713 | [INFO] | | | | AdobeGCUpdater | | | 12684 | Get client install path Ended
09/22/23 20:49:25:713 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | path found is C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
09/22/23 20:49:25:719 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | Invoking GC client completed
09/22/23 20:49:25:719 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | SaveGCInvokerNextLaunchTimestamp
09/22/23 20:49:25:719 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | SaveGCInvokerNextLaunchTimestamp Wait Period 86400
09/22/23 20:49:25:724 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | SaveGCInvokerNextLaunchTimestamp Wait Period Xtnd 1695512965
09/22/23 20:49:25:724 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | Perform WF completed
09/22/23 20:49:25:724 | [INFO] | | | | AdobeGCUpdaterIC | | | 12684 | Semaphore signalled
09/22/23 20:49:25:724 | [INFO] | | | | AdobeGCUpdater | | | 12684 | ***********AdobeGC Updater library End*******************
09/22/23 20:49:25:725 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 12684 | AdobeGCInvokerUtility : AdobeGC_ReleaseRef called.
09/22/23 20:49:25:919 | [INFO] | | | | AdobeGCClientMain | | | 11160 | *********** Adobe GCClient Launched = 8.3.0.61 ************
09/22/23 20:49:25:920 | [INFO] | | | | AdobeGCClientMain | | | 11160 | Initiating workflow
09/22/23 20:49:25:920 | [INFO] | | | | AdobeGCClientMain | | | 11160 | Client request processing started
09/22/23 20:49:25:920 | [INFO] | | | | AdobeGCClientMain | | | 11160 | Lock acquired, continue with the workflow
09/22/23 20:49:25:921 | [INFO] | | | | AdobeGCClientImpl | | | 11160 | Initializing client workflow
09/22/23 20:49:25:921 | [DEBUG] | | | | AdobeGCClientImpl | | | 11160 | Trying to acquire the semaphore
09/22/23 20:49:25:921 | [DEBUG] | | | | AdobeGCClientImpl | | | 11160 | Semaphore acquired
09/22/23 20:49:25:922 | [DEBUG] | | | | AdobeGCClientImpl | | | 11160 | AdobeGCClient invoked from Scheduler entry, sleeping for 5 minutes to avoid disk overusage
09/22/23 20:49:26:359 | [INFO] | | | | AdobeGCUpdater | | | 11488 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/22/23 20:49:26:359 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 11488 | Trying to acquire the semaphore
09/22/23 20:49:26:359 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 11488 | Semaphore acquired
09/22/23 20:49:26:359 | [INFO] | | | | AdobeGCUpdaterIC | | | 11488 | Perform WF started
09/22/23 20:49:26:359 | [INFO] | | | | AdobeGCUpdaterIC | | | 11488 | Invocation agent is CSUpdater
09/22/23 20:49:26:359 | [INFO] | | | | AdobeGCUpdaterIC | | | 11488 | Not invoking client
09/22/23 20:49:26:359 | [INFO] | | | | AdobeGCUpdaterIC | | | 11488 | Perform WF completed
09/22/23 20:49:26:359 | [INFO] | | | | AdobeGCUpdaterIC | | | 11488 | Semaphore signalled
09/22/23 20:49:26:359 | [INFO] | | | | AdobeGCUpdater | | | 11488 | ***********AdobeGC Updater library End*******************
09/22/23 20:59:25:935 | [INFO] | | | | SLCoreService | | | 11160 | Starting up SLCore 2.0 Release (build 2.0.1.360321).
09/22/23 20:59:25:936 | [ERROR] | | | | SLCoreService | | | 11160 | user based licensing: 0
09/22/23 20:59:25:936 | [INFO] | | | | SLCoreService | | | 11160 | Service construction took 0.4 ms and succeed.
09/22/23 20:59:25:979 | [INFO] | | | | SLCoreService | | | 11160 | Shutting down SLCore 2.0 Release (build 2.0.1.360321).
09/22/23 20:59:25:979 | [INFO] | | | | SLCoreService | | | 11160 | Service destruction took 0.1 ms and succeed.
09/22/23 20:59:25:979 | [ERROR] | | | | AdobeGCIALWrapper | | | 11160 | Invoking GetClientConfiguration
09/22/23 20:59:25:981 | [INFO] | | | | DispatchClientLib | | | 11160 | __OOBELIB_LOG_FILE__
09/22/23 20:59:25:981 | [INFO] | | | | DispatchClientLib | | | 11160 | Dispatch table loaded from path: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\dispatchtable.xml
09/22/23 20:59:25:982 | [INFO] | | | | DispatchClientLib | | | 11160 | (re)load Local Dispatch Table status-[0].
09/22/23 20:59:25:982 | [INFO] | | | | DispatchClientLib | | | 11160 | Scope : [2]
09/22/23 20:59:25:982 | [INFO] | | | | DispatchClientLib | | | 11160 | Setting scope to GM
09/22/23 20:59:25:982 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | AdobeIALClient 1.0 Release (build 1.0.6.3) initializing session...
09/22/23 20:59:25:983 | [INFO] | | | | AdobeGCClientNSLookup | | | 11160 | Verifying if server domain is blocked
09/22/23 20:59:25:985 | [INFO] | | | | DispatchClientLib | | | 11160 | EndPoint requested: [ClientConfiguration]
09/22/23 20:59:25:985 | [INFO] | | | | DispatchClientLib | | | 11160 | Length of the URL: [64]
09/22/23 20:59:25:985 | [INFO] | | | | DispatchClientLib | | | 11160 | Returning from getEndpointAddr: [0]
09/22/23 20:59:25:985 | [INFO] | | | | DispatchClientLib | | | 11160 | EndPoint requested: [ClientConfiguration]
09/22/23 20:59:25:985 | [INFO] | | | | DispatchClientLib | | | 11160 | Length of the URL: [64]
09/22/23 20:59:25:985 | [INFO] | | | | DispatchClientLib | | | 11160 | URL found [https://genuine.adobe.com/server/services/clientconfiguration/v1]
09/22/23 20:59:25:985 | [INFO] | | | | DispatchClientLib | | | 11160 | Returning from getEndpointAddr: [0]
09/22/23 20:59:26:216 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | HTTPCommunicationAgent::processMessage is https://genuine.adobe.com/server/services/clientconfiguration/v1 (extURL=)
09/22/23 20:59:26:959 | [INFO] | | | | AdobeGCIALWrapper | | | 15284 | HTTP Request Status code 200.
09/22/23 20:59:26:963 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | HTTPCommunicationAgent- Return Code:[0] response size-[2291] time taken-[747.31]ms.
09/22/23 20:59:26:965 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | Parsing response successful
09/22/23 20:59:26:965 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | AdobeGC sending client configuration event- [0] took - [982.71]ms.
09/22/23 20:59:26:965 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | client configuration fetched successfully
09/22/23 20:59:26:965 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | Closing AdobeIALClient 1.0 Release (build 1.0.6.3) session.
09/22/23 20:59:27:064 | [INFO] | | | | NGLAppIDLookup | | | 11160 | SetNextClientConfigTimestamp
09/22/23 20:59:27:064 | [INFO] | | | | NGLAppIDLookup | | | 11160 | SetNextClientConfigTimestamp Wait Period 604800
09/22/23 20:59:27:068 | [INFO] | | | | NGLAppIDLookup | | | 11160 | SetNextClientConfigTimestamp Wait Period Xtnd 1696031967
09/22/23 20:59:27:073 | [DEBUG] | | | | AdobeGCClientImpl | | | 11160 | Country is allowllisted
09/22/23 20:59:27:092 | [INFO] | | | | AdobeGCWorkflowImpl | | | 11160 | istargeted flag read
09/22/23 20:59:27:092 | [DEBUG] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Getting list of installed Flash Player plugins
09/22/23 20:59:27:101 | [INFO] | | | | AdobeGCHDWrapper | | | 11160 | Getting list of NGL based installed products
09/22/23 20:59:27:101 | [INFO] | | | | AdobeGCHDWrapper | | | 11160 | Querying for all HD based installed products
09/22/23 20:59:27:124 | [INFO] | | | | AdobeGCHDWrapper | | | 11160 | Failed to fetch list of installed products
09/22/23 20:59:27:130 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Getting machine id
09/22/23 20:59:27:131 | [INFO] | | | | SLCoreService | | | 11160 | Starting up SLCore 2.0 Release (build 2.0.1.360321).
09/22/23 20:59:27:131 | [ERROR] | | | | SLCoreService | | | 11160 | user based licensing: 0
09/22/23 20:59:27:131 | [INFO] | | | | SLCoreService | | | 11160 | Service construction took 0.1 ms and succeed.
09/22/23 20:59:27:151 | [INFO] | | | | SLCoreService | | | 11160 | Shutting down SLCore 2.0 Release (build 2.0.1.360321).
09/22/23 20:59:27:151 | [INFO] | | | | SLCoreService | | | 11160 | Service destruction took 0.1 ms and succeed.
09/22/23 20:59:27:152 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | machine id is 1/pf0Nd70yCK52av80jHRFAFwXUcwqAN
09/22/23 20:59:27:162 | [ERROR] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Last updateCheck request status read : Success,0
09/22/23 20:59:27:163 | [ERROR] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Last update check attempted timestamp read : 1695257925000
09/22/23 20:59:27:164 | [ERROR] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Failed to read client source of installation: 3
09/22/23 20:59:27:166 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Successfully fetched all replay write status records
09/22/23 20:59:27:166 | [DEBUG] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Products installed on the machine, sending fetch rules
09/22/23 20:59:27:166 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | Fetching Rules started
09/22/23 20:59:27:166 | [INFO] | | | | DispatchClientLib | | | 11160 | Dispatch table loaded from path: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\dispatchtable.xml
09/22/23 20:59:27:166 | [INFO] | | | | DispatchClientLib | | | 11160 | (re)load Local Dispatch Table status-[0].
09/22/23 20:59:27:166 | [INFO] | | | | DispatchClientLib | | | 11160 | Scope : [2]
09/22/23 20:59:27:166 | [INFO] | | | | DispatchClientLib | | | 11160 | Setting scope to GM
09/22/23 20:59:27:166 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | AdobeIALClient 1.0 Release (build 1.0.6.3) initializing session...
09/22/23 20:59:27:167 | [INFO] | | | | AdobeGCClientNSLookup | | | 11160 | Verifying if server domain is blocked
09/22/23 20:59:27:168 | [INFO] | | | | DispatchClientLib | | | 11160 | EndPoint requested: [FetchRulesV2]
09/22/23 20:59:27:168 | [INFO] | | | | DispatchClientLib | | | 11160 | Length of the URL: [50]
09/22/23 20:59:27:168 | [INFO] | | | | DispatchClientLib | | | 11160 | Returning from getEndpointAddr: [0]
09/22/23 20:59:27:168 | [INFO] | | | | DispatchClientLib | | | 11160 | EndPoint requested: [FetchRulesV2]
09/22/23 20:59:27:168 | [INFO] | | | | DispatchClientLib | | | 11160 | Length of the URL: [50]
09/22/23 20:59:27:168 | [INFO] | | | | DispatchClientLib | | | 11160 | URL found [https://genuine.adobe.com/server/services/rules/v2]
09/22/23 20:59:27:168 | [INFO] | | | | DispatchClientLib | | | 11160 | Returning from getEndpointAddr: [0]
09/22/23 20:59:27:172 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | HTTPCommunicationAgent::processMessage is https://genuine.adobe.com/server/services/rules/v2 (extURL=)
09/22/23 20:59:27:915 | [INFO] | | | | AdobeGCIALWrapper | | | 12784 | HTTP Request Status code 200.
09/22/23 20:59:27:917 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | HTTPCommunicationAgent- Return Code:[0] response size-[4121] time taken-[744.40]ms.
09/22/23 20:59:27:945 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | successfully cleared replay write status from database
09/22/23 20:59:28:014 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | Parsing response successful
09/22/23 20:59:28:014 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | Parsing successful
09/22/23 20:59:28:014 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | AdobeGC Fetching rules status - [0] took - [847.55]ms.
09/22/23 20:59:28:014 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | Rules successfully fetched
09/22/23 20:59:28:014 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | Closing AdobeIALClient 1.0 Release (build 1.0.6.3) session.
09/22/23 20:59:28:014 | [INFO] | | | | AdobeGCIALWrapper | | | 11160 | Fetching Rules ended
09/22/23 20:59:28:014 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Checking if update is required or not
09/22/23 20:59:28:014 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Latest Client version: 8.3.0.61
09/22/23 20:59:28:091 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11160 | Signature found
09/22/23 20:59:28:091 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11160 | Found valid signature, checking if signed by Adobe or not
09/22/23 20:59:28:124 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11160 | Signature found
09/22/23 20:59:28:131 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11160 | Client app successfully signed
09/22/23 20:59:28:131 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Client Health Status is 0
