Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 14-11-2021
Executado por H2 Marketing (administrador) em DESKTOP-QBNRO2F (MSI MS-7788) (17-11-2021 15:51:00)
Executando a partir de D:\Downloads
Perfis Carregados: H2 Marketing
Plataforma: Microsoft Windows 10 Pro Versão 21H1 19043.1348 (X64) Idioma: Português (Brasil)
Navegador padrão: Chrome
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(ESET, spol. s r.o. -> ESET) C:\Users\H2 Marketing\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <35>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(MICROLEAVES LTD -> ) C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.Vexe <6>
(Microleaves LTD -> Advanced Windows Manager) C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.Vexe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\H2 Marketing\aspecto\fomentar.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
==================== Registro (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [kissq] => C:\Users\H2MARK~1\AppData\Local\Temp\kissq.exe**************** (Nenhum Arquivo) <==== ATENÇÃO
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-11-12] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 0
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\Run: [uTorrent] => C:\Users\H2 Marketing\AppData\Roaming\uTorrent\uTorrent.exe [2086896 2020-07-31] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\Run: [cobgDuer] => C:\Users\H2 Marketing\aspecto\fomentar.exe [1908280 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\Windows\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Arquivo não assinado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-16] (Google LLC -> Google LLC)
IFEO\CompatTelRunner.exe: [Debugger] C:\Windows\system32\systray.exe
IFEO\wsqmcons.exe: [Debugger] C:\Windows\system32\systray.exe
Startup: C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Master_x64.dll.lnk [2020-08-03]
ShortcutAndArgument: Master_x64.dll.lnk -> C:\Windows\system32\wscript.exe => /E:vbscript "C:\Users\H2 Marketing\AppData\Roaming\Master_x64.dll.vbs"
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) ============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0C27A52C-EE33-43CE-B918-31AC5FFBF0E9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {2B7F45E0-F624-4DBE-AC13-EBB7D0B64FBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-11] (Google LLC -> Google LLC)
Task: {31AA03FB-1DBA-4D71-81F6-F0DF112767C0} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.0.1\Scheduler.exe [149776 2019-08-14] (IObit Information Technology -> IObit)
Task: {336024EC-38BB-47DF-BB07-2CD0F202F311} - System32\Tasks\Opera scheduled Autoupdate 1595286915 => C:\Users\H2 Marketing\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Nenhum Arquivo)
Task: {37EB92C2-213D-4962-85F7-AA776CD34D60} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {3BC9395C-C574-4077-B288-D9F299990DF6} - System32\Tasks\updater2 => C:\Program Files (x86)\WinXT\blog\updater.exe (Nenhum Arquivo) <==== ATENÇÃO
Task: {429E1E89-62FF-4045-B247-FEE409931032} - System32\Tasks\updater => C:\Program Files (x86)\WinXT\blog\updater.exe (Nenhum Arquivo)
Task: {42ED781F-01F2-4B0C-ADDD-33D57C829FE7} - System32\Tasks\EPSON L3150 Series Update {B3B3846E-9B27-4436-8DCA-CBC2075A9595} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {5BF42F07-2D8E-45EB-B5CE-14C54FC59FE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-11] (Google LLC -> Google LLC)
Task: {7A24651A-62DC-474E-BBEF-71C5CED62464} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82AB7B86-0EB0-471B-B5EE-DB71C5452D1C} - System32\Tasks\Extension_game => C:\Users\H2 Marketing\AppData\Roaming\Extension_game\python\pythonw.exe "load.pyc" ml2 (Nenhum Arquivo) <==== ATENÇÃO
Task: {832F8E8F-E677-44D4-A6E2-729161D1C8D1} - System32\Tasks\Opera scheduled Autoupdate 1599739623 => C:\Users\H2 Marketing\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Nenhum Arquivo)
Task: {83DBF5FA-A56C-4902-9582-36A16782D1CE} - System32\Tasks\Extension_game2 => C:\Users\H2 Marketing\AppData\Roaming\Extension_game\python\pythonw.exe "load.pyc" app (Nenhum Arquivo) <==== ATENÇÃO
Task: {867F8500-5CBC-4AC1-AB8C-D558B556F036} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D176A5C-3628-4E59-A986-9BF97C0704CC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FA34CFB-2289-4942-8B36-06FA15987D19} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A06F5939-A211-4A2B-A322-231A8DAAA602} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE176F57-4514-4915-9FA6-CF7EFE423366} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BCCB26B9-2677-4FE6-9968-E42D872ABBF5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAF85089-F81A-475E-B49E-6D43AC31666E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E60594CE-945E-411F-9556-95CC68BE373D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {E9E32137-D4D9-4DEC-ADE3-DC95818C9E78} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6242232 