Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 05-03-2023
Executado por Joao (administrador) em JOAO-NOTE (Dell Inc. Inspiron 7560) (08-03-2023 18:10:21)
Executando a partir de C:\Users\Joao\Desktop\FRST-OlderVersion
Perfis Carregados: Joao & ReportServer & MSSQLFDLauncher & MSSQLSERVER
Plataforma: Microsoft Windows 10 Home Single Language Versão 21H2 19044.2604 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(C:\Program Files (x86)\Internet Download Manager\IDMan.exe ->) (Tonec Inc. -> Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(C:\Program Files (x86)\Internet Download Manager\IDMan.exe ->) (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_isolation.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <5>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(C:\Users\Joao\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\Joao\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(cmd.exe ->) (AO Kaspersky Lab -> Kaspersky Lab AO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\plugin-nm-server-v2.exe <2>
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\plugins_nms.exe <2>
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PING.EXE
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (HP Development Company, L.P.) [Arquivo não assinado] C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(explorer.exe ->) (Tecnobyte® Informática) [Arquivo não assinado] C:\Tecnobyte\Agenda\Agenda.exe
(explorer.exe ->) (Tonec Inc.) [Arquivo não assinado] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [Arquivo não assinado] C:\BSX_Server\Service\ServerBSX.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (HP Development Company, L.P.) [Arquivo não assinado] C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_74adeee5e47197cc\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> ) C:\ProgramData\Wondershare\wsServices\ElevationService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\Joao\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.31.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
==================== Registro (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1220416 2018-03-06] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6966736 2023-02-13] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrição <==== ATENÇÃO
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2022-02-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm.exe [522648 2023-01-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [Microsoft Edge Update] => C:\Users\Joao\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\MicrosoftEdgeUpdateCore.exe [263648 2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5865984 2022-05-25] (Tonec Inc.) [Arquivo não assinado]
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] () [Arquivo não assinado]
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7280080 2023-02-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [Tecnobyte Agenda] => C:\Tecnobyte\Agenda\agenda.exe [2350592 2014-09-23] (Tecnobyte® Informática) [Arquivo não assinado]
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [MicrosoftEdgeAutoLaunch_886B20732523CCC79FC37FE0B4725983] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4253032 2023-02-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\MountPoints2: {71a6a246-8461-11ec-8f19-a86badde136e} - "F:\RunGame.exe"
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Samsung Network PC Fax Print Processor: C:\Windows\System32\spool\prtprocs\x64\NetFaxProc64.dll [146944 2021-04-14] (HP Development Company, L.P.) [Arquivo não assinado]
HKLM\...\Windows x64\Print Processors\us016PC: C:\Windows\System32\spool\prtprocs\x64\us016pc.dll [61736 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-08-02] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Samsung Network PC Fax Port: C:\Windows\system32\NetFaxPort64.dll [586240 2021-04-14] (HP Development Company, L.P.) [Arquivo não assinado]
HKLM\...\Print\Monitors\us016 Langmon: C:\Windows\system32\us016lm.dll [40744 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.180\Installer\chrmstp.exe [2023-03-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-03-30]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2022-08-01]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (HP Development Company, L.P.) [Arquivo não assinado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAndroidAppHelper.lnk [2022-12-08]
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAndroidAppHelper.exe (Nenhum Arquivo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAppHelper.lnk [2022-12-08]
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe (Nenhum Arquivo)
Startup: C:\Users\Joao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\audio.lnk [2022-08-05]
ShortcutTarget: audio.lnk -> C:\Perform\system.vbs () [Arquivo não assinado]
GroupPolicy: Restrição ? <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) ============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {07827C1C-ACA9-40BE-B449-B0649941F50F} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2662653025-1638352479-2376982732-1001UA => C:\Users\Joao\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {15F7EF13-82F0-4749-B72D-1E31A6AAF550} - System32\Tasks\CCleanerSkipUAC - Joao => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1A2A37B8-B3AF-4F2D-A72E-EE133CF4B6DA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716704 2023-03-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {272F2BB7-56F8-4EE1-9A53-C00793E58285} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274912 2022-12-07] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {3F5EDAA0-B2A2-4023-A4C0-1F53CC23FA51} - \VSPXService_LG -> Nenhum Arquivo <==== ATENÇÃO
Task: {45165FF3-63B5-4B37-B403-9320E06A42B4} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2662653025-1638352479-2376982732-1001Core => C:\Users\Joao\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {477BEC5C-D160-48E7-8FD6-5D43A58A809E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {484C7AA3-DC6C-4BE2-BAA4-A06196C44371} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E3ED442-8095-4BD8-8E76-E9928F7FE4B0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E56E8D8-DA2D-469B-ABC4-32016D6552D3} - \APTXService_LG -> Nenhum Arquivo <==== ATENÇÃO