09/22/23 20:59:28:131 | [DEBUG] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | Update not Required
09/22/23 20:59:28:133 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | SetNextUpdateCheckDate
09/22/23 20:59:28:133 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | SetNextUpdateCheckDate Wait Period 86400
09/22/23 20:59:28:138 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11160 | SetNextUpdateCheckDate Wait Period Xtnd 1695513568
09/22/23 20:59:28:143 | [INFO] | | | | AdobeGCPostRulesWorkflowImpl | | | 11160 | Machine is non- targeted; SaveIsTargetFlagInSLCache
09/22/23 20:59:28:148 | [INFO] | | | | AdobeGCPostRulesWorkflowImpl | | | 11160 | Machine is non-OOC targeted; SaveIsTargetFlagInSLCache
09/22/23 20:59:28:155 | [ERROR] | | | | AdobeGCCheckSuppressPostRule | | | 11160 | Post Rule Request Time flag read
09/22/23 20:59:28:155 | [INFO] | | | | AdobeGCCheckSuppressPostRule | | | 11160 | LastPostRuleRequestDurationPassed from cache 1696555875
09/22/23 20:59:28:155 | [INFO] | | | | AdobeGCCheckSuppressPostRule | | | 11160 | LastPostRuleRequestDurationPassed cached 1696555875 , curr 1695427168 res = 0
09/22/23 20:59:28:155 | [DEBUG] | | | | AdobeGCVersionWrapper | | | 11160 | No input file path data
09/22/23 20:59:28:155 | [DEBUG] | | | | AdobeGCWorkflowImpl | | | 11160 | No Active LEID found
09/22/23 20:59:28:158 | [INFO] | | | | AdobeGCOOCImpl | | | 11160 | checking if valid ooc invocation
09/22/23 20:59:28:158 | [INFO] | | | | AdobeGCOOCImpl | | | 11160 | checking if ooc enabled
09/22/23 20:59:28:159 | [INFO] | | | | AdobeGCOOCImpl | | | 11160 | checking if ooc enabled
09/22/23 20:59:28:160 | [DEBUG] | | | | AdobeGCPostRulesWorkflowImpl | | | 11160 | Suppressing post rules for this launch
09/22/23 20:59:28:165 | [INFO] | | | | AdobeGCNotifAuditEvents | | | 11160 | Sending notification audit evens
09/22/23 20:59:28:166 | [ERROR] | | | | AdobeGCNotifAuditEvents | | | 11160 | Failed to fetch NextNotifAuditEventsTimestamp. Error: 3
09/22/23 20:59:28:167 | [ERROR] | | | | SQLiteServiceManagerLog | | | 11160 | sqlite3_get_table failed error code: 1, extended error code:1, error message: no such table: NotifAuditEvents
09/22/23 20:59:28:167 | [ERROR] | | | | AdobeGCNotifAuditEvents | | | 11160 | Failed to fetch notification audit events. Error: 2
09/22/23 20:59:28:170 | [INFO] | | | | SLCoreService | | | 11160 | Starting up SLCore 2.0 Release (build 2.0.1.360321).
09/22/23 20:59:28:170 | [ERROR] | | | | SLCoreService | | | 11160 | user based licensing: 0
09/22/23 20:59:28:170 | [INFO] | | | | SLCoreService | | | 11160 | Service construction took 0.2 ms and succeed.
09/22/23 20:59:28:198 | [INFO] | | | | SLCoreService | | | 11160 | Shutting down SLCore 2.0 Release (build 2.0.1.360321).
09/22/23 20:59:28:198 | [INFO] | | | | SLCoreService | | | 11160 | Service destruction took 0.1 ms and succeed.
09/22/23 20:59:28:211 | [INFO] | | | | AdobeGCValidatorAnalytics | | | 11160 | Fetching validator analytics
09/22/23 20:59:28:211 | [INFO] | | | | AdobeGCValidatorAnalytics | | | 11160 | Validator analytics JSON file does not exist
09/22/23 20:59:28:213 | [INFO] | | | | AdobeGCMachineEvents | | | 11160 | Failed to fetch all records and error is 3
09/22/23 20:59:28:213 | [INFO] | | | | AdobeGCMachineEvents | | | 11160 | database is either empty or failed to read database and also no installation events and validator analytics found
09/22/23 20:59:28:213 | [INFO] | | | | AdobeGCPHEvents | | | 11160 | Sending PH Data
09/22/23 20:59:28:215 | [INFO] | | | | AdobeGCPHEvents | | | 11160 | PH-GC File does not exist
09/22/23 20:59:28:215 | [INFO] | | | | AdobeGCClientImpl | | | 11160 | Semaphore signalled
09/22/23 20:59:28:216 | [DEBUG] | | | | AdobeGCClientImpl | | | 11160 | AdobeGC folder is empty, Deleting Folder
09/22/23 20:59:28:216 | [INFO] | | | | AdobeGCClientMain | | | 11160 | Client request processing completed
09/22/23 20:59:28:216 | [INFO] | | | | AdobeGCClientMain | | | 11160 | *********** Adobe GCClient Launch Ended ************
09/25/23 08:56:26:915 | [INFO] | | | | AdobeGCInvokerUtilityHelper | | | 11392 | AdobeGCInvokerUtility : inside getLatestGCApplication
09/25/23 08:56:26:917 | [INFO] | | | | AdobeGCUpdater | | | 11392 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 08:56:26:917 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11392 | Perform WF started
09/25/23 08:56:26:918 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11392 | Perform WF completed
09/25/23 08:56:26:918 | [DEBUG] | | | | AdobeGCInvokerUtilityHelper | | | 11440 | Trying to acquire the semaphore
09/25/23 08:56:26:918 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 11392 | AdobeGCInvokerUtility :inside waitForCFUCallBack.
09/25/23 08:56:26:918 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 11440 | Semaphore acquired
09/25/23 08:56:26:918 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11440 | Threaded CFU Started
09/25/23 08:56:26:918 | [INFO] | | | | AdobeGCUpdater | | | 11440 | Get client install path Started
09/25/23 08:56:26:923 | [INFO] | | | | AdobeGCUpdater | | | 11440 | Get client install path Ended
09/25/23 08:56:26:923 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11440 | Client sanitization started
09/25/23 08:56:26:923 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11440 | Signature Self Signing Check
09/25/23 08:56:27:100 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11440 | Signature found
09/25/23 08:56:27:100 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11440 | Found valid signature, checking if signed by Adobe or not
09/25/23 08:56:27:180 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11440 | Signature found
09/25/23 08:56:27:194 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11440 | Client app successfully signed
09/25/23 08:56:27:199 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11440 | Client sanitization ended
09/25/23 08:56:27:211 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11440 | Threaded CFU Ended
09/25/23 08:56:27:211 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11440 | Semaphore signalled
09/25/23 08:56:27:749 | [INFO] | | | | AdobeGCUpdater | | | 11624 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 08:56:27:750 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11624 | Perform WF started
09/25/23 08:56:27:750 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11624 | Perform WF completed
09/25/23 08:56:27:750 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 11652 | Trying to acquire the semaphore
09/25/23 08:56:27:750 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 11652 | Semaphore acquired
09/25/23 08:56:27:750 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11652 | Threaded CFU Started
09/25/23 08:56:27:750 | [INFO] | | | | AdobeGCUpdater | | | 11652 | Get client install path Started
09/25/23 08:56:27:751 | [INFO] | | | | AdobeGCUpdater | | | 11652 | Get client install path Ended
09/25/23 08:56:27:751 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11652 | Client sanitization started
09/25/23 08:56:27:751 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11652 | Signature Self Signing Check
09/25/23 08:56:27:856 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11652 | Signature found
09/25/23 08:56:27:856 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11652 | Found valid signature, checking if signed by Adobe or not
09/25/23 08:56:27:923 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11652 | Signature found
09/25/23 08:56:27:932 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11652 | Client app successfully signed
09/25/23 08:56:27:933 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 11392 | AdobeGCInvokerUtility : AdobeGC_CFUCallbackFn is invoked
09/25/23 08:56:27:933 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 11392 | AdobeGCInvokerUtility : inside invokeGCApplication.
09/25/23 08:56:27:933 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11652 | Client sanitization ended
09/25/23 08:56:27:936 | [INFO] | | | | AdobeGCUpdater | | | 11392 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 08:56:27:936 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 11392 | Trying to acquire the semaphore
09/25/23 08:56:27:937 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11652 | Threaded CFU Ended
09/25/23 08:56:27:937 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11652 | Semaphore signalled
09/25/23 08:56:27:937 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 11392 | Semaphore acquired
09/25/23 08:56:27:937 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | Perform WF started
09/25/23 08:56:27:945 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | isOOCTargeted flag read
09/25/23 08:56:27:951 | [ERROR] | | | | AdobeGCUpdaterIC | | | 11392 | Time flag read
09/25/23 08:56:27:951 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | GCInvokerNextClientLaunchTimestamp from cache 1695512965
09/25/23 08:56:27:951 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | GCInvokerNextClientLaunchTimestamp cached 1695512965 , curr 1695642987 res = 1
09/25/23 08:56:27:951 | [INFO] | | | | AdobeGCUpdater | | | 11392 | Get client install path Started
09/25/23 08:56:27:952 | [INFO] | | | | AdobeGCUpdater | | | 11392 | Get client install path Ended
09/25/23 08:56:27:952 | [INFO] | | | | AdobeGCUpdater | | | 11392 | Get client launcher install path Started
09/25/23 08:56:27:953 | [INFO] | | | | AdobeGCUpdater | | | 11392 | Get client launcher install path Ended
09/25/23 08:56:27:954 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 11392 | Get XML path Started
09/25/23 08:56:27:954 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 11392 | Create XML Started
09/25/23 08:56:27:954 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 11392 | Adding generic details Started
09/25/23 08:56:27:954 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 11392 | Adding generic details Ended
09/25/23 08:56:27:954 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 11392 | Create XML Ended
09/25/23 08:56:27:954 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 11392 | Storing XML Started
09/25/23 08:56:27:955 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 11392 | Storing XML Ended
09/25/23 08:56:27:955 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 11392 | Storing XML Started
09/25/23 08:56:27:956 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 11392 | Storing XML Ended
09/25/23 08:56:27:956 | [INFO] | | | | AdobeGCUpdaterXMLWrapper | | | 11392 | Get XML path Ended
09/25/23 08:56:27:956 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | Invoking GC client started
09/25/23 08:56:27:956 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | override path for acrobat is 0
09/25/23 08:56:27:956 | [INFO] | | | | AdobeGCUpdater | | | 11392 | Get client install path Started
09/25/23 08:56:27:956 | [INFO] | | | | AdobeGCUpdater | | | 11392 | Get client install path Ended
09/25/23 08:56:27:956 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | path found is C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
09/25/23 08:56:27:980 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | Invoking GC client completed
09/25/23 08:56:27:980 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | SaveGCInvokerNextLaunchTimestamp
09/25/23 08:56:27:980 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | SaveGCInvokerNextLaunchTimestamp Wait Period 86400
09/25/23 08:56:27:984 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | SaveGCInvokerNextLaunchTimestamp Wait Period Xtnd 1695729387
09/25/23 08:56:27:984 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | Perform WF completed
09/25/23 08:56:27:984 | [INFO] | | | | AdobeGCUpdaterIC | | | 11392 | Semaphore signalled
09/25/23 08:56:27:984 | [INFO] | | | | AdobeGCUpdater | | | 11392 | ***********AdobeGC Updater library End*******************
09/25/23 08:56:27:984 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 11392 | AdobeGCInvokerUtility : AdobeGC_ReleaseRef called.
09/25/23 08:56:28:205 | [INFO] | | | | AdobeGCClientMain | | | 11676 | *********** Adobe GCClient Launched = 8.3.0.61 ************
09/25/23 08:56:28:205 | [INFO] | | | | AdobeGCClientMain | | | 11676 | Initiating workflow
