Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-10-2022 Executado por FELIPE (administrador) em DESKTOP-CSC3DBJ (29-10-2022 14:16:05) Executando a partir de C:\Users\FELIPE\Desktop Perfis Carregados: FELIPE Plataforma: Microsoft Windows 10 Pro Versão 21H1 19043.2130 (X64) Idioma: Português (Brasil) Navegador padrão: Opera Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files (x86)\Stardock\Curtains\CurtainsSrv64.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Curtains\Curtains64.exe (C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.15.2874.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.15.2874.0_x64__8wekyb3d8bbwe\OpenConsole.exe <2> (C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.15.2874.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.15.2874.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wsl.exe <4> (C:\Users\FELIPE\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\FELIPE\AppData\Local\Programs\Opera GX\91.0.4516.95\opera_crashreporter.exe (D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) D:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2> (D:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (Discord Inc. -> Discord Inc.) C:\Users\FELIPE\AppData\Local\Discord\app-1.0.9007\Discord.exe <6> (E:\Program Files\PostgreSQL\14\bin\pg_ctl.exe ->) (PostgreSQL Global Development Group) [Arquivo não assinado] E:\Program Files\PostgreSQL\14\bin\postgres.exe <8> (explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (explorer.exe ->) (Charles Milette) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe (explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (explorer.exe ->) (File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.2.0.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe (explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\65.0.4.0\crashpad_handler.exe <2> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe <7> (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3> (explorer.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.15.2874.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe (explorer.exe ->) (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe (explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\steam.exe (Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\FELIPE\AppData\Local\Programs\Microsoft VS Code\Code.exe <10> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Opera Norway AS -> Opera Software) C:\Users\FELIPE\AppData\Local\Programs\Opera GX\opera.exe <40> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (Docker Inc -> Docker Inc.) C:\Program Files\Docker\Docker\com.docker.service (services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\107.0.5304.19\remoting_host.exe <2> (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe (services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Oracle America, Inc. -> ) C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe <2> (services.exe ->) (PostgreSQL Global Development Group) [Arquivo não assinado] E:\Program Files\PostgreSQL\14\bin\pg_ctl.exe (services.exe ->) (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) C:\Program Files (x86)\Stardock\Curtains\CurtainsSrv64.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) E:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lxss\wslhost.exe <5> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (vmcompute.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\vmwp.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1684216 2020-05-13] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) HKLM-x32\...\Run: [RadminVPN] => C:\Program Files (x86)\Radmin VPN\RvRvpnGui.exe [2109824 2021-12-20] (Famatech Corp. -> Famatech Corp.) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> ) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.) HKU\S-1-5-21-4080567834-197202263-3443209586-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4245352 2022-10-27] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-4080567834-197202263-3443209586-1001\...\Run: [EpicGamesLauncher] => D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32696784 2022-10-26] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-4080567834-197202263-3443209586-1001\...