Resultado da análise adicional Farbar Recovery Scan Tool (x64) Versão: 14-11-2021 Executado por gusta (18-11-2021 10:11:31) Executando a partir de C:\Users\gusta\Desktop Microsoft Windows 10 Pro Versão 21H1 19043.1266 (X64) (2020-12-08 04:16:57) Modo da Inicialização: Normal ========================================================== ==================== Contas: ============================= (Se uma entrada for incluída na fixlist, será removida.) Administrador (S-1-5-21-2175380699-2852125328-1652107485-500 - Administrator - Disabled) Convidado (S-1-5-21-2175380699-2852125328-1652107485-501 - Limited - Disabled) DefaultAccount (S-1-5-21-2175380699-2852125328-1652107485-503 - Limited - Disabled) gusta (S-1-5-21-2175380699-2852125328-1652107485-1001 - Administrator - Enabled) => C:\Users\gusta WDAGUtilityAccount (S-1-5-21-2175380699-2852125328-1652107485-504 - Limited - Disabled) ==================== Central de Segurança ======================== (Se uma entrada for incluída na fixlist, será removida.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Programas Instalados ====================== (Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.) AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.15.07.2229 - Advanced Micro Devices, Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.10.1 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{c370a4bd-5e86-489d-b1a5-54ceee532d20}) (Version: 2.15.07.2229 - Advanced Micro Devices, Inc.) Hidden AutoHotkey 1.1.33.02 (HKLM\...\AutoHotkey) (Version: 1.1.33.02 - Lexikos) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts) Battlefield™ 2042 (HKLM-x32\...\{45e281f3-1414-47ea-bb64-4f50d50121f3}) (Version: 1.0.70.61447 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) Componente de Segurança Bradesco (HKLM-x32\...\scpbrad) (Version: 1.0.0 - Banco Bradesco S.A.) CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.) CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.) Discord (HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.) EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.160.5040 - Electronic Arts) Hidden EA app (HKLM-x32\...\{25735b1f-945f-410e-bd5b-f03f77cfe381}) (Version: 12.0.160.5040 - Electronic Arts) Epic Games Launcher (HKLM-x32\...\{734ABDC9-B5B3-486A-8C56-D52FBFA5B08B}) (Version: 1.1.298.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) FIFA 21 (HKLM-x32\...\{A918ACE7-A83B-41F4-8746-AEF8DC821879}) (Version: 1.0.72.32477 - Electronic Arts) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.11.8744 - Logitech) Microsoft .NET Runtime - 5.0.12 (x64) (HKLM-x32\...\{5bd6ae15-bcab-4509-86af-c5dfc54b60d7}) (Version: 5.0.12.30622 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.53 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.53 - Microsoft Corporation) Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.12 (x64) (HKLM-x32\...\{ce8037d8-35f7-4142-ad18-23609ac5db17}) (Version: 5.0.12.30623 - Microsoft Corporation) MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.0.1 - OBS Project) Opera GX Stable 80.0.4170.91 (HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\Opera GX 80.0.4170.91) (Version: 80.0.4170.91 - Opera Software) Origin (HKLM-x32\...\Origin) (Version: 10.5.106.49298 - Electronic Arts, Inc.) Pacote de Driver do Windows - Adafruit Industries LLC (usbser) Ports (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC) Pacote de Driver do Windows - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc)) Pacote de Driver do Windows - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc)) Pacote de Driver do Windows - libusb-win32 (libusb0) libusb-win32 devices (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32) Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8619 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.48.510 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.2 - Rockstar Games) RyzenMasterSDK (HKLM\...\{3C0CD96E-6721-4933-95BC-36E43F9A4244}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden Shotcut (HKLM\...\Shotcut) (Version: 21.03.21 - Meltytech, LLC) Spotify (HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\Spotify) (Version: 1.1.72.439.gc253025e - Spotify AB) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 117.0.10324 - Ubisoft) Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft) WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH) Packages: ========= Back 4 Blood -> C:\Program Files\WindowsApps\WarnerBros.Interactive.e172091a-6630-4ff3-959f-830_1.2.14.0_x64__ktmk1xygcecda [2021-11-06] (0) Complemento do Mecanismo de Mídia de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-10] (Microsoft Corporation) Forza Horizon 5 -> C:\Program Files\WindowsApps\Microsoft.624F8B84B80_3.410.860.0_x64__8wekyb3d8bbwe [2021-11-17] (Microsoft Studios) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-28] (Microsoft Studios) [MS Ad] ==================== Análise Personalizada CLSID (Whitelisted): ============== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-10-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Arquivo não assinado] HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Arquivo não assinado] ==================== Atalhos & WMI ======================== ==================== Módulos Carregados (Whitelisted) ============= 2021-11-03 18:33 - 2021-11-02 17:55 - 000635904 _____ () [Arquivo não assinado] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node 2021-09-29 00:33 - 2021-09-29 00:33 - 018143744 _____ () [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\avcodec-58.