09/25/23 08:56:28:205 | [INFO] | | | | AdobeGCClientMain | | | 11676 | Client request processing started
09/25/23 08:56:28:206 | [INFO] | | | | AdobeGCClientMain | | | 11676 | Lock acquired, continue with the workflow
09/25/23 08:56:28:209 | [INFO] | | | | AdobeGCClientImpl | | | 11676 | Initializing client workflow
09/25/23 08:56:28:210 | [DEBUG] | | | | AdobeGCClientImpl | | | 11676 | Trying to acquire the semaphore
09/25/23 08:56:28:210 | [DEBUG] | | | | AdobeGCClientImpl | | | 11676 | Semaphore acquired
09/25/23 08:56:28:210 | [DEBUG] | | | | AdobeGCClientImpl | | | 11676 | AdobeGCClient invoked from Scheduler entry, sleeping for 5 minutes to avoid disk overusage
09/25/23 08:56:28:758 | [INFO] | | | | AdobeGCUpdater | | | 11624 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 08:56:28:759 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 11624 | Trying to acquire the semaphore
09/25/23 08:56:28:759 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 11624 | Semaphore acquired
09/25/23 08:56:28:759 | [INFO] | | | | AdobeGCUpdaterIC | | | 11624 | Perform WF started
09/25/23 08:56:28:759 | [INFO] | | | | AdobeGCUpdaterIC | | | 11624 | Invocation agent is CSUpdater
09/25/23 08:56:28:759 | [INFO] | | | | AdobeGCUpdaterIC | | | 11624 | Not invoking client
09/25/23 08:56:28:759 | [INFO] | | | | AdobeGCUpdaterIC | | | 11624 | Perform WF completed
09/25/23 08:56:28:759 | [INFO] | | | | AdobeGCUpdaterIC | | | 11624 | Semaphore signalled
09/25/23 08:56:28:759 | [INFO] | | | | AdobeGCUpdater | | | 11624 | ***********AdobeGC Updater library End*******************
09/25/23 09:06:28:226 | [DEBUG] | | | | AdobeGCClientImpl | | | 11676 | Country is allowllisted
09/25/23 09:06:28:247 | [INFO] | | | | AdobeGCWorkflowImpl | | | 11676 | istargeted flag read
09/25/23 09:06:28:247 | [DEBUG] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Getting list of installed Flash Player plugins
09/25/23 09:06:28:256 | [INFO] | | | | AdobeGCHDWrapper | | | 11676 | Getting list of NGL based installed products
09/25/23 09:06:28:256 | [INFO] | | | | AdobeGCHDWrapper | | | 11676 | Querying for all HD based installed products
09/25/23 09:06:28:281 | [INFO] | | | | AdobeGCHDWrapper | | | 11676 | Failed to fetch list of installed products
09/25/23 09:06:28:288 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Getting machine id
09/25/23 09:06:28:289 | [INFO] | | | | SLCoreService | | | 11676 | Starting up SLCore 2.0 Release (build 2.0.1.360321).
09/25/23 09:06:28:289 | [ERROR] | | | | SLCoreService | | | 11676 | user based licensing: 0
09/25/23 09:06:28:289 | [INFO] | | | | SLCoreService | | | 11676 | Service construction took 0.2 ms and succeed.
09/25/23 09:06:28:325 | [INFO] | | | | SLCoreService | | | 11676 | Shutting down SLCore 2.0 Release (build 2.0.1.360321).
09/25/23 09:06:28:325 | [INFO] | | | | SLCoreService | | | 11676 | Service destruction took 0.1 ms and succeed.
09/25/23 09:06:28:325 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | machine id is 1/pf0Nd70yCK52av80jHRFAFwXUcwqAN
09/25/23 09:06:28:337 | [ERROR] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Last updateCheck request status read : Success,0
09/25/23 09:06:28:338 | [ERROR] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Last update check attempted timestamp read : 1695257925000
09/25/23 09:06:28:339 | [ERROR] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Failed to read client source of installation: 3
09/25/23 09:06:28:340 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Successfully fetched all replay write status records
09/25/23 09:06:28:341 | [DEBUG] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Products installed on the machine, sending fetch rules
09/25/23 09:06:28:341 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | Fetching Rules started
09/25/23 09:06:28:342 | [INFO] | | | | DispatchClientLib | | | 11676 | __OOBELIB_LOG_FILE__
09/25/23 09:06:28:342 | [INFO] | | | | DispatchClientLib | | | 11676 | Dispatch table loaded from path: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\dispatchtable.xml
09/25/23 09:06:28:343 | [INFO] | | | | DispatchClientLib | | | 11676 | (re)load Local Dispatch Table status-[0].
09/25/23 09:06:28:343 | [INFO] | | | | DispatchClientLib | | | 11676 | Scope : [2]
09/25/23 09:06:28:343 | [INFO] | | | | DispatchClientLib | | | 11676 | Setting scope to GM
09/25/23 09:06:28:343 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | AdobeIALClient 1.0 Release (build 1.0.6.3) initializing session...
09/25/23 09:06:28:344 | [INFO] | | | | AdobeGCClientNSLookup | | | 11676 | Verifying if server domain is blocked
09/25/23 09:06:28:345 | [INFO] | | | | DispatchClientLib | | | 11676 | EndPoint requested: [FetchRulesV2]
09/25/23 09:06:28:345 | [INFO] | | | | DispatchClientLib | | | 11676 | Length of the URL: [50]
09/25/23 09:06:28:345 | [INFO] | | | | DispatchClientLib | | | 11676 | Returning from getEndpointAddr: [0]
09/25/23 09:06:28:345 | [INFO] | | | | DispatchClientLib | | | 11676 | EndPoint requested: [FetchRulesV2]
09/25/23 09:06:28:345 | [INFO] | | | | DispatchClientLib | | | 11676 | Length of the URL: [50]
09/25/23 09:06:28:345 | [INFO] | | | | DispatchClientLib | | | 11676 | URL found [https://genuine.adobe.com/server/services/rules/v2]
09/25/23 09:06:28:345 | [INFO] | | | | DispatchClientLib | | | 11676 | Returning from getEndpointAddr: [0]
09/25/23 09:06:28:647 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | HTTPCommunicationAgent::processMessage is https://genuine.adobe.com/server/services/rules/v2 (extURL=)
09/25/23 09:06:29:657 | [INFO] | | | | AdobeGCIALWrapper | | | 15084 | HTTP Request Status code 200.
09/25/23 09:06:29:662 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | HTTPCommunicationAgent- Return Code:[0] response size-[4121] time taken-[1015.29]ms.
09/25/23 09:06:29:754 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | successfully cleared replay write status from database
09/25/23 09:06:30:158 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | Parsing response successful
09/25/23 09:06:30:158 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | Parsing successful
09/25/23 09:06:30:158 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | AdobeGC Fetching rules status - [0] took - [1814.61]ms.
09/25/23 09:06:30:158 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | Rules successfully fetched
09/25/23 09:06:30:158 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | Closing AdobeIALClient 1.0 Release (build 1.0.6.3) session.
09/25/23 09:06:30:158 | [INFO] | | | | AdobeGCIALWrapper | | | 11676 | Fetching Rules ended
09/25/23 09:06:30:158 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Checking if update is required or not
09/25/23 09:06:30:158 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Latest Client version: 8.3.0.61
09/25/23 09:06:30:255 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11676 | Signature found
09/25/23 09:06:30:255 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11676 | Found valid signature, checking if signed by Adobe or not
09/25/23 09:06:30:296 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11676 | Signature found
09/25/23 09:06:30:305 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11676 | Client app successfully signed
09/25/23 09:06:30:305 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Client Health Status is 0
09/25/23 09:06:30:305 | [DEBUG] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | Update not Required
09/25/23 09:06:30:307 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | SetNextUpdateCheckDate
09/25/23 09:06:30:307 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | SetNextUpdateCheckDate Wait Period 86400
09/25/23 09:06:30:348 | [INFO] | | | | AdobeGCClientFetchRuleWFImpl | | | 11676 | SetNextUpdateCheckDate Wait Period Xtnd 1695729990
09/25/23 09:06:30:368 | [INFO] | | | | AdobeGCPostRulesWorkflowImpl | | | 11676 | Machine is non- targeted; SaveIsTargetFlagInSLCache
09/25/23 09:06:30:436 | [INFO] | | | | AdobeGCPostRulesWorkflowImpl | | | 11676 | Machine is non-OOC targeted; SaveIsTargetFlagInSLCache
09/25/23 09:06:30:506 | [ERROR] | | | | AdobeGCCheckSuppressPostRule | | | 11676 | Post Rule Request Time flag read
09/25/23 09:06:30:506 | [INFO] | | | | AdobeGCCheckSuppressPostRule | | | 11676 | LastPostRuleRequestDurationPassed from cache 1696555875
09/25/23 09:06:30:507 | [INFO] | | | | AdobeGCCheckSuppressPostRule | | | 11676 | LastPostRuleRequestDurationPassed cached 1696555875 , curr 1695643590 res = 0
09/25/23 09:06:30:508 | [DEBUG] | | | | AdobeGCVersionWrapper | | | 11676 | No input file path data
09/25/23 09:06:30:508 | [DEBUG] | | | | AdobeGCWorkflowImpl | | | 11676 | No Active LEID found
09/25/23 09:06:30:515 | [INFO] | | | | AdobeGCOOCImpl | | | 11676 | checking if valid ooc invocation
09/25/23 09:06:30:515 | [INFO] | | | | AdobeGCOOCImpl | | | 11676 | checking if ooc enabled
09/25/23 09:06:30:518 | [INFO] | | | | AdobeGCOOCImpl | | | 11676 | checking if ooc enabled
09/25/23 09:06:30:524 | [DEBUG] | | | | AdobeGCPostRulesWorkflowImpl | | | 11676 | Suppressing post rules for this launch
09/25/23 09:06:30:563 | [INFO] | | | | AdobeGCNotifAuditEvents | | | 11676 | Sending notification audit evens
09/25/23 09:06:30:564 | [ERROR] | | | | AdobeGCNotifAuditEvents | | | 11676 | Failed to fetch NextNotifAuditEventsTimestamp. Error: 3
09/25/23 09:06:30:565 | [ERROR] | | | | SQLiteServiceManagerLog | | | 11676 | sqlite3_get_table failed error code: 1, extended error code:1, error message: no such table: NotifAuditEvents
09/25/23 09:06:30:565 | [ERROR] | | | | AdobeGCNotifAuditEvents | | | 11676 | Failed to fetch notification audit events. Error: 2
09/25/23 09:06:30:568 | [INFO] | | | | SLCoreService | | | 11676 | Starting up SLCore 2.0 Release (build 2.0.1.360321).
09/25/23 09:06:30:569 | [ERROR] | | | | SLCoreService | | | 11676 | user based licensing: 0
09/25/23 09:06:30:569 | [INFO] | | | | SLCoreService | | | 11676 | Service construction took 0.2 ms and succeed.
09/25/23 09:06:30:599 | [INFO] | | | | SLCoreService | | | 11676 | Shutting down SLCore 2.0 Release (build 2.0.1.360321).
09/25/23 09:06:30:599 | [INFO] | | | | SLCoreService | | | 11676 | Service destruction took 0.1 ms and succeed.
09/25/23 09:06:30:610 | [INFO] | | | | AdobeGCValidatorAnalytics | | | 11676 | Fetching validator analytics
09/25/23 09:06:30:611 | [INFO] | | | | AdobeGCValidatorAnalytics | | | 11676 | Validator analytics JSON file does not exist
09/25/23 09:06:30:658 | [INFO] | | | | AdobeGCMachineEvents | | | 11676 | Failed to fetch all records and error is 3
09/25/23 09:06:30:659 | [INFO] | | | | AdobeGCMachineEvents | | | 11676 | database is either empty or failed to read database and also no installation events and validator analytics found
09/25/23 09:06:30:659 | [INFO] | | | | AdobeGCPHEvents | | | 11676 | Sending PH Data
09/25/23 09:06:30:661 | [INFO] | | | | AdobeGCPHEvents | | | 11676 | PH-GC File does not exist
09/25/23 09:06:30:661 | [INFO] | | | | AdobeGCClientImpl | | | 11676 | Semaphore signalled
09/25/23 09:06:30:662 | [DEBUG] | | | | AdobeGCClientImpl | | | 11676 | AdobeGC folder is empty, Deleting Folder
09/25/23 09:06:30:662 | [INFO] | | | | AdobeGCClientMain | | | 11676 | Client request processing completed
09/25/23 09:06:30:662 | [INFO] | | | | AdobeGCClientMain | | | 11676 | *********** Adobe GCClient Launch Ended ************
09/25/23 09:08:01:883 | [INFO] | | | | AdobeGCInvokerUtilityHelper | | | 9824 | AdobeGCInvokerUtility : inside getLatestGCApplication
09/25/23 09:08:01:884 | [INFO] | | | | AdobeGCUpdater | | | 9824 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 09:08:01:885 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9824 | Perform WF started
09/25/23 09:08:01:885 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9824 | Perform WF completed
09/25/23 09:08:01:885 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9824 | AdobeGCInvokerUtility :inside waitForCFUCallBack.
09/25/23 09:08:01:885 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 9844 | Trying to acquire the semaphore
09/25/23 09:08:01:885 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 9844 | Semaphore acquired
09/25/23 09:08:01:885 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9844 | Threaded CFU Started