Task: {6172AFB6-7EBD-4256-BF30-8FE10278E154} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {71799CEA-8D01-4576-BC45-8A8F5E7096B8} - System32\Tasks\Opera GX scheduled Autoupdate 1653928445 => C:\Users\Joao\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (Nenhum Arquivo)
Task: {7A0F5D42-484F-47D2-8276-E56A750CDB6A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {7BB9E474-ADFF-4E0A-814C-5A6E970119F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {9E74E23C-947D-4655-9B23-0AA02E733857} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {A0BB84C6-C98A-49D3-9A3C-69B0F1F4C4EB} - \VSPXService -> Nenhum Arquivo <==== ATENÇÃO
Task: {A6D6AF76-A966-4635-8ED4-89BD4A605E5E} - System32\Tasks\GoogleUpdateTaskMachineUA{F19BCCD7-55B0-403F-8A45-F95747C7918A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-09] (Google LLC -> Google LLC)
Task: {A75B5541-F1AB-428D-BD74-A736627629D8} - System32\Tasks\GoogleUpdateTaskMachineCore{AF8317F8-B172-4D0F-8A2B-6E27BF8F460A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-09] (Google LLC -> Google LLC)
Task: {B0C61EC0-9978-4FE5-A71A-9A76532F639E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-03-02] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {C0F9C2D9-6433-49D5-AD19-0E50E2EEDD9E} - System32\Tasks\CorelUpdateHelperTask-C09E899EEE1C425B0FBF343C19F1688D => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {D60BB83E-50C2-4C65-B8FA-BEC119B6FCB6} - \APTXService -> Nenhum Arquivo <==== ATENÇÃO
Task: {D83773D3-AAC6-4F44-B376-D31A7CA7AFDC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "900076fc-04e3-4539-912d-3a21c47c732a" --version "6.09.10300" --silent
Task: {E38E6D53-80E4-44B2-8489-3484D11BB564} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F53B4FD3-498A-4153-B1B4-CE6516C99A35} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{29503661-9cf0-45dd-9f54-6664b294b415}: [DhcpNameServer] 192.168.15.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Joao\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-08]
Edge Extension: (Kaspersky Protection) - C:\Users\Joao\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-12-27]
Edge Extension: (Kaspersky Password Manager) - C:\Users\Joao\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eolheccophlcbnkkbelcgminoojochgj [2023-03-08]
Edge Extension: (IDM Integration Module) - C:\Users\Joao\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2022-07-30]
Edge Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\Joao\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-02-22]
Edge HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2022-05-25]
Edge HKU\S-1-5-21-2662653025-1638352479-2376982732-1004\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: l0kn7hz2.default
FF ProfilePath: C:\Users\Joao\AppData\Roaming\Mozilla\Firefox\Profiles\l0kn7hz2.default [2023-01-19]
FF ProfilePath: C:\Users\Joao\AppData\Roaming\Mozilla\Firefox\Profiles\n7yw97ld.default-release [2023-03-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Joao\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Joao\AppData\Roaming\IDM\idmmzcc5 [2022-07-30] [] [não assinado]
FF HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-19] []
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2023-02-22]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-10-06] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-10-06] <==== ATENÇÃO
Chrome:
=======
CHR Profile: C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default [2023-03-08]
CHR Extension: (Kaspersky Protection) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-12-27]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2023-03-08]
CHR Extension: (Adobe Acrobat: ferramentas para editar, converter e assinar PDFs) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-28]
CHR Extension: (Gerar DANFe/DACTe) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnalonmlenogoaknbeikifdbaokkhmjj [2022-07-13]
CHR Extension: (Documentos Google off-line) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-23]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2022-07-13]
CHR Extension: (SerasaAssina – Portal Assinatura Digital) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepmidcidkjdmdppchlhaajdhbkhfgjl [2022-07-13]
CHR Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-11]
CHR Extension: (IDM Integration Module) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2022-07-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-09]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2022-05-25]
CHR HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2022-05-25]
==================== Serviços (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3729888 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2022-01-03] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512256 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
S4 ComboCleaner.Guard; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe [143488 2021-11-05] (RCS LT, UAB -> RCS LT)
S4 ComboCleaner.WinService; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe [151168 2021-11-05] (RCS LT, UAB -> RCS LT)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-15] (Dell Inc -> Dell)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2022-02-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-10-18] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [934648 2022-10-25] (Wondershare Technology Group Co.,Ltd -> )
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 kpm_service_10.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe [520600 2023-01-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
S2 KSDE5.9; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.9\ksde.exe [32008 2023-01-12] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9002208 2023-03-06] (Malwarebytes Inc. -> Malwarebytes)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [370368 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 NativePushService; C:\Users\Joao\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2450112 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [700928 2021-04-14] (HP Development Company, L.P.) [Arquivo não assinado]
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [508488 ] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2022-07-13] (Samsung Electronics CO., LTD. -> )
R2 ServerBSX; C:\BSX_Server\Service\ServerBSX.exe [1654272 2019-01-14] () [Arquivo não assinado]