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000017920 _____ () [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\libEGL.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 003567616 _____ () [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2021-09-29 00:32 - 2021-09-29 00:32 - 001711616 _____ (Advanced Micro Devices, Inc.) [Arquivo não assinado] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll 2017-09-05 00:15 - 2017-09-05 00:15 - 004396032 _____ (Microsoft Corporation) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\D3DCompiler_47.dll 2021-05-19 21:07 - 2021-05-19 21:07 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] D:\Program Files (x86)\Origin\LIBEAY32.dll 2021-05-19 21:07 - 2021-05-19 21:07 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] D:\Program Files (x86)\Origin\ssleay32.dll 2021-11-17 16:06 - 2021-11-17 16:06 - 002815488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] D:\Program Files\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll 2021-11-17 16:06 - 2021-11-17 16:06 - 000678400 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Arquivo não assinado] D:\Program Files\EA Desktop\EA Desktop\libssl-1_1-x64.dll 2021-05-19 21:07 - 2021-05-19 21:07 - 001611264 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Program Files (x86)\Origin\platforms\qwindows.dll 2021-10-22 21:00 - 2021-05-19 21:07 - 005487104 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Program Files (x86)\Origin\Qt5Core.dll 2021-10-22 21:00 - 2021-05-19 21:07 - 005841920 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Program Files (x86)\Origin\Qt5Gui.dll 2021-10-22 21:00 - 2021-05-19 21:07 - 001179136 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Program Files (x86)\Origin\Qt5Network.dll 2021-10-22 21:00 - 2021-05-19 21:07 - 000146432 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Program Files (x86)\Origin\Qt5WebSockets.dll 2021-10-22 21:00 - 2021-05-19 21:07 - 005089792 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Program Files (x86)\Origin\Qt5Widgets.dll 2021-10-22 21:00 - 2021-05-19 21:07 - 000184832 _____ (The Qt Company Ltd) [Arquivo não assinado] D:\Program Files (x86)\Origin\Qt5Xml.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000057856 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000031744 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000039424 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000031232 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000415232 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000025088 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000025088 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000023552 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000532992 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 001455104 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 001227776 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000135680 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 006270976 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 006947328 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000740352 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000123392 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 001110528 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000326656 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 003798528 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000440832 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000054784 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 004255744 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000171520 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 001128448 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000206336 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000334336 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000133120 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000396800 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 102854656 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 005611008 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000463360 