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3387EA9-0E23-4FFB-AA3B-6679D0F02D9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6242232 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F93F6563-94A5-46BC-990E-502AE4FE9FD2} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FBF9882A-EA00-4CC1-B331-B75D2A5E1A87} - System32\Tasks\Opera scheduled assistant Autoupdate 1595286998 => C:\Users\H2 Marketing\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\H2 Marketing\AppData\Local\Programs\Opera\assistant" $(Arg0)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\EPSON L3150 Series Update {B3B3846E-9B27-4436-8DCA-CBC2075A9595}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{B3B3846E-9B27-4436-8DCA-CBC2075A9595} /F:UpdateWORKGROUP\DESKTOP-QBNRO2F$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\updater.job => C:\Program Files (x86)\WinXT\blog\updater.exe
Task: C:\Windows\Tasks\updater2.job => C:\Program Files (x86)\WinXT\blog\updater.exe <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f6422f74-6f41-489e-9892-a263fd1142cd}: [DhcpNameServer] 192.168.0.1
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <==== ATENÇÃO
Edge:
=======
Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)]
Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)]
Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)]
Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)]
Edge Profile: C:\Users\H2 Marketing\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-08]
FireFox:
========
FF DefaultProfile: fs9ux9j4.default
FF ProfilePath: C:\Users\H2 Marketing\AppData\Roaming\Mozilla\Firefox\Profiles\fs9ux9j4.default [2020-10-20]
FF ProfilePath: C:\Users\H2 Marketing\AppData\Roaming\Mozilla\Firefox\Profiles\28iy2yxf.default-release [2021-11-12]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-11-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-11-12] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default [2021-11-17]
CHR Notifications: Default -> hxxps://adrenaline.com.br; hxxps://app.crisp.chat; hxxps://br.pinterest.com; hxxps://comboacessoatodososcursos.club.hotmart.com; hxxps://downloadgram.org; hxxps://outlook.live.com; hxxps://web.telegram.org; hxxps://www.facebook.com; hxxps://www.instagram.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Extension: (Apresentações) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-20]
CHR Extension: (Documentos) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-20]
CHR Extension: (Google Drive) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-20]
CHR Extension: (Slinky Elegante) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2020-07-21]
CHR Extension: (Planilhas) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-20]
CHR Extension: (Documentos Google off-line) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20]
CHR Extension: (Botão Salvar do Pinterest) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-11-12]
CHR Extension: (Escalada Analytics) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\maochdhckepbdcpgmeghadihjkahgahi [2021-11-08]
CHR Extension: (Email tracker para Gmail - Mailtrack) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2021-11-17]
CHR Extension: (TZWebChartWindow) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmdhbmdklokcmpmcegmbfehjencmbeab [2021-11-08]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR HKU\S-1-5-21-321270744-2600619408-4275616409-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkfanndldghlkndfhojpfhclgdnglfmf] - hxxps://chrome.google.com/webstore/detail/gkfanndldghlkndfhojpfhclgdnglfmf
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Serviços (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-11-12] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-11] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [685496 2020-07-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2019-09-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe shuz -f "C:\ProgramData\\CloudPrinter\\CloudPrinter.dat" -l -a
S2 TranslateService; C:\ProgramData\TranslateService\TranslateService.exe [X] <==== ATENÇÃO
S2 updater; "C:\Program Files (x86)\WinXT\blog\nssm.exe" [X]
S2 WinLoading; "C:\Program Files (x86)\WinXT\blog\nssm.exe" [X]
===================== Drivers (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-07-21] (Martin Malik - REALiX -> REALiX(tm))
R3 MpKslcd1950cc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A2BA0E7-1AB0-4D35-92D9-F392AC7254C7}\MpKslDrv.sys [130296 2021-11-17] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435424 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três meses (criados) (Whitelisted) =========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2021-11-17 15:49 - 2021-11-17 15:51 - 000000000 ____D C:\FRST
2021-11-17 15:05 - 2021-11-17 15:23 - 000001324 _____ C:\Users\H2 Marketing\Desktop\ESET Online Scanner.lnk