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2022-11-29] (Dell Inc -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16184216 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1001256 2022-09-19] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_74adeee5e47197cc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_74adeee5e47197cc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-12-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24968 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [31560 2016-12-03] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2015-11-14] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2022-02-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2022-02-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [384584 2022-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [522504 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [717448 2022-11-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1729160 2022-11-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [235720 2023-02-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1049864 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\Windows\system32\DRIVERS\kltun.sys [96616 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [370496 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_klif_arkmon_43DDDD42; C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\43DDDD42950FE2BFD04963573405BB4D\klupd_klif_arkmon.sys [370496 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [359976 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [190048 2022-12-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [270672 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198112 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77736 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181816 2023-03-06] (Malwarebytes Inc. -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2002-10-07] () [Arquivo não assinado]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S4 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-12-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [435432 2021-12-29] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-29] (Microsoft Windows -> Microsoft Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [39488 2023-02-22] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [51160 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [34768 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [36768 2022-02-25] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
U3 aswbdisk; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um mês (criados) (Whitelisted) =========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2023-03-08 10:21 - 2023-03-08 10:21 - 000003444 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTask-C09E899EEE1C425B0FBF343C19F1688D
2023-03-07 10:36 - 2023-03-07 10:37 - 000012217 _____ C:\Users\Joao\Downloads\sicredi_1678199746220.pdf
2023-03-07 09:03 - 2023-03-07 09:03 - 006878529 _____ C:\Users\Joao\Downloads\dia das mulheres - instituto alves.pdf
2023-03-06 16:39 - 2023-03-06 16:39 - 000181816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-03-06 14:55 - 2023-03-06 14:55 - 000019085 _____ C:\Users\Joao\Downloads\2023_03_06_14_50_16_461_receipt.pdf
2023-03-03 14:43 - 2023-03-03 14:43 - 000102054 _____ C:\Users\Joao\Downloads\NOTA 06.pdf
2023-03-03 14:13 - 2023-03-03 14:13 - 000001719 _____ C:\Users\Joao\Downloads\Comprovante_03-03-2023_140914.pdf
2023-02-28 17:35 - 2023-02-28 17:35 - 000110860 _____ C:\Users\Joao\Downloads\Manual do Aluno.pdf
2023-02-28 16:46 - 2023-02-28 16:46 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2023-02-28 15:20 - 2023-02-28 15:20 - 000003193 _____ C:\Users\Joao\Downloads\Ativador do Office 2021.txt
2023-02-28 15:20 - 2023-02-28 15:20 - 000003193 _____ C:\Users\Joao\Downloads\Ativador do Office 2021.cmd
2023-02-27 12:02 - 2023-02-27 12:02 - 000127677 _____ C:\Users\Joao\Downloads\Aviso.pdf
2023-02-27 11:51 - 2023-02-27 11:51 - 000313766 _____ C:\Users\Joao\Downloads\RESCISÃO (2).pdf
2023-02-27 11:49 - 2023-02-27 11:49 - 000313766 _____ C:\Users\Joao\Downloads\RESCISÃO (1).pdf
2023-02-27 11:49 - 2023-02-27 11:49 - 000278816 _____ C:\Users\Joao\Downloads\VALOR DA MULTA.pdf
2023-02-27 08:36 - 2023-02-27 08:36 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-02-24 10:22 - 2023-02-24 10:22 - 000016884 _____ C:\Users\Joao\Downloads\86277224.CRT
2023-02-22 09:03 - 2023-02-22 09:02 - 000001299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2023-02-22 09:03 - 2023-02-22 09:02 - 000001169 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2023-02-19 11:53 - 2023-03-01 08:49 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-02-19 11:53 - 2023-02-22 08:39 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-02-19 11:53 - 2023-02-19 11:53 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-02-19 11:43 - 2023-02-19 11:43 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2023-02-19 11:43 - 2023-02-19 11:43 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-02-19 11:43 - 2023-02-19 11:43 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-02-17 13:56 - 2023-02-17 13:56 - 000092407 _____ C:\Users\Joao\Downloads\Fatura (3).pdf
2023-02-17 13:53 - 2023-02-17 13:54 - 000092085 _____ C:\Users\Joao\Downloads\Fatura (2).pdf
2023-02-17 10:29 - 2023-02-17 10:30 - 000006301 _____ C:\Users\Joao\Downloads\ComprovanteSantander-1676644167.6450129.pdf
2023-02-17 10:08 - 2023-02-17 10:08 - 000083270 _____ C:\Users\Joao\Downloads\Produtos Maria Rute 1 de 3.pdf
2023-02-17 10:05 - 2023-02-17 10:05 - 000062486 _____ C:\Users\Joao\Downloads\sicredi_E2652942020230210130306W47Rm335k.pdf
2023-02-15 15:34 - 2023-02-15 15:34 - 000001708 _____ C:\Users\Joao\Downloads\sicoob_2023_02_15_15_33_17.pdf
2023-02-15 09:01 - 2023-02-15 09:01 - 000000000 ___HD C:\$WinREAgent
2023-02-14 11:16 - 2023-02-14 11:17 - 000001398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager.lnk
2023-02-13 10:17 - 2023-02-13 10:17 - 000062477 _____ C:\Users\Joao\Downloads\sicredi_E2652942020230210214144ThH5pSSVK.pdf
2023-02-10 08:37 - 2023-02-22 09:03 - 000000000 ____D C:\Users\TEMP
2023-02-07 13:38 - 2023-02-07 13:38 - 000007318 _____ C:\Users\Joao\Downloads\comprovantes.pdf