09/25/23 09:08:01:885 | [INFO] | | | | AdobeGCUpdater | | | 9844 | Get client install path Started
09/25/23 09:08:01:887 | [INFO] | | | | AdobeGCUpdater | | | 9844 | Get client install path Ended
09/25/23 09:08:01:887 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9844 | Client sanitization started
09/25/23 09:08:01:887 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9844 | Signature Self Signing Check
09/25/23 09:08:02:003 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9844 | Signature found
09/25/23 09:08:02:003 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9844 | Found valid signature, checking if signed by Adobe or not
09/25/23 09:08:02:085 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9844 | Signature found
09/25/23 09:08:02:094 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9844 | Client app successfully signed
09/25/23 09:08:02:095 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9844 | Client sanitization ended
09/25/23 09:08:02:108 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9844 | Threaded CFU Ended
09/25/23 09:08:02:108 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9844 | Semaphore signalled
09/25/23 09:08:02:603 | [INFO] | | | | AdobeGCUpdater | | | 9860 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 09:08:02:604 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9860 | Perform WF started
09/25/23 09:08:02:604 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9860 | Perform WF completed
09/25/23 09:08:02:604 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 9888 | Trying to acquire the semaphore
09/25/23 09:08:02:604 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 9888 | Semaphore acquired
09/25/23 09:08:02:604 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9888 | Threaded CFU Started
09/25/23 09:08:02:604 | [INFO] | | | | AdobeGCUpdater | | | 9888 | Get client install path Started
09/25/23 09:08:02:605 | [INFO] | | | | AdobeGCUpdater | | | 9888 | Get client install path Ended
09/25/23 09:08:02:605 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9888 | Client sanitization started
09/25/23 09:08:02:605 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9888 | Signature Self Signing Check
09/25/23 09:08:02:718 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9888 | Signature found
09/25/23 09:08:02:718 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9888 | Found valid signature, checking if signed by Adobe or not
09/25/23 09:08:02:799 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9888 | Signature found
09/25/23 09:08:02:807 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 9888 | Client app successfully signed
09/25/23 09:08:02:807 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9888 | Client sanitization ended
09/25/23 09:08:02:812 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9888 | Threaded CFU Ended
09/25/23 09:08:02:812 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9888 | Semaphore signalled
09/25/23 09:08:02:890 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9824 | AdobeGCInvokerUtility : AdobeGC_CFUCallbackFn is invoked
09/25/23 09:08:02:890 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9824 | AdobeGCInvokerUtility : inside invokeGCApplication.
09/25/23 09:08:02:891 | [INFO] | | | | AdobeGCUpdater | | | 9824 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 09:08:02:892 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 9824 | Trying to acquire the semaphore
09/25/23 09:08:02:892 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 9824 | Semaphore acquired
09/25/23 09:08:02:892 | [INFO] | | | | AdobeGCUpdaterIC | | | 9824 | Perform WF started
09/25/23 09:08:02:900 | [INFO] | | | | AdobeGCUpdaterIC | | | 9824 | isOOCTargeted flag read
09/25/23 09:08:02:909 | [ERROR] | | | | AdobeGCUpdaterIC | | | 9824 | Time flag read
09/25/23 09:08:02:909 | [INFO] | | | | AdobeGCUpdaterIC | | | 9824 | GCInvokerNextClientLaunchTimestamp from cache 1695729387
09/25/23 09:08:02:909 | [INFO] | | | | AdobeGCUpdaterIC | | | 9824 | GCInvokerNextClientLaunchTimestamp cached 1695729387 , curr 1695643682 res = 0
09/25/23 09:08:02:909 | [INFO] | | | | AdobeGCUpdaterIC | | | 9824 | Invocation agent is GC Invoker Utility at logon and time is not elapsed
09/25/23 09:08:02:909 | [INFO] | | | | AdobeGCUpdaterIC | | | 9824 | Not invoking client
09/25/23 09:08:02:909 | [INFO] | | | | AdobeGCUpdaterIC | | | 9824 | Perform WF completed
09/25/23 09:08:02:909 | [INFO] | | | | AdobeGCUpdaterIC | | | 9824 | Semaphore signalled
09/25/23 09:08:02:909 | [INFO] | | | | AdobeGCUpdater | | | 9824 | ***********AdobeGC Updater library End*******************
09/25/23 09:08:02:909 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9824 | AdobeGCInvokerUtility : AdobeGC_ReleaseRef called.
09/25/23 09:08:03:612 | [INFO] | | | | AdobeGCUpdater | | | 9860 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 09:08:03:612 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 9860 | Trying to acquire the semaphore
09/25/23 09:08:03:612 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 9860 | Semaphore acquired
09/25/23 09:08:03:612 | [INFO] | | | | AdobeGCUpdaterIC | | | 9860 | Perform WF started
09/25/23 09:08:03:612 | [INFO] | | | | AdobeGCUpdaterIC | | | 9860 | Invocation agent is CSUpdater
09/25/23 09:08:03:612 | [INFO] | | | | AdobeGCUpdaterIC | | | 9860 | Not invoking client
09/25/23 09:08:03:612 | [INFO] | | | | AdobeGCUpdaterIC | | | 9860 | Perform WF completed
09/25/23 09:08:03:612 | [INFO] | | | | AdobeGCUpdaterIC | | | 9860 | Semaphore signalled
09/25/23 09:08:03:612 | [INFO] | | | | AdobeGCUpdater | | | 9860 | ***********AdobeGC Updater library End*******************
09/25/23 09:10:30:581 | [INFO] | | | | AdobeGCInvokerUtilityHelper | | | 9432 | AdobeGCInvokerUtility : inside getLatestGCApplication
09/25/23 09:10:30:582 | [INFO] | | | | AdobeGCUpdater | | | 9432 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 09:10:30:582 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9432 | Perform WF started
09/25/23 09:10:30:582 | [INFO] | | | | AdobeGCUpdaterCFU | | | 9432 | Perform WF completed
09/25/23 09:10:30:582 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9432 | AdobeGCInvokerUtility :inside waitForCFUCallBack.
09/25/23 09:10:30:582 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 11332 | Trying to acquire the semaphore
09/25/23 09:10:30:582 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 11332 | Semaphore acquired
09/25/23 09:10:30:582 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11332 | Threaded CFU Started
09/25/23 09:10:30:582 | [INFO] | | | | AdobeGCUpdater | | | 11332 | Get client install path Started
09/25/23 09:10:30:585 | [INFO] | | | | AdobeGCUpdater | | | 11332 | Get client install path Ended
09/25/23 09:10:30:585 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11332 | Client sanitization started
09/25/23 09:10:30:585 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11332 | Signature Self Signing Check
09/25/23 09:10:30:704 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11332 | Signature found
09/25/23 09:10:30:704 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11332 | Found valid signature, checking if signed by Adobe or not
09/25/23 09:10:30:784 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11332 | Signature found
09/25/23 09:10:30:794 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 11332 | Client app successfully signed
09/25/23 09:10:30:794 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11332 | Client sanitization ended
09/25/23 09:10:30:803 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11332 | Threaded CFU Ended
09/25/23 09:10:30:803 | [INFO] | | | | AdobeGCUpdaterCFU | | | 11332 | Semaphore signalled
09/25/23 09:10:31:313 | [INFO] | | | | AdobeGCUpdater | | | 8712 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 09:10:31:314 | [INFO] | | | | AdobeGCUpdaterCFU | | | 8712 | Perform WF started
09/25/23 09:10:31:314 | [INFO] | | | | AdobeGCUpdaterCFU | | | 8712 | Perform WF completed
09/25/23 09:10:31:314 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 7688 | Trying to acquire the semaphore
09/25/23 09:10:31:314 | [DEBUG] | | | | AdobeGCUpdaterCFU | | | 7688 | Semaphore acquired
09/25/23 09:10:31:314 | [INFO] | | | | AdobeGCUpdaterCFU | | | 7688 | Threaded CFU Started
09/25/23 09:10:31:314 | [INFO] | | | | AdobeGCUpdater | | | 7688 | Get client install path Started
09/25/23 09:10:31:315 | [INFO] | | | | AdobeGCUpdater | | | 7688 | Get client install path Ended
09/25/23 09:10:31:315 | [INFO] | | | | AdobeGCUpdaterCFU | | | 7688 | Client sanitization started
09/25/23 09:10:31:315 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 7688 | Signature Self Signing Check
09/25/23 09:10:31:428 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 7688 | Signature found
09/25/23 09:10:31:428 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 7688 | Found valid signature, checking if signed by Adobe or not
09/25/23 09:10:31:504 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 7688 | Signature found
09/25/23 09:10:31:512 | [INFO] | | | | AdobeGCCodeSignWrapper | | | 7688 | Client app successfully signed
09/25/23 09:10:31:513 | [INFO] | | | | AdobeGCUpdaterCFU | | | 7688 | Client sanitization ended
09/25/23 09:10:31:517 | [INFO] | | | | AdobeGCUpdaterCFU | | | 7688 | Threaded CFU Ended
09/25/23 09:10:31:517 | [INFO] | | | | AdobeGCUpdaterCFU | | | 7688 | Semaphore signalled
09/25/23 09:10:31:586 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9432 | AdobeGCInvokerUtility : AdobeGC_CFUCallbackFn is invoked
09/25/23 09:10:31:586 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9432 | AdobeGCInvokerUtility : inside invokeGCApplication.
09/25/23 09:10:31:587 | [INFO] | | | | AdobeGCUpdater | | | 9432 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 09:10:31:587 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 9432 | Trying to acquire the semaphore
09/25/23 09:10:31:587 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 9432 | Semaphore acquired
09/25/23 09:10:31:588 | [INFO] | | | | AdobeGCUpdaterIC | | | 9432 | Perform WF started
09/25/23 09:10:31:597 | [INFO] | | | | AdobeGCUpdaterIC | | | 9432 | isOOCTargeted flag read
09/25/23 09:10:31:606 | [ERROR] | | | | AdobeGCUpdaterIC | | | 9432 | Time flag read
09/25/23 09:10:31:606 | [INFO] | | | | AdobeGCUpdaterIC | | | 9432 | GCInvokerNextClientLaunchTimestamp from cache 1695729387
09/25/23 09:10:31:606 | [INFO] | | | | AdobeGCUpdaterIC | | | 9432 | GCInvokerNextClientLaunchTimestamp cached 1695729387 , curr 1695643831 res = 0
09/25/23 09:10:31:606 | [INFO] | | | | AdobeGCUpdaterIC | | | 9432 | Invocation agent is GC Invoker Utility at logon and time is not elapsed
09/25/23 09:10:31:606 | [INFO] | | | | AdobeGCUpdaterIC | | | 9432 | Not invoking client
09/25/23 09:10:31:606 | [INFO] | | | | AdobeGCUpdaterIC | | | 9432 | Perform WF completed
09/25/23 09:10:31:606 | [INFO] | | | | AdobeGCUpdaterIC | | | 9432 | Semaphore signalled
09/25/23 09:10:31:606 | [INFO] | | | | AdobeGCUpdater | | | 9432 | ***********AdobeGC Updater library End*******************
09/25/23 09:10:31:606 | [ERROR] | | | | AdobeGCInvokerUtilityHelper | | | 9432 | AdobeGCInvokerUtility : AdobeGC_ReleaseRef called.
09/25/23 09:10:32:323 | [INFO] | | | | AdobeGCUpdater | | | 8712 | ***********AdobeGC Updater library invoked = 8.3.0.61 ************
09/25/23 09:10:32:323 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 8712 | Trying to acquire the semaphore
09/25/23 09:10:32:323 | [DEBUG] | | | | AdobeGCUpdaterIC | | | 8712 | Semaphore acquired
09/25/23 09:10:32:323 | [INFO] | | | | AdobeGCUpdaterIC | | | 8712 | Perform WF started
09/25/23 09:10:32:323 | [INFO] | | | | AdobeGCUpdaterIC | | | 8712 | Invocation agent is CSUpdater
09/25/23 09:10:32:323 | [INFO] | | | | AdobeGCUpdaterIC | | | 8712 | Not invoking client
09/25/23 09:10:32:323 | [INFO] | | | | AdobeGCUpdaterIC | | | 8712 | Perform WF completed
09/25/23 09:10:32:323 | [INFO] | | | | AdobeGCUpdaterIC | | | 8712 | Semaphore signalled
09/25/23 09:10:32:323 | [INFO] | | | | AdobeGCUpdater | | | 8712 | ***********AdobeGC Updater library End*******************