2021-11-17 15:04 - 2021-11-17 15:23 - 000001430 _____ C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-17 15:04 - 2021-11-17 15:04 - 000000000 ____D C:\Users\H2 Marketing\AppData\Local\ESET
2021-11-16 14:26 - 2021-11-16 14:26 - 000000000 ____D C:\Users\H2 Marketing\AppData\Local\cache
2021-11-16 14:26 - 2021-11-16 14:26 - 000000000 ____D C:\Users\H2 Marketing\.gallery
2021-11-16 14:24 - 2021-11-16 14:24 - 000000000 ____D C:\Users\H2 Marketing\AppData\Roaming\Blackmagic Design
2021-11-16 14:16 - 2021-11-16 14:16 - 000002006 _____ C:\Users\H2 Marketing\Desktop\DaVinci Resolve.lnk
2021-11-16 14:15 - 2021-11-16 14:16 - 000000000 ____D C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-11-16 14:15 - 2021-11-16 14:15 - 000000000 ____D C:\ProgramData\Blackmagic Design
2021-11-16 14:15 - 2021-11-16 14:15 - 000000000 ____D C:\Program Files\Blackmagic Design
2021-11-16 14:14 - 2021-11-16 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-11-16 14:14 - 2021-11-16 14:14 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2021-11-12 10:11 - 2021-11-13 11:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-11 20:15 - 2021-11-11 20:15 - 000485363 _____ C:\Users\H2 Marketing\Desktop\cuia com hastes.cdr
2021-11-10 13:02 - 2021-11-10 13:02 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-11-10 13:02 - 2021-11-10 13:02 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-11-10 13:02 - 2021-11-10 13:02 - 000011363 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-11-10 13:01 - 2021-11-10 13:01 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-11-10 12:54 - 2021-11-10 12:54 - 000000000 ___HD C:\$WinREAgent
2021-11-09 14:25 - 2021-11-13 11:15 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-11-09 10:12 - 2021-11-09 10:12 - 000001207 _____ C:\Users\Public\Desktop\LibreOffice 7.2.lnk
2021-11-09 10:12 - 2021-11-09 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2021-11-09 10:11 - 2021-11-09 10:12 - 000000000 ____D C:\Program Files\LibreOffice
2021-11-09 09:46 - 2021-11-09 09:47 - 000000000 ____D C:\Users\H2 Marketing\imersão
2021-11-09 09:42 - 2021-10-29 18:52 - 000124885 _____ C:\Users\H2 Marketing\Desktop\Custos Vasos sem borda fibra sintética.xlsx
2021-11-08 18:35 - 2021-11-08 18:36 - 000000000 ____D C:\Users\H2 Marketing\preconceito
2021-11-08 18:30 - 2021-11-08 18:31 - 000000000 ____D C:\Users\H2 Marketing\axioma
2021-11-08 18:26 - 2021-11-08 18:27 - 000000000 ____D C:\Users\H2 Marketing\ativista
2021-11-08 18:26 - 2021-11-08 18:26 - 000000000 ____D C:\Users\H2 Marketing\desgraçado
2021-11-08 18:26 - 2021-11-08 18:26 - 000000000 _____ C:\Users\H2 Marketing\AppData\Roaming\aa.tmp
2021-11-08 18:25 - 2021-11-17 15:23 - 000000000 ____D C:\Users\H2 Marketing\aspecto
2021-11-05 17:50 - 2021-11-05 17:50 - 000007597 _____ C:\Users\H2 Marketing\AppData\Local\Resmon.ResmonCfg
2021-11-05 16:05 - 2021-11-05 16:05 - 000004044 _____ C:\Users\H2 Marketing\Desktop\Desktop21 - Atalho.lnk
2021-11-05 13:49 - 2021-11-05 14:02 - 000000000 ____D C:\Users\H2 Marketing\Desktop\NF Mercado Livre
2021-11-05 10:44 - 2021-11-05 10:44 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-05 10:44 - 2021-11-05 10:44 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-15 11:30 - 2021-10-15 11:30 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-15 11:30 - 2021-10-15 11:30 - 000203264 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-10-15 11:30 - 2021-10-15 11:30 - 000158208 _____ C:\Windows\system32\uwfcsp.dll
2021-10-15 11:30 - 2021-10-15 11:30 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll
2021-10-15 11:29 - 2021-10-15 11:29 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-15 11:29 - 2021-10-15 11:29 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-10-15 11:29 - 2021-10-15 11:29 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-09-29 11:41 - 2021-09-29 11:41 - 000001321 _____ C:\Users\Public\Desktop\ApowerEdit.lnk
2021-09-29 11:41 - 2021-09-29 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2021-09-29 11:41 - 2021-09-29 11:41 - 000000000 ____D C:\ProgramData\Apowersoft
2021-09-29 11:40 - 2021-09-29 11:40 - 000000000 ____D C:\Program Files (x86)\Apowersoft
2021-09-21 13:55 - 2021-09-21 13:55 - 000001997 _____ C:\Users\H2 Marketing\Desktop\Zoom.lnk
2021-09-15 13:10 - 2021-09-15 13:10 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-15 13:10 - 2021-09-15 13:10 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 000170496 _____ C:\Windows\system32\DeviceUpdateCenterCsp.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-14 15:27 - 2021-09-17 14:12 - 000000000 ____D C:\Users\H2 Marketing\Desktop\BV
2021-09-10 19:26 - 2021-09-10 19:26 - 000000000 ____D C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-10 19:25 - 2021-09-10 19:26 - 000000000 ____D C:\Users\H2 Marketing\AppData\Roaming\Zoom
==================== Três meses (modificados) ==================
