Hi guys!
Can someone help me, please?
I am victim of Hijacking, supposedly.
My AV is Norton 360
Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-08-2022
Executado por anapa (administrador) em LAPTOP-0GB1CGFO (Acer Aspire A315-56) (05-09-2022 10:43:21)
Executando a partir de C:\Users\anapa\Desktop
Perfis Carregados: anapa
Plataforma: Microsoft Windows 11 Home Single Language Versão 21H2 22000.856 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.120.0.0_x86__sw1dyjdkns7gt\Flux\noshow.exe ->) (F.lux Software LLC) C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.120.0.0_x86__sw1dyjdkns7gt\Flux\flux.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxEMN.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\62.0.2.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (GoTrustID Inc -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(services.exe ->) (GOTrustID Inc.) [Arquivo não assinado] C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9d19662e01abea6b\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5802b1615520e41c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_42f9d9bfb72d84cf\RstMwService.exe
(services.exe ->) (INTELBRAS S.A. INDUSTRIA DE TELECOM ELETRONICA BRASILEIRA -> ) C:\Program Files\Intelbras\SIMNext\Local Recording Service\SIMNext.LocalRecording.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.22.7.14\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.22.7.14\nsWscSvc.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerResearchParticipation\EPCP.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2>
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(sihost.exe ->) (F.lux Software LLC) C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.120.0.0_x86__sw1dyjdkns7gt\Flux\noshow.exe
(sihost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\anapa\AppData\Local\Microsoft\OneDrive\22.166.0807.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\anapa\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
==================== Registro (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138992 2020-08-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.2.0\GoogleDriveFS.exe [51140384 2022-08-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.2.0\GoogleDriveFS.exe [51140384 2022-08-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISME.EXE [418736 2019-08-21] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1001\...\Run: [MicrosoftEdgeAutoLaunch_E8E17842B4EB41B85685C49BBC998721] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5 [3795360 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1002\...\Run: [MonitorDFe] => c:\program files (x86)\fiscal.io\monitordfe\monitor.exe [9146152 2022-06-28] (FISCAL.IO TECNOLOGIA DA INFORMACAO LTDA -> Fiscal.io Ltda.)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1002\...\Run: [MicrosoftEdgeAutoLaunch_027A6B661089A77532D92A629B7B7745] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.2.0\GoogleDriveFS.exe [51140384 2022-08-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.2.0\GoogleDriveFS.exe [51140384 2022-08-15] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON L4160 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBSME.DLL [184832 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Arquivo não assinado]
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\WINDOWS\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor de Documentos Fiscais.lnk [2022-06-28]
ShortcutTarget: Monitor de Documentos Fiscais.lnk -> C:\Program Files (x86)\Fiscal.io\MonitorDFe\Monitor.exe (FISCAL.IO TECNOLOGIA DA INFORMACAO LTDA -> Fiscal.io Ltda.)
Startup: C:\Users\anapa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor de Documentos Fiscais.lnk [2022-09-02]
ShortcutTarget: Monitor de Documentos Fiscais.lnk -> C:\Program Files (x86)\Fiscal.io\MonitorDFe\Monitor.exe (FISCAL.IO TECNOLOGIA DA INFORMACAO LTDA -> Fiscal.io Ltda.)
==================== Tarefas Agendadas (Whitelisted) ============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {01A56FF1-4891-4811-8A59-6C7B0071A69A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {073ECC08-C16D-43EC-84B7-1F7A25DE327C} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.22.7.14\SymErr.exe [379064 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {0C62B181-27CC-47B1-B4A8-C0B2B7744677} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {15817C90-7483-414E-89AE-79B7096A2559} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-08-07] (Acer Incorporated -> Acer Incorporated)
Task: {26904A81-466E-405B-9C19-641D9891DF12} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {3207D4FD-44CA-451D-A7A1-367084589E98} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2020-09-17] (Acer Incorporated -> Microsoft)
Task: {414CFFD1-B65D-4152-9BA5-8648DFD6F146} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [217088 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {5596BEAD-AE61-4C23-A45B-85C6EFD83DCD} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-08-07] (Acer Incorporated -> Acer Incorporated)
Task: {56101458-465E-42B2-AEE5-DC8B92FE309A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5926AAE0-945E-4D17-93AF-9C61B4AF7AE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-26] (Google LLC -> Google LLC)
Task: {5E7B1DC1-58AA-45F9-BCBB-08266BF3A19C} - System32\Tasks\NortonLifeLock Trial Agent V2 => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NLOKTrialAgentV2.exe [461768 2020-12-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6C147247-2B10-4DD2-A9B3-588465A32B0C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E6BC31D-6C5F-4473-ACC3-BF892D9F8967} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.22.7.14\SymErr.exe [379064 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6E744DE3-3641-49BB-91E1-3C2FC9B0A613} - System32\Tasks\AcerCMUpdateTask2.1.20250 => C:\Program Files (x86)\Acer\Amundsen\2.1.20250\AWC.exe [153128 2020-09-02] (Acer Incorporated -> )
Task: {70367DCC-E217-49AF-9159-E5EE02267346} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.3.48\SymErr.exe /analyze (Nenhum Arquivo)
Task: {897A7F80-A9E1-41CE-B2A9-F0CAC470111D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BA3E4D4-7164-4C13-9027-81154C76F3C1} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> )
Task: {90CC6EC9-ADE9-4EF6-B1DE-7013DB90A6A6} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {9490A815-6F4F-42CE-8127-9E058B62CF2D} - System32\Tasks\EPSON L4160 Series Update {5BA0180D-8769-445E-B010-36EDB27BB0DE} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSME.EXE [680440 2017-06-06] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {9844F6A0-82FF-4857-AD2B-01FA360E6D93} - System32\Tasks\FISCAL-MONITOR-UPDATER => C:\Program Files (x86)\Fiscal.io\MonitorDFe\Updater.exe [1432360 2022-06-28] (FISCAL.IO TECNOLOGIA DA INFORMACAO LTDA -> Fiscal.io Ltda.)
Task: {99047259-4D19-4DE0-A348-D38007746A68} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {A0C6C5B6-4891-4BCF-B71C-9EB68F7BD445} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> )
Task: {A0FCA86C-B79A-42B6-8B38-44E85B0B1391} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [217088 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {AC35D592-E888-48EA-903A-96A9E996D3B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-26] (Google LLC -> Google LLC)
Task: {B021F063-AB7A-4474-81BF-A2D086D2267F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {B491D335-F0EB-4CF5-9BC4-7B07FCE164BE} - System32\Tasks\App Explorer => C:\Users\anapa\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7887392 2022-04-22] (SweetLabs Inc -> SweetLabs, Inc) <==== ATENÇÃO
Task: {B621A3A0-CD6D-4868-AA81-5C1CB771D206} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C26343FE-7665-47C6-BA48-2EA9744CAA8F} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Processor => C:\Program Files\Norton Security\Engine\22.21.3.48\SymErr.exe /submit (Nenhum Arquivo)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Nenhum Arquivo)
Task: {D256A4DC-3E67-48D1-BC12-86A8569A3A77} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Autofix => C:\Program Files\Norton Security\Engine\22.21.3.48\SymErr.exe /ui (Nenhum Arquivo)
Task: {E18D9702-C330-4835-A63C-299B08F20738} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> )
Task: {E62B02BB-EBAE-479A-B3A1-13E86FAE470E} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.22.7.14\WSCStub.exe [646520 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {E6AA5652-D1D6-4FCE-A911-BB73B87BB387} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\Windows\TEMP\is-CHQGS.tmp\corefixer.exe /norerun (Nenhum Arquivo) <==== ATENÇÃO
Task: {EEE3FFE6-C6C7-443E-915D-971E7C642FFC} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-12] (Acer Incorporated -> )
Task: {F32E370B-63B3-4B67-A199-9B64D22CD1DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {FD50728D-CABA-448A-89B2-6970C52BC066} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDF77A7F-AA28-4E85-9F95-1A4AB94DF57E} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.22.7.14\SymErr.exe [379064 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON L4160 Series Update {5BA0180D-8769-445E-B010-36EDB27BB0DE}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSME.EXE:/EXE:{5BA0180D-8769-445E-B010-36EDB27BB0DE} /F:UpdateWORKGROUP\LAPTOP-0GB1CGFO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 177.126.131.55 1.1.1.1
Tcpip\..\Interfaces\{08e54f51-cffc-4c85-b8bd-0c0d8ea66269}: [DhcpNameServer] 177.126.131.55 1.1.1.1
Tcpip\..\Interfaces\{456ee682-68a3-4fe4-b772-0e6cf5248012}: [DhcpNameServer] 177.126.131.55 1.1.1.1
Edge:
=======
Edge Profile: C:\Users\anapa\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-05]
Edge Notifications: Default -> hxxps://neurocienciaparaterapeutas2.club.hotmart.com
Edge HomePage: Default -> hxxp://www.msn.com/?pc=ACTE
FireFox:
========
FF DefaultProfile: egum2ekz.default
FF ProfilePath: C:\Users\anapa\AppData\Roaming\Mozilla\Firefox\Profiles\egum2ekz.default [2021-05-24]
FF ProfilePath: C:\Users\anapa\AppData\Roaming\Mozilla\Firefox\Profiles\xoskxgms.default-release [2022-09-05]
FF Extension: (Amazon Assistant) - C:\Users\anapa\AppData\Roaming\Mozilla\Firefox\Profiles\xoskxgms.default-release\Extensions\abb-acer@amazon.com.xpi [2021-08-13] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Português (pt-BR) Language Pack) - C:\Users\anapa\AppData\Roaming\Mozilla\Firefox\Profiles\xoskxgms.default-release\Extensions\langpack-pt-BR@firefox.mozilla.org.xpi [2021-09-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3507347688-3033051970-3887594329-1002: gastecnologia.com.br/sf/cef -> C:\Users\anapa\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (Caixa Econômica Federal -> GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3507347688-3033051970-3887594329-1002: gastecnologia.com.br/sf/cef64 -> C:\Users\anapa\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (Caixa Econômica Federal -> GAS Tecnologia)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2022-09-05]
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default [2022-09-02]
CHR Notifications: Default -> hxxps://www.madeiramadeira.com.br; hxxps://www.netflix.com
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR DefaultSearchURL: Default -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=pt_br&q={searchTerms}
CHR Extension: (Gmail Entrar) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aikdmpdmpklompbpohmlfjbeohaiholh [2021-11-23]
CHR Extension: (Norton Safe Web) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2022-09-02]
CHR Extension: (Documentos Google off-line) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-02]
CHR Extension: (Norton Safe) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2022-05-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-15]
CHR Profile: C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-09-05]
CHR Profile: C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-09-05]
CHR Notifications: Profile 1 -> hxxps://meet.google.com; hxxps://portal.fazenda.sp.gov.br; hxxps://www.enjoei.com.br; hxxps://www.facebook.com; hxxps://www.passagenspromo.com.br
CHR Session Restore: Profile 1 -> está habilitado.