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000210432 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 002877440 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000056832 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000059392 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000267776 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000017408 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000017920 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000290816 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000336896 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000134144 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000106496 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000325120 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000045568 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2021-04-21 03:46 - 2021-04-21 03:46 - 000093184 _____ (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll 2021-11-17 16:06 - 2021-11-17 16:06 - 000046592 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Program Files\EA Desktop\EA Desktop\bearer\qgenericbearer.dll 2021-11-17 16:06 - 2021-11-17 16:06 - 006270976 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Program Files\EA Desktop\EA Desktop\Qt5Core.dll 2021-11-17 16:06 - 2021-11-17 16:06 - 001389568 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Program Files\EA Desktop\EA Desktop\Qt5Network.dll 2021-11-17 16:06 - 2021-11-17 16:06 - 000157184 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Program Files\EA Desktop\EA Desktop\Qt5WebSockets.dll 2021-11-17 16:06 - 2021-11-17 16:06 - 000210432 _____ (The Qt Company Ltd.) [Arquivo não assinado] D:\Program Files\EA Desktop\EA Desktop\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== (Se uma entrada for incluída na fixlist, somente o ADS será removido.) AlternateDataStreams: C:\Users\gusta\Dados de Aplicativos:287c499808bcff52a39d16f78044882a [394] AlternateDataStreams: C:\Users\gusta\AppData\Roaming:287c499808bcff52a39d16f78044882a [394] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [4304] ==================== Modo de Segurança (Whitelisted) ================== ==================== Associação (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKU\S-1-5-21-2175380699-2852125328-1652107485-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 SearchScopes: HKU\S-1-5-21-2175380699-2852125328-1652107485-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts Conteúdo: ========================= (Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.) 2019-12-07 06:14 - 2019-12-07 06:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Outras Áreas =========================== (Atualmente não há nenhuma correção automática para esta seção.) HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\gusta\Desktop\pexels-pixabay-164357.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall do Windows está habilitado. ==================== MSCONFIG/TASK MANAGER ítens desabilitados == (Se uma entrada for incluída na fixlist, será removida.) HKLM\...\StartupApproved\Run32: => "GK6XPlus Driver" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\StartupApproved\StartupFolder: => "Peace.lnk" HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\StartupApproved\Run: => "OneDriveSetup" HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant" HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\StartupApproved\Run: => "InputMapper" HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\StartupApproved\Run: => "Spotify" ==================== Regras do Firewall (Whitelisted) ================ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) FirewallRules: [{B0D26B7F-B8F4-41E1-999C-5A774B2526C3}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{614DCBA4-C18B-4F40-9273-9974BB458217}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation) FirewallRules: [{9B565E4E-E59B-4C27-9631-AD7709E3A562}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{C19C52E0-D20D-420B-92D0-F8408D1EC56B}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{F0028BA0-48CB-42AD-90A1-81EED2B8F0E9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [{E9B0EF05-BF89-4CB7-9578-D7BB706465C8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [TCP Query User{76E84DF1-0A09-446D-B645-AEC5AB12E4B4}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{994A0528-F0AA-49D4-AF26-3EFF027695BB}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{4D606421-27CE-4F40-9E63-BCBA3019DBFE}D:\battle.net\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battle.net\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [UDP Query User{22A83172-F1E5-4284-AF9A-3747C8B7B7CB}D:\battle.net\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battle.net\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [TCP Query