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2021-11-17 15:50 - 2020-07-21 09:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2021-11-17 15:48 - 2020-07-23 11:56 - 000004196 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{26A4C902-0DE7-4D0D-B2CC-A96F779B51B3}
2021-11-17 15:36 - 2020-07-20 13:15 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-17 15:33 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-17 15:22 - 2020-07-20 13:19 - 000000000 __SHD C:\Users\H2 Marketing\IntelGraphicsProfiles
2021-11-17 14:41 - 2020-07-20 12:27 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-11-17 12:35 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness
2021-11-17 09:25 - 2020-10-20 15:19 - 000000000 ____D C:\Users\H2 Marketing\AppData\LocalLow\Mozilla
2021-11-17 09:23 - 2020-11-06 18:41 - 000003618 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-17 09:23 - 2020-11-06 18:41 - 000003494 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-16 14:26 - 2020-07-20 12:31 - 000000000 ____D C:\Users\H2 Marketing
2021-11-16 14:23 - 2020-07-21 07:49 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-16 14:16 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF
2021-11-16 12:34 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-16 10:00 - 2020-07-20 13:16 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-14 10:32 - 2021-01-04 13:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-11-14 07:16 - 2020-11-06 18:41 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-13 11:15 - 2020-10-20 15:19 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-13 11:15 - 2020-10-20 15:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-12 10:07 - 2020-10-20 15:19 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-11 09:06 - 2020-07-20 12:33 - 001741824 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-11 09:06 - 2019-12-07 11:53 - 000752436 _____ C:\Windows\system32\prfh0416.dat
2021-11-11 09:06 - 2019-12-07 11:53 - 000148550 _____ C:\Windows\system32\prfc0416.dat
2021-11-11 08:59 - 2020-07-20 12:27 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-11 08:59 - 2020-07-20 12:27 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-10 19:58 - 2019-12-07 06:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-11-10 19:57 - 2020-07-20 12:27 - 005272640 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-10 19:56 - 2019-12-07 11:56 - 000000000 ___SD C:\Windows\system32\AppV
2021-11-10 19:56 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemResources
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\setup
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\oobe
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\Dism
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\bcastdvr
2021-11-10 19:56 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\servicing
2021-11-10 13:05 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp
2021-11-10 12:54 - 2020-07-20 13:17 - 000000000 ____D C:\Windows\system32\MRT
2021-11-10 12:52 - 2020-07-20 13:17 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-11-09 16:18 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\NDF
2021-11-08 13:25 - 2020-07-20 20:04 - 000000000 ____D C:\Users\H2 Marketing\AppData\Local\ElevatedDiagnostics
2021-11-08 10:13 - 2020-07-20 12:35 - 000003392 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-321270744-2600619408-4275616409-1001
2021-11-08 10:13 - 2020-07-20 12:31 - 000002451 _____ C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-04 18:02 - 2020-07-20 12:27 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-11-01 10:16 - 2020-07-20 12:32 - 000000000 ____D C:\Users\H2 Marketing\AppData\Local\Packages
==================== Arquivos na raiz de alguns diretórios ========
2021-02-05 09:18 - 2021-02-10 08:30 - 000000004 _____ () C:\ProgramData\lock.dat
2021-02-05 09:19 - 2021-02-10 08:29 - 000000004 _____ () C:\ProgramData\rc.dat
2021-02-05 09:18 - 2021-02-05 09:18 - 000000008 _____ () C:\ProgramData\ts.dat
2020-09-24 16:37 - 2020-09-24 16:37 - 014616720 _____ (Epson America, Inc. ) C:\Users\Public\L3150_Lite_LA.exe
2021-11-08 18:26 - 2021-11-08 18:26 - 000000000 _____ () C:\Users\H2 Marketing\AppData\Roaming\aa.tmp
2020-08-03 08:47 - 2020-08-03 08:47 - 000000182 _____ () C:\Users\H2 Marketing\AppData\Roaming\Master_x64.dll.vbs
2020-07-23 11:20 - 2020-11-30 16:32 - 000000132 _____ () C:\Users\H2 Marketing\AppData\Roaming\Preferências do Formato PNG CC da Adobe
2021-06-30 18:47 - 2021-08-29 18:53 - 000001456 _____ () C:\Users\H2 Marketing\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2021-03-04 08:21 - 2021-03-04 08:21 - 000000000 _____ () C:\Users\H2 Marketing\AppData\Local\oobelibMkey.log
2021-11-05 17:50 - 2021-11-05 17:50 - 000007597 _____ () C:\Users\H2 Marketing\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Não há correção automática para arquivos que não passaram na verificação.)