CHR Extension: (Documentos Google off-line) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-26]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-10]
CHR Profile: C:\Users\anapa\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-05]
==================== Serviços (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12126112 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [685496 2021-04-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 FISCAL-MONITOR-UPDATER; C:\Program Files (x86)\Fiscal.io\MonitorDFe\updater.exe [1432360 2022-06-28] (FISCAL.IO TECNOLOGIA DA INFORMACAO LTDA -> Fiscal.io Ltda.)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [15360 2020-09-08] (GOTrustID Inc.) [Arquivo não assinado]
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [336992 2020-09-08] (GoTrustID Inc -> GOTrustID Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [224320 2022-08-25] (HP Inc. -> HP Inc.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.22.7.14\NortonSecurity.exe [344888 2022-08-11] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.22.7.14\nsWscSvc.exe [1059176 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
S4 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R2 SIMNextLocalRecording; C:\Program Files\Intelbras\SIMNext\Local Recording Service\SIMNext.LocalRecording.exe [54280 2022-05-18] (INTELBRAS S.A. INDUSTRIA DE TELECOM ELETRONICA BRASILEIRA -> )
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14585248 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [326184 2020-08-09] (Acer Incorporated -> Acer Incorporated)
R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1004448 2022-04-12] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\anapa\AppData\Roaming\Zoom"
===================== Drivers (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [31896 2021-08-08] (Acer Incorporated -> Acer Incorporated)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\BASHDefs\20220901.011\BHDrvx64.sys [1672672 2022-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Arquivo não assinado]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\ccSetx64.sys [198336 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\IPSDefs\20220902.061\IDSvia64.sys [1515496 2022-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\nsvst.sys [57104 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\SRTSP64.SYS [956088 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\SRTSPX64.SYS [52920 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\SYMEFASI64.SYS [2092736 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\SymELAM.sys [36080 2022-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\Ironx64.SYS [306880 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\symnets.sys [490704 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\wpCtrlDrv.sys [1016792 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [47800 2022-09-05] (Gas Informatica Ltda -> GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [51160 2021-05-21] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [34768 2021-05-21] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [36768 2022-02-25] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três meses (criados) (Whitelisted) =========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2022-09-05 10:43 - 2022-09-05 10:44 - 000032238 _____ C:\Users\anapa\Desktop\FRST.txt
2022-09-05 10:42 - 2022-09-05 10:43 - 000000000 ____D C:\FRST
2022-09-05 10:42 - 2022-08-26 11:46 - 002371072 _____ (Farbar) C:\Users\anapa\Desktop\FRST64.exe
2022-09-05 10:39 - 2022-09-05 10:44 - 000000000 ____D C:\Users\anapa\Desktop\Drive
2022-09-05 10:27 - 2022-09-05 10:40 - 000298354 _____ C:\WINDOWS\ntbtlog.txt
2022-09-05 10:27 - 2022-09-05 10:30 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-09-03 19:31 - 2022-09-03 19:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-09-02 17:09 - 2022-09-02 17:09 - 000010491 _____ C:\Users\anapa\Downloads\2000004090276648.pdf
2022-09-02 16:19 - 2022-09-02 16:19 - 000101974 _____ C:\Users\anapa\Downloads\Cistecon - Sistema de Alarme (2).pdf
2022-09-02 16:19 - 2022-09-02 16:19 - 000093931 _____ C:\Users\anapa\Downloads\Cistecon - Sistema de Cameras (2).pdf
2022-09-02 16:11 - 2022-09-02 16:11 - 000118322 _____ C:\Users\anapa\Downloads\OS607 CISTECON.pdf
2022-09-02 16:10 - 2022-09-02 16:10 - 000115648 _____ C:\Users\anapa\Downloads\OS606 CISTECON.pdf
2022-09-02 13:41 - 2022-09-02 13:41 - 000030791 _____ C:\Users\anapa\Downloads\GiS_Orc_1406.pdf
2022-09-02 12:08 - 2022-09-02 12:08 - 000002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intelbras Media Player.lnk
2022-09-02 12:08 - 2022-09-02 12:08 - 000002113 _____ C:\Users\anapa\Downloads\Intelbras Media Player.lnk
2022-09-02 12:08 - 2022-09-02 12:08 - 000002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intelbras SIM Next.lnk
2022-09-02 12:08 - 2022-09-02 12:08 - 000002000 _____ C:\Users\Public\Desktop\Intelbras SIM Next.lnk
2022-09-02 12:06 - 2022-09-02 12:07 - 302435538 _____ C:\Users\anapa\Downloads\sim-next-1-20-5.zip
2022-09-02 11:31 - 2022-09-02 11:31 - 000041872 _____ C:\Users\anapa\Downloads\NF-e 30.675 (1).pdf
2022-09-02 11:30 - 2022-09-02 11:30 - 000013838 _____ C:\Users\anapa\Downloads\CTeCSL665669.pdf
2022-09-02 09:34 - 2022-09-02 09:34 - 000041872 _____ C:\Users\anapa\Downloads\NF-e 30.675.pdf
2022-09-02 09:12 - 2022-09-02 09:12 - 000143149 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-09-02T091240.254.pdf
2022-09-01 15:51 - 2022-09-01 15:51 - 000000470 _____ C:\Users\anapa\Downloads\exportacao_ocorrencias.txt
2022-09-01 15:51 - 2022-09-01 15:51 - 000000470 _____ C:\Users\anapa\Downloads\exportacao_ocorrencias (1).txt
2022-09-01 15:29 - 2022-09-01 15:29 - 000394240 _____ (Google Inc.) C:\Users\anapa\Downloads\gcapi.dll
2022-09-01 15:15 - 2022-09-01 15:15 - 000103764 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.187 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-09-01 14:55 - 2022-09-01 14:55 - 000103923 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.187 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-09-01 13:49 - 2022-09-01 13:49 - 000033122 _____ C:\Users\anapa\Downloads\IM-00079892 NFSe-000166 (1).pdf
2022-09-01 11:47 - 2022-09-01 11:47 - 000062010 _____ C:\Users\anapa\Downloads\sicredi_1662037981508.pdf
2022-09-01 11:42 - 2022-09-01 11:42 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (6).pdf
2022-09-01 11:40 - 2022-09-01 11:40 - 000103492 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.184 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (2).pdf
