30 minutos atrás, Elias Pereira disse:
Baixe o Farbar Recovery Scan do link abaixo e salve na sua área de trabalho.
https://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Clique com o direito sobre o arquivo FRST64.EXE, depois clique em http://i.imgur.com/VRIfczU.png .
Aceite o contrato e depois clique no botão Scan/Examinar.Aguarde e ao final, os logs FRST.txt e Addition.txt serão salvos no seu desktop.
Abra cada arquivo em separado, copie seu conteúdo e cole na sua próxima resposta.
FRST
Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20-09-2023
Executado por FRED (administrador) em DESKTOP-5R0985U (ASUS All Series) (20-09-2023 08:45:36)
Executando a partir de C:\Users\frede\Downloads\FRST64.exe
Perfis Carregados: FRED
Plataforma: Microsoft Windows 10 Pro Versão 22H2 19045.3448 (X64) Idioma: Português (Brasil)
Navegador padrão: FF
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksdeui.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.16130.20766\OfficeClickToRun.exe
(C:\Users\frede\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\frede\AppData\Local\Programs\Opera GX\102.0.4880.55\opera_crashreporter.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.913.400_x64__8wekyb3d8bbwe\olk.exe
(Feitian Technologies Co., Ltd. -> EnterSafe) C:\Program Files (x86)\EnterSafe\ePass2003\ePassCertd_2003.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\frede\AppData\Local\Microsoft\Teams\current\Teams.exe <8>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Opera Norway AS -> Opera Software) C:\Users\frede\AppData\Local\Programs\Opera GX\opera.exe <20>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Sophos Ltd -> Sophos) C:\Program Files (x86)\Sophos\Connect\scvpn.exe
(services.exe ->) (The OpenVPN Project) [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\openvpnserv.exe
(services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2>
(Sophos Ltd -> Sophos) C:\Program Files (x86)\Sophos\Connect\GUI\scgui.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2336.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21570.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21570.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3385_none_7e1c800a7c81ffd9\TiWorker.exe
==================== Registro (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Sophos Connect] => C:\Program Files (x86)\Sophos\Connect\GUI\scgui.exe [2417504 2022-11-09] (Sophos Ltd -> Sophos)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ePass2003_std] => C:\Program Files (x86)\EnterSafe\ePass2003\ePassCertd_2003.exe [145728 2015-11-04] (Feitian Technologies Co., Ltd. -> EnterSafe)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2607648 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Run: [MicrosoftEdgeAutoLaunch_4ADCAF6337B08BB24359F3288BAFDE06] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210216 2023-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\frede\AppData\Local\Microsoft\Teams\Update.exe [2588640 2023-09-15] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Run: [Opera GX Stable] => C:\Users\frede\AppData\Local\Programs\Opera GX\launcher.exe [2686880 2023-09-14] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-08-17] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\frede\AppData\Local\Temp\\.opera []
Startup: C:\Users\frede\AppData\Local\Temp\\.ses [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\09864277-2604-43d2-806d-8b6759f69211.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\1152fb06-f7c3-414d-b194-be0cb6e072cb.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\12124_1135530441 []
Startup: C:\Users\frede\AppData\Local\Temp\\202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\2bebcc6b-0373-4a82-9c3c-4f633f1818ec.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\3733e91c-7a7a-4fd6-b71b-edcded051095.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\38e42cef-6d5c-4b2a-90c9-b1de5c20454a.tmp [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\417fca4f-f1b2-4fa5-aa54-4c19484873f3.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\4fda36cb-be7a-42b7-87d3-e8c8d0570451.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\51eb4af3-86cc-48e9-b61a-6706d3f296b2.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\522c766b-1722-4ddb-95da-da93f42cb5e8.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\59151bdf-4b1f-4ebc-87ee-f0f215f0a0b1.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\59b33ae3-5424-4f81-a21f-58fa11ee5785.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5a35201d-bfd3-4130-a704-5f49da8e3ec6.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5bdc4b9d-607d-42e0-999a-0408955618eb.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\5e48ddcc-de10-40a0-82ea-02b66df41760.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\97b843d0-c173-440c-9c02-6576771e27cc.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\a55a4027-4e29-41c1-a53f-329c946024f1.tmp [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\Acrobat Distiller DC []
Startup: C:\Users\frede\AppData\Local\Temp\\AdobeARM.log [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\adobegc.log [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\ba28b3a2-bb8e-4ab3-8541-17f946c85f3f.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\d1fdf894-0f7c-4105-89e5-a7eb7e7b0e00.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\de15864a-3308-4b39-8199-bf6d2d994eb9.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\e584128a-0986-49b2-98e0-81fb72df4d3b.tmp [] () [Arquivo não assinado]
Startup: C:\Users\frede\AppData\Local\Temp\\mat-debug-9120.log [] () <==== ATENÇÃO [zero byte? (Erro=123)]
Startup: C:\Users\frede\AppData\Local\Temp\\mozilla-temp-files []
==================== Tarefas Agendadas (Whitelisted) =================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {8851C55D-7518-4C45-A2C6-1D984C01153D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {7A7ED4D0-CADE-4B5F-9EA4-23C158C748A9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DCAD2567-AF9D-4BBA-A39A-7718E447075D} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {12B4DE34-EEC5-4D83-AD29-66335DD7A8DE} - System32\Tasks\ASC_PerformanceMonitor => "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task (Nenhum Arquivo)
Task: {569F587A-AF73-465C-96C0-FFB76E65774E} - System32\Tasks\ASC_SkipUac_FRED => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" /SkipUac (Nenhum Arquivo)
Task: {74E57898-C707-43FE-A441-EE4A065E24FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FD2694A1-2B90-4E76-93D5-D3C22B67E5F3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "a1d70218-29b1-4fcd-8b3c-a662c94c36e7" --version "6.16.10662" --silent
Task: {93C3CCEA-A4D9-4FD4-8773-E14883376937} - System32\Tasks\CCleanerSkipUAC - FRED => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F861ABAF-AFD7-48D6-8FC0-A77ACF1C6333} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3966976 2021-08-04] (Easeware) [Arquivo não assinado]