==================== Fim de FRST.txt ========================
Executado por H2 Marketing (administrador) em DESKTOP-QBNRO2F (MSI MS-7788) (17-11-2021 15:51:00)
Executando a partir de D:\Downloads
Perfis Carregados: H2 Marketing
Plataforma: Microsoft Windows 10 Pro Versão 21H1 19043.1348 (X64) Idioma: Português (Brasil)
Navegador padrão: Chrome
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(ESET, spol. s r.o. -> ESET) C:\Users\H2 Marketing\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <35>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(MICROLEAVES LTD -> ) C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.Vexe <6>
(Microleaves LTD -> Advanced Windows Manager) C:\Program Files (x86)\AdvancedWindowsManager\Windows Installer\AdvancedWindowsManager.Vexe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Users\H2 Marketing\aspecto\fomentar.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
==================== Registro (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [kissq] => C:\Users\H2MARK~1\AppData\Local\Temp\kissq.exe**************** (Nenhum Arquivo) <==== ATENÇÃO
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-11-12] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 0
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\Run: [uTorrent] => C:\Users\H2 Marketing\AppData\Roaming\uTorrent\uTorrent.exe [2086896 2020-07-31] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\...\Run: [cobgDuer] => C:\Users\H2 Marketing\aspecto\fomentar.exe [1908280 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\Windows\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Arquivo não assinado]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-16] (Google LLC -> Google LLC)
IFEO\CompatTelRunner.exe: [Debugger] C:\Windows\system32\systray.exe
IFEO\wsqmcons.exe: [Debugger] C:\Windows\system32\systray.exe
Startup: C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Master_x64.dll.lnk [2020-08-03]
ShortcutAndArgument: Master_x64.dll.lnk -> C:\Windows\system32\wscript.exe => /E:vbscript "C:\Users\H2 Marketing\AppData\Roaming\Master_x64.dll.vbs"
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) ============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0C27A52C-EE33-43CE-B918-31AC5FFBF0E9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {2B7F45E0-F624-4DBE-AC13-EBB7D0B64FBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-11] (Google LLC -> Google LLC)
Task: {31AA03FB-1DBA-4D71-81F6-F0DF112767C0} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.0.1\Scheduler.exe [149776 2019-08-14] (IObit Information Technology -> IObit)
Task: {336024EC-38BB-47DF-BB07-2CD0F202F311} - System32\Tasks\Opera scheduled Autoupdate 1595286915 => C:\Users\H2 Marketing\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Nenhum Arquivo)
Task: {37EB92C2-213D-4962-85F7-AA776CD34D60} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {3BC9395C-C574-4077-B288-D9F299990DF6} - System32\Tasks\updater2 => C:\Program Files (x86)\WinXT\blog\updater.exe (Nenhum Arquivo) <==== ATENÇÃO
Task: {429E1E89-62FF-4045-B247-FEE409931032} - System32\Tasks\updater => C:\Program Files (x86)\WinXT\blog\updater.exe (Nenhum Arquivo)
Task: {42ED781F-01F2-4B0C-ADDD-33D57C829FE7} - System32\Tasks\EPSON L3150 Series Update {B3B3846E-9B27-4436-8DCA-CBC2075A9595} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {5BF42F07-2D8E-45EB-B5CE-14C54FC59FE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-05-11] (Google LLC -> Google LLC)
Task: {7A24651A-62DC-474E-BBEF-71C5CED62464} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82AB7B86-0EB0-471B-B5EE-DB71C5452D1C} - System32\Tasks\Extension_game => C:\Users\H2 Marketing\AppData\Roaming\Extension_game\python\pythonw.exe "load.pyc" ml2 (Nenhum Arquivo) <==== ATENÇÃO
Task: {832F8E8F-E677-44D4-A6E2-729161D1C8D1} - System32\Tasks\Opera scheduled Autoupdate 1599739623 => C:\Users\H2 Marketing\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Nenhum Arquivo)
Task: {83DBF5FA-A56C-4902-9582-36A16782D1CE} - System32\Tasks\Extension_game2 => C:\Users\H2 Marketing\AppData\Roaming\Extension_game\python\pythonw.exe "load.pyc" app (Nenhum Arquivo) <==== ATENÇÃO
Task: {867F8500-5CBC-4AC1-AB8C-D558B556F036} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D176A5C-3628-4E59-A986-9BF97C0704CC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FA34CFB-2289-4942-8B36-06FA15987D19} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108888 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A06F5939-A211-4A2B-A322-231A8DAAA602} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE176F57-4514-4915-9FA6-CF7EFE423366} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BCCB26B9-2677-4FE6-9968-E42D872ABBF5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAF85089-F81A-475E-B49E-6D43AC31666E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E60594CE-945E-411F-9556-95CC68BE373D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {E9E32137-D4D9-4DEC-ADE3-DC95818C9E78} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6242232 