2022-09-01 11:40 - 2022-09-01 11:40 - 000102715 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.185 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (2).pdf
2022-09-01 11:00 - 2022-09-01 11:00 - 000275792 _____ C:\Users\anapa\Downloads\WhatsApp Image 2022-08-30 at 17.35.30 (2).jpeg
2022-09-01 10:59 - 2022-09-01 10:59 - 000103492 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.184 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-09-01 10:59 - 2022-09-01 10:59 - 000102715 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.185 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-08-31 15:31 - 2022-08-31 15:31 - 000102715 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.185 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-08-31 15:30 - 2022-08-31 15:30 - 000103492 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.184 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-08-31 14:13 - 2022-08-31 14:13 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (5).pdf
2022-08-31 14:11 - 2022-08-31 14:11 - 000073124 _____ C:\Users\anapa\Downloads\Cistecon 265839 (2).pdf
2022-08-31 10:31 - 2022-08-31 10:31 - 000144512 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-31T103127.877.pdf
2022-08-31 10:24 - 2022-08-31 10:24 - 000275792 _____ C:\Users\anapa\Downloads\WhatsApp Image 2022-08-30 at 17.35.30 (1).jpeg
2022-08-31 10:24 - 2022-08-31 10:24 - 000090295 _____ C:\Users\anapa\Downloads\Cistecon (48).pdf
2022-08-30 17:58 - 2022-08-30 17:58 - 000090295 _____ C:\Users\anapa\Downloads\Cistecon (47).pdf
2022-08-30 17:53 - 2022-08-30 17:53 - 000090295 _____ C:\Users\anapa\Downloads\Cistecon (46).pdf
2022-08-30 17:41 - 2022-08-30 17:41 - 000275792 _____ C:\Users\anapa\Downloads\WhatsApp Image 2022-08-30 at 17.35.30.jpeg
2022-08-30 17:10 - 2022-08-30 17:10 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (4).pdf
2022-08-30 16:16 - 2022-08-30 16:16 - 000090295 _____ C:\Users\anapa\Downloads\Cistecon (45).pdf
2022-08-30 15:31 - 2022-08-30 15:31 - 000042830 _____ C:\Users\anapa\Downloads\NF-e 30.660.pdf
2022-08-30 15:31 - 2022-08-30 15:31 - 000042283 _____ C:\Users\anapa\Downloads\NF-e 30.661.pdf
2022-08-30 11:41 - 2022-08-30 11:41 - 001349245 _____ C:\Users\anapa\Downloads\Belton - Folder NCS e NCP 2022.pdf
2022-08-30 09:37 - 2022-09-02 12:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-08-29 14:06 - 2022-08-29 14:06 - 001847027 _____ C:\Users\anapa\Downloads\guia-cartao-virtual-unimed-campinas (1).pdf
2022-08-29 13:52 - 2022-08-29 13:52 - 001847027 _____ C:\Users\anapa\Downloads\guia-cartao-virtual-unimed-campinas.pdf
2022-08-29 11:29 - 2022-08-29 11:29 - 000142663 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-29T112938.740.pdf
2022-08-29 10:50 - 2022-08-29 10:50 - 000014329 _____ C:\Users\anapa\Downloads\OS_841435_005.pdf
2022-08-26 20:44 - 2022-09-03 19:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2022-08-26 20:38 - 2022-08-29 10:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-08-26 20:38 - 2022-08-26 20:38 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2022-08-26 16:55 - 2022-08-26 16:55 - 000031034 _____ C:\Users\anapa\Downloads\CISTECON 26.08.2022.pdf
2022-08-26 15:59 - 2022-08-26 15:59 - 000008264 _____ C:\Users\anapa\Downloads\2000004103897066.pdf
2022-08-26 14:16 - 2022-08-26 14:16 - 000073124 _____ C:\Users\anapa\Downloads\Cistecon 265839 (1).pdf
2022-08-26 13:56 - 2022-08-26 13:56 - 000011730 _____ C:\Users\anapa\Downloads\CISTECON 944 (2).pdf
2022-08-26 13:49 - 2022-08-26 13:49 - 000073305 _____ C:\Users\anapa\Downloads\Cistecon 265839.pdf
2022-08-26 11:20 - 2022-08-26 11:20 - 000046301 _____ C:\Users\anapa\Downloads\Orçamento - Cistecom - 26-08-22 (1) (1).pdf
2022-08-26 11:06 - 2022-08-26 11:06 - 000011730 _____ C:\Users\anapa\Downloads\CISTECON 944 (1).pdf
2022-08-26 11:04 - 2022-08-26 11:04 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (3).pdf
2022-08-26 11:04 - 2022-08-26 11:04 - 000046301 _____ C:\Users\anapa\Downloads\Orçamento - Cistecom - 26-08-22 (1).pdf
2022-08-26 10:52 - 2022-08-26 10:52 - 000007690 _____ C:\Users\anapa\Downloads\comprovantes (4).pdf
2022-08-26 10:42 - 2022-08-26 10:42 - 000143174 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-26T104203.525.pdf
2022-08-26 10:07 - 2022-08-26 10:07 - 000130578 _____ C:\Users\anapa\Downloads\WhatsApp Image 2022-08-26 at 10.07.25.jpeg
2022-08-25 18:13 - 2022-08-25 18:13 - 001430908 _____ C:\Users\anapa\Downloads\Comprovante de Endereço Ana (1).pdf
2022-08-25 18:11 - 2022-08-25 18:11 - 001430908 _____ C:\Users\anapa\Downloads\Comprovante de Endereço Ana.pdf
2022-08-25 15:18 - 2022-08-25 15:18 - 000045938 _____ C:\Users\anapa\Downloads\Orçamento - Cistecom - 25-08-22 (1).pdf
2022-08-25 12:28 - 2022-08-25 12:28 - 000007728 _____ C:\Users\anapa\Downloads\comprovantes (3).pdf
2022-08-25 11:21 - 2022-08-25 11:21 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (2).pdf
2022-08-25 11:21 - 2022-08-25 11:21 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-08-25 11:17 - 2022-08-25 11:17 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-08-25 10:47 - 2022-08-25 10:47 - 000011730 _____ C:\Users\anapa\Downloads\CISTECON 944.pdf
2022-08-25 10:05 - 2022-08-25 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer
2022-08-24 16:06 - 2022-08-24 16:06 - 000148651 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.153 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-08-24 14:55 - 2022-08-24 14:55 - 000011746 _____ C:\Users\anapa\Downloads\CISTECON 941 (1).pdf
2022-08-24 13:58 - 2022-08-24 13:58 - 000434646 _____ C:\Users\anapa\Downloads\Prestação de Serviço em Desacordo.pdf
2022-08-24 13:43 - 2022-08-24 13:43 - 000008166 _____ C:\Users\anapa\Downloads\35220844914992000138570010363279231363279233.xml
2022-08-24 13:10 - 2022-08-24 13:10 - 000011746 _____ C:\Users\anapa\Downloads\CISTECON 941.pdf
2022-08-24 12:07 - 2022-08-24 12:07 - 000030687 _____ C:\Users\anapa\Downloads\2000004091627274.pdf
2022-08-24 12:07 - 2022-08-24 12:07 - 000008038 _____ C:\Users\anapa\Downloads\2000004091629292.pdf
2022-08-24 12:06 - 2022-08-24 12:06 - 000142943 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-24T120654.622.pdf
2022-08-24 11:58 - 2022-08-24 11:58 - 000148651 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.153 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-08-24 11:34 - 2022-08-24 11:34 - 000063012 _____ C:\Users\anapa\Downloads\Cistecon (44).pdf