Task: {7DB97EE3-9076-467A-A2BE-FB33B008DA3D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26299360 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCE46ED3-2387-4B66-B921-DC19D54FB632} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26299360 2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8FAC7744-7EB1-4C4E-B022-BE70E23AA9E5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144240 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {51541E5E-2993-4D5E-B3D3-8AC0F5856B7D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144240 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {29C6DE00-ACB2-4FF2-8036-653B91ED5486} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168840 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F00AE6FA-74E5-4E0E-85CD-9FAE93D7A443} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4C2D4B5-0442-40E4-A4DF-387874465C58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C81B790-8BD9-4003-9CE0-82722CBE9ADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42A9B4DD-E829-4AB3-9592-E9740972DE67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {87EE82C5-BA94-4A6D-B42F-860462F3B641} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\TerminalSysInfo => %appdata%\\sysinfotool\\sitool.exe -st -tu 7 (Nenhum Arquivo)
Task: {D6B52F78-720D-4B5E-9F8C-12131710112C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {95BE468E-B866-4A3E-BAC4-C4109C55B5AA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {69FEA89A-9F0C-4AA3-96B5-021D704B053D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {217E78CB-7289-40B4-A856-08D6F9722617} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1659604029-2551903776-3631580782-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8CB5256C-6F6E-45CC-8A93-1A710FC3A672} - System32\Tasks\Opera GX scheduled Autoupdate 1694727256 => C:\Users\frede\AppData\Local\Programs\Opera GX\launcher.exe [2686880 2023-09-14] (Opera Norway AS -> Opera Software)
Task: {A140C381-DC39-496E-9DDC-AB26E9B89E67} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1659604029-2551903776-3631580782-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\Windows\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 181.213.132.2 181.213.132.3
Tcpip\..\Interfaces\{22171db1-f239-4a3e-a5ee-73ee797952ce}: [DhcpNameServer] 181.213.132.2 181.213.132.3
Edge:
=======
Edge Profile: C:\Users\frede\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-19]
Edge Extension: (Kaspersky Protection) - C:\Users\frede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2023-09-14]
Edge Extension: (Google Docs Offline) - C:\Users\frede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-19]
Edge Extension: (Edge relevant text changes) - C:\Users\frede\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]
Edge HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: glxhh27h.default
FF ProfilePath: C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\glxhh27h.default [2023-09-15]
FF user.js: detected! => C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\glxhh27h.default\user.js [2023-09-15]
FF ProfilePath: C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409 [2023-09-20]
FF user.js: detected! => C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\user.js [2023-09-15]
FF Extension: (AdBlocker Ultimate) - C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\Extensions\[emailprotected] [2023-09-14]
FF Extension: (Ghostery – Bloqueador de anúncios para privacidade) - C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\Extensions\[emailprotected] [2023-09-14]
FF Extension: (Méliuz: Cashback e cupons em suas compras) - C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\Extensions\[emailprotected] [2023-09-15]
FF Extension: (Lightshot (Ferramenta de captura)) - C:\Users\frede\AppData\Roaming\Mozilla\Firefox\Profiles\xwnk1ix3.default-release-1694716282409\Extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}.xpi [2023-09-14]
FF HKLM\...\Firefox\Extensions: [[emailprotected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [[emailprotected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-08-17]
FF HKLM-x32\...\Firefox\Extensions: [[emailprotected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [[emailprotected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2023-09-19]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-09-14] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-09-14] <==== ATENÇÃO
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001) Opera GXStable - "C:\Users\frede\AppData\Local\Programs\Opera GX\Launcher.exe"
==================== Serviços (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-08-22] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2022-08-02] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12513208 2023-07-26] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncHelper.exe [3518480 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.13\ksde.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.180.0828.0001\OneDriveUpdaterService.exe [3855376 2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
R3 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Connect\openvpnserv.exe [147456 2022-04-22] (The OpenVPN Project) [Arquivo não assinado]
R2 scvpn; C:\Program Files (x86)\Sophos\Connect\scvpn.exe [1788768 2022-11-09] (Sophos Ltd -> Sophos)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 strongSwan; C:\Program Files (x86)\Sophos\Connect\charon-svc.exe [406452 2022-05-05] () [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1012024 2023-01-13] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AdvancedSystemCareService16; "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe" [X]
===================== Drivers (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [522504 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [739984 2023-08-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1860408 2023-08-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [235704 2023-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1049864 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\Windows\system32\DRIVERS\kltun.sys [86776 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [369432 2023-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [351912 2023-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [179816 2023-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [260512 2023-09-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 tapSophos; C:\Windows\System32\drivers\tapSophos.sys [36856 2022-02-21] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55872 2023-09-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [574872 2023-09-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-14] (Microsoft Windows -> Microsoft Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [55496 2023-09-19] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddntf; C:\Windows\system32\DRIVERS\wsddntf.sys [51160 2021-02-11] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [41816 2023-05-05] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [38816 2023-02-27] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X]