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3387EA9-0E23-4FFB-AA3B-6679D0F02D9D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6242232 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F93F6563-94A5-46BC-990E-502AE4FE9FD2} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {FBF9882A-EA00-4CC1-B331-B75D2A5E1A87} - System32\Tasks\Opera scheduled assistant Autoupdate 1595286998 => C:\Users\H2 Marketing\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\H2 Marketing\AppData\Local\Programs\Opera\assistant" $(Arg0)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\EPSON L3150 Series Update {B3B3846E-9B27-4436-8DCA-CBC2075A9595}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{B3B3846E-9B27-4436-8DCA-CBC2075A9595} /F:UpdateWORKGROUP\DESKTOP-QBNRO2F$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\updater.job => C:\Program Files (x86)\WinXT\blog\updater.exe
Task: C:\Windows\Tasks\updater2.job => C:\Program Files (x86)\WinXT\blog\updater.exe <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f6422f74-6f41-489e-9892-a263fd1142cd}: [DhcpNameServer] 192.168.0.1
HKU\S-1-5-21-321270744-2600619408-4275616409-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <==== ATENÇÃO
Edge:
=======
Edge Extension: (Sem Nome) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [não encontrado (a)]
Edge Extension: (Sem Nome) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [não encontrado (a)]
Edge Extension: (Sem Nome) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [não encontrado (a)]
Edge Extension: (Sem Nome) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [não encontrado (a)]
Edge Profile: C:\Users\H2 Marketing\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-08]
FireFox:
========
FF DefaultProfile: fs9ux9j4.default
FF ProfilePath: C:\Users\H2 Marketing\AppData\Roaming\Mozilla\Firefox\Profiles\fs9ux9j4.default [2020-10-20]
FF ProfilePath: C:\Users\H2 Marketing\AppData\Roaming\Mozilla\Firefox\Profiles\28iy2yxf.default-release [2021-11-12]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-11-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-11-12] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default [2021-11-17]
CHR Notifications: Default -> hxxps://adrenaline.com.br; hxxps://app.crisp.chat; hxxps://br.pinterest.com; hxxps://comboacessoatodososcursos.club.hotmart.com; hxxps://downloadgram.org; hxxps://outlook.live.com; hxxps://web.telegram.org; hxxps://www.facebook.com; hxxps://www.instagram.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Extension: (Apresentações) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-20]
CHR Extension: (Documentos) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-20]
CHR Extension: (Google Drive) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-20]
CHR Extension: (Slinky Elegante) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2020-07-21]
CHR Extension: (Planilhas) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-20]
CHR Extension: (Documentos Google off-line) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20]
CHR Extension: (Botão Salvar do Pinterest) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-11-12]
CHR Extension: (Escalada Analytics) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\maochdhckepbdcpgmeghadihjkahgahi [2021-11-08]
CHR Extension: (Email tracker para Gmail - Mailtrack) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2021-11-17]
CHR Extension: (TZWebChartWindow) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmdhbmdklokcmpmcegmbfehjencmbeab [2021-11-08]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\H2 Marketing\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR HKU\S-1-5-21-321270744-2600619408-4275616409-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkfanndldghlkndfhojpfhclgdnglfmf] - hxxps://chrome.google.com/webstore/detail/gkfanndldghlkndfhojpfhclgdnglfmf
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Serviços (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-11-12] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-02-11] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [685496 2020-07-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2019-09-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 CloudPrinter; C:\ProgramData\\CloudPrinter\\CloudPrinter.exe shuz -f "C:\ProgramData\\CloudPrinter\\CloudPrinter.dat" -l -a
S2 TranslateService; C:\ProgramData\TranslateService\TranslateService.exe [X] <==== ATENÇÃO
S2 updater; "C:\Program Files (x86)\WinXT\blog\nssm.exe" [X]
S2 WinLoading; "C:\Program Files (x86)\WinXT\blog\nssm.exe" [X]
===================== Drivers (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-07-21] (Martin Malik - REALiX -> REALiX(tm))
R3 MpKslcd1950cc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A2BA0E7-1AB0-4D35-92D9-F392AC7254C7}\MpKslDrv.sys [130296 2021-11-17] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435424 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três meses (criados) (Whitelisted) =========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2021-11-17 15:49 - 2021-11-17 15:51 - 000000000 ____D C:\FRST