11 minutos atrás, Elias Pereira disse:

Preciso do conteudo desses logs. Após cada arquivo abrir na inicialização, copie e cole o conteudo na sua proxima resposta.

[0922/213856.103:VERBOSE1:setup_main.cc(1532)] Command Line: "C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\CR_24501.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\CR_24501.tmp\CHROME.PACKED.7Z" --verbose-logging --do-not-launch-chrome --channel=stable --system-level /installerdata="C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\gui7072.tmp"
[0922/213856.103:VERBOSE1:setup_main.cc(1538)] system install is 1
[0922/213856.103:VERBOSE1:install_util.cc(217)] No existing Chrome install found.
[0922/213856.103:VERBOSE1:installer_state.cc(87)] Install Chrome
[0922/213856.141:VERBOSE1:install_util.cc(246)] Windows NT 10.0.19045
[0922/213856.141:VERBOSE1:install_util.cc(217)] No existing Chrome install found.
[0922/213856.141:VERBOSE1:installer_state.cc(87)] Install Chrome
[0922/213856.141:VERBOSE1:setup_main.cc(800)] Installing to C:\Program Files\Google\Chrome\Application
[0922/213856.157:VERBOSE1:setup_main.cc(704)] Created path C:\Program Files\Google\Chrome\Temp
[0922/213856.157:VERBOSE1:setup_main.cc(1299)] Installing Chrome from compressed archive C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\CR_24501.tmp\CHROME.PACKED.7Z
[0922/213856.157:VERBOSE1:lzma_util.cc(260)] Opening archive C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\CR_24501.tmp\CHROME.PACKED.7Z
[0922/213856.157:VERBOSE1:lzma_util.cc(266)] Uncompressing archive to path C:\Program Files\Google\Chrome\Temp\source3892_608897567
[0922/213909.504:VERBOSE1:lzma_util.cc(260)] Opening archive C:\Program Files\Google\Chrome\Temp\source3892_608897567\chrome.7z
[0922/213909.504:VERBOSE1:lzma_util.cc(266)] Uncompressing archive to path C:\Program Files\Google\Chrome\Temp\source3892_608897567
[0922/213921.290:VERBOSE1:setup_main.cc(1357)] unpacked to C:\Program Files\Google\Chrome\Temp\source3892_608897567
[0922/213921.290:VERBOSE1:setup_util.cc(208)] Looking for Chrome version folder under C:\Program Files\Google\Chrome\Temp\source3892_608897567\Chrome-bin
[0922/213921.290:VERBOSE1:setup_util.cc(219)] directory found: 117.0.5938.92
[0922/213921.290:VERBOSE1:setup_main.cc(1367)] version to install: 117.0.5938.92
[0922/213921.290:VERBOSE1:install.cc(318)] Successfully wrote chrome.VisualElementsManifest.xml to C:\Program Files\Google\Chrome\Temp\source3892_608897567\Chrome-bin
[0922/213921.290:VERBOSE1:install_worker.cc(1079)] Adding unregistration items for per-user Metro keys.
[0922/213921.290:VERBOSE1:install_worker.cc(1102)] Adding registration items for Active Setup.
[0922/213921.296:VERBOSE1:work_item_list.cc(32)] Beginning execution of work item list
[0922/213921.296:VERBOSE1:create_dir_work_item.cc(30)] creating directory C:\Program Files\Google\Chrome\Temp
[0922/213921.296:VERBOSE1:create_dir_work_item.cc(30)] creating directory C:\Program Files\Google\Chrome\Application
[0922/213921.296:VERBOSE1:create_dir_work_item.cc(35)] Top directory that needs to be created: C:\Program Files\Google\Chrome\Application
[0922/213921.296:VERBOSE1:create_dir_work_item.cc(38)] Created directory
[0922/213921.613:VERBOSE1:create_dir_work_item.cc(30)] creating directory C:\Program Files\Google\Chrome\Application\SetupMetrics
[0922/213921.613:VERBOSE1:create_dir_work_item.cc(35)] Top directory that needs to be created: C:\Program Files\Google\Chrome\Application\SetupMetrics
[0922/213921.613:VERBOSE1:create_dir_work_item.cc(38)] Created directory
[0922/213921.613:VERBOSE1:copy_tree_work_item.cc(92)] Copied source C:\Program Files\Google\Chrome\Temp\source3892_608897567\Chrome-bin\chrome.exe to destination C:\Program Files\Google\Chrome\Application\chrome.exe
[0922/213921.613:VERBOSE1:move_tree_work_item.cc(87)] Moved source C:\Program Files\Google\Chrome\Temp\source3892_608897567\Chrome-bin\chrome.VisualElementsManifest.xml to destination C:\Program Files\Google\Chrome\Application\chrome.VisualElementsManifest.xml
[0922/213921.613:VERBOSE1:move_tree_work_item.cc(87)] Moved source C:\Program Files\Google\Chrome\Temp\source3892_608897567\Chrome-bin\117.0.5938.92 to destination C:\Program Files\Google\Chrome\Application\117.0.5938.92
[0922/213921.613:VERBOSE1:create_dir_work_item.cc(30)] creating directory C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer
[0922/213921.613:VERBOSE1:create_dir_work_item.cc(35)] Top directory that needs to be created: C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer
[0922/213921.613:VERBOSE1:create_dir_work_item.cc(38)] Created directory
[0922/213921.628:VERBOSE1:copy_tree_work_item.cc(92)] Copied source C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\CR_24501.tmp\setup.exe to destination C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\setup.exe
[0922/213921.628:VERBOSE1:copy_tree_work_item.cc(92)] Copied source C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\CR_24501.tmp\setup.exe to destination C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\chrmstp.exe
[0922/213921.628:VERBOSE1:move_tree_work_item.cc(87)] Moved source C:\Program Files\Google\Chrome\Temp\source3892_608897567\chrome.7z to destination C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\chrome.7z
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\setup.exe into Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value --uninstall --channel=stable --system-level --verbose-logging into Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Google Chrome into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\setup.exe" --uninstall --channel=stable --system-level --verbose-logging into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\chrome.exe,0 into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Google LLC into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value 117.0.5938.92 into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value 117.0.5938.92 into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value 20230922 into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome
[0922/213921.628:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Google Chrome into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96} or Value: oopcrashes does not exist.
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value 117.0.5938.92 into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Chrome\Metro
[0922/213921.628:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Chrome\Metro
[0922/213921.628:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Google Chrome into Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable into Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Google Chrome into Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value 43,0,0,0 into Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213921.628:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands
[0922/213921.628:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\on-os-upgrade
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\setup.exe" --on-os-upgrade --channel=stable --system-level --verbose-logging into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\on-os-upgrade
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\on-os-upgrade or Value: SendsPings does not exist.
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\on-os-upgrade or Value: WebAccessible does not exist.
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\on-os-upgrade
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\on-os-upgrade or Value: RunAsUser does not exist.
[0922/213921.628:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\store-dmtoken
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\setup.exe" --store-dmtoken=%1 --system-level --verbose-logging --channel=stable into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\store-dmtoken
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\store-dmtoken or Value: SendsPings does not exist.
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\store-dmtoken
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\store-dmtoken or Value: AutoRunOnOSUpgrade does not exist.
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\store-dmtoken or Value: RunAsUser does not exist.
[0922/213921.628:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\delete-dmtoken
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\setup.exe" --delete-dmtoken --system-level --verbose-logging --channel=stable into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\delete-dmtoken
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\delete-dmtoken or Value: SendsPings does not exist.
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\delete-dmtoken
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\delete-dmtoken or Value: AutoRunOnOSUpgrade does not exist.
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\delete-dmtoken or Value: RunAsUser does not exist.
[0922/213921.628:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\rotate-dtkey
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\setup.exe" --rotate-dtkey=%1 --dm-server-url=%2 --nonce=%3 --system-level --verbose-logging --channel=stable into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\rotate-dtkey
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\rotate-dtkey or Value: SendsPings does not exist.
[0922/213921.628:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\rotate-dtkey
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\rotate-dtkey or Value: AutoRunOnOSUpgrade does not exist.
[0922/213921.628:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\rotate-dtkey or Value: RunAsUser does not exist.
[0922/213922.277:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}
[0922/213922.277:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}
[0922/213922.277:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}
[0922/213922.277:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32
[0922/213922.277:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\117.0.5938.92\notification_helper.exe" into Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32
[0922/213922.277:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\117.0.5938.92\notification_helper.exe into Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32
[0922/213922.277:VERBOSE1:install_service_work_item_impl.cc(158)] Attempting to install new service following failure to open: O serviço especificado não existe como serviço instalado. (0x424)
[0922/213922.277:VERBOSE1:work_item_list.cc(32)] Beginning execution of work item list
[0922/213922.277:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\CLSID\{708860E0-F641-4611-8895-7D867DD3675B}
[0922/213922.277:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value {708860E0-F641-4611-8895-7D867DD3675B} into Software\Classes\CLSID\{708860E0-F641-4611-8895-7D867DD3675B}
[0922/213922.277:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\AppID\{708860E0-F641-4611-8895-7D867DD3675B}
[0922/213922.277:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value GoogleChromeElevationService into Software\Classes\AppID\{708860E0-F641-4611-8895-7D867DD3675B}
[0922/213922.277:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Classes\AppID\{708860E0-F641-4611-8895-7D867DD3675B} or Value: ServiceParameters does not exist.
[0922/213922.399:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}
[0922/213922.399:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\ProxyStubClsid32
[0922/213922.399:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value {00020424-0000-0000-C000-000000000046} into Software\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\ProxyStubClsid32
[0922/213922.399:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\TypeLib
[0922/213922.399:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value {463ABECF-410D-407F-8AF5-0DF35A005CC8} into Software\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\TypeLib
[0922/213922.399:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value 1.0 into Software\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\TypeLib
[0922/213922.399:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}
[0922/213922.399:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0
[0922/213922.399:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0
[0922/213922.399:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0\win32
[0922/213922.399:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\117.0.5938.92\elevation_service.exe into Software\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0\win32
[0922/213922.415:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0\win64
[0922/213922.415:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\117.0.5938.92\elevation_service.exe into Software\Classes\TypeLib\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\1.0\0\win64
[0922/213922.415:VERBOSE1:work_item_list.cc(53)] Successful execution of work item list
[0922/213922.415:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96} or Value: DowngradeVersion does not exist.
[0922/213922.415:VERBOSE1:conditional_work_item_list.cc(16)] Evaluating InUseUpdateWorkItemList condition...
[0922/213922.415:VERBOSE1:conditional_work_item_list.cc(21)] No work to do in condition work item list InUseUpdateWorkItemList
[0922/213922.415:VERBOSE1:conditional_work_item_list.cc(16)] Evaluating RegularUpdateWorkItemList condition...
[0922/213922.415:VERBOSE1:conditional_work_item_list.cc(18)] Beginning conditional work item list
[0922/213922.415:VERBOSE1:work_item_list.cc(32)] Beginning execution of work item list RegularUpdateWorkItemList
[0922/213922.415:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value stable into Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213922.415:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Microsoft\Windows\Windows Error Reporting\RuntimeExceptionHelperModules
[0922/213922.415:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\setup.exe" --cleanup-for-downgrade-version=$1 --cleanup-for-downgrade-operation=$2 --channel=stable --system-level --verbose-logging into Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213922.415:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value 85.0.4169.0 into Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213922.415:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96} or Value: opv does not exist.
[0922/213922.415:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96} or Value: cpv does not exist.
[0922/213922.415:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\cmd
[0922/213922.415:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\rename-chrome-exe
[0922/213922.415:VERBOSE1:copy_tree_work_item.cc(92)] Copied source C:\Program Files\Google\Chrome\Temp\source3892_608897567\Chrome-bin\chrome_proxy.exe to destination C:\Program Files\Google\Chrome\Application\chrome_proxy.exe
[0922/213922.415:VERBOSE1:work_item_list.cc(53)] Successful execution of work item list RegularUpdateWorkItemList
[0922/213922.415:VERBOSE1:work_item_list.cc(53)] Successful execution of work item list
[0922/213922.415:VERBOSE1:install.cc(213)] First install of version 117.0.5938.92
[0922/213922.446:VERBOSE1:install.cc(482)] Launching ""C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\CR_24501.tmp\setup.exe" --channel=stable --system-level --verbose-logging --installerdata="C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\gui7072.tmp" --create-shortcuts=0 --install-level=1" to create shortcuts
[0922/213922.493:VERBOSE1:setup_main.cc(1532)] Command Line: "C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\CR_24501.tmp\setup.exe" --channel=stable --system-level --verbose-logging --installerdata="C:\Program Files (x86)\Google\Update\Install\{79178033-4C17-445B-BBAE-3947CBFFA051}\gui7072.tmp" --create-shortcuts=0 --install-level=1
[0922/213922.493:VERBOSE1:setup_main.cc(1538)] system install is 1
[0922/213922.493:VERBOSE1:install_util.cc(215)] Existing Chrome version found: 117.0.5938.92
[0922/213922.493:VERBOSE1:installer_state.cc(87)] Install Chrome
[0922/213922.531:VERBOSE1:install_util.cc(246)] Windows NT 10.0.19045
[0922/213922.531:VERBOSE1:install.cc(120)] Creating all-users Desktop "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe.
[0922/213922.816:VERBOSE1:install.cc(120)] Creating per-user Quick Launch "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe.
[0922/213922.863:VERBOSE1:install.cc(120)] Creating all-users Start menu "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe and pinning to the taskbar.
[0922/213922.863:ERROR:shell_util.cc(1996)] Failed to pin to taskbar C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[0922/213923.083:VERBOSE1:install.cc(498)] Shortcut creation process succeeded.
[0922/213923.083:VERBOSE1:install.cc(147)] Adding Chrome to Media player list at Software\Microsoft\MediaPlayer\ShimInclusionList\chrome.exe