S3 iobit_monitor_server2021; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um mês (criados) (Whitelisted) =========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2023-09-20 08:45 - 2023-09-20 08:46 - 000031649 _____ C:\Users\frede\Downloads\FRST.txt
2023-09-20 08:45 - 2023-09-20 08:46 - 000000000 ____D C:\FRST
2023-09-20 08:44 - 2023-09-20 08:44 - 002382848 _____ (Farbar) C:\Users\frede\Downloads\FRST64.exe
2023-09-19 20:21 - 2023-09-19 20:21 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-09-19 19:59 - 2023-09-19 20:00 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2023-09-19 19:59 - 2023-09-19 19:59 - 000000000 ____D C:\Users\frede\AppData\Local\SaRALogs
2023-09-19 19:58 - 2023-09-19 20:01 - 000000000 ____D C:\Users\frede\AppData\Local\Deployment
2023-09-19 19:58 - 2023-09-19 19:58 - 000000000 ____D C:\Users\frede\AppData\Local\Apps\2.0
2023-09-19 15:23 - 2023-09-19 15:35 - 000000000 ____D C:\Users\frede\AppData\Roaming\ZHP
2023-09-19 15:23 - 2023-09-19 15:23 - 000000000 ____D C:\Users\frede\AppData\Local\ZHP
2023-09-19 15:20 - 2023-09-19 15:21 - 000000000 ____D C:\AdwCleaner
2023-09-15 18:51 - 2023-09-15 18:50 - 000001306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2023-09-15 18:48 - 2023-09-15 18:49 - 000000000 ____D C:\Program Files (x86)\dotnet
2023-09-15 14:45 - 2023-05-05 08:22 - 000041816 ____N (Topaz OFD) C:\Windows\system32\Drivers\wsddpp.sys
2023-09-15 09:35 - 2023-09-15 09:35 - 001980992 _____ (Logitech, Inc.) C:\Windows\system32\LkmdfCoInst.dll
2023-09-15 09:35 - 2023-09-15 09:35 - 000113216 _____ (Logitech, Inc.) C:\Windows\system32\LMouFiltCoInst.dll
2023-09-15 09:35 - 2023-09-15 09:35 - 000063552 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LHidFilt.Sys
2023-09-15 09:35 - 2023-09-15 09:35 - 000054336 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LMouFilt.Sys
2023-09-15 09:35 - 2023-09-15 09:35 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2023-09-15 09:33 - 2023-09-15 10:22 - 000000436 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2023-09-15 09:33 - 2023-09-15 09:33 - 000003908 _____ C:\Windows\system32\Tasks\Driver Easy Scheduled Scan
2023-09-15 09:33 - 2023-09-15 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2023-09-15 09:33 - 2023-09-15 09:33 - 000000000 ____D C:\Program Files\Easeware
2023-09-15 09:32 - 2023-09-15 11:50 - 000003280 _____ C:\Windows\system32\Tasks\Optimize Push Notification Data File-S-1-5-21-1659604029-2551903776-3631580782-1001
2023-09-15 09:29 - 2023-09-15 09:33 - 000000000 ____D C:\Users\frede\AppData\Roaming\Easeware
2023-09-15 09:23 - 2023-09-15 09:23 - 096546816 _____ C:\Windows\system32\config\SOFTWARE.iobit
2023-09-15 09:23 - 2023-09-15 09:23 - 005472256 _____ C:\Windows\system32\config\DRIVERS.iobit
2023-09-15 09:23 - 2023-09-15 09:23 - 000581632 _____ C:\Windows\system32\config\DEFAULT.iobit
2023-09-15 09:23 - 2023-09-15 09:23 - 000086016 _____ C:\Windows\system32\config\SAM.iobit
2023-09-15 09:23 - 2023-09-15 09:23 - 000032768 _____ C:\Windows\system32\config\SECURITY.iobit
2023-09-15 09:20 - 2023-09-19 15:21 - 000000000 ____D C:\Users\frede\AppData\LocalLow\IObit
2023-09-15 09:20 - 2023-09-19 15:21 - 000000000 ____D C:\Program Files (x86)\IObit
2023-09-15 09:20 - 2023-09-15 09:21 - 000000000 ____D C:\ProgramData\ProductData
2023-09-15 09:20 - 2023-09-15 09:20 - 000003298 _____ C:\Windows\system32\Tasks\ASC_PerformanceMonitor
2023-09-15 09:20 - 2023-09-15 09:20 - 000003086 _____ C:\Windows\system32\Tasks\ASC_SkipUac_FRED
2023-09-15 09:20 - 2023-09-15 09:20 - 000000000 ____D C:\ProgramData\{7D4F950D-61ED-482D-A05D-43620B49B610}
2023-09-15 09:19 - 2023-09-19 15:35 - 000000000 ____D C:\ProgramData\IObit
2023-09-15 09:19 - 2023-09-19 15:21 - 000000000 ____D C:\Users\frede\AppData\Roaming\IObit
2023-09-15 09:05 - 2023-09-15 09:05 - 000001322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2023-09-15 09:05 - 2023-09-15 09:05 - 000000000 ____D C:\Users\frede\AppData\Roaming\GlarySoft
2023-09-15 09:05 - 2023-09-15 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2023-09-15 09:05 - 2023-09-15 09:05 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2023-09-15 08:07 - 2023-09-19 20:26 - 000000000 ____D C:\Program Files\CCleaner
2023-09-15 08:07 - 2023-09-19 19:26 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-09-15 08:07 - 2023-09-15 08:24 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-09-15 08:07 - 2023-09-15 08:07 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-09-15 08:07 - 2023-09-15 08:07 - 000002900 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - FRED
2023-09-15 08:07 - 2023-09-15 08:07 - 000000000 ____D C:\ProgramData\Piriform
2023-09-15 08:07 - 2023-09-15 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-09-15 00:39 - 2023-09-15 00:39 - 000000000 ___HD C:\$WinREAgent
2023-09-15 00:37 - 2023-09-15 00:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-15 00:34 - 2023-09-15 00:36 - 000000000 ____D C:\Windows\system32\MRT
2023-09-14 21:17 - 2023-09-14 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnterSafe
2023-09-14 21:17 - 2023-09-14 21:17 - 000000000 ____D C:\Program Files (x86)\EnterSafe
2023-09-14 21:17 - 2015-11-04 00:53 - 000000256 _____ C:\Windows\SysWOW64\eps2003csp11.sig
2023-09-14 21:17 - 2015-11-04 00:53 - 000000256 _____ C:\Windows\system32\eps2003csp11.sig
2023-09-14 21:17 - 2015-11-04 00:52 - 001413440 _____ (EnterSafe) C:\Windows\system32\eps2003csp11.dll
2023-09-14 21:17 - 2015-11-04 00:52 - 000865088 _____ (EnterSafe) C:\Windows\SysWOW64\eps2003csp11.dll
2023-09-14 21:17 - 2015-11-04 00:50 - 000048128 _____ (www.EnterSafe.com) C:\Windows\system32\eps2003csp11_s.dll
2023-09-14 21:17 - 2015-11-04 00:50 - 000010752 _____ (www.EnterSafe.com) C:\Windows\SysWOW64\eps2003csp11_s.dll
2023-09-14 21:15 - 2023-09-14 21:15 - 000000000 ____D C:\Users\frede\OneDrive\Documentos\Modelos Personalizados do Office
2023-09-14 21:05 - 2023-09-14 21:09 - 000000000 ____D C:\Users\frede\AppData\Roaming\utility-birdid
2023-09-14 21:05 - 2023-09-14 21:05 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistente Desktop birdID.lnk
2023-09-14 21:05 - 2023-09-14 21:05 - 000000000 ____D C:\Users\frede\vault
2023-09-14 21:05 - 2023-09-14 21:05 - 000000000 ____D C:\Users\frede\AppData\Local\utility-birdid-updater
2023-09-14 21:05 - 2023-09-14 21:05 - 000000000 ____D C:\Program Files\Assistente Desktop birdID
2023-09-14 20:31 - 2023-09-19 15:19 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Excel
2023-09-14 20:26 - 2023-09-15 06:04 - 000000000 ____D C:\Users\frede\AppData\Roaming\SysInfoTool
2023-09-14 20:14 - 2023-09-14 20:14 - 000003530 _____ C:\Windows\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2023-09-14 20:14 - 2023-09-14 20:14 - 000003506 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2023-09-14 20:11 - 2023-09-14 20:28 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-09-14 20:11 - 2023-09-14 20:28 - 000000000 ____D C:\Users\frede\AppData\Local\Adobe