2021-11-17 15:05 - 2021-11-17 15:23 - 000001324 _____ C:\Users\H2 Marketing\Desktop\ESET Online Scanner.lnk
2021-11-17 15:04 - 2021-11-17 15:23 - 000001430 _____ C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-17 15:04 - 2021-11-17 15:04 - 000000000 ____D C:\Users\H2 Marketing\AppData\Local\ESET
2021-11-16 14:26 - 2021-11-16 14:26 - 000000000 ____D C:\Users\H2 Marketing\AppData\Local\cache
2021-11-16 14:26 - 2021-11-16 14:26 - 000000000 ____D C:\Users\H2 Marketing\.gallery
2021-11-16 14:24 - 2021-11-16 14:24 - 000000000 ____D C:\Users\H2 Marketing\AppData\Roaming\Blackmagic Design
2021-11-16 14:16 - 2021-11-16 14:16 - 000002006 _____ C:\Users\H2 Marketing\Desktop\DaVinci Resolve.lnk
2021-11-16 14:15 - 2021-11-16 14:16 - 000000000 ____D C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-11-16 14:15 - 2021-11-16 14:15 - 000000000 ____D C:\ProgramData\Blackmagic Design
2021-11-16 14:15 - 2021-11-16 14:15 - 000000000 ____D C:\Program Files\Blackmagic Design
2021-11-16 14:14 - 2021-11-16 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2021-11-16 14:14 - 2021-11-16 14:14 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2021-11-12 10:11 - 2021-11-13 11:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-11 20:15 - 2021-11-11 20:15 - 000485363 _____ C:\Users\H2 Marketing\Desktop\cuia com hastes.cdr
2021-11-10 13:02 - 2021-11-10 13:02 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-11-10 13:02 - 2021-11-10 13:02 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-11-10 13:02 - 2021-11-10 13:02 - 000011363 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-11-10 13:01 - 2021-11-10 13:01 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-11-10 12:54 - 2021-11-10 12:54 - 000000000 ___HD C:\$WinREAgent
2021-11-09 14:25 - 2021-11-13 11:15 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-11-09 10:12 - 2021-11-09 10:12 - 000001207 _____ C:\Users\Public\Desktop\LibreOffice 7.2.lnk
2021-11-09 10:12 - 2021-11-09 10:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2021-11-09 10:11 - 2021-11-09 10:12 - 000000000 ____D C:\Program Files\LibreOffice
2021-11-09 09:46 - 2021-11-09 09:47 - 000000000 ____D C:\Users\H2 Marketing\imersão
2021-11-09 09:42 - 2021-10-29 18:52 - 000124885 _____ C:\Users\H2 Marketing\Desktop\Custos Vasos sem borda fibra sintética.xlsx
2021-11-08 18:35 - 2021-11-08 18:36 - 000000000 ____D C:\Users\H2 Marketing\preconceito
2021-11-08 18:30 - 2021-11-08 18:31 - 000000000 ____D C:\Users\H2 Marketing\axioma
2021-11-08 18:26 - 2021-11-08 18:27 - 000000000 ____D C:\Users\H2 Marketing\ativista
2021-11-08 18:26 - 2021-11-08 18:26 - 000000000 ____D C:\Users\H2 Marketing\desgraçado
2021-11-08 18:26 - 2021-11-08 18:26 - 000000000 _____ C:\Users\H2 Marketing\AppData\Roaming\aa.tmp
2021-11-08 18:25 - 2021-11-17 15:23 - 000000000 ____D C:\Users\H2 Marketing\aspecto
2021-11-05 17:50 - 2021-11-05 17:50 - 000007597 _____ C:\Users\H2 Marketing\AppData\Local\Resmon.ResmonCfg
2021-11-05 16:05 - 2021-11-05 16:05 - 000004044 _____ C:\Users\H2 Marketing\Desktop\Desktop21 - Atalho.lnk
2021-11-05 13:49 - 2021-11-05 14:02 - 000000000 ____D C:\Users\H2 Marketing\Desktop\NF Mercado Livre
2021-11-05 10:44 - 2021-11-05 10:44 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-05 10:44 - 2021-11-05 10:44 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-15 11:30 - 2021-10-15 11:30 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-15 11:30 - 2021-10-15 11:30 - 000203264 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-10-15 11:30 - 2021-10-15 11:30 - 000158208 _____ C:\Windows\system32\uwfcsp.dll
2021-10-15 11:30 - 2021-10-15 11:30 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll
2021-10-15 11:29 - 2021-10-15 11:29 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-15 11:29 - 2021-10-15 11:29 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-10-15 11:29 - 2021-10-15 11:29 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-09-29 11:41 - 2021-09-29 11:41 - 000001321 _____ C:\Users\Public\Desktop\ApowerEdit.lnk
2021-09-29 11:41 - 2021-09-29 11:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2021-09-29 11:41 - 2021-09-29 11:41 - 000000000 ____D C:\ProgramData\Apowersoft
2021-09-29 11:40 - 2021-09-29 11:40 - 000000000 ____D C:\Program Files (x86)\Apowersoft
2021-09-21 13:55 - 2021-09-21 13:55 - 000001997 _____ C:\Users\H2 Marketing\Desktop\Zoom.lnk
2021-09-15 13:10 - 2021-09-15 13:10 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-15 13:10 - 2021-09-15 13:10 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 000170496 _____ C:\Windows\system32\DeviceUpdateCenterCsp.dll
2021-09-15 13:10 - 2021-09-15 13:10 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-14 15:27 - 2021-09-17 14:12 - 000000000 ____D C:\Users\H2 Marketing\Desktop\BV
2021-09-10 19:26 - 2021-09-10 19:26 - 000000000 ____D C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-10 19:25 - 2021-09-10 19:26 - 000000000 ____D C:\Users\H2 Marketing\AppData\Roaming\Zoom
==================== Três meses (modificados) ==================