User{CA34E06C-1D18-4E92-B5C9-F1EFCCE0CC33}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query User{B02B13B6-8FA8-4274-BF4F-BAF3C67F96F2}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User{D8377D5D-92B2-4DE5-983B-78BF329B7F39}D:\program files (x86)\steam\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [Arquivo não assinado] FirewallRules: [UDP Query User{FC931994-3806-4714-8C05-BB5D7344356F}D:\program files (x86)\steam\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{788D12AC-4EAF-432F-9428-E3565B5D5773}D:\program files (x86)\origin games\battlefield 4\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [UDP Query User{971D5967-2C09-43EA-809B-B37301E4C880}D:\program files (x86)\origin games\battlefield 4\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{BEABB8E6-48D5-4CA8-99F6-68D4062E60D2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{9AEAC2DD-B3B6-4B24-8E0C-1041CB1FAA8A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [{A8DE2D9B-4844-437A-8F27-01481D7A3D72}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [Arquivo não assinado] FirewallRules: [{139C7DF7-ED6F-4D2C-9D49-C930234478B2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Aim Lab\AimLab_tb.exe () [Arquivo não assinado] FirewallRules: [TCP Query User{9766DF3F-97D7-4F86-8688-B53192237181}D:\battle.net\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battle.net\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [UDP Query User{F365A689-3727-4325-9C16-403FC7396FE2}D:\battle.net\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\battle.net\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [TCP Query User{BD44B037-C1F2-4EC7-A64E-F2D42BD9AD44}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [UDP Query User{B2A4E632-3F9A-4B48-895C-BCB0E6A5EC38}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) FirewallRules: [TCP Query User{5DA8AE10-403D-4C4A-9E8C-4EE212F8E7FF}D:\program files (x86)\origin games\battlefield 4\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [UDP Query User{52C95D19-4A58-41B0-8DA2-5F5F3F636A2D}D:\program files (x86)\origin games\battlefield 4\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\battlefield 4\bf4.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [TCP Query User{92BE306B-4D5C-4BB1-B387-516F09A558BE}D:\program files (x86)\steam\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [Arquivo não assinado] FirewallRules: [UDP Query User{F01C8874-5C02-4B39-A42A-EE56ADA33D86}D:\program files (x86)\steam\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\fpsaimtrainer\fpsaimtrainer\binaries\win64\fpsaimtrainer-win64-shipping.exe () [Arquivo não assinado] FirewallRules: [{721FDA30-B270-4CBC-8E88-5EB08B6A0D39}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Apex Aim Trainer\ThirdPersonBP.exe (Epic Games, Inc.) [Arquivo não assinado] FirewallRules: [{CEB653ED-2A4D-49A1-84CB-C4E2D6A53713}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Apex Aim Trainer\ThirdPersonBP.exe (Epic Games, Inc.) [Arquivo não assinado] FirewallRules: [TCP Query User{DC9878F3-9B60-48A8-9349-C7A92D114658}D:\program files (x86)\steam\steamapps\common\apex aim trainer\thirdpersonbp\binaries\win64\thirdpersonbp-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\apex aim trainer\thirdpersonbp\binaries\win64\thirdpersonbp-win64-shipping.exe (Epic Games, Inc.) [Arquivo não assinado] FirewallRules: [UDP Query User{F4BDB8ED-00FA-4E10-BBC6-3B5616E09D08}D:\program files (x86)\steam\steamapps\common\apex aim trainer\thirdpersonbp\binaries\win64\thirdpersonbp-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\apex aim trainer\thirdpersonbp\binaries\win64\thirdpersonbp-win64-shipping.exe (Epic Games, Inc.) [Arquivo não assinado] FirewallRules: [{053EA69B-3126-4224-9502-FD1BED420317}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FPSAimTrainer\FPSAimTrainer\Binaries\Win64\FPSAimTrainer-Win64-Shipping.exe () [Arquivo não assinado] FirewallRules: [{AAFBA4F4-E68E-4FA6-9914-AA986C811EF5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FPSAimTrainer\FPSAimTrainer\Binaries\Win64\FPSAimTrainer-Win64-Shipping.exe () [Arquivo não assinado] FirewallRules: [{5DC53B84-4113-4679-A79F-B28427AD96CE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{7B63B4E6-52C3-4A0C-B885-390A31A425A0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{9961C426-A796-4F1C-9320-96840215C3FB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{0F41540D-752C-42E7-B6C0-ED8427361BEA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{4C282E10-070F-40F4-BCB1-4C082C053A0F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{6B101D13-2C4C-4D40-9760-15F0FEB59C24}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FirewallRules: [{6E65FDCB-6488-45AA-A15B-30E4512FCB81}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{D67B69F4-9C6D-43C8-A7FD-546BAFE4F3B1}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\Battlefield 4\BFLauncher.