2023-09-14 20:11 - 2023-09-14 20:11 - 000000040 ____H C:\C416F53A1682
2023-09-14 20:11 - 2023-09-14 20:11 - 000000000 ____D C:\Users\frede\AppData\LocalLow\Adobe
2023-09-14 20:10 - 2023-09-14 20:10 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2023-09-14 20:10 - 2023-09-14 20:10 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2023-09-14 20:09 - 2023-09-14 20:28 - 000000000 ____D C:\ProgramData\Adobe
2023-09-14 20:09 - 2023-09-14 20:09 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-09-14 19:10 - 2023-09-14 19:10 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\MMC
2023-09-14 18:53 - 2023-09-14 18:53 - 000002548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security.lnk
2023-09-14 18:50 - 2023-09-14 18:50 - 000000000 ____D C:\Users\frede\AppData\Local\ToastNotificationManagerCompat
2023-09-14 18:45 - 2023-09-19 19:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2023-09-14 18:45 - 2023-09-15 18:51 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2023-09-14 18:45 - 2023-09-14 18:53 - 000000000 ____D C:\Program Files\Common Files\AV
2023-09-14 18:45 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2023-09-14 18:43 - 2023-09-14 20:29 - 000000000 ____D C:\Users\frede\AppData\Local\DiskDrill
2023-09-14 18:43 - 2023-09-14 18:43 - 000000000 ___HD C:\.cleverfiles
2023-09-14 18:43 - 2023-09-14 18:43 - 000000000 ____D C:\Users\frede\AppData\Local\CrashRpt
2023-09-14 18:43 - 2023-09-14 18:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2023-09-14 18:43 - 2023-09-14 18:43 - 000000000 ____D C:\ProgramData\CleverFiles
2023-09-14 18:42 - 2023-09-14 18:42 - 000000000 ____D C:\Users\frede\AppData\Local\D3DSCache
2023-09-14 18:40 - 2023-09-14 18:40 - 000000000 ____D C:\Users\frede\AppData\Local\OneDrive
2023-09-14 18:34 - 2023-09-15 08:51 - 000003592 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1694727256
2023-09-14 18:34 - 2023-09-14 18:34 - 000001432 _____ C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk
2023-09-14 18:34 - 2023-09-14 18:34 - 000000000 ____D C:\Users\frede\AppData\Local\Opera Software
2023-09-14 18:33 - 2023-09-14 18:33 - 000000018 _____ C:\Users\frede\AppData\Roaming\.cache9050425797200915815.dat
2023-09-14 18:33 - 2023-09-14 18:33 - 000000000 ____D C:\Users\frede\AppData\Roaming\Opera Software
2023-09-14 18:33 - 2023-09-14 18:33 - 000000000 ____D C:\Program Files\dotnet
2023-09-14 18:32 - 2023-09-15 18:48 - 000000000 ____D C:\ProgramData\Package Cache
2023-09-14 17:25 - 2023-09-14 17:25 - 000000000 ____D C:\Users\frede\AppData\LocalLow\Temp
2023-09-14 17:15 - 2023-09-19 20:21 - 000055496 _____ (Topaz OFD) C:\Windows\system32\Drivers\wsddfac.sys
2023-09-14 17:15 - 2023-09-14 17:16 - 000000000 ____D C:\ProgramData\Temp
2023-09-14 17:15 - 2023-09-14 17:15 - 000000000 ___HD C:\Program Files (x86)\Topaz OFD
2023-09-14 17:15 - 2023-09-14 17:15 - 000000000 ____D C:\Program Files\Topaz OFD
2023-09-14 17:15 - 2023-02-27 17:51 - 000038816 ____N (Topaz OFD) C:\Windows\system32\Drivers\wsddprm.sys
2023-09-14 17:15 - 2021-02-11 19:37 - 000051160 _____ (Topaz OFD) C:\Windows\system32\Drivers\wsddntf.sys
2023-09-14 17:14 - 2023-09-14 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2023-09-14 17:14 - 2023-09-14 17:14 - 000000000 ____D C:\Program Files (x86)\Sophos
2023-09-14 17:03 - 2023-09-20 08:41 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Teams
2023-09-14 17:03 - 2023-09-15 18:06 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-09-14 17:03 - 2023-09-15 06:56 - 000002368 _____ C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-09-14 17:02 - 2023-09-14 17:03 - 000000000 ____D C:\Users\frede\AppData\Local\SquirrelTemp
2023-09-14 16:44 - 2023-09-15 08:08 - 000000000 ____D C:\Users\frede\AppData\Local\CrashDumps
2023-09-14 16:44 - 2023-09-14 18:42 - 000000000 __SHD C:\ProgramData\presepuesto
2023-09-14 16:41 - 2023-09-14 16:41 - 000000000 ____D C:\Users\frede\AppData\Roaming\WinRAR
2023-09-14 16:40 - 2023-09-15 08:09 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-09-14 16:40 - 2023-09-15 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-09-14 16:40 - 2023-09-15 08:09 - 000000000 ____D C:\Program Files\WinRAR
2023-09-14 15:47 - 2023-09-15 17:40 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\UProof
2023-09-14 15:47 - 2023-09-14 15:47 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Proof
2023-09-14 15:45 - 2023-09-19 19:55 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Word
2023-09-14 15:45 - 2023-09-14 15:56 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Office
2023-09-14 15:45 - 2023-09-14 15:45 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\AddIns
2023-09-14 15:43 - 2023-09-14 17:03 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-09-14 15:43 - 2023-09-14 17:03 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-14 15:43 - 2023-09-14 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2023-09-14 15:43 - 2023-09-14 15:43 - 000000000 ___RD C:\Users\Default\OneDrive
2023-09-14 15:43 - 2023-09-14 15:43 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-09-14 15:43 - 2023-09-14 15:43 - 000000000 ____D C:\Program Files (x86)\Teams Installer
2023-09-14 15:41 - 2023-09-14 15:41 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000002399 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-09-14 15:41 - 2023-09-14 15:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office
2023-09-14 15:37 - 2023-09-20 08:47 - 000000000 ____D C:\Program Files\Microsoft Office
2023-09-14 15:37 - 2023-09-14 15:37 - 000000000 ____D C:\Program Files\Microsoft Office 15
2023-09-14 15:34 - 2023-09-14 15:34 - 000000016 _____ C:\ProgramData\mntemp
2023-09-14 15:33 - 2023-09-14 18:32 - 000000000 ____D C:\ProgramData\Wondershare
2023-09-14 15:33 - 2023-09-14 15:34 - 000000000 ____D C:\Users\frede\AppData\Roaming\Wondershare
2023-09-14 15:33 - 2023-09-14 15:33 - 000000000 ____D C:\Users\frede\AppData\Local\PeerDistRepub
2023-09-14 15:31 - 2023-09-15 09:29 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-09-14 15:31 - 2023-09-14 15:31 - 000002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegação privativa do Firefox.lnk
2023-09-14 15:31 - 2023-09-14 15:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-14 15:28 - 2023-09-19 20:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-14 15:28 - 2023-09-14 15:31 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-14 15:28 - 2023-09-14 15:28 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2023-09-14 15:28 - 2023-09-14 15:28 - 000000000 ____D C:\Users\frede\AppData\Roaming\Mozilla
2023-09-14 15:28 - 2023-09-14 15:28 - 000000000 ____D C:\Users\frede\AppData\Local\Mozilla
2023-09-14 15:27 - 2023-09-19 20:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-14 15:21 - 2023-09-14 15:21 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Spelling