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2021-11-17 15:50 - 2020-07-21 09:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2021-11-17 15:48 - 2020-07-23 11:56 - 000004196 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{26A4C902-0DE7-4D0D-B2CC-A96F779B51B3}
2021-11-17 15:36 - 2020-07-20 13:15 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-17 15:33 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-17 15:22 - 2020-07-20 13:19 - 000000000 __SHD C:\Users\H2 Marketing\IntelGraphicsProfiles
2021-11-17 14:41 - 2020-07-20 12:27 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-11-17 12:35 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness
2021-11-17 09:25 - 2020-10-20 15:19 - 000000000 ____D C:\Users\H2 Marketing\AppData\LocalLow\Mozilla
2021-11-17 09:23 - 2020-11-06 18:41 - 000003618 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-17 09:23 - 2020-11-06 18:41 - 000003494 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-16 14:26 - 2020-07-20 12:31 - 000000000 ____D C:\Users\H2 Marketing
2021-11-16 14:23 - 2020-07-21 07:49 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-16 14:16 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF
2021-11-16 12:34 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-16 10:00 - 2020-07-20 13:16 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-14 10:32 - 2021-01-04 13:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-11-14 07:16 - 2020-11-06 18:41 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-13 11:15 - 2020-10-20 15:19 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-13 11:15 - 2020-10-20 15:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-12 10:07 - 2020-10-20 15:19 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-11 09:06 - 2020-07-20 12:33 - 001741824 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-11 09:06 - 2019-12-07 11:53 - 000752436 _____ C:\Windows\system32\prfh0416.dat
2021-11-11 09:06 - 2019-12-07 11:53 - 000148550 _____ C:\Windows\system32\prfc0416.dat
2021-11-11 08:59 - 2020-07-20 12:27 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-11 08:59 - 2020-07-20 12:27 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-10 19:58 - 2019-12-07 06:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-11-10 19:57 - 2020-07-20 12:27 - 005272640 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-10 19:56 - 2019-12-07 11:56 - 000000000 ___SD C:\Windows\system32\AppV
2021-11-10 19:56 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemResources
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\setup
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\oobe
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\Dism
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-11-10 19:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\bcastdvr
2021-11-10 19:56 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\servicing
2021-11-10 13:05 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp
2021-11-10 12:54 - 2020-07-20 13:17 - 000000000 ____D C:\Windows\system32\MRT
2021-11-10 12:52 - 2020-07-20 13:17 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-11-09 16:18 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\NDF
2021-11-08 13:25 - 2020-07-20 20:04 - 000000000 ____D C:\Users\H2 Marketing\AppData\Local\ElevatedDiagnostics
2021-11-08 10:13 - 2020-07-20 12:35 - 000003392 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-321270744-2600619408-4275616409-1001
2021-11-08 10:13 - 2020-07-20 12:31 - 000002451 _____ C:\Users\H2 Marketing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-04 18:02 - 2020-07-20 12:27 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-11-01 10:16 - 2020-07-20 12:32 - 000000000 ____D C:\Users\H2 Marketing\AppData\Local\Packages
==================== Arquivos na raiz de alguns diretórios ========
2021-02-05 09:18 - 2021-02-10 08:30 - 000000004 _____ () C:\ProgramData\lock.dat
2021-02-05 09:19 - 2021-02-10 08:29 - 000000004 _____ () C:\ProgramData\rc.dat
2021-02-05 09:18 - 2021-02-05 09:18 - 000000008 _____ () C:\ProgramData\ts.dat
2020-09-24 16:37 - 2020-09-24 16:37 - 014616720 _____ (Epson America, Inc. ) C:\Users\Public\L3150_Lite_LA.exe
2021-11-08 18:26 - 2021-11-08 18:26 - 000000000 _____ () C:\Users\H2 Marketing\AppData\Roaming\aa.tmp
2020-08-03 08:47 - 2020-08-03 08:47 - 000000182 _____ () C:\Users\H2 Marketing\AppData\Roaming\Master_x64.dll.vbs
2020-07-23 11:20 - 2020-11-30 16:32 - 000000132 _____ () C:\Users\H2 Marketing\AppData\Roaming\Preferências do Formato PNG CC da Adobe
2021-06-30 18:47 - 2021-08-29 18:53 - 000001456 _____ () C:\Users\H2 Marketing\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2021-03-04 08:21 - 2021-03-04 08:21 - 000000000 _____ () C:\Users\H2 Marketing\AppData\Local\oobelibMkey.log
2021-11-05 17:50 - 2021-11-05 17:50 - 000007597 _____ () C:\Users\H2 Marketing\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Não há correção automática para arquivos que não passaram na verificação.)
==================== Fim de FRST.txt ========================