[0922/213923.091:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Microsoft\MediaPlayer\ShimInclusionList\chrome.exe
[0922/213923.091:VERBOSE1:setup_util.cc(574)] Registering Chrome's event log provider at SYSTEM\CurrentControlSet\Services\EventLog\Application\Chrome
[0922/213923.091:VERBOSE1:work_item_list.cc(32)] Beginning execution of work item list Register event log provider
[0922/213923.091:VERBOSE1:create_reg_key_work_item.cc(73)] created SYSTEM\CurrentControlSet\Services\EventLog\Application\Chrome
[0922/213923.093:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into SYSTEM\CurrentControlSet\Services\EventLog\Application\Chrome
[0922/213923.093:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into SYSTEM\CurrentControlSet\Services\EventLog\Application\Chrome
[0922/213923.093:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\117.0.5938.92\eventlog_provider.dll into SYSTEM\CurrentControlSet\Services\EventLog\Application\Chrome
[0922/213923.093:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\117.0.5938.92\eventlog_provider.dll into SYSTEM\CurrentControlSet\Services\EventLog\Application\Chrome
[0922/213923.093:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\117.0.5938.92\eventlog_provider.dll into SYSTEM\CurrentControlSet\Services\EventLog\Application\Chrome
[0922/213923.093:VERBOSE1:work_item_list.cc(53)] Successful execution of work item list Register event log provider
[0922/213923.093:VERBOSE1:install.cc(444)] Registering Chrome as browser: C:\Program Files\Google\Chrome\Application\chrome.exe
[0922/213923.093:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\Chrome\.exe\shell\run
[0922/213923.093:VERBOSE1:work_item_list.cc(32)] Beginning execution of work item list
[0922/213923.113:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\ChromeHTML
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Chrome HTML Document into Software\Classes\ChromeHTML
[0922/213923.113:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\ChromeHTML\DefaultIcon
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\chrome.exe,0 into Software\Classes\ChromeHTML\DefaultIcon
[0922/213923.113:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\ChromeHTML\shell
[0922/213923.113:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\ChromeHTML\shell\open
[0922/213923.113:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\ChromeHTML\shell\open\command
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 into Software\Classes\ChromeHTML\shell\open\command
[0922/213923.113:VERBOSE1:delete_reg_value_work_item.cc(43)] (delete value) Key: Software\Classes\ChromeHTML\shell\open\command or Value: DelegateExecute does not exist.
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Chrome into Software\Classes\ChromeHTML
[0922/213923.113:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Classes\ChromeHTML\Application
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Chrome into Software\Classes\ChromeHTML\Application
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\chrome.exe,0 into Software\Classes\ChromeHTML\Application
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Google Chrome into Software\Classes\ChromeHTML\Application
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Acessar a internet into Software\Classes\ChromeHTML\Application
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Google LLC into Software\Classes\ChromeHTML\Application
[0922/213923.113:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\Chrome\.exe\shell
[0922/213923.113:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\Chrome\.exe\shell\open
[0922/213923.113:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\Chrome\.exe\shell\open\command
[0922/213923.113:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\Chrome\.exe\shell\open\command
[0922/213923.113:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\Chrome\.exe\shell\opennewwindow
[0922/213923.113:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\Chrome\.exe\shell\opennewwindow
[0922/213923.113:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\Chrome\.exe\shell\opennewwindow\command
[0922/213923.113:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\Chrome\.exe\shell\opennewwindow\command
[0922/213923.113:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\chrome.exe into Software\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application into Software\Microsoft\Windows\CurrentVersion\App Paths\chrome.exe
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value into Software\Classes\.htm\OpenWithProgids
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value into Software\Classes\.html\OpenWithProgids
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value into Software\Classes\.pdf\OpenWithProgids
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value into Software\Classes\.shtml\OpenWithProgids
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value into Software\Classes\.svg\OpenWithProgids
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value into Software\Classes\.xht\OpenWithProgids
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value into Software\Classes\.xhtml\OpenWithProgids
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value into Software\Classes\.webp\OpenWithProgids
[0922/213923.113:VERBOSE1:work_item_list.cc(53)] Successful execution of work item list
[0922/213923.113:VERBOSE1:work_item_list.cc(32)] Beginning execution of work item list
[0922/213923.113:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Clients\StartMenuInternet\Google Chrome
[0922/213923.113:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Google Chrome into Software\Clients\StartMenuInternet\Google Chrome
[0922/213923.123:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Clients\StartMenuInternet\Google Chrome\shell
[0922/213923.123:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Clients\StartMenuInternet\Google Chrome\shell\open
[0922/213923.123:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Clients\StartMenuInternet\Google Chrome\shell\open\command
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\chrome.exe" into Software\Clients\StartMenuInternet\Google Chrome\shell\open\command
[0922/213923.123:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Clients\StartMenuInternet\Google Chrome\DefaultIcon
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\chrome.exe,0 into Software\Clients\StartMenuInternet\Google Chrome\DefaultIcon
[0922/213923.123:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Clients\StartMenuInternet\Google Chrome\InstallInfo
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser into Software\Clients\StartMenuInternet\Google Chrome\InstallInfo
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons into Software\Clients\StartMenuInternet\Google Chrome\InstallInfo
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons into Software\Clients\StartMenuInternet\Google Chrome\InstallInfo
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Clients\StartMenuInternet\Google Chrome\InstallInfo
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Software\Clients\StartMenuInternet\Google Chrome\Capabilities into Software\RegisteredApplications
[0922/213923.123:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Clients\StartMenuInternet\Google Chrome\Capabilities
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value O Google Chrome Ã© um navegador que executa pÃ¡ginas e aplicativos da web em alta velocidade. Ã‰ rÃ¡pido, estÃ¡vel e fÃ¡cil de usar. Navegue pela web de forma segura com proteÃ§Ã£o contra malware e phishing integrada ao Google Chrome. into Software\Clients\StartMenuInternet\Google Chrome\Capabilities
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value C:\Program Files\Google\Chrome\Application\chrome.exe,0 into Software\Clients\StartMenuInternet\Google Chrome\Capabilities
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Google Chrome into Software\Clients\StartMenuInternet\Google Chrome\Capabilities
[0922/213923.123:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Clients\StartMenuInternet\Google Chrome\Capabilities\Startmenu
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value Google Chrome into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\Startmenu
[0922/213923.123:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\FileAssociations
[0922/213923.123:VERBOSE1:create_reg_key_work_item.cc(73)] created Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.123:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.131:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.131:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.131:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value ChromeHTML into Software\Clients\StartMenuInternet\Google Chrome\Capabilities\URLAssociations
[0922/213923.131:VERBOSE1:work_item_list.cc(53)] Successful execution of work item list
[0922/213923.133:VERBOSE1:work_item_list.cc(32)] Beginning execution of work item list Write Installer Result
[0922/213923.133:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213923.133:VERBOSE1:set_reg_value_work_item.cc(203)] Successfully wrote into Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213923.133:VERBOSE1:set_reg_value_work_item.cc(199)] Successfully wrote value "C:\Program Files\Google\Chrome\Application\chrome.exe" --from-installer into Software\Google\Update\ClientState\{8A69D345-D564-463c-AFF1-A69D9E530F96}
[0922/213923.133:VERBOSE1:work_item_list.cc(53)] Successful execution of work item list Write Installer Result
[0922/213923.133:VERBOSE1:setup_main.cc(1433)] First install successful.
[0922/213923.133:VERBOSE1:setup_main.cc(1484)] Deleting temporary directory C:\Program Files\Google\Chrome\Temp
[0922/213923.133:VERBOSE1:delete_after_reboot_helper.cc(94)] Scheduled for deletion: C:\Program Files\Google\Chrome
[0922/213923.133:VERBOSE1:delete_after_reboot_helper.cc(94)] Scheduled for deletion: C:\Program Files\Google
[0922/213923.133:VERBOSE1:google_update_settings.cc(420)] Removed incremental installer failure key; switching to channel: x64-stable-statsdef_1
[0922/213923.133:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}
[0922/213923.133:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}
[0922/213923.133:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Update\Clients\{4DC8B4CA-1BDA-483e-B5FA-D3C12E15B62D}
[0922/213923.133:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Update\Clients\{FDA71E6F-AC4C-4a00-8B70-9958A68906BF}
[0922/213923.133:VERBOSE1:work_item_list.cc(32)] Beginning execution of work item list
[0922/213923.133:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Update\Clients\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Commands\install-extension
[0922/213923.133:VERBOSE1:work_item_list.cc(53)] Successful execution of work item list
[0922/213923.133:VERBOSE1:setup_main.cc(1732)] Installation complete, returning: 0
[0922/213934.939:VERBOSE1:setup_main.cc(1532)] Command Line: "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable --force-configure-user-settings
[0922/213934.940:VERBOSE1:setup_main.cc(1538)] system install is 1
[0922/213934.940:VERBOSE1:install_util.cc(215)] Existing Chrome version found: 117.0.5938.92
[0922/213934.941:VERBOSE1:installer_state.cc(87)] Install Chrome
[0922/213934.983:VERBOSE1:install_util.cc(246)] Windows NT 10.0.19045
[0922/213934.987:VERBOSE1:install_worker.cc(1079)] Adding unregistration items for per-user Metro keys.
[0922/213934.987:VERBOSE1:work_item_list.cc(32)] Beginning execution of work item list Cleanup deprecated per-user registrations
[0922/213934.987:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Chrome\Metro
[0922/213934.987:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Chrome\Metro
[0922/213934.987:VERBOSE1:work_item_list.cc(53)] Successful execution of work item list Cleanup deprecated per-user registrations
[0922/213934.987:VERBOSE1:install.cc(482)] Launching ""C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\chrmstp.exe" --channel=stable --system-level --verbose-logging --installerdata="C:\Program Files\Google\Chrome\Application\initial_preferences" --create-shortcuts=1 --install-level=0" to create shortcuts
[0922/213935.025:VERBOSE1:setup_main.cc(1532)] Command Line: "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\chrmstp.exe" --channel=stable --system-level --verbose-logging --installerdata="C:\Program Files\Google\Chrome\Application\initial_preferences" --create-shortcuts=1 --install-level=0
[0922/213935.025:VERBOSE1:setup_main.cc(1538)] system install is 1
[0922/213935.026:VERBOSE1:install_util.cc(215)] Existing Chrome version found: 117.0.5938.92
[0922/213935.026:VERBOSE1:installer_state.cc(87)] Install Chrome
[0922/213935.068:VERBOSE1:install_util.cc(246)] Windows NT 10.0.19045
[0922/213935.075:VERBOSE1:install.cc(120)] Creating per-user Desktop "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe.
[0922/213935.075:VERBOSE1:install.cc(120)] Creating per-user Quick Launch "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe.
[0922/213935.099:VERBOSE1:install.cc(120)] Creating per-user Start menu "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe and pinning to the taskbar.
[0922/213935.099:ERROR:shell_util.cc(1996)] Failed to pin to taskbar C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[0922/213935.122:ERROR:persistent_histogram_storage.cc(146)] Persistent histograms fail to write to file: C:\Program Files\Google\Chrome\Application\SetupMetrics\20230922213935.pma
[0922/213935.126:VERBOSE1:install.cc(498)] Shortcut creation process succeeded.
[0922/213935.154:ERROR:persistent_histogram_storage.cc(146)] Persistent histograms fail to write to file: C:\Program Files\Google\Chrome\Application\SetupMetrics\20230922213935.pma
[0925/085608.855:VERBOSE1:setup_main.cc(1532)] Command Line: "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable
[0925/085608.855:VERBOSE1:setup_main.cc(1538)] system install is 1
[0925/085608.855:VERBOSE1:install_util.cc(215)] Existing Chrome version found: 117.0.5938.92
[0925/085608.855:VERBOSE1:installer_state.cc(87)] Install Chrome
[0925/085608.891:VERBOSE1:install_util.cc(246)] Windows NT 10.0.19045
[0925/085608.907:VERBOSE1:install_worker.cc(1079)] Adding unregistration items for per-user Metro keys.
[0925/085608.907:VERBOSE1:work_item_list.cc(32)] Beginning execution of work item list Cleanup deprecated per-user registrations
[0925/085608.907:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Chrome\Metro
[0925/085608.907:VERBOSE1:registry_util.cc(22)] Deleting registry key Software\Google\Chrome\Metro
[0925/085608.907:VERBOSE1:work_item_list.cc(53)] Successful execution of work item list Cleanup deprecated per-user registrations
[0925/085608.907:VERBOSE1:install.cc(482)] Launching ""C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\chrmstp.exe" --channel=stable --system-level --verbose-logging --installerdata="C:\Program Files\Google\Chrome\Application\initial_preferences" --create-shortcuts=2 --install-level=0" to create shortcuts
[0925/085608.938:VERBOSE1:setup_main.cc(1532)] Command Line: "C:\Program Files\Google\Chrome\Application\117.0.5938.92\Installer\chrmstp.exe" --channel=stable --system-level --verbose-logging --installerdata="C:\Program Files\Google\Chrome\Application\initial_preferences" --create-shortcuts=2 --install-level=0
[0925/085608.938:VERBOSE1:setup_main.cc(1538)] system install is 1
[0925/085608.938:VERBOSE1:install_util.cc(215)] Existing Chrome version found: 117.0.5938.92
[0925/085608.938:VERBOSE1:installer_state.cc(87)] Install Chrome
[0925/085609.000:VERBOSE1:install_util.cc(246)] Windows NT 10.0.19045
[0925/085609.016:VERBOSE1:install.cc(120)] Overwriting per-user Desktop "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe.
[0925/085609.032:WARNING:install.cc(118)] Failed: Overwriting (maybe the shortcut doesn't exist?) per-user Desktop "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe.
[0925/085609.032:VERBOSE1:install.cc(120)] Overwriting per-user Quick Launch "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe.
[0925/085609.078:VERBOSE1:install.cc(120)] Overwriting per-user Start menu "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe.
[0925/085609.078:WARNING:install.cc(118)] Failed: Overwriting (maybe the shortcut doesn't exist?) per-user Start menu "Google Chrome" shortcut to C:\Program Files\Google\Chrome\Application\chrome.exe.
[0925/085609.094:ERROR:persistent_histogram_storage.cc(146)] Persistent histograms fail to write to file: C:\Program Files\Google\Chrome\Application\SetupMetrics\20230925085609.pma
[0925/085609.125:VERBOSE1:install.cc(498)] Shortcut creation process succeeded.
[0925/085609.203:ERROR:persistent_histogram_storage.cc(146)] Persistent histograms fail to write to file: C:\Program Files\Google\Chrome\Application\SetupMetrics\20230925085609.pma