2023-09-14 15:19 - 2023-09-15 09:44 - 000000000 ____D C:\Users\frede\AppData\Local\PlaceholderTileLogoFolder
2023-09-14 15:19 - 2023-09-14 17:03 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1659604029-2551903776-3631580782-1001
2023-09-14 15:19 - 2023-09-14 15:19 - 000000000 ___HD C:\OneDriveTemp
2023-09-14 15:19 - 2023-09-14 15:19 - 000000000 ____D C:\Users\frede\AppData\Local\Comms
2023-09-14 15:18 - 2023-09-19 20:21 - 000000000 ___RD C:\Users\frede\OneDrive
2023-09-14 15:18 - 2023-09-14 15:18 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-09-14 15:17 - 2023-09-15 16:26 - 000000000 ____D C:\Users\frede\AppData\Local\Packages
2023-09-14 15:17 - 2023-09-15 00:38 - 000000000 ____D C:\ProgramData\Packages
2023-09-14 15:17 - 2023-09-14 20:12 - 000000000 ____D C:\Users\frede\AppData\Roaming\Adobe
2023-09-14 15:17 - 2023-09-14 20:00 - 000000000 ____D C:\Users\frede\AppData\Local\ConnectedDevicesPlatform
2023-09-14 15:17 - 2023-09-14 18:39 - 000000000 __SHD C:\Users\frede\IntelGraphicsProfiles
2023-09-14 15:17 - 2023-09-14 16:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ___SD C:\Users\frede\AppData\Roaming\Microsoft\Crypto
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ___RD C:\Users\frede\3D Objects
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Vault
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Network
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ____D C:\Users\frede\AppData\Local\VirtualStore
2023-09-14 15:17 - 2023-09-14 15:17 - 000000000 ____D C:\Users\frede\AppData\Local\Publishers
2023-09-14 15:12 - 2023-09-19 19:30 - 000000000 ____D C:\Users\frede
2023-09-14 15:12 - 2023-09-14 18:40 - 000000000 ___SD C:\Users\frede\AppData\Roaming\Microsoft\Credentials
2023-09-14 15:12 - 2023-09-14 17:02 - 000000000 ___SD C:\Users\frede\AppData\Roaming\Microsoft\Protect
2023-09-14 15:12 - 2023-09-14 15:17 - 000000000 ____D C:\Users\frede\AppData\Roaming\Microsoft\Windows
2023-09-14 15:12 - 2023-09-14 15:12 - 000000020 ___SH C:\Users\frede\ntuser.ini
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Modelos
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Meus Documentos
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Menu Iniciar
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Dados de Aplicativos
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Configurações Locais
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\AppData\Local\Histórico
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\AppData\Local\Dados de Aplicativos
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Ambiente de Rede
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 _SHDL C:\Users\frede\Ambiente de Impressão
2023-09-14 15:12 - 2023-09-14 15:12 - 000000000 ___SD C:\Users\frede\AppData\Roaming\Microsoft\SystemCertificates
2023-09-14 15:10 - 2023-09-19 20:25 - 001651882 _____ C:\Windows\system32\PerfStringBackup.INI
2023-09-14 15:10 - 2023-09-14 15:10 - 000000000 ____D C:\ProgramData\Realtek
2023-09-14 15:09 - 2023-09-14 20:00 - 000000000 ____D C:\Intel
2023-09-14 15:09 - 2023-09-14 15:09 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2023-09-14 15:09 - 2023-09-14 15:09 - 000000000 ____D C:\Program Files\Intel
2023-09-14 15:09 - 2023-09-14 15:09 - 000000000 ____D C:\Program Files (x86)\Intel
2023-09-14 15:09 - 2023-09-14 15:09 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Usuário Padrão
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Todos os Usuários
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Modelos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Meus Documentos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Menu Iniciar
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Dados de Aplicativos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Configurações Locais
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Ambiente de Rede
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Users\Default\Ambiente de Impressão
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\ProgramData\Modelos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\ProgramData\Menu Iniciar
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\ProgramData\Documentos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\ProgramData\Dados de Aplicativos
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Program Files\Common Files\Sistema
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Program Files\Arquivos Comuns
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Documents and Settings
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 _SHDL C:\Arquivos de Programas
2023-09-14 15:06 - 2023-09-14 15:06 - 000000000 ____D C:\Windows\CSC
2023-09-14 15:04 - 2023-09-20 08:43 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-14 15:04 - 2023-09-20 08:41 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-09-14 15:04 - 2023-09-19 20:21 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-14 15:04 - 2023-09-19 20:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-14 15:04 - 2023-09-16 21:05 - 000000000 ____D C:\Windows\Panther
2023-09-14 15:04 - 2023-09-15 06:00 - 000458368 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-14 15:04 - 2023-09-14 17:23 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-09-14 15:04 - 2023-09-14 15:31 - 000003674 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-09-14 15:04 - 2023-09-14 15:31 - 000003550 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-09-14 15:04 - 2023-09-14 15:04 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-09-14 15:04 - 2023-09-14 15:04 - 000000000 ____D C:\Windows\ServiceProfiles
==================== Um mês (modificados) ==================
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2023-09-20 08:44 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness
2023-09-20 08:43 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-20 08:43 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-19 20:25 - 2019-12-07 11:53 - 000715446 _____ C:\Windows\system32\prfh0416.dat
2023-09-19 20:25 - 2019-12-07 11:53 - 000140602 _____ C:\Windows\system32\prfc0416.dat
2023-09-19 20:25 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF
2023-09-19 20:20 - 2019-12-07 06:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-09-19 20:19 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\NDF
2023-09-15 16:26 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp
2023-09-15 16:11 - 2019-12-07 06:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-09-15 06:03 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\appcompat
2023-09-15 01:02 - 2019-12-07 11:56 - 000000000 ___SD C:\Windows\system32\AppV
2023-09-15 01:02 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemResources
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\setup
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\oobe
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-15 01:02 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\bcastdvr
2023-09-15 00:53 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\servicing