2022-08-24 11:22 - 2022-08-24 11:22 - 000063285 _____ C:\Users\anapa\Downloads\Cistecon (43).pdf
2022-08-24 11:14 - 2022-08-24 11:14 - 000063285 _____ C:\Users\anapa\Downloads\Cistecon (42).pdf
2022-08-23 16:50 - 2022-08-23 16:50 - 000144454 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-23T165000.726.pdf
2022-08-23 13:02 - 2022-08-23 13:02 - 000619409 _____ C:\Users\anapa\Downloads\1118 (3).pdf
2022-08-23 12:58 - 2022-08-23 12:58 - 000619409 _____ C:\Users\anapa\Downloads\1118 (2).pdf
2022-08-23 12:56 - 2022-08-23 12:57 - 000619409 _____ C:\Users\anapa\Downloads\1118 (1).pdf
2022-08-23 12:56 - 2022-08-23 12:56 - 000619409 _____ C:\Users\anapa\Downloads\1118.pdf
2022-08-23 11:41 - 2022-08-23 11:41 - 000087123 _____ C:\Users\anapa\Downloads\KMDS CONSULTORIA LTDA - NF 16 (1).pdf
2022-08-23 11:39 - 2022-08-23 11:39 - 000069021 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (14).pdf
2022-08-23 09:56 - 2022-08-23 09:56 - 000020904 _____ C:\Users\anapa\Downloads\OS 4859.pdf
2022-08-22 11:25 - 2022-08-22 11:25 - 000101133 _____ C:\Users\anapa\Downloads\Cistecon - Cerca Elétrica (1).pdf
2022-08-22 11:24 - 2022-08-22 11:24 - 000093931 _____ C:\Users\anapa\Downloads\Cistecon - Sistema de Cameras (1).pdf
2022-08-22 11:23 - 2022-08-22 11:23 - 000101974 _____ C:\Users\anapa\Downloads\Cistecon - Sistema de Alarme (1).pdf
2022-08-19 15:34 - 2022-08-19 15:34 - 000014750 _____ C:\Users\anapa\Downloads\00004976 - CISTECON (3).pdf
2022-08-19 15:15 - 2022-08-19 15:15 - 000014750 _____ C:\Users\anapa\Downloads\00004976 - CISTECON (2).pdf
2022-08-19 15:12 - 2022-08-19 15:12 - 000400544 _____ C:\Users\anapa\Downloads\NF devolução Cistecon (4).pdf
2022-08-19 15:06 - 2022-08-19 15:06 - 000400544 _____ C:\Users\anapa\Downloads\NF devolução Cistecon (3).pdf
2022-08-19 14:56 - 2022-08-19 14:56 - 000014750 _____ C:\Users\anapa\Downloads\00004976 - CISTECON (1).pdf
2022-08-19 14:51 - 2022-08-19 14:51 - 000014750 _____ C:\Users\anapa\Downloads\00004976 - CISTECON.pdf
2022-08-19 14:47 - 2022-08-19 14:47 - 000014172 _____ C:\Users\anapa\Downloads\NF 724 - 08.08.2022 (1).pdf
2022-08-19 14:30 - 2022-08-19 14:30 - 000018837 _____ C:\Users\anapa\Downloads\841435.pdf
2022-08-19 13:54 - 2022-08-19 13:54 - 000108355 _____ C:\Users\anapa\Downloads\PF - 2514 - CISTECON (1).pdf
2022-08-19 13:32 - 2022-08-19 13:32 - 000062447 _____ C:\Users\anapa\Downloads\sicredi_1660922517872.pdf
2022-08-19 13:14 - 2022-08-19 13:14 - 000048348 _____ C:\Users\anapa\Downloads\WhatsApp Image 2022-08-19 at 13.14.32.jpeg
2022-08-19 12:23 - 2022-08-19 12:23 - 000018211 _____ C:\Users\anapa\Downloads\2917052 (1).pdf
2022-08-19 12:16 - 2022-08-19 12:16 - 000018211 _____ C:\Users\anapa\Downloads\2917052.pdf
2022-08-19 11:57 - 2022-08-19 11:57 - 000083395 _____ C:\Users\anapa\Downloads\NF Mercado Pago 14_08_2022 .pdf
2022-08-19 11:51 - 2022-08-19 11:51 - 000013499 _____ C:\Users\anapa\Downloads\NF Tray 15_08_2022 .pdf
2022-08-19 11:49 - 2022-08-19 11:49 - 000085144 _____ C:\Users\anapa\Downloads\NF Ebazar 13_08_2022 .pdf
2022-08-19 11:49 - 2022-08-19 11:49 - 000016273 _____ C:\Users\anapa\Downloads\Nfe Ubersuggest - 10_08_2022.pdf
2022-08-19 11:03 - 2022-08-19 11:03 - 000100782 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.124 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-08-18 17:47 - 2022-08-18 17:48 - 000108355 _____ C:\Users\anapa\Downloads\PF - 2514 - CISTECON.pdf
2022-08-18 17:08 - 2022-08-18 17:08 - 000031025 _____ C:\Users\anapa\Downloads\GiS_Cot_494.pdf
2022-08-18 16:54 - 2022-08-18 16:54 - 000106764 _____ C:\Users\anapa\Downloads\IR 3208 07.2022 comprovante.pdf
2022-08-18 16:54 - 2022-08-18 16:54 - 000106750 _____ C:\Users\anapa\Downloads\IR 3208 04.2022 comprovante.pdf
2022-08-18 16:54 - 2022-08-18 16:54 - 000106749 _____ C:\Users\anapa\Downloads\IR 3208 06.2022 comprovante.pdf
2022-08-18 16:54 - 2022-08-18 16:54 - 000106744 _____ C:\Users\anapa\Downloads\IR 3208 05.2022 comprovante.pdf
2022-08-18 16:24 - 2022-08-18 16:24 - 000100782 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.124 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-08-18 14:25 - 2022-08-18 14:25 - 000051019 _____ C:\Users\anapa\Downloads\Termo_de_acordo18_08_2022_14_24.pdf
2022-08-18 14:17 - 2022-08-18 14:17 - 000051029 _____ C:\Users\anapa\Downloads\Termo_de_acordo18_08_2022_14_17.pdf
2022-08-18 14:08 - 2022-08-18 14:08 - 000043640 _____ C:\Users\anapa\Downloads\Levantamento_de_debitos_18_08_2022_14_08.pdf
2022-08-18 13:49 - 2022-08-18 13:49 - 000080063 _____ C:\Users\anapa\Downloads\comprovante_pix (49).pdf
2022-08-18 12:49 - 2022-08-18 12:49 - 000143191 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-18T124952.113.pdf
2022-08-18 11:38 - 2022-08-18 11:38 - 000030394 _____ C:\Users\anapa\Downloads\19899 - CISTECON COMÉRCIO E PRESTAÇÃO DE SERVIÇO - R$ 190,00 (1).pdf
2022-08-18 11:32 - 2022-08-18 11:32 - 000030394 _____ C:\Users\anapa\Downloads\19899 - CISTECON COMÉRCIO E PRESTAÇÃO DE SERVIÇO - R$ 190,00.pdf
2022-08-18 10:29 - 2022-08-18 10:29 - 000014172 _____ C:\Users\anapa\Downloads\NF 724 - 08.08.2022.pdf
2022-08-18 10:28 - 2022-08-18 10:28 - 000400544 _____ C:\Users\anapa\Downloads\NF devolução Cistecon (2).pdf
2022-08-18 10:00 - 2022-08-18 10:00 - 000400544 _____ C:\Users\anapa\Downloads\NF devolução Cistecon (1).pdf
2022-08-18 09:51 - 2022-08-18 09:51 - 001038565 _____ C:\Users\anapa\Downloads\Cistecon - ago22 (13).pdf
2022-08-18 09:45 - 2022-08-18 09:45 - 000037198 _____ C:\Users\anapa\Downloads\NF 746 - 17.08.2022.pdf
2022-08-17 13:52 - 2022-08-17 13:52 - 000030994 _____ C:\Users\anapa\Downloads\nota cistecon.pdf
2022-08-17 13:12 - 2022-08-17 13:12 - 000069808 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (13).pdf
2022-08-17 13:11 - 2022-08-17 13:12 - 000069808 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (12).pdf
2022-08-17 12:49 - 2022-08-17 12:49 - 000069808 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (11).pdf
2022-08-17 12:35 - 2022-08-17 12:35 - 000069808 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (10).pdf
2022-08-17 12:33 - 2022-08-17 12:33 - 000069808 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (9).pdf
2022-08-17 11:26 - 2022-08-17 11:26 - 000400544 _____ C:\Users\anapa\Downloads\NF devolução Cistecon.pdf
2022-08-17 10:51 - 2022-08-17 10:51 - 000032711 _____ C:\Users\anapa\Downloads\NF 122 - 17.08.2022.pdf
2022-08-17 09:50 - 2022-01-21 02:09 - 027896664 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
Can someone help me, please?
I am victim of Hijacking, supposedly.