\Run: [com.blitz.app] => C:\Users\FELIPE\AppData\Local\Programs\Blitz\Blitz.exe [130395856 2022-08-28] (Swift Media Entertainment, Inc. -> Blitz, Inc.) HKU\S-1-5-21-4080567834-197202263-3443209586-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-10-27] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-4080567834-197202263-3443209586-1001\...\Run: [OpenDNS Updater] => C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe [839680 2010-06-16] () [Arquivo não assinado] HKU\S-1-5-21-4080567834-197202263-3443209586-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\FELIPE\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software) HKU\S-1-5-21-4080567834-197202263-3443209586-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.) HKU\S-1-5-21-4080567834-197202263-3443209586-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13997144 2022-04-27] (GOG Sp. z o.o. -> GOG.com) HKU\S-1-5-21-4080567834-197202263-3443209586-1001\...\Run: [Combin Scheduler] => C:\Program Files\Open Media LLC\combinscheduler\combinscheduler.exe [40702504 2022-06-10] (Open Media LLC -> Open Media LLC) HKU\S-1-5-21-4080567834-197202263-3443209586-1001\...\Run: [Docker Desktop] => C:\Program Files\Docker\Docker\Docker Desktop.exe [282024 2022-05-23] (Docker Inc -> Docker Inc.) HKU\S-1-5-21-4080567834-197202263-3443209586-1002\...\Run: [EpicGamesLauncher] => D:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32696784 2022-10-26] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-4080567834-197202263-3443209586-1002\...\Run: [Discord] => C:\Users\joaog\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKU\S-1-5-21-4080567834-197202263-3443209586-1002\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4245352 2022-10-27] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-4080567834-197202263-3443209586-1002\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-10-27] (Logitech Inc -> Logitech, Inc.) HKU\S-1-5-21-4080567834-197202263-3443209586-1002\...\Run: [Overwolf] => D:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1802584 2022-09-22] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-4080567834-197202263-3443209586-1002\...\Run: [uTorrent] => "C:\Users\joaog\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED (Nenhum Arquivo) HKU\S-1-5-21-4080567834-197202263-3443209586-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408920 2021-04-17] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-4080567834-197202263-3443209586-1002\...\Run: [MiPhoneManager] => C:\Users\joaog\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-03-11] (Xiaomi Technology Inc -> ) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-20] (Google LLC -> Google, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.87\Installer\chrmstp.exe [2022-10-27] (Google LLC -> Google LLC) Startup: C:\Users\FELIPE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-02-11] ShortcutTarget: MEGAsync.lnk -> C:\Users\joaog\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {0207F002-8A00-427B-BB8E-9D0886884457} - System32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} C:\WINDOWS\System32\cscui.dll [820736 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] Task: {03CB83C1-BF88-45D1-B58D-A7ED9BAA1326} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {11931BA8-3AAE-4A53-B23C-2FACBE210DFC} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {121E9E39-3C54-4935-B67E-020FABDD3913} - System32\Tasks\Opera GX scheduled Autoupdate 1637636362 => C:\Users\FELIPE\AppData\Local\Programs\Opera GX\launcher.exe [2471880 2022-10-18] (Opera Norway AS -> Opera Software) Task: {142BA22E-2917-420E-895C-B742CBEC5FBD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-17] (Microsoft Corporation -> Microsoft Corporation) Task: {2BB79BBD-9B34-4AC9-A93D-835DE823691C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {3120C496-3534-4969-AD57-9076A7BC60C2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-17] (Microsoft Corporation -> Microsoft Corporation) Task: {3D5D774A-A1F2-4060-A748-0C31CF88965F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation) Task: {77C663C3-FDCD-44A0-8407-900A7C42D902} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-09-22] (Overwolf Ltd -> Overwolf LTD) Task: {8412051D-92CF-4FA0-A06B-38820962CDC5} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64936 2021-01-25] (Microsoft Corporation -> Microsoft) Task: {847E4AE1-27D9-466B-91CE-03E84E22FDED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {868D62EC-EE38-4736-8449-3D4C187650C5} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {86BFA3A2-E6C3-49B2-8A0A-14E7B1FA2F58} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {91A264EA-0C52-413C-8C51-71F5C519114C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9685E89E-A76F-4DC0-907C-1D7A7089EC47} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-17] (Microsoft Corporation -> Microsoft Corporation) Task: {9C53D580-8D33-4678-AE78-732A242751C5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-28] (Microsoft Corporation -> Microsoft Corporation) Task: {9EE63EA0-22BD-441E-97C1-705A9ABB427B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4080567834-197202263-3443209586-1002 => C:\Users\joaog\AppData\Local\MEGAsync\MEGAupdater.exe [2531496 2022-05-02] (Mega Limited -> ) Task: {A4F7E1F7-A612-4CCF-B141-97D79A3A94D3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {A6CFD5F2-16FE-4C88-BB76-0997DBF69BA2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {AFAADC2E-21EE-4B18-A82E-5BDD9A1FDB65} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4080567834-197202263-3443209586-1001 => C:\Users\joaog\AppData\Local\MEGAsync\MEGAupdater.exe [2531496 2022-05-02] (Mega Limited -> ) Task: {B162B909-4D78-4EC7-AF9B-47B4E2CCCE7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-08] (Google LLC -> Google LLC) Task: {B4808F29-9C9F-491D-8B7A-9CCD212AC37D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-17] (Microsoft Corporation -> Microsoft Corporation) Task: {B4C6BDC1-1720-4CFF-AD58-4FC71055F159} - System32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} C:\WINDOWS\System32\cscui.dll [820736 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] Task: {B653AE10-8F68-448C-9CD9-B12A511E6C00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B8BC0CDB-B4AA-48D4-AEF5-1C4D26355FBB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MpCmdRun.exe [1348368 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BB35744F-5AD5-4260-A531-C7F34355B610} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1638219890 => C:\Users\FELIPE\AppData\Local\Programs\Opera GX\launcher.exe [2471880 2022-10-18] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\FELIPE\AppData\Local\Programs\Opera GX\assistant" $(Arg0) Task: {BE841F19-DB99-407D-84C3-0BFD4FE04214} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck Task: {C9927F7E-4FE8-426D-9FD2-DC16AA608E53} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {CC4F585B-EBBB-4AA6-9BDF-B28C489A9125} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\WINDOWS\system32\RAServer.exe [135168 2021-07-15] (Microsoft Corporation) [Arquivo não assinado] Task: {CDECF341-7BA2-4A11-B9EC-B13634439E79} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {D0B0A7D2-B72D-4BFB-A996-D1F22AD55F50} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-28] (Microsoft Corporation -> Microsoft Corporation) Task: {D8904C3B-AA0D-42BF-9B5C-EEBAA79CA884} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) Task: {DEC86044-B716-46F1-9627-259F3B16BBCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-08] (Google LLC -> Google LLC) Task: {E0098915-2752-4BAF-8F72-16752490DC72} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation) Task: {E53449A0-516F-4013-8A63-CC4FE08DF2D2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-09-28] (Microsoft Corporation -> Microsoft Corporation) Task: {FC0BF600-C3B5-4CA4-861F-3D4CE73056D3} - System32\Tasks\update-S-1-5-21-4080567834-197202263-3443209586-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: ) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\update-S-1-5-21-4080567834-197202263-3443209586-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\..\Interfaces\{20c902f7-b631-4837-901b-ecf60164e089}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{727d4a49-e835-4228-9169-8e1e44c3cbde}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{797c3b92-f505-435a-9cfd-fde50d7f0b45}: [DhcpNameServer] 8.8.8.8 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\FELIPE\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-18] FireFox: ======== FF DefaultProfile: kdtuqfrw.default FF ProfilePath: C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\kdtuqfrw.default [2022-10-24] FF ProfilePath: C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\sc7jormx.default-release [2022-10-27] FF Session Restore: Mozilla\Firefox\Profiles\sc7jormx.default-release -> está habilitado. FF Notifications: Mozilla\Firefox\Profiles\sc7jormx.default-release -> hxxps://tinder.com FF Extension: (Facebook Container) - C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\sc7jormx.default-release\Extensions\@contain-facebook.xpi [2022-03-24] FF Extension: (AdBlocker Ultimate) - C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\sc7jormx.