11 minutos atrás, Elias Pereira disse:

Preciso do conteudo desses logs. Após cada arquivo abrir na inicialização, copie e cole o conteudo na sua proxima resposta.

{"logTime": "0921/012116", "correlationVector":"QX0JzEn05oGwzu0jZglpjf","action":"EXTENSION_UPDATER", "result":""}
{"logTime": "0921/012116", "correlationVector":"B879B3CDC3014EAD834CE1F8949EFF1B","action":"FETCH_UX_CONFIG", "result":""}
{"logTime": "0922/001646", "correlationVector":"lBRyhNvUNeDyBA2J7uWwjM","action":"EXTENSION_UPDATER", "result":""}
{"logTime": "0922/001646", "correlationVector":"1DB68AC59647479B869F5DE57B553A0C","action":"FETCH_UX_CONFIG", "result":""}
{"logTime": "0922/234928", "correlationVector":"UIXuKPupIjFZKZWPp0XGXS","action":"EXTENSION_UPDATER", "result":""}
{"logTime": "0922/234931", "correlationVector":"5C302923B77743C9A9ED3BDA3FD7343E","action":"FETCH_UX_CONFIG", "result":""}
{"logTime": "0925/115702", "correlationVector":"jsuSGfhIIoYvifwXFnhLZD","action":"EXTENSION_UPDATER", "result":""}
{"logTime": "0925/115703", "correlationVector":"43C649E454F940CD96F2BF6DC8DBDC4B","action":"FETCH_UX_CONFIG", "result":""}
{"logTime": "0925/120817", "correlationVector":"IUZkKrslIM8XiEzSOCtqf/","action":"EXTENSION_UPDATER", "result":""}
{"logTime": "0925/120821", "correlationVector":"44A91EA938F04419B870508D2E0B98A2","action":"FETCH_UX_CONFIG", "result":""}
{"logTime": "0925/121035", "correlationVector":"ogMEuc8C7Qd+xxKnB1Y0Yh","action":"EXTENSION_UPDATER", "result":""}
{"logTime": "0925/121037", "correlationVector":"F982208DCBDF4B1796DF7BC500AB9F7C","action":"FETCH_UX_CONFIG", "result":""}