My AV is Norton 360
Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-08-2022
Executado por anapa (administrador) em LAPTOP-0GB1CGFO (Acer Aspire A315-56) (05-09-2022 10:43:21)
Executando a partir de C:\Users\anapa\Desktop
Perfis Carregados: anapa
Plataforma: Microsoft Windows 11 Home Single Language Versão 21H2 22000.856 (X64) Idioma: Português (Brasil)
Navegador padrão: Edge
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.120.0.0_x86__sw1dyjdkns7gt\Flux\noshow.exe ->) (F.lux Software LLC) C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.120.0.0_x86__sw1dyjdkns7gt\Flux\flux.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxEMN.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\62.0.2.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (GoTrustID Inc -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(services.exe ->) (GOTrustID Inc.) [Arquivo não assinado] C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2fd56aca57cf42dd\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9d19662e01abea6b\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5802b1615520e41c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_42f9d9bfb72d84cf\RstMwService.exe
(services.exe ->) (INTELBRAS S.A. INDUSTRIA DE TELECOM ELETRONICA BRASILEIRA -> ) C:\Program Files\Intelbras\SIMNext\Local Recording Service\SIMNext.LocalRecording.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.22.7.14\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.22.7.14\nsWscSvc.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerResearchParticipation\EPCP.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD) C:\Program Files\Topaz OFD\Warsaw\core.exe <2>
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(sihost.exe ->) (F.lux Software LLC) C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.120.0.0_x86__sw1dyjdkns7gt\Flux\noshow.exe
(sihost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\anapa\AppData\Local\Microsoft\OneDrive\22.166.0807.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\anapa\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
==================== Registro (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138992 2020-08-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.2.0\GoogleDriveFS.exe [51140384 2022-08-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.2.0\GoogleDriveFS.exe [51140384 2022-08-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISME.EXE [418736 2019-08-21] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1001\...\Run: [MicrosoftEdgeAutoLaunch_E8E17842B4EB41B85685C49BBC998721] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5 [3795360 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1002\...\Run: [MonitorDFe] => c:\program files (x86)\fiscal.io\monitordfe\monitor.exe [9146152 2022-06-28] (FISCAL.IO TECNOLOGIA DA INFORMACAO LTDA -> Fiscal.io Ltda.)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1002\...\Run: [MicrosoftEdgeAutoLaunch_027A6B661089A77532D92A629B7B7745] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3507347688-3033051970-3887594329-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.2.0\GoogleDriveFS.exe [51140384 2022-08-15] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\62.0.2.0\GoogleDriveFS.exe [51140384 2022-08-15] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON L4160 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBSME.DLL [184832 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Arquivo não assinado]
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\WINDOWS\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor de Documentos Fiscais.lnk [2022-06-28]
ShortcutTarget: Monitor de Documentos Fiscais.lnk -> C:\Program Files (x86)\Fiscal.io\MonitorDFe\Monitor.exe (FISCAL.IO TECNOLOGIA DA INFORMACAO LTDA -> Fiscal.io Ltda.)
Startup: C:\Users\anapa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor de Documentos Fiscais.lnk [2022-09-02]
ShortcutTarget: Monitor de Documentos Fiscais.lnk -> C:\Program Files (x86)\Fiscal.io\MonitorDFe\Monitor.exe (FISCAL.IO TECNOLOGIA DA INFORMACAO LTDA -> Fiscal.io Ltda.)
==================== Tarefas Agendadas (Whitelisted) ============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {01A56FF1-4891-4811-8A59-6C7B0071A69A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {073ECC08-C16D-43EC-84B7-1F7A25DE327C} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.22.7.14\SymErr.exe [379064 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {0C62B181-27CC-47B1-B4A8-C0B2B7744677} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {15817C90-7483-414E-89AE-79B7096A2559} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-08-07] (Acer Incorporated -> Acer Incorporated)
Task: {26904A81-466E-405B-9C19-641D9891DF12} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {3207D4FD-44CA-451D-A7A1-367084589E98} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2020-09-17] (Acer Incorporated -> Microsoft)
Task: {414CFFD1-B65D-4152-9BA5-8648DFD6F146} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [217088 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {5596BEAD-AE61-4C23-A45B-85C6EFD83DCD} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-08-07] (Acer Incorporated -> Acer Incorporated)
Task: {56101458-465E-42B2-AEE5-DC8B92FE309A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5926AAE0-945E-4D17-93AF-9C61B4AF7AE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-26] (Google LLC -> Google LLC)
Task: {5E7B1DC1-58AA-45F9-BCBB-08266BF3A19C} - System32\Tasks\NortonLifeLock Trial Agent V2 => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NLOKTrialAgentV2.exe [461768 2020-12-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6C147247-2B10-4DD2-A9B3-588465A32B0C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E6BC31D-6C5F-4473-ACC3-BF892D9F8967} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.22.7.14\SymErr.exe [379064 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {6E744DE3-3641-49BB-91E1-3C2FC9B0A613} - System32\Tasks\AcerCMUpdateTask2.1.20250 => C:\Program Files (x86)\Acer\Amundsen\2.1.20250\AWC.exe [153128 2020-09-02] (Acer Incorporated -> )
Task: {70367DCC-E217-49AF-9159-E5EE02267346} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.3.48\SymErr.exe /analyze (Nenhum Arquivo)
Task: {897A7F80-A9E1-41CE-B2A9-F0CAC470111D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BA3E4D4-7164-4C13-9027-81154C76F3C1} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> )
Task: {90CC6EC9-ADE9-4EF6-B1DE-7013DB90A6A6} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {9490A815-6F4F-42CE-8127-9E058B62CF2D} - System32\Tasks\EPSON L4160 Series Update {5BA0180D-8769-445E-B010-36EDB27BB0DE} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSME.EXE [680440 2017-06-06] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {9844F6A0-82FF-4857-AD2B-01FA360E6D93} - System32\Tasks\FISCAL-MONITOR-UPDATER => C:\Program Files (x86)\Fiscal.io\MonitorDFe\Updater.exe [1432360 2022-06-28] (FISCAL.IO TECNOLOGIA DA INFORMACAO LTDA -> Fiscal.io Ltda.)
Task: {99047259-4D19-4DE0-A348-D38007746A68} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {A0C6C5B6-4891-4BCF-B71C-9EB68F7BD445} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> )
Task: {A0FCA86C-B79A-42B6-8B38-44E85B0B1391} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [217088 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {AC35D592-E888-48EA-903A-96A9E996D3B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-26] (Google LLC -> Google LLC)
Task: {B021F063-AB7A-4474-81BF-A2D086D2267F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {B491D335-F0EB-4CF5-9BC4-7B07FCE164BE} - System32\Tasks\App Explorer => C:\Users\anapa\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7887392 2022-04-22] (SweetLabs Inc -> SweetLabs, Inc) <==== ATENÇÃO
Task: {B621A3A0-CD6D-4868-AA81-5C1CB771D206} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C26343FE-7665-47C6-BA48-2EA9744CAA8F} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Processor => C:\Program Files\Norton Security\Engine\22.21.3.48\SymErr.exe /submit (Nenhum Arquivo)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (Nenhum Arquivo)
Task: {D256A4DC-3E67-48D1-BC12-86A8569A3A77} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Autofix => C:\Program Files\Norton Security\Engine\22.21.3.48\SymErr.exe /ui (Nenhum Arquivo)
Task: {E18D9702-C330-4835-A63C-299B08F20738} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> )
Task: {E62B02BB-EBAE-479A-B3A1-13E86FAE470E} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.22.7.14\WSCStub.exe [646520 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {E6AA5652-D1D6-4FCE-A911-BB73B87BB387} - System32\Tasks\Rerun Warsaw's CoreFixer => C:\Windows\TEMP\is-CHQGS.tmp\corefixer.exe /norerun (Nenhum Arquivo) <==== ATENÇÃO
Task: {EEE3FFE6-C6C7-443E-915D-971E7C642FFC} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-12] (Acer Incorporated -> )
Task: {F32E370B-63B3-4B67-A199-9B64D22CD1DF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {FD50728D-CABA-448A-89B2-6970C52BC066} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDF77A7F-AA28-4E85-9F95-1A4AB94DF57E} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.22.7.14\SymErr.exe [379064 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON L4160 Series Update {5BA0180D-8769-445E-B010-36EDB27BB0DE}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSSME.EXE:/EXE:{5BA0180D-8769-445E-B010-36EDB27BB0DE} /F:UpdateWORKGROUP\LAPTOP-0GB1CGFO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 177.126.131.55 1.1.1.1
Tcpip\..\Interfaces\{08e54f51-cffc-4c85-b8bd-0c0d8ea66269}: [DhcpNameServer] 177.126.131.55 1.1.1.1
Tcpip\..\Interfaces\{456ee682-68a3-4fe4-b772-0e6cf5248012}: [DhcpNameServer] 177.126.131.55 1.1.1.1
Edge:
=======
Edge Profile: C:\Users\anapa\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-05]
Edge Notifications: Default -> hxxps://neurocienciaparaterapeutas2.club.hotmart.com
Edge HomePage: Default -> hxxp://www.msn.com/?pc=ACTE
FireFox:
========
FF DefaultProfile: egum2ekz.default
FF ProfilePath: C:\Users\anapa\AppData\Roaming\Mozilla\Firefox\Profiles\egum2ekz.default [2021-05-24]
FF ProfilePath: C:\Users\anapa\AppData\Roaming\Mozilla\Firefox\Profiles\xoskxgms.default-release [2022-09-05]
FF Extension: (Amazon Assistant) - C:\Users\anapa\AppData\Roaming\Mozilla\Firefox\Profiles\xoskxgms.default-release\Extensions\abb-acer@amazon.com.xpi [2021-08-13] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Português (pt-BR) Language Pack) - C:\Users\anapa\AppData\Roaming\Mozilla\Firefox\Profiles\xoskxgms.default-release\Extensions\langpack-pt-BR@firefox.mozilla.org.xpi [2021-09-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files (x86)\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-06-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3507347688-3033051970-3887594329-1002: gastecnologia.com.br/sf/cef -> C:\Users\anapa\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (Caixa Econômica Federal -> GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3507347688-3033051970-3887594329-1002: gastecnologia.com.br/sf/cef64 -> C:\Users\anapa\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (Caixa Econômica Federal -> GAS Tecnologia)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2022-09-05]
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default [2022-09-02]
CHR Notifications: Default -> hxxps://www.madeiramadeira.com.br; hxxps://www.netflix.com
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR DefaultSearchURL: Default -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=pt_br&q={searchTerms}
CHR Extension: (Gmail Entrar) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aikdmpdmpklompbpohmlfjbeohaiholh [2021-11-23]
CHR Extension: (Norton Safe Web) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2022-09-02]
CHR Extension: (Documentos Google off-line) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-02]
CHR Extension: (Norton Safe) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2022-05-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-15]
CHR Profile: C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-09-05]
CHR Profile: C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-09-05]
CHR Notifications: Profile 1 -> hxxps://meet.google.com; hxxps://portal.fazenda.sp.gov.br; hxxps://www.enjoei.com.br; hxxps://www.facebook.com; hxxps://www.passagenspromo.com.br
CHR Session Restore: Profile 1 -> está habilitado.