2023-09-14 18:45 - 2019-12-07 06:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-09-14 17:23 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-09-14 15:43 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-09-14 15:33 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\ServiceState
2023-09-14 15:12 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2023-09-14 15:06 - 2019-12-07 11:54 - 000000000 ____D C:\Windows\system32\FxsTmp
2023-09-14 15:06 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\spool
2023-09-14 15:06 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Windows NT
2023-09-14 15:04 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\USOPrivate
2023-09-14 15:03 - 2019-12-07 06:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
==================== Arquivos na raiz de alguns diretórios ========
2023-09-14 18:33 - 2023-09-14 18:33 - 000000018 _____ () C:\Users\frede\AppData\Roaming\.cache9050425797200915815.dat
2023-09-14 20:10 - 2023-09-14 20:10 - 000000410 _____ () C:\Users\frede\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Não há correção automática para arquivos que não passaram na verificação.)
==================== Fim de FRST.txt ========================
Addition.txt
Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 20-09-2023
Executado por FRED (20-09-2023 08:49:49)
Executando a partir de C:\Users\frede\Downloads
Microsoft Windows 10 Pro Versão 22H2 19045.3448 (X64) (2023-09-14 18:06:21)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
(Se uma entrada for incluída na fixlist, será removida.)
Administrador (S-1-5-21-1659604029-2551903776-3631580782-500 - Administrator - Disabled)
Convidado (S-1-5-21-1659604029-2551903776-3631580782-501 - Limited - Disabled)
DefaultAccount (S-1-5-21-1659604029-2551903776-3631580782-503 - Limited - Disabled)
FRED (S-1-5-21-1659604029-2551903776-3631580782-1001 - Administrator - Enabled) => C:\Users\frede
WDAGUtilityAccount (S-1-5-21-1659604029-2551903776-3631580782-504 - Limited - Disabled)
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.3.0.61 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assistente de Recuperação e Suporte da Microsoft (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\4336df8a13b91f17) (Version: 17.1.495.21 - Microsoft Corporation)
Assistente Desktop birdID 2.2.0 (HKLM\...\{fc8d59a4-d44c-5521-b21d-0c8e14688f93}) (Version: 2.2.0 - Vaultid Criptografia e Identificação)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
Driver Easy 5.7.0 (HKLM\...\DriverEasy_is1) (Version: 5.7.0 - Easeware)
ePass2003 (HKLM-x32\...\ePass2003-4FE7-A218-48BDAE051E2B_std) (Version: 1.1.15.1104 - EnterSafe)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{4DC8ED2C-8DA1-3701-A234-66AF6EF1CEFF}) (Version: 21.13.5.506 - Kaspersky)
Microsoft .NET Host - 6.0.21 (x86) (HKLM-x32\...\{A9F8F2E3-D3A4-4D90-9800-F689932ECE89}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.8 (x64) (HKLM\...\{19FCE07F-2A75-44AC-9EA5-8E29FE2F8DBE}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.21 (x86) (HKLM-x32\...\{EF4A37DD-21FE-43E9-89D1-1C699CC197AC}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.8 (x64) (HKLM\...\{174E0D7C-F2C9-49A2-83FB-95A0FE6FA023}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.21 (x86) (HKLM-x32\...\{B8ED272B-5F2D-4FF5-A7CA-C73552D7FB0F}) (Version: 48.87.64667 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.8 (x64) (HKLM\...\{B45C77BA-0B4E-4FBB-99B9-9774ECBE20AA}) (Version: 56.35.63143 - Microsoft Corporation) Hidden
Microsoft 365 Apps para Grandes Empresas - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 16.0.16130.20766 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.36 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.31 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.180.0828.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Teams) (Version: 1.6.00.24078 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.21 (x86) (HKLM-x32\...\{33e692e6-1f06-4c3d-8981-738c129e0b2c}) (Version: 6.0.21.32717 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.21 (x86) (HKLM-x32\...\{F25834D2-0460-4995-8585-8E41BD074159}) (Version: 48.87.64723 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.8 (x64) (HKLM\...\{3133BC55-90BD-4B87-82A2-6670B3CAFB81}) (Version: 56.35.63153 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.8 (x64) (HKLM-x32\...\{d260fcb6-95b8-4c81-8e07-ce75876ffca2}) (Version: 7.0.8.32619 - Microsoft Corporation)
Mozilla Firefox (x64 pt-BR) (HKLM\...\Mozilla Firefox 117.0.1 (x64 pt-BR)) (Version: 117.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 117.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20714 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20766 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0416-1000-0000000FF1CE}) (Version: 16.0.16130.20714 - Microsoft Corporation) Hidden
Opera GX Stable 102.0.4880.55 (HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\Opera GX 102.0.4880.55) (Version: 102.0.4880.55 - Opera Software)
Registry Repair 5.0.1.132 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.132 - Glarysoft Ltd)
Sophos Connect (HKLM-x32\...\{5010C740-B95D-4D2B-8831-87792C59BCE8}) (Version: 2.2.90.1104 - Sophos Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.18681 - Microsoft Corporation)
Warsaw 2.38.0.11 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 2.38.0.11 - Topaz)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corporation)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.913.400_x64__8wekyb3d8bbwe [2023-09-19] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0 [2023-09-19] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2336.7.0_x64__cv1g1gvanyjgm [2023-09-15] (WhatsApp Inc.) [Startup Task]
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.918.726.409_neutral__8wekyb3d8bbwe [2023-09-18] (Microsoft Corporation)
==================== Análise Personalizada CLSID (Whitelisted): ==============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1659604029-2551903776-3631580782-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\frede\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23213.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1659604029-2551903776-3631580782-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\frede\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.180.0828.0001\FileSyncShell64.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2023-09-14] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-08-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Atalhos & WMI ========================
==================== Módulos Carregados (Whitelisted) =============
2015-03-16 19:34 - 2015-03-16 19:34 - 000010240 _____ () [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\AcroTray.ptb
2022-02-21 12:40 - 2022-02-21 12:40 - 000124416 _____ () [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\davici.dll