12 minutos atrás, Elias Pereira disse:

Preciso do conteudo desses logs. Após cada arquivo abrir na inicialização, copie e cole o conteudo na sua proxima resposta.

esse três estão abrindo também, mas o arquivo está em branco

Elias Pereira · 25 de setembro de 2023

Todos eles abrem ao iniciar o computador?

Fred Oliveira · 25 de setembro de 2023

4 minutos atrás, Elias Pereira disse:

Todos eles abrem ao iniciar o computador?

Isso, logo após a inicialização.

Elias Pereira · 27 de setembro de 2023

Execute novamente o FRST.exe

Abra cada log em separado, copie e cole o conteudo na sua proxima resposta.

Fred Oliveira · 27 de setembro de 2023

4 horas atrás, Elias Pereira disse:

Execute novamente o FRST.exe

Abra cada log em separado, copie e cole o conteudo na sua proxima resposta.

Addition.txt

Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 25-09-2023
Executado por FRED (27-09-2023 14:11:19)
Executando a partir de C:\Users\frede\OneDrive\Área de Trabalho
Microsoft Windows 10 Pro Versão 22H2 19045.3448 (X64) (2023-09-14 18:06:21)
Modo da Inicialização: Normal
==========================================================

==================== Contas: =============================

(Se uma entrada for incluída na fixlist, será removida.)

Administrador (S-1-5-21-1659604029-2551903776-3631580782-500 - Administrator - Disabled)
Convidado (S-1-5-21-1659604029-2551903776-3631580782-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1659604029-2551903776-3631580782-503 - Limited - Disabled)
FRED (S-1-5-21-1659604029-2551903776-3631580782-1001 - Administrator - Enabled) => C:\Users\frede
WDAGUtilityAccount (S-1-5-21-1659604029-2551903776-3631580782-504 - Limited - Disabled)

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assistente de Recuperação e Suporte da Microsoft (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\4336df8a13b91f17) (Version: 17.1.495.21 - Microsoft Corporation)
Assistente Desktop birdID 2.2.0 (HKLM\...\{fc8d59a4-d44c-5521-b21d-0c8e14688f93}) (Version: 2.2.0 - Vaultid Criptografia e Identificação)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
Driver Easy 5.7.0 (HKLM\...\DriverEasy_is1) (Version: 5.7.0 - Easeware)
ePass2003 (HKLM-x32\...\ePass2003-4FE7-A218-48BDAE051E2B_std) (Version: 1.1.15.1104 - EnterSafe)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.92 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky)
Microsoft .NET Host - 6.0.21 (x86) (HKLM-x32\...\{A9F8F2E3-D3A4-4D90-9800-F689932ECE89}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.8 (x64) (HKLM\...\{19FCE07F-2A75-44AC-9EA5-8E29FE2F8DBE}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.21 (x86) (HKLM-x32\...\{EF4A37DD-21FE-43E9-89D1-1C699CC197AC}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.8 (x64) (HKLM\...\{174E0D7C-F2C9-49A2-83FB-95A0FE6FA023}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.21 (x86) (HKLM-x32\...\{B8ED272B-5F2D-4FF5-A7CA-C73552D7FB0F}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.8 (x64) (HKLM\...\{B45C77BA-0B4E-4FBB-99B9-9774ECBE20AA}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft 365 Apps para Grandes Empresas - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.16130.20766 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.36 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Teams) (Version: 1.6.00.24078 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x86) (HKLM-x32\...\{33e692e6-1f06-4c3d-8981-738c129e0b2c}) (Version: 6.0.21.32717 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.21 (x86) (HKLM-x32\...\{F25834D2-0460-4995-8585-8E41BD074159}) (Version: 48.87.64723 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.8 (x64) (HKLM\...\{3133BC55-90BD-4B87-82A2-6670B3CAFB81}) (Version: 56.35.63153 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.8 (x64) (HKLM-x32\...\{d260fcb6-95b8-4c81-8e07-ce75876ffca2}) (Version: 7.0.8.32619 - Microsoft Corporation)
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 117.0.1 (x64 pt-BR)) (Version: 117.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 117.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20714 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20766 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.16130.20714 - Microsoft Corporation) Hidden
Opera GX Stable 102.0.4880.55 (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Opera GX 102.0.4880.55) (Version: 102.0.4880.55 - Opera Software)
Registry Repair 5.0.1.132 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.132 - Glarysoft Ltd)
Sophos Connect (HKLM-x32\...\{5010C740-B95D-4D2B-8831-87792C59BCE8}) (Version: 2.2.90.1104 - Sophos Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.18681 - Microsoft Corporation)
Warsaw 2.38.0.11 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.38.0.11 - Topaz)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corporation)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.920.900_x64__8wekyb3d8bbwe [2023-09-25] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1218.0_x64__zpdnekdrzrea0 [2023-09-22] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2337.7.0_x64__cv1g1gvanyjgm [2023-09-25] (WhatsApp Inc.) [Startup Task]
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.925.1212.613_neutral__8wekyb3d8bbwe [2023-09-25] (Microsoft Corporation)

==================== Análise Personalizada CLSID (Whitelisted): ==============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-1659604029-2551903776-3631580782-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\frede\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23213.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1659604029-2551903776-3631580782-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\frede\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.189.0910.0001\FileSyncShell64.dll [2023-09-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Atalhos & WMI ========================

(As entradas podem ser listadas para serem restauradas ou removidas.)

ShortcutWithArgument: C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\apps do Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Módulos Carregados (Whitelisted) =============

2022-02-21 12:40 - 2022-02-21 12:40 - 000124416 _____ () [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\davici.dll
2022-05-05 11:08 - 2022-05-05 11:08 - 017496303 _____ () [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\libcharon-0.dll
2022-02-21 12:40 - 2022-02-21 12:40 - 000531266 _____ () [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\libgcc_s_sjlj-1.dll
2022-05-05 11:08 - 2022-05-05 11:08 - 000950709 _____ () [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\libipsec-0.dll
2022-05-05 11:08 - 2022-05-05 11:08 - 010950621 _____ () [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\libstrongswan-0.dll
2020-08-17 18:45 - 2020-08-17 18:45 - 000021504 _____ (Adobe Systems Inc.) [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\Acrobat Elements\ContextMenuShim64.ptb
2023-09-14 15:41 - 2023-09-14 15:41 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2023-09-14 15:41 - 2023-09-14 15:41 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2022-03-29 12:09 - 2022-03-29 12:09 - 002863233 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\libcrypto-1_1.dll
2022-03-29 12:09 - 2022-03-29 12:09 - 000887222 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\libssl-1_1.dll

==================== Alternate Data Streams (Whitelisted) ========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [4370]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aDXs4 [3506]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [4370]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [4370]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [4370]