Resultado do anÃ¡lise da Farbar Recovery Scan Tool (FRST) (x64) VersÃ£o: 30-01-2022
Executado por DVM (administrador) em DESKTOP-GQD1R8Q (LENOVO 81FD) (04-02-2022 08:52:03)
Executando a partir de C:\Users\DVM\Desktop
Perfis Carregados: DVM
Plataforma: Microsoft Windows 10 Home Single Language VersÃ£o 20H2 19042.1466 (X64) Idioma: PortuguÃªs (Brasil)
Navegador padrÃ£o: Edge
Modo da InicializaÃ§Ã£o: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluÃ­da na fixlist, o processo serÃ¡ fechado. O arquivo nÃ£o serÃ¡ movido.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\DVM\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\DVM\AppData\Roaming\uTorrent\updates\3.5.5_46096\utorrentie.exe <2>
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\DVM\AppData\Roaming\uTorrent\uTorrent.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <35>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7c484f80872e1cd8\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, o Ã­tem no Registro serÃ¡ restaurado para o padrÃ£o ou removido. O arquivo nÃ£o serÃ¡ movido.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [865568 2019-03-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3349755285-804529065-3594935135-1001\...\Run: [uTorrent] => C:\Users\DVM\AppData\Roaming\uTorrent\uTorrent.exe [2091560 2021-09-12] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3349755285-804529065-3594935135-1001\...\Run: [ut] => C:\Users\DVM\AppData\Roaming\uTorrent\uTorrent.exe [2091560 2021-09-12] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3349755285-804529065-3594935135-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3349755285-804529065-3594935135-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3349755285-804529065-3594935135-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3349755285-804529065-3594935135-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3349755285-804529065-3594935135-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\98.0.4758.81\Installer\chrmstp.exe [2022-02-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{AC76BA86-0000-0000-7760-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat DC\Esl\Aiod.dll [2020-10-22] (Adobe Inc. -> Adobe Systems, Inc.)
GroupPolicy: RestriÃ§Ã£o ? <==== ATENÃÃO
Policies: C:\ProgramData\NTUSER.pol: RestriÃ§Ã£o <==== ATENÃÃO

==================== Tarefas Agendadas (Whitelisted) ============

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

Task: {1438BA42-EC6C-4DD1-B226-2350F563AB73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-10] (Google LLC -> Google LLC)
Task: {1AD35639-4BE3-4C59-BACB-7A5BD0ADA4A1} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2019-10-03] () [Arquivo nÃ£o assinado]
Task: {203C5D70-3EF2-4344-9245-0B4183A7D393} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23549376 2020-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {44339E44-2A73-4560-A92C-EECB807E6D97} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208208 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5ED87F2A-3204-4C0F-AAC4-A9DF476FD32A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6381E477-B69B-4DA5-937C-32D2537F67B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8615B089-EB76-4B2F-A278-3A46E3A86698} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-10] (Google LLC -> Google LLC)
Task: {864DBBC2-13AC-4FE3-81B1-1134BC4E473E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A02A8805-73D3-4CF0-BB21-FAC0124F5879} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208208 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {B171D307-E93D-48F6-976F-C333DE71DD52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BE7F220C-3634-4FBC-B3A8-6279126CE643} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BED82B41-DD91-44AE-8DB6-96C0ABCF2B84} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23549376 2020-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9E1D2D0-A0D3-41E1-81D3-DE6154508071} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3509664 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F63AD625-C354-44DE-8372-75A74E6F6B67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F9838B85-F8AF-4F7E-B88D-EC9E257330A6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3509664 2020-09-10] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluÃ­da na fixlist, o arquivo da tarefa (.job) serÃ¡ movido. O arquivo que estÃ¡ sendo executado pela tarefa nÃ£o serÃ¡ movido.)


==================== Internet (Whitelisted) ====================

(Se um Ã­tem for incluÃ­do na fixlist, sendo um Ã­tem do Registro, serÃ¡ removido ou restaurado para o padrÃ£o.)

Hosts: HÃ¡ mais de uma entrada no Hosts. Veja a seÃ§Ã£o Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 181.213.132.4 181.213.132.5
Tcpip\..\Interfaces\{011b7d19-35ed-42d2-9bda-dbe3de1d735b}: [DhcpNameServer] 181.213.132.4 181.213.132.5
Tcpip\..\Interfaces\{1b36df7f-9a64-4a65-81d8-74018e0235cd}: [DhcpNameServer] 181.213.132.4 181.213.132.5

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DVM\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-08]
Edge Notifications: Default -> hxxps://conta.olx.com.br; hxxps://www.meliuz.com.br
Edge Extension: (Cuponomia - Cupom e Cashback) - C:\Users\DVM\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpgniflghkfilpfdacibcpggobmldnlf [2021-12-29]
Edge Extension: (MÃ©liuz: Cashback e cupons em suas compras) - C:\Users\DVM\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2022-01-08]