2020-08-17 18:45 - 2020-08-17 18:45 - 000021504 _____ (Adobe Systems Inc.) [Arquivo não assinado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\pt_br\Acrobat Elements\ContextMenuShim64.ptb
2022-03-29 12:09 - 2022-03-29 12:09 - 002863233 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\libcrypto-1_1.dll
2022-03-29 12:09 - 2022-03-29 12:09 - 000887222 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Arquivo não assinado] C:\Program Files (x86)\Sophos\Connect\libssl-1_1.dll
==================== Alternate Data Streams (Whitelisted) ========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\ProgramData:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\Windows\system32\Drivers\wsddfac.sys:X5ZN8aDXs4 [3506]
AlternateDataStreams: C:\Users\All Users:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\All Users:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\Users\Todos os Usuários:chnpbmzkyg [274]
AlternateDataStreams: C:\Users\Todos os Usuários:YXVtLmh6aQ [7666]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:chnpbmzkyg [274]
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:YXVtLmh6aQ [7666]
==================== Modo de Segurança (Whitelisted) ==================
==================== Associação (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-08-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-09-14] (Microsoft Corporation -> Microsoft Corporation)
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\sharepoint.com -> hxxps://conselhoarquitetura-files.sharepoint.com
==================== Hosts Conteúdo: =========================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Outras Áreas ===========================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 181.213.132.2 - 181.213.132.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Firewall do Windows está habilitado.
Network Binding:
=============
Ethernet: Topaz OFD Network Monitor -> nt_wsddntf (enabled)
Ethernet 2: Topaz OFD Network Monitor -> nt_wsddntf (enabled)
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Se uma entrada for incluída na fixlist, será removida.)
MSCONFIG\Services: cfbackd => 2
MSCONFIG\Services: strongSwan => 3
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => ".ses"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "CUsersfredeAppDataLocalProgramsOpera GX102.0.4880.55opera_autoupdate.download.lock"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "cv_debug.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "DDInstall.cpccLog.txt"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "wsWAE.log.2023-09-14"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "{39930BA9-D54B-4734-AA75-FA772E1149C4} - OProcSessId.dat"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "Disk_Drill_5.3.826.0_20230914202317.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "Disk_Drill_5.3.826.0_20230914202317_001_DD.Setup.x64.msi.log"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "d7f621e8-9a86-42f6-a933-23b606537707.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "5e48ddcc-de10-40a0-82ea-02b66df41760.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "45b6490c-4da0-4c69-b2dc-856ca78ba951.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "202d3ab2-a3dd-441f-a5df-57e05c9ff785.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\StartupFolder: => "a55a4027-4e29-41c1-a53f-329c946024f1.tmp"
HKU\S-1-5-21-1659604029-2551903776-3631580782-1001\...\StartupApproved\Run: => "Opera GX Stable"
==================== Regras do Firewall (Whitelisted) ================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [{120C831A-FA27-4EA3-A195-205D75894521}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EEAA9933-261A-4042-982F-3B3CE033456A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2A5771EF-180E-43BC-B8C7-E41267460CCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{29D5778F-C31D-4A84-95B5-47B133A3B8CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A80F4BFA-D49A-49A2-A9DC-32E3687B947C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D597FA09-2501-4A24-AB50-84F0E7488044}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D49E9327-69C7-4E91-9393-F3066A61247E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3F8730B3-4F86-4DA6-97DC-E0AF1996D6C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EE712276-2B28-4FF2-BAF5-ECCBF2ADB8E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1D3ED616-F35C-4F7A-A8CE-4551CD577ECB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{053798F0-0DE3-44EF-BCE8-77B1D6351882}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.220.1216.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{692300A0-C1CF-47B8-97DD-4C26BB77E733}C:\users\frede\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\frede\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{758C5D8E-C1AD-448C-B5DB-DB756A48601F}C:\users\frede\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\frede\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{6EF0EDBE-144F-45A2-A6BE-77D7186915EE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F5C66C61-2120-47B4-ADC9-CBE1251CE7C5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC325608-3537-4A95-BD37-C07B783ADC2B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE528378-46B3-45B8-97EA-3017E8E9FFAA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{374C0C77-BBA8-4E75-9C0A-BB3F6743388C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Pontos de Restauração =========================
18-09-2023 00:12:55 Ponto de Verificação Agendado
19-09-2023 15:33:51 ZHPcleaner
==================== Dispositivos Apresentando Falhas No Gerenciador ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: ========================
Erros em Aplicativos:
==================
Error: (09/19/2023 04:09:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa olk.exe versão 1.2023.831.400 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 3714
Hora de Início: 01d9eb2cac030d8d
Hora de Término: 4294967295
Caminho do Aplicativo: C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.831.400_x64__8wekyb3d8bbwe\olk.exe
ID do Relatório: 730f91a0-c17c-4729-88dd-4833ea5efd69
Nome completo do pacote com falha: Microsoft.OutlookForWindows_1.2023.831.400_x64__8wekyb3d8bbwe
ID do aplicativo relativo ao pacote com falha: Microsoft.OutlookforWindows
Tipo com falha: Quiesce
Error: (09/19/2023 03:30:18 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/18/2023 07:41:32 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/18/2023 12:04:26 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/16/2023 08:57:54 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/15/2023 03:30:18 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (09/14/2023 08:07:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Adobe.Acrobat.Pro.DC.v2020.012.20043.exe versão 1.0.0.0 parou de interagir com o Windows e foi fechado. Para ver se mais informações sobre o problema estão disponíveis, verifique o histórico de problemas no painel de controle Segurança e Manutenção.