CHR Extension: (Documentos Google off-line) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-26]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\anapa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-10]
CHR Profile: C:\Users\anapa\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-05]
==================== Serviços (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12126112 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [685496 2021-04-26] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 FISCAL-MONITOR-UPDATER; C:\Program Files (x86)\Fiscal.io\MonitorDFe\updater.exe [1432360 2022-06-28] (FISCAL.IO TECNOLOGIA DA INFORMACAO LTDA -> Fiscal.io Ltda.)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [15360 2020-09-08] (GOTrustID Inc.) [Arquivo não assinado]
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [336992 2020-09-08] (GoTrustID Inc -> GOTrustID Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [224320 2022-08-25] (HP Inc. -> HP Inc.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.22.7.14\NortonSecurity.exe [344888 2022-08-11] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.22.7.14\nsWscSvc.exe [1059176 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
S4 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R2 SIMNextLocalRecording; C:\Program Files\Intelbras\SIMNext\Local Recording Service\SIMNext.LocalRecording.exe [54280 2022-05-18] (INTELBRAS S.A. INDUSTRIA DE TELECOM ELETRONICA BRASILEIRA -> )
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14585248 2022-06-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [326184 2020-08-09] (Acer Incorporated -> Acer Incorporated)
R2 Warsaw Technology; C:\Program Files\Topaz OFD\Warsaw\core.exe [1004448 2022-04-12] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\anapa\AppData\Roaming\Zoom"
===================== Drivers (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [31896 2021-08-08] (Acer Incorporated -> Acer Incorporated)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\BASHDefs\20220901.011\BHDrvx64.sys [1672672 2022-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Arquivo não assinado]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\ccSetx64.sys [198336 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\IPSDefs\20220902.061\IDSvia64.sys [1515496 2022-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\nsvst.sys [57104 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\SRTSP64.SYS [956088 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\SRTSPX64.SYS [52920 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\SYMEFASI64.SYS [2092736 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\SymELAM.sys [36080 2022-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [722400 2022-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\Ironx64.SYS [306880 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\symnets.sys [490704 2022-08-11] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616070.00E\wpCtrlDrv.sys [1016792 2022-08-11] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [47800 2022-09-05] (Gas Informatica Ltda -> GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [51160 2021-05-21] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [34768 2021-05-21] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [36768 2022-02-25] (TPZ SOLUCOES DIGITAIS LTDA -> Topaz OFD)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três meses (criados) (Whitelisted) =========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2022-09-05 10:43 - 2022-09-05 10:44 - 000032238 _____ C:\Users\anapa\Desktop\FRST.txt
2022-09-05 10:42 - 2022-09-05 10:43 - 000000000 ____D C:\FRST
2022-09-05 10:42 - 2022-08-26 11:46 - 002371072 _____ (Farbar) C:\Users\anapa\Desktop\FRST64.exe
2022-09-05 10:39 - 2022-09-05 10:44 - 000000000 ____D C:\Users\anapa\Desktop\Drive
2022-09-05 10:27 - 2022-09-05 10:40 - 000298354 _____ C:\WINDOWS\ntbtlog.txt
2022-09-05 10:27 - 2022-09-05 10:30 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-09-03 19:31 - 2022-09-03 19:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-09-02 17:09 - 2022-09-02 17:09 - 000010491 _____ C:\Users\anapa\Downloads\2000004090276648.pdf
2022-09-02 16:19 - 2022-09-02 16:19 - 000101974 _____ C:\Users\anapa\Downloads\Cistecon - Sistema de Alarme (2).pdf
2022-09-02 16:19 - 2022-09-02 16:19 - 000093931 _____ C:\Users\anapa\Downloads\Cistecon - Sistema de Cameras (2).pdf
2022-09-02 16:11 - 2022-09-02 16:11 - 000118322 _____ C:\Users\anapa\Downloads\OS607 CISTECON.pdf
2022-09-02 16:10 - 2022-09-02 16:10 - 000115648 _____ C:\Users\anapa\Downloads\OS606 CISTECON.pdf
2022-09-02 13:41 - 2022-09-02 13:41 - 000030791 _____ C:\Users\anapa\Downloads\GiS_Orc_1406.pdf
2022-09-02 12:08 - 2022-09-02 12:08 - 000002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intelbras Media Player.lnk
2022-09-02 12:08 - 2022-09-02 12:08 - 000002113 _____ C:\Users\anapa\Downloads\Intelbras Media Player.lnk
2022-09-02 12:08 - 2022-09-02 12:08 - 000002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intelbras SIM Next.lnk
2022-09-02 12:08 - 2022-09-02 12:08 - 000002000 _____ C:\Users\Public\Desktop\Intelbras SIM Next.lnk
2022-09-02 12:06 - 2022-09-02 12:07 - 302435538 _____ C:\Users\anapa\Downloads\sim-next-1-20-5.zip
2022-09-02 11:31 - 2022-09-02 11:31 - 000041872 _____ C:\Users\anapa\Downloads\NF-e 30.675 (1).pdf
2022-09-02 11:30 - 2022-09-02 11:30 - 000013838 _____ C:\Users\anapa\Downloads\CTeCSL665669.pdf
2022-09-02 09:34 - 2022-09-02 09:34 - 000041872 _____ C:\Users\anapa\Downloads\NF-e 30.675.pdf
2022-09-02 09:12 - 2022-09-02 09:12 - 000143149 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-09-02T091240.254.pdf
2022-09-01 15:51 - 2022-09-01 15:51 - 000000470 _____ C:\Users\anapa\Downloads\exportacao_ocorrencias.txt
2022-09-01 15:51 - 2022-09-01 15:51 - 000000470 _____ C:\Users\anapa\Downloads\exportacao_ocorrencias (1).txt
2022-09-01 15:29 - 2022-09-01 15:29 - 000394240 _____ (Google Inc.) C:\Users\anapa\Downloads\gcapi.dll
2022-09-01 15:15 - 2022-09-01 15:15 - 000103764 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.187 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-09-01 14:55 - 2022-09-01 14:55 - 000103923 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.187 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-09-01 13:49 - 2022-09-01 13:49 - 000033122 _____ C:\Users\anapa\Downloads\IM-00079892 NFSe-000166 (1).pdf
2022-09-01 11:47 - 2022-09-01 11:47 - 000062010 _____ C:\Users\anapa\Downloads\sicredi_1662037981508.pdf
2022-09-01 11:42 - 2022-09-01 11:42 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (6).pdf