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{E6C46C9B-0A92-452C-8583-B3EC7321474D}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{413663A3-373C-4CD4-9CBB-0C26D870DA2C}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\Battlefield 4\BFLauncher_x86.exe (Electronic Arts -> EA Digital Illusions CE AB) FirewallRules: [{F7F0409B-147F-48C2-ABAA-F4A2EF50C778}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Int3 Software AB -> Int3 Software AB) FirewallRules: [{97836C53-94D3-4E77-8961-74A63C043FA7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\FPSAimTrainer\FPSAimTrainer.exe (Int3 Software AB -> Int3 Software AB) FirewallRules: [{5297430D-CEB2-45D7-A214-F97D978F0B44}] => (Allow) C:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{838DB457-AF78-42DC-9628-F84294DD863F}] => (Allow) C:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [TCP Query User{6D00E2DF-EE2F-4878-A42C-7C07D35A7F64}C:\users\gusta\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\gusta\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [UDP Query User{76B5EA17-8A20-472D-A981-930F2E29EE54}C:\users\gusta\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\gusta\appdata\local\programs\opera gx\opera.exe (Opera Software AS -> Opera Software) FirewallRules: [TCP Query User{F4E6D495-1730-46D7-9390-C6A7D5BDF3CE}C:\users\gusta\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gusta\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{611B5569-05E3-421B-83C2-ECA568E16CE6}C:\users\gusta\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gusta\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [{214C70A2-1468-4C5F-8166-DF9391D347A4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{940524A2-800C-45E3-9680-E9CF068801FC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd) FirewallRules: [{F28DA3B5-E017-4747-BC9D-236B57C9CA4F}] => (Allow) D:\Program Files\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{D264D3C9-B595-45A8-BC23-77DEAE8D0A6E}] => (Allow) D:\Program Files\FIFA 21\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [TCP Query User{14AA3BFD-0357-41FA-A70F-E74A80A29FBB}D:\program files\fifa 21\fifa21.exe] => (Allow) D:\program files\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [UDP Query User{9EFAC90E-C352-4236-9B20-25689ED2B391}D:\program files\fifa 21\fifa21.exe] => (Allow) D:\program files\fifa 21\fifa21.exe (Electronic Arts, Inc. -> Electronic Arts) FirewallRules: [{42A3CD3B-9EC9-4839-B8EB-5767B7570C49}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Devour\DEVOUR.exe () [Arquivo não assinado] FirewallRules: [{866444E6-2B5C-4B1F-AC00-B6AD2C50B49E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Devour\DEVOUR.exe () [Arquivo não assinado] FirewallRules: [{0B8C4FF6-3361-40F7-A199-0DC2BBCB0E90}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Arquivo não assinado] FirewallRules: [{78609E7C-C3F1-4328-975B-0BA0107CFDD0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [Arquivo não assinado] FirewallRules: [{A30E9DF6-7956-414F-A0A4-9EE36F6BA6BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B5BD5F6B-3773-465B-BE12-01689E4BD211}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{BDA21866-771B-4AAF-8325-69CEA013C522}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{944F2EC6-C6CB-45A8-B1A4-66C162026874}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{21DB38D6-1396-48DB-9F64-D36B3CCC98AB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.53\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E5380C61-5C90-4CEA-8ACB-2E167601496F}] => (Allow) D:\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{5404A906-2BCD-4FAD-BEAF-26781DAB3E9E}] => (Allow) D:\Battlefield 2042\BF2042_launcher.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [TCP Query User{50253906-7212-40A1-B6AB-932E8C933768}D:\battlefield 2042\bf2042trial.exe] => (Allow) D:\battlefield 2042\bf2042trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [UDP Query User{1E93BD02-7523-490F-A6B1-49A88081832D}D:\battlefield 2042\bf2042trial.exe] => (Allow) D:\battlefield 2042\bf2042trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [TCP Query User{636B2B73-085D-4AC3-9624-251908A5D9AE}D:\program files (x86)\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\program files (x86)\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Arquivo não assinado] FirewallRules: [UDP Query User{F8A4FC34-40EA-430F-8016-35CB34396565}D:\program files (x86)\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe] => (Allow) D:\program files (x86)\epic games\worldwarz\en_us\client\bin\pc\wwzretailegs.exe (Saber Interactive) [Arquivo não assinado] ==================== Pontos de Restauração ========================= 16-11-2021 18:18:22 KpRm ==================== Dispositivos Apresentando Falhas No Gerenciador ============ Name: Timer de eventos de alta