2023-02-06 14:08 - 2023-02-06 14:08 - 000082003 _____ C:\Users\Joao\Downloads\Pgto Instrutor barbeiro.pdf
==================== Um mês (modificados) ==================
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2023-03-08 18:10 - 2023-01-04 19:11 - 000000000 ____D C:\FRST
2023-03-08 18:02 - 2022-03-09 22:12 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-08 17:58 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-08 17:49 - 2022-10-06 11:53 - 000000000 ____D C:\Users\Joao\AppData\LocalLow\Mozilla
2023-03-08 17:49 - 2022-07-13 11:11 - 000000000 ____D C:\Importante
2023-03-08 17:31 - 2022-03-30 17:04 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-03-08 17:16 - 2022-01-03 19:19 - 000000000 ____D C:\Users\Joao\AppData\Local\D3DSCache
2023-03-08 17:00 - 2022-06-30 16:12 - 000000000 ____D C:\@BKPSAFE
2023-03-08 16:07 - 2022-09-15 16:28 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-03-08 16:00 - 2022-06-29 11:57 - 000000000 ____D C:\Users\Joao\Documents\Importante Instituto Alves
2023-03-08 15:57 - 2021-12-29 20:11 - 000000000 ____D C:\Users\Joao\AppData\Local\Packages
2023-03-08 15:55 - 2020-11-18 22:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-08 13:58 - 2022-10-06 11:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-08 10:10 - 2022-01-11 11:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-03-08 09:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-08 08:39 - 2022-09-15 13:37 - 000000000 ____D C:\Program Files\CCleaner
2023-03-08 08:37 - 2022-06-30 16:10 - 000000000 ____D C:\Alpha
2023-03-08 08:37 - 2022-01-03 20:49 - 000000000 ____D C:\Program Files (x86)\Steam
2023-03-08 08:36 - 2022-12-13 18:02 - 000000000 ____D C:\ProgramData\firebird
2023-03-08 08:35 - 2021-12-29 21:19 - 000000000 __SHD C:\Users\Joao\IntelGraphicsProfiles
2023-03-07 20:35 - 2022-07-30 11:16 - 000000000 ____D C:\Users\Joao\AppData\Roaming\DMCache
2023-03-07 20:35 - 2022-01-19 08:52 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-07 19:03 - 2022-03-09 22:13 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-07 19:03 - 2022-03-09 22:13 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-07 18:31 - 2020-11-18 22:32 - 000003674 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-07 18:31 - 2020-11-18 22:32 - 000003550 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-07 11:02 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-07 09:35 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2023-03-06 21:31 - 2022-06-12 17:00 - 000000000 ____D C:\Users\Joao\AppData\Local\CrashDumps
2023-03-06 19:45 - 2022-06-25 19:57 - 000003936 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2662653025-1638352479-2376982732-1001UA
2023-03-06 19:45 - 2022-06-25 19:57 - 000003870 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2662653025-1638352479-2376982732-1001Core
2023-03-06 16:45 - 2023-01-04 19:12 - 000000000 ____D C:\Users\Joao\Desktop\FRST-OlderVersion
2023-03-03 13:54 - 2022-07-30 11:16 - 000000000 ____D C:\Users\Joao\Downloads\Video
2023-03-03 08:33 - 2020-11-18 22:32 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-03 08:33 - 2020-11-18 22:32 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-02 09:46 - 2023-01-19 15:49 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-03-02 09:46 - 2022-10-06 11:53 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-02 09:46 - 2022-10-06 11:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-03-02 09:46 - 2022-10-06 11:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-01 21:31 - 2022-01-25 22:35 - 000000000 ____D C:\Users\Joao\Documents\American Truck Simulator
2023-02-28 10:59 - 2019-12-07 05:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-02-23 16:26 - 2023-01-05 15:51 - 000000418 _____ C:\Users\Joao\Desktop\moveis.txt
2023-02-22 09:03 - 2022-01-03 20:05 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2023-02-22 09:02 - 2022-08-15 13:22 - 000000000 ____D C:\Program Files (x86)\dotnet
2023-02-22 09:02 - 2022-01-03 20:05 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2023-02-22 09:02 - 2021-12-29 22:16 - 000000000 ____D C:\ProgramData\Package Cache
2023-02-22 08:50 - 2021-12-29 21:13 - 002082406 _____ C:\Windows\system32\PerfStringBackup.INI
2023-02-22 08:50 - 2019-12-07 10:54 - 000879454 _____ C:\Windows\system32\prfh0416.dat
2023-02-22 08:50 - 2019-12-07 10:54 - 000201894 _____ C:\Windows\system32\prfc0416.dat
2023-02-22 08:42 - 2023-01-10 20:39 - 000039488 _____ (Topaz OFD) C:\Windows\system32\Drivers\wsddfac.sys
2023-02-22 08:42 - 2022-10-19 10:34 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-22 08:42 - 2022-03-30 16:58 - 000000000 ____D C:\Program Files\TeamViewer
2023-02-22 08:42 - 2021-12-29 21:19 - 000000000 ____D C:\Intel
2023-02-22 08:42 - 2020-11-18 22:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-02-22 08:42 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ServiceState
2023-02-22 08:39 - 2022-01-23 14:43 - 000535728 _____ C:\Windows\system32\FNTCACHE.DAT
2023-02-22 08:39 - 2019-12-07 05:03 - 001048576 _____ C:\Windows\system32\config\BBI
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\setup
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2023-02-17 10:11 - 2022-07-29 10:01 - 000000000 ____D C:\Users\Joao\Documents\CLIENTES
2023-02-15 09:27 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2023-02-15 09:14 - 2020-11-18 22:32 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-02-14 18:59 - 2022-01-05 18:41 - 000000000 ____D C:\Windows\system32\MRT
2023-02-14 18:50 - 2022-01-05 18:41 - 149955784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-02-14 11:17 - 2022-01-03 20:25 - 000001532 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2023-02-10 09:06 - 2022-08-03 17:17 - 000000000 ____D C:\Users\Joao\Documents\Comprovantes
2023-02-10 08:38 - 2020-11-18 22:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-02-08 14:04 - 2022-07-27 14:05 - 000002069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
==================== Arquivos na raiz de alguns diretórios ========
2022-12-16 10:15 - 2022-12-16 10:15 - 000000000 _____ () C:\Users\Joao\AppData\Local\oobelibMkey.log
2022-05-30 10:43 - 2022-05-30 10:43 - 000016438 _____ () C:\Users\Joao\AppData\Local\partner.bmp
==================== SigCheck ============================
(Não há correção automática para arquivos que não passaram na verificação.)