FireFox:
========
FF DefaultProfile: 36ayqepd.default
FF ProfilePath: C:\Users\DVM\AppData\Roaming\Mozilla\Firefox\Profiles\36ayqepd.default [2020-11-10]
FF ProfilePath: C:\Users\DVM\AppData\Roaming\Mozilla\Firefox\Profiles\wv0uq6t4.default-release [2021-12-12]
FF Extension: (MÃ©liuz: Cashback e cupons em suas compras) - C:\Users\DVM\AppData\Roaming\Mozilla\Firefox\Profiles\wv0uq6t4.default-release\Extensions\jid1-NI2sWc3cvsAJsg@jetpack.xpi [2021-11-08]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-10-22]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2020-09-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2020-09-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> D:\PROGRAMAS\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> D:\PROGRAMAS\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\PROGRAMAS\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\PROGRAMAS\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default [2022-02-04]
CHR Notifications: Default -> hxxps://conta.olx.com.br; hxxps://drogaraia.soclminer.com.br; hxxps://drogariavenancio.soclminer.com.br; hxxps://meet.google.com; hxxps://pt.aliexpress.com; hxxps://push-decdbeb-5268.boustahe.com; hxxps://web.telegram.org; hxxps://web.whatsapp.com; hxxps://wp.aliexpress.com; hxxps://www.conselhosetruques.com; hxxps://www.cuponomia.com.br; hxxps://www.softonic.com.br
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Google Tradutor) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-02-03]
CHR Extension: (ApresentaÃ§Ãµes) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-10]
CHR Extension: (Documentos) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-10]
CHR Extension: (Google Drive) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-09]
CHR Extension: (YouTube) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-10]
CHR Extension: (Adobe Acrobat: ferramentas de ediÃ§Ã£o, conversÃ£o e assinatura de PDFs) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-04]
CHR Extension: (WA Web Plus for WhatsAppâ¢) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekcgkejcjdcmonfpmnljobemcbpnkamh [2022-02-03]
CHR Extension: (Planilhas) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-10]
CHR Extension: (EditThisCookie) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2020-12-08]
CHR Extension: (Documentos Google off-line) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-03]
CHR Extension: (Cuponomia - Cupom e Cashback) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidejehfgombmkfflghejpncblgfkagj [2022-02-03]
CHR Extension: (New Tab Redirect) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2020-09-11]
CHR Extension: (MÃ©liuz: Cashback e cupons em suas compras) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2022-02-03]
CHR Extension: (Social Video Downloader) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2021-02-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-09]
CHR Extension: (Gmail) - C:\Users\DVM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-09]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== ServiÃ§os (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9482688 2020-08-28] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\Windows\System32\FMService64.exe [394176 2019-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-01-29] (HP Inc. -> HP Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2021-07-08] (Reason Software Company Inc. -> Reason Software Company Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [284672 2021-04-14] (Microsoft Corporation) [Arquivo nÃ£o assinado]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo nÃ£o assinado]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 MpKsla2abff79; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{79A597DF-999F-403C-A9D2-8832B945ADEF}\MpKslDrv.sys [135440 2022-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435432 2021-12-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)


==================== Um mÃªs (criados) (Whitelisted) =========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2022-02-04 08:52 - 2022-02-04 08:54 - 000021654 _____ C:\Users\DVM\Desktop\FRST.txt
2022-02-04 08:50 - 2022-02-04 08:53 - 000000000 ____D C:\FRST
2022-02-04 08:49 - 2022-02-04 08:49 - 002311680 _____ (Farbar) C:\Users\DVM\Desktop\FRST64.exe
2022-02-03 19:05 - 2022-02-03 19:06 - 091813968 _____ C:\Program Files (x86)\360-total-security-10-8-0-1419.exe
2022-01-27 22:41 - 2022-02-03 18:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-14 00:00 - 2022-01-14 00:00 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-01-13 23:59 - 2022-01-13 23:59 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-01-13 23:59 - 2022-01-13 23:59 - 000011797 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-01-13 23:25 - 2022-01-13 23:25 - 000000000 ___HD C:\$WinREAgent