ID do Processo: 2090
Hora de Início: 01d9e76029fad6da
Hora de Término: 4294967295
Caminho do Aplicativo: D:\Programas\Nova pasta\Adobe.Acrobat.Pro.DC.v2020.012.20043.exe
ID do Relatório: 9d05a793-7d02-477b-a35a-0100598f6a17
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Tipo com falha: Top level window is idle
Error: (09/14/2023 07:58:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: svchost.exe_Audiosrv, versão: 10.0.19041.1806, carimbo de data/hora: 0x7dcad237
Nome do módulo com falha: ntdll.dll, versão: 10.0.19041.2788, carimbo de data/hora: 0x2f715b17
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000038314
ID do processo com falha: 0x960
Hora de início do aplicativo com falha: 0x01d9e7594e3a0034
Caminho do aplicativo com falha: C:\Windows\System32\svchost.exe
Caminho do módulo com falha: C:\Windows\SYSTEM32\ntdll.dll
ID do Relatório: dcaed3de-c338-4e39-aa5f-06e45adc4aec
Nome completo do pacote com falha:
ID do aplicativo relativo ao pacote com falha:
Erros de Sistema:
=============
Error: (09/19/2023 08:27:17 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-5R0985U)
Description: Não é possível iniciar o servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. O erro:
"2147942767"
Aconteceu ao iniciar este comando:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (09/19/2023 08:21:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço AdvancedSystemCareService16 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (09/19/2023 07:45:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço AdvancedSystemCareService16 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (09/19/2023 07:45:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 19:23:58 do dia 19/09/2023 não era esperado.
Error: (09/19/2023 07:23:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço AdvancedSystemCareService16 devido ao seguinte erro:
O sistema não pode encontrar o arquivo especificado.
Error: (09/19/2023 07:23:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: O desligamento do sistema que ocorreu às 18:45:55 do dia 19/09/2023 não era esperado.
Error: (09/19/2023 07:23:49 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORIDADE NT)
Description: 3221225684Ocorrência de erro fatal em processamento de dados de restauração.
Error: (09/19/2023 03:22:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço SASDIFSV devido ao seguinte erro:
O Windows não pode verificar a assinatura digital deste arquivo. Talvez uma alteração recente de hardware ou software tenha instalado um arquivo com uma assinatura incorreta ou danificado, ou talvez o arquivo seja um software mal-intencionado de origem desconhecida.
Windows Defender:
================
Date: 2023-09-19 12:49:45
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {FDBC9051-BAB2-4057-A533-3901563A0847}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2023-09-18 19:48:59
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {F784C764-9745-4D96-BB6E-0F2BE6867E55}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2023-09-18 00:11:53
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {C215CD98-D3A5-47EA-BBC0-883847D9D7E4}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2023-09-16 12:21:24
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {63899000-78D2-41E4-9F53-675C9D6AD423}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
Date: 2023-09-15 18:31:59
Description:
O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão.
ID do Exame: {50D607A6-6720-4772-81FC-4B69B014E743}
Tipo de Exame: Antimalware
Parâmetros do Exame: Verificação Rápida
Usuário: AUTORIDADE NT\SISTEMA
CodeIntegrity:
===============
Date: 2023-09-20 08:42:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2023-09-19 20:36:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe) attempted to load \Device\HarddiskVolume5\Program Files\Topaz OFD\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
Date: 2023-09-19 20:36:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.31\msedgewebview2.exe) attempted to load \Device\HarddiskVolume5\Program Files\Topaz OFD\Warsaw\wslbscr64.dll that did not meet the Microsoft signing level requirements.
Date: 2023-09-19 20:22:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume5\Program Files\Topaz OFD\Warsaw\wslbscrwh64.dll that did not meet the Microsoft signing level requirements.
==================== Informações da Memória ===========================
BIOS: American Megatrends Inc. 2201 03/09/2015
placa-mãe: ASUSTeK COMPUTER INC. H81M-A/BR
Processador: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentagem de memória em uso: 46%
RAM física total: 16255.85 MB
RAM física disponível: 8732.98 MB
Virtual Total: 19199.85 MB
Virtual disponível: 10620.07 MB
==================== Drives ================================
Drive 
() (Fixed) (Total:111.15 GB) (Free:64.03 GB) (Model: HP SSD S700 120GB ATA Device) NTFS
Drive d: (Backup) (Fixed) (Total:833.85 GB) (Free:657.64 GB) (Model: ST1000DM010-2EP102 ATA Device) NTFS
Drive f: (Programas) (Fixed) (Total:97.66 GB) (Free:83.56 GB) (Model: ST1000DM010-2EP102 ATA Device) NTFS
\\?\Volume{e529d0f6-00bb-4550-9414-b8a0c9020dd7}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{805af017-a1bb-4ead-9b4f-8283b97bec0e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabela de Partições ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D6DE6085)
Partition 1: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: B79CD228)
Partition: GPT.
==================== Fim de Addition.txt =======================