==================== Fim de FRST.txt ========================
Executado por Joao (administrador) em JOAO-NOTE (Dell Inc. Inspiron 7560) (08-03-2023 18:10:21)
Executando a partir de C:\Users\Joao\Desktop\FRST-OlderVersion
Perfis Carregados: Joao & ReportServer & MSSQLFDLauncher & MSSQLSERVER
Plataforma: Microsoft Windows 10 Home Single Language Versão 21H2 19044.2604 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(C:\Program Files (x86)\Internet Download Manager\IDMan.exe ->) (Tonec Inc. -> Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(C:\Program Files (x86)\Internet Download Manager\IDMan.exe ->) (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_isolation.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <5>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(C:\Users\Joao\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\Joao\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(cmd.exe ->) (AO Kaspersky Lab -> Kaspersky Lab AO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\plugin-nm-server-v2.exe <2>
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\plugins_nms.exe <2>
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PING.EXE
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (HP Development Company, L.P.) [Arquivo não assinado] C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(explorer.exe ->) (Tecnobyte® Informática) [Arquivo não assinado] C:\Tecnobyte\Agenda\Agenda.exe
(explorer.exe ->) (Tonec Inc.) [Arquivo não assinado] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [Arquivo não assinado] C:\BSX_Server\Service\ServerBSX.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (HP Development Company, L.P.) [Arquivo não assinado] C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_74adeee5e47197cc\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> ) C:\ProgramData\Wondershare\wsServices\ElevationService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\Joao\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.31.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
==================== Registro (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1220416 2018-03-06] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [6966736 2023-02-13] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restrição <==== ATENÇÃO
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2022-02-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm.exe [522648 2023-01-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [Microsoft Edge Update] => C:\Users\Joao\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\MicrosoftEdgeUpdateCore.exe [263648 2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5865984 2022-05-25] (Tonec Inc.) [Arquivo não assinado]
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] () [Arquivo não assinado]
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7280080 2023-02-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [Tecnobyte Agenda] => C:\Tecnobyte\Agenda\agenda.exe [2350592 2014-09-23] (Tecnobyte® Informática) [Arquivo não assinado]
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [MicrosoftEdgeAutoLaunch_886B20732523CCC79FC37FE0B4725983] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4253032 2023-02-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\MountPoints2: {71a6a246-8461-11ec-8f19-a86badde136e} - "F:\RunGame.exe"
HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Samsung Network PC Fax Print Processor: C:\Windows\System32\spool\prtprocs\x64\NetFaxProc64.dll [146944 2021-04-14] (HP Development Company, L.P.) [Arquivo não assinado]
HKLM\...\Windows x64\Print Processors\us016PC: C:\Windows\System32\spool\prtprocs\x64\us016pc.dll [61736 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [203936 2022-08-02] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Samsung Network PC Fax Port: C:\Windows\system32\NetFaxPort64.dll [586240 2021-04-14] (HP Development Company, L.P.) [Arquivo não assinado]
HKLM\...\Print\Monitors\us016 Langmon: C:\Windows\system32\us016lm.dll [40744 2022-02-23] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.180\Installer\chrmstp.exe [2023-03-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-03-30]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2022-08-01]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (HP Development Company, L.P.) [Arquivo não assinado]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAndroidAppHelper.lnk [2022-12-08]
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAndroidAppHelper.exe (Nenhum Arquivo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAppHelper.lnk [2022-12-08]
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe (Nenhum Arquivo)
Startup: C:\Users\Joao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\audio.lnk [2022-08-05]
ShortcutTarget: audio.lnk -> C:\Perform\system.vbs () [Arquivo não assinado]
GroupPolicy: Restrição ? <==== ATENÇÃO
Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO
==================== Tarefas Agendadas (Whitelisted) ============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {07827C1C-ACA9-40BE-B449-B0649941F50F} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2662653025-1638352479-2376982732-1001UA => C:\Users\Joao\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {15F7EF13-82F0-4749-B72D-1E31A6AAF550} - System32\Tasks\CCleanerSkipUAC - Joao => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1A2A37B8-B3AF-4F2D-A72E-EE133CF4B6DA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716704 2023-03-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {272F2BB7-56F8-4EE1-9A53-C00793E58285} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274912 2022-12-07] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {3F5EDAA0-B2A2-4023-A4C0-1F53CC23FA51} - \VSPXService_LG -> Nenhum Arquivo <==== ATENÇÃO
Task: {45165FF3-63B5-4B37-B403-9320E06A42B4} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2662653025-1638352479-2376982732-1001Core => C:\Users\Joao\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {477BEC5C-D160-48E7-8FD6-5D43A58A809E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {484C7AA3-DC6C-4BE2-BAA4-A06196C44371} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E3ED442-8095-4BD8-8E76-E9928F7FE4B0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E56E8D8-DA2D-469B-ABC4-32016D6552D3} - \APTXService_LG -> Nenhum Arquivo <==== ATENÇÃO
Task: {6172AFB6-7EBD-4256-BF30-8FE10278E154} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {71799CEA-8D01-4576-BC45-8A8F5E7096B8} - System32\Tasks\Opera GX scheduled Autoupdate 1653928445 => C:\Users\Joao\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (Nenhum Arquivo)
Task: {7A0F5D42-484F-47D2-8276-E56A750CDB6A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {7BB9E474-ADFF-4E0A-814C-5A6E970119F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {9E74E23C-947D-4655-9B23-0AA02E733857} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {A0BB84C6-C98A-49D3-9A3C-69B0F1F4C4EB} - \VSPXService -> Nenhum Arquivo <==== ATENÇÃO
Task: {A6D6AF76-A966-4635-8ED4-89BD4A605E5E} - System32\Tasks\GoogleUpdateTaskMachineUA{F19BCCD7-55B0-403F-8A45-F95747C7918A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-09] (Google LLC -> Google LLC)
Task: {A75B5541-F1AB-428D-BD74-A736627629D8} - System32\Tasks\GoogleUpdateTaskMachineCore{AF8317F8-B172-4D0F-8A2B-6E27BF8F460A} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-09] (Google LLC -> Google LLC)
Task: {B0C61EC0-9978-4FE5-A71A-9A76532F639E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-03-02] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {C0F9C2D9-6433-49D5-AD19-0E50E2EEDD9E} - System32\Tasks\CorelUpdateHelperTask-C09E899EEE1C425B0FBF343C19F1688D => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3813600 2021-12-03] (Corel Corporation -> Corel Corporation)
Task: {D60BB83E-50C2-4C65-B8FA-BEC119B6FCB6} - \APTXService -> Nenhum Arquivo <==== ATENÇÃO
Task: {D83773D3-AAC6-4F44-B376-D31A7CA7AFDC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "900076fc-04e3-4539-912d-3a21c47c732a" --version "6.09.10300" --silent
Task: {E38E6D53-80E4-44B2-8489-3484D11BB564} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F53B4FD3-498A-4153-B1B4-CE6516C99A35} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{29503661-9cf0-45dd-9f54-6664b294b415}: [DhcpNameServer] 192.168.15.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Joao\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-08]
Edge Extension: (Kaspersky Protection) - C:\Users\Joao\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-12-27]
Edge Extension: (Kaspersky Password Manager) - C:\Users\Joao\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eolheccophlcbnkkbelcgminoojochgj [2023-03-08]
Edge Extension: (IDM Integration Module) - C:\Users\Joao\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2022-07-30]
Edge Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\Joao\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2023-02-22]
Edge HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2022-05-25]
Edge HKU\S-1-5-21-2662653025-1638352479-2376982732-1004\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-80-2885764129-887777008-271615777-1616004480-2722851051\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: l0kn7hz2.default
FF ProfilePath: C:\Users\Joao\AppData\Roaming\Mozilla\Firefox\Profiles\l0kn7hz2.default [2023-01-19]
FF ProfilePath: C:\Users\Joao\AppData\Roaming\Mozilla\Firefox\Profiles\n7yw97ld.default-release [2023-03-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Joao\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Joao\AppData\Roaming\IDM\idmmzcc5 [2022-07-30] [] [não assinado]
FF HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-19] []
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-10-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2023-02-22]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-10-06] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-10-06] <==== ATENÇÃO
Chrome:
=======
CHR Profile: C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default [2023-03-08]
CHR Extension: (Kaspersky Protection) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-12-27]
CHR Extension: (Kaspersky Password Manager) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2023-03-08]
CHR Extension: (Adobe Acrobat: ferramentas para editar, converter e assinar PDFs) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-28]
CHR Extension: (Gerar DANFe/DACTe) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnalonmlenogoaknbeikifdbaokkhmjj [2022-07-13]
CHR Extension: (Documentos Google off-line) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-23]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2022-07-13]
CHR Extension: (SerasaAssina – Portal Assinatura Digital) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\iepmidcidkjdmdppchlhaajdhbkhfgjl [2022-07-13]
CHR Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-11]
CHR Extension: (IDM Integration Module) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2022-07-30]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Joao\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-09]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2022-05-25]
CHR HKU\S-1-5-21-2662653025-1638352479-2376982732-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2022-05-25]
==================== Serviços (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3729888 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2022-01-03] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512256 2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
S4 ComboCleaner.Guard; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.Guard.exe [143488 2021-11-05] (RCS LT, UAB -> RCS LT)
S4 ComboCleaner.WinService; C:\Program Files (x86)\Combo Cleaner\ComboCleaner.WinService.exe [151168 2021-11-05] (RCS LT, UAB -> RCS LT)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2022-09-22] (Dell Inc -> Dell Technologies Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-08-15] (Dell Inc -> Dell)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2022-02-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2022-10-18] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [934648 2022-10-25] (Wondershare Technology Group Co.,Ltd -> )
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 kpm_service_10.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 10.3\kpm_service.exe [520600 2023-01-17] (AO Kaspersky Lab -> AO Kaspersky Lab)
S2 KSDE5.9; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.9\ksde.exe [32008 2023-01-12] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9002208 2023-03-06] (Malwarebytes Inc. -> Malwarebytes)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [50880 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [370368 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 NativePushService; C:\Users\Joao\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS12.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2450112 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [700928 2021-04-14] (HP Development Company, L.P.) [Arquivo não assinado]
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [508488 ] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2022-07-13] (Samsung Electronics CO., LTD. -> )
R2 ServerBSX; C:\BSX_Server\Service\ServerBSX.exe [1654272 2019-01-14] () [Arquivo não assinado]
S4 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613056 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2022-11-29] (Dell Inc -> Dell Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16184216 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1001256 2022-09-19] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_74adeee5e47197cc\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_74adeee5e47197cc\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-12-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24968 2023-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [37808 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [31560 2016-12-03] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
S3 DFX11_1; C:\Windows\system32\drivers\dfx11_1x64.sys [28008 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 DFX12; C:\Windows\system32\drivers\dfx12x64.sys [39048 2015-11-14] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2022-02-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2022-02-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2023-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [384584 2022-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [522504 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [717448 2022-11-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1729160 2022-11-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [235720 2023-02-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1049864 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\Windows\system32\DRIVERS\kltun.sys [96616 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [370496 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_klif_arkmon_43DDDD42; C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\43DDDD42950FE2BFD04963573405BB4D\klupd_klif_arkmon.sys [370496 2023-03-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [359976 2022-12-07] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [190048 2022-12-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [270672 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198112 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77736 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181816 2023-03-06] (Malwarebytes Inc. -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S4 RsFx0300; C:\Windows\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11376 2002-10-07] () [Arquivo não assinado]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S4 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-12-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [435432 2021-12-29] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-29] (Microsoft Windows -> Microsoft Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [39488 2023-02-22] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [51160 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [34768 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [36768 2022-02-25] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
U3 aswbdisk; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um mês (criados) (Whitelisted) =========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2023-03-08 10:21 - 2023-03-08 10:21 - 000003444 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTask-C09E899EEE1C425B0FBF343C19F1688D
2023-03-07 10:36 - 2023-03-07 10:37 - 000012217 _____ C:\Users\Joao\Downloads\sicredi_1678199746220.pdf
2023-03-07 09:03 - 2023-03-07 09:03 - 006878529 _____ C:\Users\Joao\Downloads\dia das mulheres - instituto alves.pdf
2023-03-06 16:39 - 2023-03-06 16:39 - 000181816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2023-03-06 14:55 - 2023-03-06 14:55 - 000019085 _____ C:\Users\Joao\Downloads\2023_03_06_14_50_16_461_receipt.pdf
2023-03-03 14:43 - 2023-03-03 14:43 - 000102054 _____ C:\Users\Joao\Downloads\NOTA 06.pdf
2023-03-03 14:13 - 2023-03-03 14:13 - 000001719 _____ C:\Users\Joao\Downloads\Comprovante_03-03-2023_140914.pdf
2023-02-28 17:35 - 2023-02-28 17:35 - 000110860 _____ C:\Users\Joao\Downloads\Manual do Aluno.pdf
2023-02-28 16:46 - 2023-02-28 16:46 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2023-02-28 15:20 - 2023-02-28 15:20 - 000003193 _____ C:\Users\Joao\Downloads\Ativador do Office 2021.txt
2023-02-28 15:20 - 2023-02-28 15:20 - 000003193 _____ C:\Users\Joao\Downloads\Ativador do Office 2021.cmd
2023-02-27 12:02 - 2023-02-27 12:02 - 000127677 _____ C:\Users\Joao\Downloads\Aviso.pdf
2023-02-27 11:51 - 2023-02-27 11:51 - 000313766 _____ C:\Users\Joao\Downloads\RESCISÃO (2).pdf
2023-02-27 11:49 - 2023-02-27 11:49 - 000313766 _____ C:\Users\Joao\Downloads\RESCISÃO (1).pdf
2023-02-27 11:49 - 2023-02-27 11:49 - 000278816 _____ C:\Users\Joao\Downloads\VALOR DA MULTA.pdf
2023-02-27 08:36 - 2023-02-27 08:36 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-02-24 10:22 - 2023-02-24 10:22 - 000016884 _____ C:\Users\Joao\Downloads\86277224.CRT
2023-02-22 09:03 - 2023-02-22 09:02 - 000001299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2023-02-22 09:03 - 2023-02-22 09:02 - 000001169 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2023-02-19 11:53 - 2023-03-01 08:49 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-02-19 11:53 - 2023-02-22 08:39 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-02-19 11:53 - 2023-02-19 11:53 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-02-19 11:43 - 2023-02-19 11:43 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2023-02-19 11:43 - 2023-02-19 11:43 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-02-19 11:43 - 2023-02-19 11:43 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-02-17 13:56 - 2023-02-17 13:56 - 000092407 _____ C:\Users\Joao\Downloads\Fatura (3).pdf
2023-02-17 13:53 - 2023-02-17 13:54 - 000092085 _____ C:\Users\Joao\Downloads\Fatura (2).pdf
2023-02-17 10:29 - 2023-02-17 10:30 - 000006301 _____ C:\Users\Joao\Downloads\ComprovanteSantander-1676644167.6450129.pdf
2023-02-17 10:08 - 2023-02-17 10:08 - 000083270 _____ C:\Users\Joao\Downloads\Produtos Maria Rute 1 de 3.pdf
2023-02-17 10:05 - 2023-02-17 10:05 - 000062486 _____ C:\Users\Joao\Downloads\sicredi_E2652942020230210130306W47Rm335k.pdf
2023-02-15 15:34 - 2023-02-15 15:34 - 000001708 _____ C:\Users\Joao\Downloads\sicoob_2023_02_15_15_33_17.pdf
2023-02-15 09:01 - 2023-02-15 09:01 - 000000000 ___HD C:\$WinREAgent
2023-02-14 11:16 - 2023-02-14 11:17 - 000001398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager.lnk
2023-02-13 10:17 - 2023-02-13 10:17 - 000062477 _____ C:\Users\Joao\Downloads\sicredi_E2652942020230210214144ThH5pSSVK.pdf
2023-02-10 08:37 - 2023-02-22 09:03 - 000000000 ____D C:\Users\TEMP
2023-02-07 13:38 - 2023-02-07 13:38 - 000007318 _____ C:\Users\Joao\Downloads\comprovantes.pdf
2023-02-06 14:08 - 2023-02-06 14:08 - 000082003 _____ C:\Users\Joao\Downloads\Pgto Instrutor barbeiro.pdf
==================== Um mês (modificados) ==================
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2023-03-08 18:10 - 2023-01-04 19:11 - 000000000 ____D C:\FRST
2023-03-08 18:02 - 2022-03-09 22:12 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-08 17:58 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-08 17:49 - 2022-10-06 11:53 - 000000000 ____D C:\Users\Joao\AppData\LocalLow\Mozilla
2023-03-08 17:49 - 2022-07-13 11:11 - 000000000 ____D C:\Importante
2023-03-08 17:31 - 2022-03-30 17:04 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-03-08 17:16 - 2022-01-03 19:19 - 000000000 ____D C:\Users\Joao\AppData\Local\D3DSCache
2023-03-08 17:00 - 2022-06-30 16:12 - 000000000 ____D C:\@BKPSAFE
2023-03-08 16:07 - 2022-09-15 16:28 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-03-08 16:00 - 2022-06-29 11:57 - 000000000 ____D C:\Users\Joao\Documents\Importante Instituto Alves
2023-03-08 15:57 - 2021-12-29 20:11 - 000000000 ____D C:\Users\Joao\AppData\Local\Packages
2023-03-08 15:55 - 2020-11-18 22:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-08 13:58 - 2022-10-06 11:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-08 10:10 - 2022-01-11 11:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-03-08 09:00 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-08 08:39 - 2022-09-15 13:37 - 000000000 ____D C:\Program Files\CCleaner
2023-03-08 08:37 - 2022-06-30 16:10 - 000000000 ____D C:\Alpha
2023-03-08 08:37 - 2022-01-03 20:49 - 000000000 ____D C:\Program Files (x86)\Steam
2023-03-08 08:36 - 2022-12-13 18:02 - 000000000 ____D C:\ProgramData\firebird
2023-03-08 08:35 - 2021-12-29 21:19 - 000000000 __SHD C:\Users\Joao\IntelGraphicsProfiles
2023-03-07 20:35 - 2022-07-30 11:16 - 000000000 ____D C:\Users\Joao\AppData\Roaming\DMCache
2023-03-07 20:35 - 2022-01-19 08:52 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-07 19:03 - 2022-03-09 22:13 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-07 19:03 - 2022-03-09 22:13 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-07 18:31 - 2020-11-18 22:32 - 000003674 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-07 18:31 - 2020-11-18 22:32 - 000003550 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-07 11:02 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-07 09:35 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2023-03-06 21:31 - 2022-06-12 17:00 - 000000000 ____D C:\Users\Joao\AppData\Local\CrashDumps
2023-03-06 19:45 - 2022-06-25 19:57 - 000003936 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2662653025-1638352479-2376982732-1001UA
2023-03-06 19:45 - 2022-06-25 19:57 - 000003870 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2662653025-1638352479-2376982732-1001Core
2023-03-06 16:45 - 2023-01-04 19:12 - 000000000 ____D C:\Users\Joao\Desktop\FRST-OlderVersion
2023-03-03 13:54 - 2022-07-30 11:16 - 000000000 ____D C:\Users\Joao\Downloads\Video
2023-03-03 08:33 - 2020-11-18 22:32 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-03 08:33 - 2020-11-18 22:32 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-02 09:46 - 2023-01-19 15:49 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-03-02 09:46 - 2022-10-06 11:53 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-02 09:46 - 2022-10-06 11:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-03-02 09:46 - 2022-10-06 11:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-01 21:31 - 2022-01-25 22:35 - 000000000 ____D C:\Users\Joao\Documents\American Truck Simulator
2023-02-28 10:59 - 2019-12-07 05:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-02-23 16:26 - 2023-01-05 15:51 - 000000418 _____ C:\Users\Joao\Desktop\moveis.txt
2023-02-22 09:03 - 2022-01-03 20:05 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2023-02-22 09:02 - 2022-08-15 13:22 - 000000000 ____D C:\Program Files (x86)\dotnet
2023-02-22 09:02 - 2022-01-03 20:05 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2023-02-22 09:02 - 2021-12-29 22:16 - 000000000 ____D C:\ProgramData\Package Cache
2023-02-22 08:50 - 2021-12-29 21:13 - 002082406 _____ C:\Windows\system32\PerfStringBackup.INI
2023-02-22 08:50 - 2019-12-07 10:54 - 000879454 _____ C:\Windows\system32\prfh0416.dat
2023-02-22 08:50 - 2019-12-07 10:54 - 000201894 _____ C:\Windows\system32\prfc0416.dat
2023-02-22 08:42 - 2023-01-10 20:39 - 000039488 _____ (Topaz OFD) C:\Windows\system32\Drivers\wsddfac.sys
2023-02-22 08:42 - 2022-10-19 10:34 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-22 08:42 - 2022-03-30 16:58 - 000000000 ____D C:\Program Files\TeamViewer
2023-02-22 08:42 - 2021-12-29 21:19 - 000000000 ____D C:\Intel
2023-02-22 08:42 - 2020-11-18 22:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-02-22 08:42 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ServiceState
2023-02-22 08:39 - 2022-01-23 14:43 - 000535728 _____ C:\Windows\system32\FNTCACHE.DAT
2023-02-22 08:39 - 2019-12-07 05:03 - 001048576 _____ C:\Windows\system32\config\BBI
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\setup
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-02-22 08:38 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2023-02-17 10:11 - 2022-07-29 10:01 - 000000000 ____D C:\Users\Joao\Documents\CLIENTES
2023-02-15 09:27 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2023-02-15 09:14 - 2020-11-18 22:32 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-02-14 18:59 - 2022-01-05 18:41 - 000000000 ____D C:\Windows\system32\MRT
2023-02-14 18:50 - 2022-01-05 18:41 - 149955784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-02-14 11:17 - 2022-01-03 20:25 - 000001532 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2023-02-10 09:06 - 2022-08-03 17:17 - 000000000 ____D C:\Users\Joao\Documents\Comprovantes
2023-02-10 08:38 - 2020-11-18 22:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-02-08 14:04 - 2022-07-27 14:05 - 000002069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
==================== Arquivos na raiz de alguns diretórios ========
2022-12-16 10:15 - 2022-12-16 10:15 - 000000000 _____ () C:\Users\Joao\AppData\Local\oobelibMkey.log
2022-05-30 10:43 - 2022-05-30 10:43 - 000016438 _____ () C:\Users\Joao\AppData\Local\partner.bmp
==================== SigCheck ============================
(Não há correção automática para arquivos que não passaram na verificação.)
==================== Fim de FRST.txt ========================