2022-09-01 11:40 - 2022-09-01 11:40 - 000103492 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.184 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (2).pdf
2022-09-01 11:40 - 2022-09-01 11:40 - 000102715 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.185 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (2).pdf
2022-09-01 11:00 - 2022-09-01 11:00 - 000275792 _____ C:\Users\anapa\Downloads\WhatsApp Image 2022-08-30 at 17.35.30 (2).jpeg
2022-09-01 10:59 - 2022-09-01 10:59 - 000103492 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.184 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-09-01 10:59 - 2022-09-01 10:59 - 000102715 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.185 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-08-31 15:31 - 2022-08-31 15:31 - 000102715 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.185 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-08-31 15:30 - 2022-08-31 15:30 - 000103492 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.184 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-08-31 14:13 - 2022-08-31 14:13 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (5).pdf
2022-08-31 14:11 - 2022-08-31 14:11 - 000073124 _____ C:\Users\anapa\Downloads\Cistecon 265839 (2).pdf
2022-08-31 10:31 - 2022-08-31 10:31 - 000144512 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-31T103127.877.pdf
2022-08-31 10:24 - 2022-08-31 10:24 - 000275792 _____ C:\Users\anapa\Downloads\WhatsApp Image 2022-08-30 at 17.35.30 (1).jpeg
2022-08-31 10:24 - 2022-08-31 10:24 - 000090295 _____ C:\Users\anapa\Downloads\Cistecon (48).pdf
2022-08-30 17:58 - 2022-08-30 17:58 - 000090295 _____ C:\Users\anapa\Downloads\Cistecon (47).pdf
2022-08-30 17:53 - 2022-08-30 17:53 - 000090295 _____ C:\Users\anapa\Downloads\Cistecon (46).pdf
2022-08-30 17:41 - 2022-08-30 17:41 - 000275792 _____ C:\Users\anapa\Downloads\WhatsApp Image 2022-08-30 at 17.35.30.jpeg
2022-08-30 17:10 - 2022-08-30 17:10 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (4).pdf
2022-08-30 16:16 - 2022-08-30 16:16 - 000090295 _____ C:\Users\anapa\Downloads\Cistecon (45).pdf
2022-08-30 15:31 - 2022-08-30 15:31 - 000042830 _____ C:\Users\anapa\Downloads\NF-e 30.660.pdf
2022-08-30 15:31 - 2022-08-30 15:31 - 000042283 _____ C:\Users\anapa\Downloads\NF-e 30.661.pdf
2022-08-30 11:41 - 2022-08-30 11:41 - 001349245 _____ C:\Users\anapa\Downloads\Belton - Folder NCS e NCP 2022.pdf
2022-08-30 09:37 - 2022-09-02 12:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-08-29 14:06 - 2022-08-29 14:06 - 001847027 _____ C:\Users\anapa\Downloads\guia-cartao-virtual-unimed-campinas (1).pdf
2022-08-29 13:52 - 2022-08-29 13:52 - 001847027 _____ C:\Users\anapa\Downloads\guia-cartao-virtual-unimed-campinas.pdf
2022-08-29 11:29 - 2022-08-29 11:29 - 000142663 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-29T112938.740.pdf
2022-08-29 10:50 - 2022-08-29 10:50 - 000014329 _____ C:\Users\anapa\Downloads\OS_841435_005.pdf
2022-08-26 20:44 - 2022-09-03 19:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2022-08-26 20:38 - 2022-08-29 10:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-08-26 20:38 - 2022-08-26 20:38 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2022-08-26 16:55 - 2022-08-26 16:55 - 000031034 _____ C:\Users\anapa\Downloads\CISTECON 26.08.2022.pdf
2022-08-26 15:59 - 2022-08-26 15:59 - 000008264 _____ C:\Users\anapa\Downloads\2000004103897066.pdf
2022-08-26 14:16 - 2022-08-26 14:16 - 000073124 _____ C:\Users\anapa\Downloads\Cistecon 265839 (1).pdf
2022-08-26 13:56 - 2022-08-26 13:56 - 000011730 _____ C:\Users\anapa\Downloads\CISTECON 944 (2).pdf
2022-08-26 13:49 - 2022-08-26 13:49 - 000073305 _____ C:\Users\anapa\Downloads\Cistecon 265839.pdf
2022-08-26 11:20 - 2022-08-26 11:20 - 000046301 _____ C:\Users\anapa\Downloads\Orçamento - Cistecom - 26-08-22 (1) (1).pdf
2022-08-26 11:06 - 2022-08-26 11:06 - 000011730 _____ C:\Users\anapa\Downloads\CISTECON 944 (1).pdf
2022-08-26 11:04 - 2022-08-26 11:04 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (3).pdf
2022-08-26 11:04 - 2022-08-26 11:04 - 000046301 _____ C:\Users\anapa\Downloads\Orçamento - Cistecom - 26-08-22 (1).pdf
2022-08-26 10:52 - 2022-08-26 10:52 - 000007690 _____ C:\Users\anapa\Downloads\comprovantes (4).pdf
2022-08-26 10:42 - 2022-08-26 10:42 - 000143174 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-26T104203.525.pdf
2022-08-26 10:07 - 2022-08-26 10:07 - 000130578 _____ C:\Users\anapa\Downloads\WhatsApp Image 2022-08-26 at 10.07.25.jpeg
2022-08-25 18:13 - 2022-08-25 18:13 - 001430908 _____ C:\Users\anapa\Downloads\Comprovante de Endereço Ana (1).pdf
2022-08-25 18:11 - 2022-08-25 18:11 - 001430908 _____ C:\Users\anapa\Downloads\Comprovante de Endereço Ana.pdf
2022-08-25 15:18 - 2022-08-25 15:18 - 000045938 _____ C:\Users\anapa\Downloads\Orçamento - Cistecom - 25-08-22 (1).pdf
2022-08-25 12:28 - 2022-08-25 12:28 - 000007728 _____ C:\Users\anapa\Downloads\comprovantes (3).pdf
2022-08-25 11:21 - 2022-08-25 11:21 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (2).pdf
2022-08-25 11:21 - 2022-08-25 11:21 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-08-25 11:17 - 2022-08-25 11:17 - 000106784 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.156 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-08-25 10:47 - 2022-08-25 10:47 - 000011730 _____ C:\Users\anapa\Downloads\CISTECON 944.pdf
2022-08-25 10:05 - 2022-08-25 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Acer
2022-08-24 16:06 - 2022-08-24 16:06 - 000148651 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.153 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-08-24 14:55 - 2022-08-24 14:55 - 000011746 _____ C:\Users\anapa\Downloads\CISTECON 941 (1).pdf
2022-08-24 13:58 - 2022-08-24 13:58 - 000434646 _____ C:\Users\anapa\Downloads\Prestação de Serviço em Desacordo.pdf
2022-08-24 13:43 - 2022-08-24 13:43 - 000008166 _____ C:\Users\anapa\Downloads\35220844914992000138570010363279231363279233.xml
2022-08-24 13:10 - 2022-08-24 13:10 - 000011746 _____ C:\Users\anapa\Downloads\CISTECON 941.pdf
2022-08-24 12:07 - 2022-08-24 12:07 - 000030687 _____ C:\Users\anapa\Downloads\2000004091627274.pdf
2022-08-24 12:07 - 2022-08-24 12:07 - 000008038 _____ C:\Users\anapa\Downloads\2000004091629292.pdf
2022-08-24 12:06 - 2022-08-24 12:06 - 000142943 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-24T120654.622.pdf
2022-08-24 11:58 - 2022-08-24 11:58 - 000148651 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.153 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-08-24 11:34 - 2022-08-24 11:34 - 000063012 _____ C:\Users\anapa\Downloads\Cistecon (44).pdf