precisão Description: Timer de eventos de alta precisão Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Dispositivos padrão do sistema) Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Erros no Log de eventos: ======================== Erros em Aplicativos: ================== Error: (11/18/2021 08:14:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: cpumetricsserver.exe, versão: 10.1.2.1884, carimbo de data/hora: 0x6153eee3 Nome do módulo com falha: cpumetricsserver.exe, versão: 10.1.2.1884, carimbo de data/hora: 0x6153eee3 Código de exceção: 0xc0000409 Deslocamento da falha: 0x00000000000076bc ID do processo com falha: 0x1a80 Hora de início do aplicativo com falha: 0x01d7dc6d686d5467 Caminho do aplicativo com falha: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe Caminho do módulo com falha: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe ID do Relatório: 7945b8be-6523-483e-9152-40b0faa01edc Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (11/17/2021 12:38:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em HD (D:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Error: (11/17/2021 12:33:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em MULTIBOOT (E:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Error: (11/17/2021 12:22:23 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: ) Description: Não foi possível concluir o otimizador de armazenamento otimizar novamente em MULTIBOOT (E:) devido a: A operação solicitada não é compatível com o hardware que contém o volume. (0x8900002A) Error: (11/17/2021 08:06:39 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: cpumetricsserver.exe, versão: 10.1.2.1884, carimbo de data/hora: 0x6153eee3 Nome do módulo com falha: cpumetricsserver.exe, versão: 10.1.2.1884, carimbo de data/hora: 0x6153eee3 Código de exceção: 0xc0000409 Deslocamento da falha: 0x00000000000076bc ID do processo com falha: 0x33a4 Hora de início do aplicativo com falha: 0x01d7dba331a31fa2 Caminho do aplicativo com falha: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe Caminho do módulo com falha: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe ID do Relatório: a6f884f9-2697-4b65-b39e-e560b0687802 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (11/17/2021 01:01:10 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: cpumetricsserver.exe, versão: 10.1.2.1884, carimbo de data/hora: 0x6153eee3 Nome do módulo com falha: cpumetricsserver.exe, versão: 10.1.2.1884, carimbo de data/hora: 0x6153eee3 Código de exceção: 0xc0000409 Deslocamento da falha: 0x00000000000076bc ID do processo com falha: 0x44c Hora de início do aplicativo com falha: 0x01d7db67c1786256 Caminho do aplicativo com falha: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe Caminho do módulo com falha: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe ID do Relatório: a247e6ce-5684-459f-9445-df2401f35a9f Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Error: (11/17/2021 01:00:52 AM) (Source: CertEnroll) (EventID: 86) (User: AUTORIDADE NT) Description: Falha na inicialização do registro de certificado SCEP para WORKGROUP\DESKTOP-92R3UFK$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Wed, 17 Nov 2021 04:00:53 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 14c63a16-9434-4191-bdca-ef53ef1cd661 Método: GET(312ms) Estágio: GetCACaps Não encontrado (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (11/16/2021 07:50:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome do aplicativo com falha: cpumetricsserver.exe, versão: 10.1.2.1884, carimbo de data/hora: 0x6153eee3 Nome do módulo com falha: cpumetricsserver.exe, versão: 10.1.2.1884, carimbo de data/hora: 0x6153eee3 Código de exceção: 0xc0000409 Deslocamento da falha: 0x00000000000076bc ID do processo com falha: 0x3220 Hora de início do aplicativo com falha: 0x01d7db3c6397a332 Caminho do aplicativo com falha: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe Caminho do módulo com falha: C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe ID do Relatório: 70346679-0c9d-4507-b574-bf0de4ffb6a6 Nome completo do pacote com falha: ID do aplicativo relativo ao pacote com falha: Erros de Sistema: ============= Error: (11/17/2021 01:02:02 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-92R3UFK) Description: O DCOM obteve o erro "87" ao tentar iniciar o serviço GamingServices com argumentos "Não Disponível" para executar o servidor: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} Error: (11/17/2021 01:02:02 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-92R3UFK) Description: O DCOM obteve o erro "87" ao tentar iniciar o serviço GamingServices com argumentos "Não Disponível" para executar o servidor: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} Error: (11/17/2021 01:01:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: AUTORIDADE