==================== Um mÃªs (modificados) ==================

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2022-02-04 08:55 - 2020-11-05 16:38 - 000000000 ____D C:\Users\DVM\AppData\Roaming\uTorrent
2022-02-04 08:37 - 2020-09-10 13:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-02-04 08:01 - 2020-09-10 15:05 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-04 05:41 - 2020-09-12 17:45 - 000000000 ____D C:\Users\DVM\AppData\LocalLow\Mozilla
2022-02-04 02:13 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-03 21:49 - 2021-02-19 15:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-03 19:48 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-03 19:48 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness
2022-02-03 19:16 - 2020-09-10 15:05 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-03 19:13 - 2020-09-25 08:48 - 000000000 ____D C:\Users\DVM\AppData\Local\D3DSCache
2022-02-03 18:38 - 2020-09-10 14:12 - 001741824 _____ C:\Windows\system32\PerfStringBackup.INI
2022-02-03 18:38 - 2019-12-07 11:54 - 000752646 _____ C:\Windows\system32\prfh0416.dat
2022-02-03 18:38 - 2019-12-07 11:54 - 000148760 _____ C:\Windows\system32\prfc0416.dat
2022-02-03 18:38 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF
2022-02-03 18:34 - 2021-09-12 12:30 - 000000000 ____D C:\Users\DVM\AppData\LocalLow\uTorrent
2022-02-03 18:34 - 2020-11-05 16:39 - 000000000 ____D C:\Users\DVM\AppData\Local\BitTorrentHelper
2022-02-03 18:32 - 2020-09-10 16:01 - 000000000 __SHD C:\Users\DVM\IntelGraphicsProfiles
2022-02-03 18:31 - 2020-09-10 15:50 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-02-03 18:30 - 2020-09-10 16:02 - 000000134 _____ C:\Windows\system32\regtest.txt
2022-02-03 18:30 - 2020-09-10 15:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-02-03 18:30 - 2020-09-10 14:32 - 000000000 ____D C:\Intel
2022-02-03 18:30 - 2020-09-10 13:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-03 18:30 - 2020-09-10 13:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-02-03 18:28 - 2019-12-07 06:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-02-03 15:19 - 2021-02-17 21:27 - 000000000 ____D C:\Users\DVM\AppData\Local\ElevatedDiagnostics
2022-02-02 20:10 - 2021-06-08 18:13 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-01-30 10:11 - 2020-10-04 07:20 - 000000000 ____D C:\Users\DVM\Desktop\FOLHETOS DE MISSA
2022-01-29 18:39 - 2021-05-10 16:36 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-01-28 21:34 - 2020-09-10 14:06 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-28 05:41 - 2020-09-10 15:48 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-28 00:22 - 2020-09-10 14:05 - 000003618 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-28 00:22 - 2020-09-10 14:05 - 000003494 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-24 15:33 - 2021-12-10 21:02 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3349755285-804529065-3594935135-1001
2022-01-24 15:33 - 2021-08-20 19:25 - 000002386 _____ C:\Users\DVM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-24 15:33 - 2020-09-10 14:25 - 000003374 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3349755285-804529065-3594935135-1001
2022-01-20 18:56 - 2020-09-10 15:05 - 000003590 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-20 18:56 - 2020-09-10 15:05 - 000003466 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-19 23:22 - 2021-02-19 15:32 - 000605496 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2022-01-19 23:22 - 2021-02-19 15:32 - 000486712 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2022-01-14 21:18 - 2020-09-10 13:59 - 000315648 _____ C:\Windows\system32\FNTCACHE.DAT
2022-01-14 21:14 - 2019-12-07 06:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-01-14 21:14 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-01-14 21:14 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemResources
2022-01-14 21:14 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\setup
2022-01-14 21:14 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\oobe
2022-01-14 21:14 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\Dism
2022-01-14 21:14 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\bcastdvr
2022-01-14 21:13 - 2020-09-10 14:19 - 000000000 ____D C:\Users\DVM
2022-01-14 00:26 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp
2022-01-13 23:19 - 2020-09-10 14:37 - 000000000 ____D C:\Windows\system32\MRT
2022-01-13 23:13 - 2020-09-10 14:37 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Arquivos na raiz de alguns diretÃ³rios ========

2022-02-03 19:05 - 2022-02-03 19:06 - 091813968 _____ () C:\Program Files (x86)\360-total-security-10-8-0-1419.exe
2021-10-28 17:53 - 2021-10-28 17:53 - 011829472 _____ () C:\Program Files (x86)\HPPSdr.exe
2021-07-09 15:40 - 2021-07-09 15:40 - 079607039 _____ () C:\Program Files (x86)\Malwabytres.rar
2021-05-24 19:23 - 2021-05-24 19:23 - 000425304 _____ (Secure By Design Inc.) C:\Program Files (x86)\Ninite Foxit Reader Installer.exe
2021-11-17 19:00 - 2021-11-17 19:00 - 000425304 _____ (Secure By Design Inc.) C:\Program Files (x86)\Ninite Malwarebytes Installer.exe
2020-11-09 08:53 - 2020-11-09 08:53 - 000425304 _____ (Secure By Design Inc.) C:\Program Files (x86)\Ninite qBittorrent Installer.exe
2020-09-12 17:16 - 2020-09-12 17:16 - 000425304 _____ (Secure By Design Inc.) C:\Program Files (x86)\Ninite Thunderbird Installer.exe
2020-11-05 16:35 - 2020-11-05 16:36 - 005116976 _____ (BitTorrent Inc.) C:\Program Files (x86)\uTorrent.exe
2021-06-08 18:09 - 2021-06-08 18:09 - 000000410 _____ () C:\Users\DVM\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(NÃ£o hÃ¡ correÃ§Ã£o automÃ¡tica para arquivos que nÃ£o passaram na verificaÃ§Ã£o.)

==================== Fim de FRST.txt ========================