2022-08-24 11:22 - 2022-08-24 11:22 - 000063285 _____ C:\Users\anapa\Downloads\Cistecon (43).pdf
2022-08-24 11:14 - 2022-08-24 11:14 - 000063285 _____ C:\Users\anapa\Downloads\Cistecon (42).pdf
2022-08-23 16:50 - 2022-08-23 16:50 - 000144454 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-23T165000.726.pdf
2022-08-23 13:02 - 2022-08-23 13:02 - 000619409 _____ C:\Users\anapa\Downloads\1118 (3).pdf
2022-08-23 12:58 - 2022-08-23 12:58 - 000619409 _____ C:\Users\anapa\Downloads\1118 (2).pdf
2022-08-23 12:56 - 2022-08-23 12:57 - 000619409 _____ C:\Users\anapa\Downloads\1118 (1).pdf
2022-08-23 12:56 - 2022-08-23 12:56 - 000619409 _____ C:\Users\anapa\Downloads\1118.pdf
2022-08-23 11:41 - 2022-08-23 11:41 - 000087123 _____ C:\Users\anapa\Downloads\KMDS CONSULTORIA LTDA - NF 16 (1).pdf
2022-08-23 11:39 - 2022-08-23 11:39 - 000069021 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (14).pdf
2022-08-23 09:56 - 2022-08-23 09:56 - 000020904 _____ C:\Users\anapa\Downloads\OS 4859.pdf
2022-08-22 11:25 - 2022-08-22 11:25 - 000101133 _____ C:\Users\anapa\Downloads\Cistecon - Cerca Elétrica (1).pdf
2022-08-22 11:24 - 2022-08-22 11:24 - 000093931 _____ C:\Users\anapa\Downloads\Cistecon - Sistema de Cameras (1).pdf
2022-08-22 11:23 - 2022-08-22 11:23 - 000101974 _____ C:\Users\anapa\Downloads\Cistecon - Sistema de Alarme (1).pdf
2022-08-19 15:34 - 2022-08-19 15:34 - 000014750 _____ C:\Users\anapa\Downloads\00004976 - CISTECON (3).pdf
2022-08-19 15:15 - 2022-08-19 15:15 - 000014750 _____ C:\Users\anapa\Downloads\00004976 - CISTECON (2).pdf
2022-08-19 15:12 - 2022-08-19 15:12 - 000400544 _____ C:\Users\anapa\Downloads\NF devolução Cistecon (4).pdf
2022-08-19 15:06 - 2022-08-19 15:06 - 000400544 _____ C:\Users\anapa\Downloads\NF devolução Cistecon (3).pdf
2022-08-19 14:56 - 2022-08-19 14:56 - 000014750 _____ C:\Users\anapa\Downloads\00004976 - CISTECON (1).pdf
2022-08-19 14:51 - 2022-08-19 14:51 - 000014750 _____ C:\Users\anapa\Downloads\00004976 - CISTECON.pdf
2022-08-19 14:47 - 2022-08-19 14:47 - 000014172 _____ C:\Users\anapa\Downloads\NF 724 - 08.08.2022 (1).pdf
2022-08-19 14:30 - 2022-08-19 14:30 - 000018837 _____ C:\Users\anapa\Downloads\841435.pdf
2022-08-19 13:54 - 2022-08-19 13:54 - 000108355 _____ C:\Users\anapa\Downloads\PF - 2514 - CISTECON (1).pdf
2022-08-19 13:32 - 2022-08-19 13:32 - 000062447 _____ C:\Users\anapa\Downloads\sicredi_1660922517872.pdf
2022-08-19 13:14 - 2022-08-19 13:14 - 000048348 _____ C:\Users\anapa\Downloads\WhatsApp Image 2022-08-19 at 13.14.32.jpeg
2022-08-19 12:23 - 2022-08-19 12:23 - 000018211 _____ C:\Users\anapa\Downloads\2917052 (1).pdf
2022-08-19 12:16 - 2022-08-19 12:16 - 000018211 _____ C:\Users\anapa\Downloads\2917052.pdf
2022-08-19 11:57 - 2022-08-19 11:57 - 000083395 _____ C:\Users\anapa\Downloads\NF Mercado Pago 14_08_2022 .pdf
2022-08-19 11:51 - 2022-08-19 11:51 - 000013499 _____ C:\Users\anapa\Downloads\NF Tray 15_08_2022 .pdf
2022-08-19 11:49 - 2022-08-19 11:49 - 000085144 _____ C:\Users\anapa\Downloads\NF Ebazar 13_08_2022 .pdf
2022-08-19 11:49 - 2022-08-19 11:49 - 000016273 _____ C:\Users\anapa\Downloads\Nfe Ubersuggest - 10_08_2022.pdf
2022-08-19 11:03 - 2022-08-19 11:03 - 000100782 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.124 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA (1).pdf
2022-08-18 17:47 - 2022-08-18 17:48 - 000108355 _____ C:\Users\anapa\Downloads\PF - 2514 - CISTECON.pdf
2022-08-18 17:08 - 2022-08-18 17:08 - 000031025 _____ C:\Users\anapa\Downloads\GiS_Cot_494.pdf
2022-08-18 16:54 - 2022-08-18 16:54 - 000106764 _____ C:\Users\anapa\Downloads\IR 3208 07.2022 comprovante.pdf
2022-08-18 16:54 - 2022-08-18 16:54 - 000106750 _____ C:\Users\anapa\Downloads\IR 3208 04.2022 comprovante.pdf
2022-08-18 16:54 - 2022-08-18 16:54 - 000106749 _____ C:\Users\anapa\Downloads\IR 3208 06.2022 comprovante.pdf
2022-08-18 16:54 - 2022-08-18 16:54 - 000106744 _____ C:\Users\anapa\Downloads\IR 3208 05.2022 comprovante.pdf
2022-08-18 16:24 - 2022-08-18 16:24 - 000100782 _____ C:\Users\anapa\Downloads\ORÇAMENTO 31.124 - CISTECON COMERCIO E PRESTACAO DE SERVICOS LTDA.pdf
2022-08-18 14:25 - 2022-08-18 14:25 - 000051019 _____ C:\Users\anapa\Downloads\Termo_de_acordo18_08_2022_14_24.pdf
2022-08-18 14:17 - 2022-08-18 14:17 - 000051029 _____ C:\Users\anapa\Downloads\Termo_de_acordo18_08_2022_14_17.pdf
2022-08-18 14:08 - 2022-08-18 14:08 - 000043640 _____ C:\Users\anapa\Downloads\Levantamento_de_debitos_18_08_2022_14_08.pdf
2022-08-18 13:49 - 2022-08-18 13:49 - 000080063 _____ C:\Users\anapa\Downloads\comprovante_pix (49).pdf
2022-08-18 12:49 - 2022-08-18 12:49 - 000143191 _____ C:\Users\anapa\Downloads\relatorioFrancesinha - 2022-08-18T124952.113.pdf
2022-08-18 11:38 - 2022-08-18 11:38 - 000030394 _____ C:\Users\anapa\Downloads\19899 - CISTECON COMÉRCIO E PRESTAÇÃO DE SERVIÇO - R$ 190,00 (1).pdf
2022-08-18 11:32 - 2022-08-18 11:32 - 000030394 _____ C:\Users\anapa\Downloads\19899 - CISTECON COMÉRCIO E PRESTAÇÃO DE SERVIÇO - R$ 190,00.pdf
2022-08-18 10:29 - 2022-08-18 10:29 - 000014172 _____ C:\Users\anapa\Downloads\NF 724 - 08.08.2022.pdf
2022-08-18 10:28 - 2022-08-18 10:28 - 000400544 _____ C:\Users\anapa\Downloads\NF devolução Cistecon (2).pdf
2022-08-18 10:00 - 2022-08-18 10:00 - 000400544 _____ C:\Users\anapa\Downloads\NF devolução Cistecon (1).pdf
2022-08-18 09:51 - 2022-08-18 09:51 - 001038565 _____ C:\Users\anapa\Downloads\Cistecon - ago22 (13).pdf
2022-08-18 09:45 - 2022-08-18 09:45 - 000037198 _____ C:\Users\anapa\Downloads\NF 746 - 17.08.2022.pdf
2022-08-17 13:52 - 2022-08-17 13:52 - 000030994 _____ C:\Users\anapa\Downloads\nota cistecon.pdf
2022-08-17 13:12 - 2022-08-17 13:12 - 000069808 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (13).pdf
2022-08-17 13:11 - 2022-08-17 13:12 - 000069808 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (12).pdf
2022-08-17 12:49 - 2022-08-17 12:49 - 000069808 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (11).pdf
2022-08-17 12:35 - 2022-08-17 12:35 - 000069808 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (10).pdf
2022-08-17 12:33 - 2022-08-17 12:33 - 000069808 _____ C:\Users\anapa\Downloads\292699 04.08.2022 (9).pdf
2022-08-17 11:26 - 2022-08-17 11:26 - 000400544 _____ C:\Users\anapa\Downloads\NF devolução Cistecon.pdf
2022-08-17 10:51 - 2022-08-17 10:51 - 000032711 _____ C:\Users\anapa\Downloads\NF 122 - 17.08.2022.pdf
2022-08-17 09:50 - 2022-01-21 02:09 - 027896664 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll