Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 14-11-2021 Executado por gusta (administrador) em DESKTOP-92R3UFK (Micro-Star International Co., Ltd. MS-7A34) (18-11-2021 10:10:50) Executando a partir de C:\Users\gusta\Desktop Perfis Carregados: gusta Plataforma: Microsoft Windows 10 Pro Versão 21H1 19043.1266 (X64) Idioma: Português (Brasil) Navegador padrão: Opera Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0372232.inf_amd64_1e947f831d2ae36a\B372131\atieclxx.exe (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0372232.inf_amd64_1e947f831d2ae36a\B372131\atiesrxx.exe (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe (Discord Inc. -> Discord Inc.) C:\Users\gusta\AppData\Local\Discord\app-1.0.9003\Discord.exe <6> (Electronic Arts, Inc. -> Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe (Electronic Arts, Inc. -> Electronic Arts) D:\Program Files\EA Desktop\EA Desktop\EABackgroundService.exe (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3> (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (Matthew Malensek) [Arquivo não assinado] D:\Program Files (x86)\3RVX\3RVX.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.11001.0_x64__8wekyb3d8bbwe\gamingservices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.59.11001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe (Opera Software AS -> Opera Software) C:\Users\gusta\AppData\Local\Programs\Opera GX\80.0.4170.91\opera_crashreporter.exe (Opera Software AS -> Opera Software) C:\Users\gusta\AppData\Local\Programs\Opera GX\opera.exe <24> (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Spotify AB -> Spotify Ltd) C:\Users\gusta\AppData\Roaming\Spotify\Spotify.exe <6> (The Qt Company Ltd.) [Arquivo não assinado] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Valve -> Valve Corporation) D:\Program Files (x86)\Steam\steam.exe (Wagnardsoft -> Wagnardsoft) C:\Users\gusta\Desktop\ISLC v1.0.2.5\Intelligent standby list cleaner ISLC.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269328 2019-01-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-11-13] (Adobe Inc. -> ) HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\Run: [3RVX] => D:\Program Files (x86)\3RVX\3RVX.exe [649216 2016-06-04] (Matthew Malensek) [Arquivo não assinado] HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3145912 2021-10-19] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443968 2021-11-02] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\Run: [EpicGamesLauncher] => D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33529824 2021-11-17] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\gusta\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-2175380699-2852125328-1652107485-1001\...\Run: [Spotify] => C:\Users\gusta\AppData\Roaming\Spotify\Spotify.exe [18750392 2021-11-11] (Spotify AB -> Spotify Ltd) Startup: C:\Users\gusta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Peace.lnk [2021-06-17] ShortcutTarget: Peace.lnk -> C:\Program Files\EqualizerAPO\config\Peace.exe (Nenhum Arquivo) GroupPolicy: Restrição ? <==== ATENÇÃO Policies: C:\ProgramData\NTUSER.pol: Restrição <==== ATENÇÃO ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {1CF589AD-420B-4312-8287-7B8722B99C30} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-09-29] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {1E0D6F1C-D6CF-4DDE-9557-03D60D984982} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-09-29] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {1EECA498-16F4-4E11-8174-9EC21C31A538} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {25B1FAD6-469B-4F97-BEB8-32A3BECA4037} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2900C83F-4D1E-4077-AC0F-8C8BFE3D5C98} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.exe /NoUACCheck Task: {393AD022-0BD5-4876-9CAA-34930A8D1646} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-09-29] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {39EE0661-4F01-4232-AC39-1655DCC67A84} - System32\Tasks\Intelligent StandbyList Cleaner => C:\Users\gusta\Desktop\ISLC v1.0.2.5\Intelligent standby list cleaner ISLC.exe [426752 2021-08-23] (Wagnardsoft -> Wagnardsoft) Task: {50424D60-CC1F-4318-BE9C-5E842A79E53E} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\gusta\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2021-11-16] (ESET, spol. s r.o. -> ESET) Task: {61A29077-469A-4555-AC64-0FA2E69D3D2C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {627724D7-739C-4115-9478-ABF7C22E0078} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Nenhum Arquivo) Task: {62DB9300-E9DD-4E28-A5AF-67FFB93077D0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Nenhum Arquivo) Task: {6A45141C-6E68-4C01-891C-9864E3C0129C} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [355840 2021-09-29] (Advanced Micro Devices, Inc.) [Arquivo não assinado] Task: {8BE858FA-138C-492E-8213-2FD7896B2F3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation) Task: {94C1B2C1-47B8-4F15-9992-D7E3D109F479} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation) Task: {A3E5432F-C9D3-43F2-B7C4-012B985F25E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {A5193747-D71B-4BFD-86FA-D9FC1C0F59E7} - System32\Tasks\Opera GX scheduled Autoupdate 1607401374 => C:\Users\gusta\AppData\Local\Programs\Opera GX\launcher.exe [46162128 2021-11-04] (Opera Software AS -> Opera Software) Task: {ACBD20F9-CD26-4744-BA4C-60B7CA2883D9} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1615929884 => C:\Users\gusta\AppData\Local\Programs\Opera GX\launcher.exe [46162128 2021-11-04] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\gusta\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {C327CC1F-AD34-40FC-8FF5-76FB01A2E700} - System32\Tasks\{E42A4987-1F86-4E8F-A708-60CAAC1E3DA7} => C:\Users\gusta\Desktop\InputMapper1.7.7452.13622 (1).exe -> /i "C:\Windows\Installer\bb33fb.msi" AI_SETUPEXEPATH="C:\Users\gusta\Desktop\InputMapper1.7.7452.13622 (1).exe" SETUPEXEDIR="" REMOVE=KeyboardAndMouseInput,InputMapperHidGuard,InputPlugins,KeyboardAndMouseOutput,MainFeature,OutputPlugins,PlayStation4,ViGEmBusDriver,XInput REMOVE="ALL" PRIMARYFOLDER="APPDIR" ROOTDRIVE="D:\" AI_PREREQFILES="C:\Users\gusta\AppData\Roaming\DSDCS\InputMapper 1.7\prerequisites\ViGEmBus_Setup_1.16.115.exe" AI_PREREQDIRS="C:\Users\gusta\AppData\Roaming\DSDCS\InputMapper 1.7\prerequisites" AI_MISSING_PREREQS="ViGEm Bus Driver" AI_FOUND_PREREQS="TxEditor|HID Report Listener" AI_DETECTED_INTERNET_CONNECTION="1" AI_SETUPEXEPATH="C:\Users\gusta\Desktop\InputMapper1.7.7452.13622 (1).exe" AI_SHORTCUTSREG="1|1|1|1" AI_RESUME="1" TARGETDIR="D:\" APPDIR="C:\Program Files (x86)\DSDCS\InputMapper 1.7\" SHORTCUTDIR="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InputMapper 1.7" Task: {CC14A563-FBF1-465B-B86B-E2A18DBD4FF6} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Nenhum Arquivo) Task: {CD0D8E3F-91E0-495E-9D0A-044358A0901A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-09-29] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) Task: {EE9641A2-ADDB-4A42-9BBC-75BF170A945C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2175380699-2852125328-1652107485-500 => C:\Users\gusta\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Nenhum Arquivo) Task: {F1AFCDAA-4980-41F7-90EE-D6906AD05F52} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\gusta\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2021-11-16] (ESET, spol. s r.o. -> ESET) Task: {F7F2B2E9-4C36-4274-9AC4-C062B17928B4} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (Nenhum Arquivo) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\Windows\Tasks\{E42A4987-1F86-4E8F-A708-60CAAC1E3DA7}.job => C:\Users\gusta\Desktop\InputMapper1.7.7452.13622 (1).exeΏ/i C:\Windows\Installer\bb33fb.msi AI_SETUPEXEPATH=C:\Users\gusta\Desktop\InputMapper1.7.7452.13622 (1).exe SETUPEXEDIR= REMOVE=KeyboardAndMouseInput,InputMapperHidGuard,InputPlugins,KeyboardAndMouseOutput,MainFeature,OutputPlugins,PlayStation4,ViGEmBusDriver,XInput REMOVE=ALL PRIMARYFOLDER=APPDIR ROOTDRIVE=D:\ AI_PREREQFILES=C:\Users\gusta\AppData\Roaming\DSDCS\InputMapper 1.7\prerequisites\ViGEmBus_Setup_1.16.115.exe AI_PREREQDIRS=C:\Users\gusta\AppData\Roaming\DSDCS\InputMapper 1.7\prerequisites AI_MISSING_PREREQS=ViGEm Bus Driver AI_FOUND_PREREQS=TxEditor|HID Report Listener AI_DETECTED_INTERNET_CONNECTION=1 AI_SETUPEXEPATH=C:\Users\gusta\Desktop\InputMapper1.7.7452.13622 (1).exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{903ceb6d-4196-4e30-82a2-0920f17ad2bd}: [DhcpNameServer] 186.250.48.7 186.250.48.8 Tcpip\..\Interfaces\{ab448f5f-4695-4f2f-b99a-a1d52666bfa1}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b544c2d6-ceae-4b21-98d5-5c3638fb09ca}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge Profile: C:\Users\gusta\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-16] FireFox: ======== FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Arquivo não assinado] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Opera: ======= StartMenuInternet: (HKU\S-1-5-21-2175380699-2852125328-1652107485-1001) Opera GXStable - "C:\Users\gusta\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-07-31] (BattlEye Innovations e.K. -> ) R2 EABackgroundService; D:\Program Files\EA Desktop\EA Desktop\EABackgroundService.exe [9875352 2021-11-17] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812976 2021-11-02] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [595944 2021-10-09] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EQU8_39; C:\ProgramData\EQU8\KovaaK 2.0\bin\anticheat.x64.equ8.exe [5941392 2021-08-03] (Int3 Software AB -> Int3 Software AB) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11148864 2021-11-02] (Logitech Inc -> Logitech, Inc.) S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2557656 2021-10-19] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3476184 2021-10-19] (Electronic Arts, Inc. -> Electronic Arts) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2021-06-20] (Even Balance, Inc. -> ) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2338096 2021-10-10] (Rockstar Games, Inc. -> Rockstar Games) R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [2269056 2020-12-18] (Banco Bradesco S.A. -> Scopus Soluções em TI Ltda) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5414472 2021-10-02] (Microsoft Windows Publisher -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) S3 xigncode3_pbbr; C:\Program Files\Common Files\Uncheater\xigncode3_pbbr.exe [6941424 2021-03-06] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X] ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [41376 2021-07-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [100792 2021-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0372232.inf_amd64_1e947f831d2ae36a\B372131\amdkmdag.sys [80502200 2021-10-03] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) S3 EQU8_HELPER_39; C:\Windows\system32\DRIVERS\EQU8_HELPER_39.sys [38032 2021-11-17] (Int3 Software AB -> ) S3 HidGuardian; C:\Windows\System32\drivers\HidGuardian.sys [26736 2017-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer) S3 HidHide; C:\Windows\System32\drivers\HidHide.sys [61408 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [37200 2021-03-16] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [25928 2021-03-16] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66896 2021-03-16] (Logitech Inc -> Logitech) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 VBAudioVMVAIOMME; C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-12-08] (Vincent Burel -> Windows (R) Win 7 DDK provider) R1 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [165744 2020-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435424 2021-11-02] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-02] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\Windows\xhunter1.sys [2742720 2021-03-27] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 xspirit; C:\Windows\xspirit.sys [47928 2021-03-27] (Wellbia.com Co., Ltd. -> ) S2 AMDRyzenMasterDriverV17; \??\C:\Program Files\AMD\CNext\CNext\AMDRyzenMasterDriver.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-11-18 10:10 - 2021-11-18 10:11 - 000020697 _____ C:\Users\gusta\Desktop\FRST.txt 2021-11-18 10:10 - 2021-11-18 10:11 - 000000000 ____D C:\FRST 2021-11-18 10:10 - 2021-11-18 10:10 - 002311680 _____ (Farbar) C:\Users\gusta\Desktop\FRST64.exe 2021-11-18 00:17 - 2021-11-18 00:17 - 000000000 ____D C:\Users\gusta\AppData\Local\Saber 2021-11-18 00:12 - 2021-11-18 00:12 - 000101744 _____ C:\Users\gusta\Desktop\protocolo_cadastro temporario.pdf 2021-11-17 23:57 - 2021-11-17 23:57 - 000000351 _____ C:\Users\gusta\Desktop\World War Z.url 2021-11-17 23:54 - 2021-11-17 23:54 - 000101744 _____ C:\Users\gusta\Desktop\protocolo_cadastro permanente.pdf 2021-11-17 11:06 - 2021-10-04 20:26 - 000002699 _____ C:\Users\gusta\Desktop\Outlook 2013.lnk 2021-11-17 11:01 - 2021-11-17 11:01 - 000000000 ____D C:\Users\gusta\Documents\Arquivos do Outlook 2021-11-16 19:49 - 2021-11-16 19:49 - 000003858 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn 2021-11-16 19:49 - 2021-11-16 19:49 - 000003416 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime 2021-11-16 18:21 - 2021-11-16 18:21 - 000001382 _____ C:\Users\gusta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2021-11-16 18:21 - 2021-11-16 18:21 - 000000000 ____D C:\Users\gusta\AppData\Local\ESET 2021-11-16 18:18 - 2021-11-16 18:18 - 000003656 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask 2021-11-16 18:17 - 2021-11-16 18:17 - 000000000 ____D C:\KPRM 2021-11-16 14:16 - 2021-11-16 14:16 - 000013740 _____ C:\ZA-Scan.txt 2021-11-16 14:10 - 2021-11-16 14:10 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer 2021-11-16 14:10 - 2021-11-16 14:10 - 000000000 ____D C:\Program Files\Reference Assemblies 2021-11-16 14:10 - 2021-11-16 14:10 - 000000000 ____D C:\Program Files\MSBuild 2021-11-16 14:10 - 2021-11-16 14:10 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2021-11-16 14:10 - 2021-11-16 14:10 - 000000000 ____D C:\Program Files (x86)\MSBuild 2021-11-14 20:37 - 2021-11-14 20:37 - 000000000 ____D C:\Users\gusta\AppData\Local\mbam 2021-11-14 19:17 - 2021-11-14 19:17 - 000000000 ____D C:\Users\gusta\Documents\Battlefield 2042 2021-11-13 14:07 - 2021-11-13 14:07 - 000000000 ____D C:\Users\gusta\AppData\Roaming\BorisFX 2021-11-13 14:07 - 2021-11-13 14:07 - 000000000 ____D C:\Users\gusta\AppData\Local\SafeNet Sentinel 2021-11-13 14:07 - 2021-11-13 14:07 - 000000000 ____D C:\Users\gusta\AppData\Local\BorisFX 2021-11-13 14:07 - 2021-11-13 14:07 - 000000000 ____D C:\ProgramData\SafeNet Sentinel 2021-11-13 14:02 - 2021-11-13 14:02 - 000000000 ____D C:\Users\gusta\AppData\Local\Yandex 2021-11-13 14:01 - 2021-11-13 14:01 - 000000000 ____D C:\ProgramData\Reprise 2021-11-13 14:00 - 2021-11-13 15:26 - 000000000 ____D C:\ProgramData\BorisFX 2021-11-13 14:00 - 2021-11-13 14:00 - 000000000 ____D C:\ProgramData\GenArts 2021-11-13 13:06 - 2021-11-13 13:07 - 000000000 ____D C:\Users\gusta\Documents\Adobe 2021-11-13 13:04 - 2021-11-13 15:26 - 000000000 ____D C:\Users\Public\Documents\Adobe 2021-11-13 13:02 - 2021-11-13 15:26 - 000000000 ____D C:\Program Files\Common Files\Adobe 2021-11-13 13:02 - 2021-11-13 13:04 - 000000000 ____D C:\Program Files\Adobe 2021-11-13 13:02 - 2021-11-13 13:02 - 000000000 ____D C:\Program Files (x86)\Adobe 2021-11-13 13:00 - 2021-11-13 13:07 - 000000000 ____D C:\Users\gusta\AppData\Local\Adobe 2021-11-13 13:00 - 2021-11-13 13:00 - 000000000 ____D C:\ProgramData\Adobe 2021-11-11 14:39 - 2021-11-11 14:39 - 000000000 ____D C:\Users\gusta\AppData\LocalLow\Kinetic Games 2021-11-10 23:57 - 2021-11-10 23:57 - 000000222 _____ C:\Users\gusta\Desktop\Phasmophobia.url 2021-11-10 19:36 - 2021-11-10 19:36 - 000000000 ____D C:\Users\gusta\AppData\LocalLow\Straight Back Games 2021-11-10 19:34 - 2021-11-10 19:34 - 000000223 _____ C:\Users\gusta\Desktop\DEVOUR.url 2021-11-10 01:06 - 2021-11-10 01:06 - 000001108 _____ C:\Users\gusta\Desktop\Forza Horizon 5.lnk 2021-11-06 17:43 - 2021-11-06 17:43 - 000021992 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_78952185115104.dll 2021-11-06 17:22 - 2021-11-06 17:22 - 000000000 ____D C:\Users\gusta\AppData\Local\EALaunchHelper 2021-11-06 17:11 - 2021-11-06 17:12 - 000000000 ____D C:\Users\gusta\Documents\FIFA 21 2021-11-06 16:46 - 2021-11-14 19:10 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller 2021-11-06 16:46 - 2021-11-06 16:46 - 000000712 _____ C:\Users\Public\Desktop\FIFA 21.lnk 2021-11-06 16:17 - 2021-11-06 16:17 - 000000000 ____D C:\Users\gusta\AppData\Local\EADesktop 2021-11-06 16:15 - 2021-11-17 01:42 - 000000000 ____D C:\Program Files\EA Games 2021-11-06 16:15 - 2021-11-06 16:17 - 000000000 ____D C:\ProgramData\EA Desktop 2021-11-06 16:15 - 2021-11-06 16:15 - 000000976 _____ C:\Users\Public\Desktop\EA.lnk 2021-11-06 16:15 - 2021-11-06 16:15 - 000000000 ____D C:\Users\gusta\AppData\Local\Electronic Arts 2021-11-06 16:15 - 2021-11-06 16:15 - 000000000 ____D C:\Users\gusta\AppData\Local\EAConnect_microsoft 2021-11-06 16:15 - 2021-11-06 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA 2021-11-06 15:06 - 2021-11-06 15:06 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS 2021-11-06 15:00 - 2021-11-06 15:00 - 000001608 _____ C:\Users\gusta\Desktop\WarnerBrosInteractivee172091a-6630-4ff3-959f-830.lnk 2021-11-06 14:26 - 2021-11-06 14:26 - 000000000 ____D C:\Users\gusta\AppData\Local\INetHistory 2021-11-03 18:33 - 2021-11-03 18:33 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk 2021-11-03 18:33 - 2021-11-03 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2021-11-01 22:09 - 2021-11-17 01:01 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2021-11-01 21:18 - 2021-11-01 21:18 - 000000000 ____D C:\Users\gusta\AppData\Roaming\Valve Corporation 2021-10-30 00:02 - 2021-10-30 00:02 - 000000000 ____D C:\Users\gusta\AppData\Local\DeadByDaylight 2021-10-29 23:24 - 2021-10-29 23:24 - 000000222 _____ C:\Users\gusta\Desktop\Dead by Daylight.url 2021-10-24 16:04 - 2021-10-24 16:04 - 000003590 _____ C:\Windows\system32\Tasks\Intelligent StandbyList Cleaner 2021-10-23 15:42 - 2021-10-23 15:53 - 000000000 ____D C:\Users\gusta\AppData\Local\cura 2021-10-23 15:42 - 2021-10-23 15:42 - 000000000 ____D C:\Users\gusta\AppData\Local\Ultimaker B.V 2021-10-23 15:41 - 2021-10-23 15:53 - 000000000 ____D C:\Users\gusta\AppData\Roaming\cura ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2021-11-18 10:09 - 2021-10-09 21:50 - 000000000 ____D C:\Users\gusta\AppData\Roaming\Spotify 2021-11-18 10:06 - 2020-12-08 16:12 - 000000000 ____D C:\Users\gusta\AppData\Roaming\discord 2021-11-18 10:04 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness 2021-11-18 10:04 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-18 09:59 - 2021-10-03 02:24 - 000000000 ____D C:\Users\gusta\AppData\Local\Discord 2021-11-18 09:59 - 2021-08-14 12:12 - 000000000 ____D C:\SteamLibrary 2021-11-18 09:54 - 2021-10-09 21:50 - 000000000 ____D C:\Users\gusta\AppData\Local\Spotify 2021-11-18 09:54 - 2021-06-28 19:48 - 000000000 ____D C:\Users\gusta\AppData\Local\D3DSCache 2021-11-18 09:15 - 2020-12-08 01:50 - 000000000 ____D C:\Users\gusta\AppData\Local\LGHUB 2021-11-18 09:15 - 2020-11-18 23:45 - 000000000 ____D C:\Windows\system32\SleepStudy 2021-11-18 08:18 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-18 08:17 - 2021-01-09 17:17 - 000004184 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{856D7BDD-6A27-4F68-8F4E-56AD56C65AAF} 2021-11-18 08:14 - 2021-07-11 21:15 - 000000000 ____D C:\Users\gusta\AppData\Local\CrashDumps 2021-11-18 08:14 - 2020-12-08 01:50 - 000000000 ____D C:\Users\gusta\AppData\Roaming\LGHUB 2021-11-18 01:40 - 2021-10-09 22:26 - 000000000 ____D C:\Users\gusta\Desktop\ISLC v1.0.2.5 2021-11-18 00:31 - 2020-12-08 14:59 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2021-11-18 00:31 - 2020-12-08 14:59 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner 2021-11-17 18:27 - 2020-11-18 23:47 - 000003618 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-11-17 18:27 - 2020-11-18 23:47 - 000003494 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-11-17 17:37 - 2021-06-03 19:16 - 000038032 _____ C:\Windows\system32\Drivers\EQU8_HELPER_39.sys 2021-11-17 01:07 - 2020-12-08 01:27 - 001742824 _____ C:\Windows\system32\PerfStringBackup.INI 2021-11-17 01:07 - 2019-12-07 11:53 - 000752674 _____ C:\Windows\system32\prfh0416.dat 2021-11-17 01:07 - 2019-12-07 11:53 - 000148788 _____ C:\Windows\system32\prfc0416.dat 2021-11-17 01:07 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF 2021-11-17 01:00 - 2020-12-08 01:15 - 000008192 ___SH C:\DumpStack.log.tmp 2021-11-17 01:00 - 2020-11-18 23:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-11-16 19:50 - 2019-12-07 06:03 - 000524288 _____ C:\Windows\system32\config\BBI 2021-11-16 17:43 - 2021-03-29 19:19 - 000000000 ____D C:\Users\gusta\AppData\LocalLow\Temp 2021-11-16 17:23 - 2020-12-08 01:53 - 000000000 ____D C:\Users\gusta\AppData\Local\Battle.net 2021-11-16 17:20 - 2020-12-08 01:31 - 000000000 ____D C:\Users\gusta\AppData\Roaming\Origin 2021-11-16 17:20 - 2020-12-08 01:31 - 000000000 ____D C:\ProgramData\Origin 2021-11-16 17:00 - 2021-08-14 12:07 - 000000000 ____D C:\Program Files (x86)\Origin Games 2021-11-16 16:59 - 2020-12-08 01:31 - 000000000 ____D C:\Users\gusta\AppData\Local\Origin 2021-11-16 14:11 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp 2021-11-16 14:10 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SysWOW64\MUI 2021-11-16 14:10 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\MUI 2021-11-16 10:38 - 2019-12-07 06:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2021-11-15 19:27 - 2020-12-30 19:14 - 000000000 ____D C:\Users\gusta\Documents\Gravações de som 2021-11-14 12:27 - 2020-11-18 23:48 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-11-14 05:11 - 2020-12-08 01:18 - 000000000 ____D C:\Users\gusta 2021-11-14 04:38 - 2020-12-08 01:19 - 000000000 ____D C:\Users\gusta\AppData\Local\Packages 2021-11-13 16:52 - 2020-12-09 18:34 - 000000000 ____D C:\Users\gusta\AppData\Local\AMD_Common 2021-11-13 13:08 - 2020-12-08 01:19 - 000000000 ____D C:\Users\gusta\AppData\Roaming\Adobe 2021-11-13 13:02 - 2020-12-08 01:36 - 000000000 ____D C:\ProgramData\Package Cache 2021-11-10 23:57 - 2020-12-08 03:43 - 000000000 ____D C:\Users\gusta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2021-11-10 01:06 - 2020-11-18 23:49 - 000000000 ____D C:\ProgramData\Packages 2021-11-09 21:09 - 2021-10-07 23:51 - 000390133 _____ C:\Windows\diagerr.xml 2021-11-09 21:09 - 2021-10-07 23:51 - 000377193 _____ C:\Windows\diagwrn.xml 2021-11-09 20:53 - 2021-06-05 16:09 - 000000000 ___HD C:\$WINDOWS.~BT 2021-11-09 20:48 - 2020-12-08 01:14 - 000000000 ____D C:\Windows\Panther 2021-11-09 20:39 - 2021-10-03 00:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2021-11-09 20:39 - 2020-12-08 01:32 - 000000000 ____D C:\Windows\system32\MRT 2021-11-09 20:37 - 2020-12-08 01:32 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2021-11-09 20:34 - 2021-01-20 19:58 - 000000946 __RSH C:\ProgramData\ntuser.pol 2021-11-08 21:11 - 2021-08-28 21:13 - 000000000 ____D C:\Users\gusta\AppData\Roaming\obs-studio 2021-11-08 18:38 - 2020-12-08 01:23 - 000004224 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1607401374 2021-11-08 18:38 - 2020-12-08 01:22 - 000001438 _____ C:\Users\gusta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk 2021-11-07 15:42 - 2020-12-10 18:50 - 000000000 ____D C:\Windows\Minidump 2021-11-07 15:41 - 2021-10-03 00:46 - 000018519 _____ C:\Users\gusta\Desktop\PAGAMENTO HICKE.xlsx 2021-11-06 22:10 - 2021-01-02 01:23 - 000000000 ____D C:\Users\gusta\AppData\Local\ElevatedDiagnostics 2021-11-06 17:17 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\LiveKernelReports 2021-11-06 16:43 - 2021-04-24 17:33 - 000000000 ____D C:\ProgramData\X360CE 2021-11-06 15:06 - 2021-10-08 18:02 - 000000000 ____D C:\Users\gusta\AppData\Roaming\EasyAntiCheat 2021-11-04 20:30 - 2019-12-07 06:03 - 000032768 _____ C:\Windows\system32\config\ELAM 2021-11-04 20:19 - 2020-12-15 22:49 - 000002264 ____H C:\Users\gusta\Documents\Default.rdp 2021-11-04 20:09 - 2019-12-07 11:54 - 000000000 ____D C:\Windows\system32\FxsTmp 2021-11-03 18:33 - 2020-12-25 13:47 - 000000000 ____D C:\Program Files\LGHUB 2021-11-02 17:56 - 2020-11-18 23:45 - 000000000 ____D C:\Windows\system32\Drivers\wd 2021-11-02 17:54 - 2020-12-08 04:19 - 000000000 ____D C:\Users\gusta\AppData\Local\PlaceholderTileLogoFolder ==================== Arquivos na raiz de alguns diretórios ======== 2020-12-08 02:18 - 2021-06-18 22:38 - 000006060 _____ () C:\Users\gusta\AppData\Roaming\VoiceMeeterDefault.xml 2021-10-09 16:35 - 2021-10-09 16:35 - 000000017 _____ () C:\Users\gusta\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================