NT) Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices. Error: (11/17/2021 01:00:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Não foi possível iniciar o serviço AMDRyzenMasterDriverV17 devido ao seguinte erro: O sistema não pode encontrar o arquivo especificado. Error: (11/17/2021 01:00:17 AM) (Source: Ntfs) (EventID: 55) (User: AUTORIDADE NT) Description: Corrupção detectada na estrutura do sistema de arquivos, no volume D:. A natureza exata da corrupção é desconhecida. As estruturas do sistema de arquivos precisam ser verificadas e corrigidas offline. Error: (11/17/2021 01:00:17 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: AUTORIDADE NT) Description: D:\Device\HarddiskVolume53 Error: (11/17/2021 01:00:45 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: O desligamento do sistema que ocorreu às 21:50:21 do dia ‎16/‎11/‎2021 não era esperado. Error: (11/17/2021 01:00:09 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: AUTORIDADE NT) Description: 3221225684Ocorrência de erro fatal em processamento de dados de restauração. Windows Defender: ================ Date: 2021-11-17 18:28:11 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {F05456FC-B82F-4106-8233-BAEAB6D40663} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2021-11-16 17:45:12 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0 Nome: Trojan:Win32/Wacatac.B!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: file:_C:\Users\gusta\Desktop\zoek\Z-Analyse.exe Origem da Detecção: Computador local Tipo da Detecção: FastPath Fonte da Detecção: Proteção em Tempo Real Usuário: DESKTOP-92R3UFK\gusta Nome do Processo: C:\Users\gusta\AppData\Local\Programs\Opera GX\opera.exe Versão da Inteligência de Segurança: AV: 1.353.1059.0, AS: 1.353.1059.0, NIS: 1.353.1059.0 Versão do Mecanismo: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-11-16 14:07:07 Description: Microsoft Defender Antivírus detectou malware ou outro software potencialmente indesejado. Para obter mais informações, veja a seguir: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.B!ml&threatid=2147735505&enterprise=0 Nome: Trojan:Win32/Wacatac.B!ml Gravidade: Grave Categoria: Cavalo de Tróia Caminho: containerfile:_C:\Users\gusta\Desktop\zoek.zip; file:_C:\Users\gusta\Desktop\zoek.zip->Z-Analyse.exe; webfile:_C:\Users\gusta\Desktop\zoek.zip|https://download.bleepingcomputer.com/smeenk/zoek.zip|pid:10348,ProcessStart:132815560206819677 Origem da Detecção: Internet Tipo da Detecção: FastPath Fonte da Detecção: Downloads e anexos Usuário: DESKTOP-92R3UFK\gusta Nome do Processo: Unknown Versão da Inteligência de Segurança: AV: 1.353.1059.0, AS: 1.353.1059.0, NIS: 1.353.1059.0 Versão do Mecanismo: AM: 1.1.18700.4, NIS: 1.1.18700.4 Date: 2021-11-15 18:09:24 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {5735FF20-4B85-4B5C-96DD-B44DAD90F0AD} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA Date: 2021-11-10 14:03:18 Description: O exame do Microsoft Defender Antivírus foi interrompido antes da conclusão. ID do Exame: {1DE86AD6-E542-4B81-9C2B-42E92ED99BB3} Tipo de Exame: Antimalware Parâmetros do Exame: Verificação Rápida Usuário: AUTORIDADE NT\SISTEMA  CodeIntegrity: =============== Date: 2021-08-14 16:15:00 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Users\gusta\AppData\Local\Programs\Opera GX\77.0.4054.275\opera.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. ==================== Informações da Memória =========================== BIOS: American Megatrends Inc. 1.OS 07/02/2020 placa-mãe: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34) Processador: AMD Ryzen 5 3600 6-Core Processor Percentagem de memória em uso: 40% RAM física total: 16334.5 MB RAM física disponível: 9641.79 MB Virtual Total: 24270.5 MB Virtual disponível: 14976.31 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:237.86 GB) (Free:12.26 GB) NTFS Drive d: (HD) (Fixed) (Total:931.51 GB) (Free:116.21 GB) NTFS Drive e: (MULTIBOOT) (Fixed) (Total:14.91 GB) (Free:12.55 GB) NTFS ==>[sistema com componentes de inicialização (obtido através de drive)] \\?\Volume{dcd84e15-a910-4369-8078-70e2294e0780}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS \\?\Volume{f157ac14-0ef9-e0e0-a976-4e51c7d5a342}\ () (Fixed) (Total:101.08 GB) (Free:0 GB) NTFS \\?\Volume{afd82351-3df3-4900-9b7e-94f0962e114f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabela de Partições ==================== ========================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 39FD49D7) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42) ========================================================== Disk: 1 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 2 (Protective MBR) (Size: 14.9 GB) (Disk ID: 00000000) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. ==================== Fim de Addition.txt =======================