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2022-03-10] FF Extension: (AdNauseam) - C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\sc7jormx.default-release\Extensions\adnauseam@rednoise.org.xpi [2022-02-13] FF Extension: (Ban Checker for Steam) - C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\sc7jormx.default-release\Extensions\banchecker@kuzmenko.io.xpi [2020-09-02] FF Extension: (Dollchan Extension Tools) - C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\sc7jormx.default-release\Extensions\dollchan_extension@dscript.me.xpi [2021-07-07] FF Extension: (AdBlocker for YouTube™) - C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\sc7jormx.default-release\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2021-05-17] FF Extension: (MetaMask) - C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\sc7jormx.default-release\Extensions\webextension@metamask.io.xpi [2022-04-14] FF Extension: (New Tab Suspender) - C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\sc7jormx.default-release\Extensions\{6a65273e-2b26-40f5-b66e-8eed317307da}.xpi [2021-11-21] FF Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\FELIPE\AppData\Roaming\Mozilla\Firefox\Profiles\sc7jormx.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-23] FF Plugin: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-05-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-05-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-20] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-20] (Microsoft Corporation -> Microsoft Corporation) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconf_warsaw.js [2022-07-25] Chrome: ======= CHR Profile: C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default [2022-10-28] CHR HomePage: Default -> hxxp://www.ourstartpage.com/ CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxp://google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&fr=OlcA91gpSeVp9Tt5LCQZ6zFLD8p7AVnEdPoxeyxkHQ%3D%3D","hxxps://www.google.com/","hxxp://www.seekmx.com/?bd=hp&oem=302br&uid=ST500DM002-1BD142_Z3TDJS1CXXXXZ3TDJS1C&version=2.3.0.10992&pid=414031160&tid=702","hxxps://www.google.com/","hxxps://encrypted.google.com" CHR Session Restore: Default -> está habilitado. CHR Extension: (Safe Torrent Scanner) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-10-28] CHR Extension: (Nyan Cat Progress Bar for YouTube™) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdjaekjkckpdknkfncfnaibkabdcgmkg [2021-01-07] CHR Extension: (image-picker) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhibldekjicdbnjeeecmgoogcihoalhe [2022-10-18] CHR Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-09-06] CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2021-01-07] CHR Extension: (LoL Stream Browser) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp [2021-01-07] CHR Extension: (Avast Passwords) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2021-01-07] CHR Extension: (Facebook Pixel Helper) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2022-09-29] CHR Extension: (Documentos Google off-line) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-29] CHR Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-10-22] CHR Extension: (Hola VPN - The Website Unblocker) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2022-10-28] CHR Extension: (Chrome Remote Desktop) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-01-24] CHR Extension: (Floating for YouTube™) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2021-01-07] CHR Extension: (The Great Suspender) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2021-01-07] CHR Extension: (Acesso rápido a apps para o Drive (do Google)) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-04-14] CHR Extension: (Selenium IDE) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mooikfkahbdckldjjndioackbalphokd [2022-06-14] CHR Extension: (Ali Hunter - AliExpress Product Tracker) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpajidobdpdigheplhpfggmeldjcpgfh [2022-10-28] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Speedtest by Ookla) - C:\Users\FELIPE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2022-04-14] CHR HKU\S-1-5-21-4080567834-197202263-3443209586-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-4080567834-197202263-3443209586-1001) Opera GXStable - "C:\Users\FELIPE\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-07-20] (BattlEye Innovations e.K. -> ) R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\107.0.5304.19\remoting_host.exe [74520 2022-09-28] (Google LLC -> Google LLC) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-17] (Microsoft Corporation -> Microsoft Corporation) R2 com.docker.service; C:\Program Files\Docker\Docker\com.docker.service [18376 2022-05-23] (Docker Inc -> Docker Inc.) R2 Curtains; C:\Program Files (x86)\Stardock\Curtains\CurtainsSrv64.exe [430360 2021-11-10] (STARDOCK SYSTEMS, INC. -> Stardock Software, Inc) S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4816728 2021-04-17] (AVB Disc Soft, SIA -> Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-04-02] (EasyAntiCheat Oy -> Epic Games, Inc) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.) S4 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2283096 2022-04-27] (GOG Sp. z o.o. -> GOG.com) S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-04-27] (GOG Sp. z o.o. -> GOG.com) S4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.) R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10097408 2022-10-27] (Logitech Inc -> Logitech, Inc.) S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.) S3 LxssManagerUser; C:\WINDOWS\system32\lxss\wslclient.dll [301056 2022-06-17] (Microsoft Windows -> Microsoft Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8842536 2022-10-22] (Malwarebytes Inc. -> Malwarebytes) S2 MSMQ; C:\WINDOWS\system32\mqsvc.exe [26112 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] R2 MYSQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [52037776 2022-07-06] (Oracle America, Inc. -> ) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2577752 2022-09-22] (Overwolf Ltd -> Overwolf LTD) R2 postgresql-x64-14; E:\Program Files\PostgreSQL\14\bin\pg_ctl.exe [118272 2022-03-22] (PostgreSQL Global Development Group) [Arquivo não assinado] S4 Rockstar Service; E:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2559896 2022-03-23] (Rockstar Games, Inc. -> Rockstar Games) S4 RvControlSvc; C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe [1058688 2021-12-20] (Famatech Corp. -> Famatech Corp.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-14] (Microsoft Windows Publisher -> Microsoft Corporation) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [382976 2021-05-12] () [Arquivo não assinado] S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13103632 2020-09-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\UNCHEATER\ucldr_battlegrounds_gl.exe [7152880 2022-01-15] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 ucldr_MirTrilogy4_GL; C:\Program Files\Common Files\UNCHEATER\ucldr_MirTrilogy4_GL.exe [6705392 2021-12-07] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-04-18] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R2 VMAuthdService; E:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [83224 2022-02-18] (VMware, Inc. -> VMware, Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-14] (Microsoft Windows Publisher -> Microsoft Corporation) S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [8737992 2022-01-23] (PUBG CORPORATION -> PUBG Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_df0bee9f4cb9436e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps) R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-04-17] (AVB Disc Soft, SIA -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2021-04-17] (AVB Disc Soft, SIA -> Disc Soft Ltd) R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-23] (Logitech Inc -> Logitech) R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-23] (Logitech Inc -> Logitech) R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-23] (Logitech Inc -> Logitech) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S2 MQAC; C:\WINDOWS\System32\drivers\mqac.sys [184320 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [80280 2022-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com) R3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2020-09-24] (Famatech Corp. -> Famatech Corp.) S3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider) S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [172544 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [Arquivo não assinado] S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project) S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project) R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [60344 2022-02-18] (VMware, Inc. -> VMware, Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2022-02-18] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2021-08-16] (VMware, Inc. -> VMware, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [455968 2022-10-14] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-14] (Microsoft Windows -> Microsoft Corporation) S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-05-06] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 xhunter1; C:\WINDOWS\xhunter1.sys [2522256 2022-02-02] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-10-29 14:16 - 2022-10-29 14:17 - 000041509 _____ C:\Users\FELIPE\Desktop\FRST.txt 2022-10-29 14:15 - 2022-10-29 14:15 - 000005569 _____ C:\Users\FELIPE\Desktop\report_2022.10.29_12.30.45.txt 2022-10-29 12:31 - 2022-10-29 12:31 - 000360000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_91a367f8a_klark.sys 2022-10-29 12:30 - 2022-10-29 12:30 - 000299544 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\91a367f8.sys 2022-10-29 12:30 - 2022-10-29 12:30 - 000270672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_91a367f8a_mark.sys 2022-10-29 12:30 - 2022-10-29 12:30 - 000000000 ____D C:\KVRT2020_Data 2022-10-29 12:24 - 2022-10-29 12:27 - 104959040 _____ (AO Kaspersky Lab) C:\Users\FELIPE\Desktop\KVRT.exe 2022-10-28 12:14 - 2022-10-28 12:14 - 000546818 _____ (glax24 (safezone.cc)) C:\Users\FELIPE\Desktop\SecurityCheck.exe 2022-10-28 12:14 - 2022-10-28 12:14 - 000000000 ____D C:\SecurityCheck 2022-10-28 11:56 - 2022-10-28 11:56 - 000372369 _____ C:\Users\FELIPE\Downloads\msvcr100.zip 2022-10-28 11:27 - 2022-10-28 11:27 - 000000897 _____ C:\Users\FELIPE\Desktop\µTorrent.lnk 2022-10-28 11:27 - 2022-10-28 11:27 - 000000877 _____ C:\Users\FELIPE\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2022-10-28 01:45 - 2022-10-28 01:48 - 000010687 _____ C:\Users\FELIPE\Desktop\Search.txt 2022-10-27 22:06 - 2022-10-27 22:06 - 000004702 _____ C:\Users\FELIPE\Desktop\ESETScan.txt 2022-10-27 18:45 - 2022-10-27 18:45 - 000001379 _____ C:\Users\FELIPE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk 2022-10-27 18:45 - 2022-10-27 18:45 - 000001273 _____ C:\Users\FELIPE\Desktop\ESET Online Scanner.lnk 2022-10-27 18:45 - 2022-10-27 18:45 - 000000000 ____D C:\Users\FELIPE\AppData\Local\ESET 2022-10-27 16:30 - 2022-10-27 16:30 - 015274968 _____ (ESET) C:\Users\FELIPE\Desktop\esetonlinescanner.exe 2022-10-27 15:00 - 2022-10-27 15:00 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk 2022-10-27 15:00 - 2022-10-27 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi 2022-10-27 14:59 - 2022-10-27 14:59 - 000000008 __RSH C:\ProgramData\ntuser.pol 2022-10-27 11:07 - 2022-10-29 14:16 - 000000000 ____D C:\Users\FELIPE\Desktop\FRST-OlderVersion 2022-10-27 11:07 - 2022-10-27 15:00 - 000039809 _____ C:\Users\FELIPE\Desktop\Fixlog.txt 2022-10-27 11:07 - 2022-10-27 11:07 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old 2022-10-27 10:31 - 2022-10-27 10:38 - 000000000 ____D C:\Users\FELIPE\Downloads\AliSavePlus_20221027 2022-10-26 12:12 - 2022-10-26 12:12 - 000001352 _____ C:\Users\FELIPE\Desktop\ckfiles.txt 2022-10-26 12:10 - 2022-10-26 12:10 - 000468480 _____ () C:\Users\FELIPE\Desktop\CKScanner.exe 2022-10-25 15:07 - 2022-10-25 15:12 - 158630958 _____ C:\Users\FELIPE\Downloads\wetransfer_social-media-pack-2021-08-30-01-43-24-utc-zip_2022-10-25_1749.zip 2022-10-25 14:49 - 2022-10-25 14:49 - 003950447 _____ C:\Users\FELIPE\Downloads\social-media-2021-08-30-08-25-56-utc.zip 2022-10-25 14:49 - 2022-10-25 14:49 - 000920755 _____ C:\Users\FELIPE\Downloads\social-media-promotion-2021-08-26-22-25-25-utc.zip 2022-10-25 12:49 - 2022-10-25 12:49 - 672030875 _____ C:\Users\FELIPE\Desktop\Logfile.PML 2022-10-25 12:47 - 2022-10-25 12:47 - 000080280 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON24.SYS 2022-10-25 12:41 - 2022-10-25 12:41 - 005215120 _____ (Sysinternals - www.sysinternals.com) C:\Users\FELIPE\Desktop\Procmon.exe 2022-10-25 12:03 - 2022-10-28 12:30 - 116916224 _____ C:\WINDOWS\system32\config\SOFTWARE 2022-10-25 11:59 - 2022-10-25 12:03 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2022-10-25 11:30 - 2022-10-29 14:16 - 000000000 ____D C:\FRST 2022-10-25 11:27 - 2022-10-29 14:16 - 002374144 _____ (Farbar) C:\Users\FELIPE\Desktop\FRST64.exe 2022-10-25 10:20 - 2022-10-25 10:20 - 002719020 _____ C:\Users\FELIPE\Desktop\25.10.2022_10.20.30.zip 2022-10-24 23:17 - 2022-10-24 23:17 - 000001080 _____ C:\Users\FELIPE\Desktop\SFCFix.txt 2022-10-24 23:17 - 2022-10-24 23:17 - 000000000 ____D C:\SFCFix 2022-10-24 23:08 - 2022-10-24 23:17 - 000000000 ____D C:\Users\FELIPE\AppData\Local\niemiro 2022-10-24 23:07 - 2022-10-24 23:07 - 002316112 _____ (niemiro) C:\Users\FELIPE\Desktop\SFCFix.exe 2022-10-24 23:03 - 2022-10-24 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2022-10-24 18:19 - 2022-10-24 18:19 - 000045423 _____ C:\Users\FELIPE\Desktop\OpenHardwareMonitor.Report.txt 2022-10-23 23:51 - 2022-10-23 23:51 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crucial Storage Executive 2022-10-23 23:51 - 2022-10-23 23:51 - 000000000 ____D C:\Users\FELIPE\AppData\Local\JxBrowser 2022-10-23 23:51 - 2022-10-23 23:51 - 000000000 ____D C:\Program Files\Crucial 2022-10-23 23:47 - 2022-10-23 23:48 - 241354303 _____ C:\Users\FELIPE\Downloads\storage-executive-win-64.zip 2022-10-22 18:14 - 2022-10-25 12:43 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2022-10-22 18:13 - 2022-10-25 12:44 - 001561760 _____ C:\WINDOWS\ntbtlog.txt 2022-10-22 17:15 - 2022-10-25 10:20 - 000000000 ____D C:\FRST.old 2022-10-22 16:58 - 2022-10-22 16:58 - 000000072 _____ C:\WINDOWS\system32\AdsInfoCls 2022-10-22 16:53 - 2022-10-22 16:53 - 002632256 _____ (Malwarebytes) C:\Users\FELIPE\Downloads\MBSetup.exe 2022-10-21 14:22 - 2022-10-21 14:22 - 000000000 ____D C:\Users\FELIPE\AppData\LocalLow\webviewdata 2022-10-21 13:09 - 2022-10-21 13:09 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput 2022-10-20 23:43 - 2022-10-20 23:43 - 008791352 _____ (Malwarebytes) C:\Users\FELIPE\Downloads\adwcleaner.exe 2022-10-20 10:15 - 2022-10-20 10:15 - 000000433 _____ C:\Users\FELIPE\.gitconfig 2022-10-20 09:12 - 2022-10-20 09:12 - 005310387 _____ C:\Users\FELIPE\Downloads\Electric Shoes Dryer_Heater_Sanitizer.mp4 2022-10-19 07:01 - 2022-10-19 07:03 - 000000000 ____D C:\Users\FELIPE\Documents\FormatFactory 2022-10-19 07:01 - 2022-10-19 07:01 - 000000811 _____ C:\Users\FELIPE\Desktop\Format Factory.lnk 2022-10-19 07:01 - 2022-10-19 07:01 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2022-10-19 07:01 - 2022-10-19 07:01 - 000000000 ____D C:\Users\FELIPE\AppData\Local\FTMod 2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 ____D C:\Users\FELIPE\AppData\Local\luminati 2022-10-19 06:59 - 2022-10-19 06:59 - 000000000 ____D C:\Users\FELIPE\AppData\Local\Free_Time_Co.,_Ltd 2022-10-19 06:43 - 2022-10-19 06:43 - 000000000 ____D C:\Users\FELIPE\Creative Cloud Files 2022-10-19 06:02 - 2022-10-19 06:02 - 000000000 ____D C:\Program Files\Adobe 2022-10-18 23:58 - 2022-10-19 00:17 - 000684984 _____ (Mozilla Foundation) C:\Users\FELIPE\AppData\LocalLow\freebl3.dll 2022-10-18 23:58 - 2022-10-19 00:17 - 000254392 _____ (Mozilla Foundation) C:\Users\FELIPE\AppData\LocalLow\softokn3.dll 2022-10-18 23:58 - 2022-10-19 00:16 - 000627128 _____ (Mozilla Foundation) C:\Users\FELIPE\AppData\LocalLow\mozglue.dll 2022-10-18 10:19 - 2022-10-18 10:19 - 000000000 ____D C:\Users\FELIPE\Documents\Zoom 2022-10-17 14:24 - 2022-10-17 14:24 - 000036430 _____ C:\Users\FELIPE\Downloads\criativo.webp 2022-10-13 13:16 - 2022-10-13 13:16 - 000000000 ____D C:\Users\FELIPE\Documents\MEI 2022-10-12 21:10 - 2022-10-12 21:10 - 000134890 _____ C:\Users\FELIPE\Downloads\palmilha1.jpeg 2022-10-12 12:54 - 2022-10-12 12:54 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-10-12 12:53 - 2022-10-12 12:53 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-10-12 12:53 - 2022-10-12 12:53 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2022-10-12 12:53 - 2022-10-12 12:53 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2022-10-12 12:53 - 2022-10-12 12:53 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2022-10-12 12:53 - 2022-10-12 12:53 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2022-10-12 12:52 - 2022-10-12 12:52 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-10-12 12:44 - 2022-10-12 12:44 - 000000000 ___HD C:\$WinREAgent 2022-10-11 15:25 - 2022-10-11 15:25 - 000015246 _____ C:\Users\FELIPE\Downloads\Planilha_Tickets.xlsx 2022-10-10 13:46 - 2022-10-10 13:46 - 000065428 _____ C:\Users\FELIPE\Downloads\ryviu4.webp 2022-10-07 06:49 - 2022-10-07 06:49 - 001815188 _____ C:\Users\FELIPE\Downloads\theme_export__www-stardocks-com-br-ella-6-2-3-theme-source__07OCT2022-0647am.zip 2022-10-04 17:39 - 2022-10-04 17:39 - 009193874 _____ C:\Users\FELIPE\Downloads\laurel-wreath-realistic.zip 2022-10-04 17:39 - 2017-12-29 11:01 - 008794266 _____ C:\Users\FELIPE\Downloads\4738.eps 2022-10-04 17:39 - 2017-12-29 11:01 - 000001504 _____ C:\Users\FELIPE\Downloads\License free.txt 2022-10-04 17:39 - 2017-12-29 11:01 - 000001115 _____ C:\Users\FELIPE\Downloads\License premium.txt 2022-09-30 03:30 - 2022-09-30 03:30 - 000026878 _____ C:\Users\FELIPE\Downloads\brazil-flag-icon.svg 2022-09-30 02:31 - 2022-09-24 07:52 - 000000000 ____D C:\Users\FELIPE\Documents\ellashopify-623 2022-09-30 02:31 - 2022-06-27 07:25 - 000000111 _____ C:\Users\FELIPE\Documents\THEMELOCK.COM.url 2022-09-30 02:31 - 2020-04-19 07:57 - 000000429 _____ C:\Users\FELIPE\Documents\Downloaded from THEMELOCK.COM.txt 2022-09-30 02:04 - 2022-09-30 02:24 - 337298959 _____ C:\Users\FELIPE\Downloads\ellashopify-623.rar ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2022-10-29 14:17 - 2020-04-10 16:43 - 000000000 ____D C:\Users\FELIPE\AppData\Local\Discord 2022-10-29 14:14 - 2019-12-07 06:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2022-10-29 14:09 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-10-29 14:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-10-29 14:09 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-10-29 14:05 - 2020-04-10 16:43 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\discord 2022-10-29 13:44 - 2020-04-12 23:13 - 000000000 ____D C:\Program Files (x86)\Google 2022-10-29 13:36 - 2021-01-27 22:56 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\Code 2022-10-29 13:00 - 2022-09-23 10:31 - 000000000 ____D C:\Users\FELIPE\Documents\Pessoais 2022-10-29 12:25 - 2020-04-10 15:38 - 000000000 ____D C:\ProgramData\NVIDIA 2022-10-29 12:15 - 2020-09-26 12:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-10-29 11:41 - 2020-07-06 21:42 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-10-29 11:40 - 2021-05-11 13:57 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\LGHUB 2022-10-29 11:40 - 2021-05-11 13:50 - 000000000 ____D C:\Users\FELIPE\AppData\Local\LGHUB 2022-10-29 11:39 - 2022-03-31 14:11 - 000000446 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2022-10-28 12:31 - 2022-05-23 11:42 - 000000000 ____D C:\ProgramData\DockerDesktop 2022-10-28 12:31 - 2020-05-24 00:26 - 000000000 ____D C:\ProgramData\VMware 2022-10-28 12:30 - 2020-09-26 12:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-10-28 12:30 - 2019-12-07 06:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2022-10-28 12:09 - 2019-12-07 06:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-10-28 11:59 - 2021-11-22 02:56 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\uTorrent 2022-10-28 11:58 - 2022-06-05 15:33 - 000000000 ____D C:\Users\FELIPE\AppData\Local\CrashDumps 2022-10-28 11:43 - 2021-04-08 23:36 - 000000000 ____D C:\Users\FELIPE\AppData\Local\BitTorrentHelper 2022-10-28 11:26 - 2021-11-22 02:55 - 000000000 ____D C:\Users\FELIPE\AppData\Local\UT008 2022-10-27 23:45 - 2020-07-08 10:45 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-10-27 20:55 - 2022-06-01 16:00 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\Adobe 2022-10-27 20:55 - 2021-09-19 00:49 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-10-27 19:47 - 2020-11-12 15:59 - 000000000 ____D C:\Users\joaog\AppData\Roaming\uTorrent 2022-10-27 15:01 - 2021-04-16 19:52 - 000000000 ____D C:\Program Files\LGHUB 2022-10-27 14:58 - 2020-11-13 11:19 - 000000000 ____D C:\ProgramData\Temp 2022-10-27 14:55 - 2019-12-07 11:53 - 000865992 _____ C:\WINDOWS\system32\prfh0416.dat 2022-10-27 14:55 - 2019-12-07 11:53 - 000190272 _____ C:\WINDOWS\system32\prfc0416.dat 2022-10-27 14:52 - 2019-03-19 01:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2022-10-26 14:11 - 2022-04-01 11:39 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\GitHub Desktop 2022-10-26 12:10 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-10-25 09:06 - 2022-03-14 16:01 - 000000000 ____D C:\Users\FELIPE\AppData\Local\D3DSCache 2022-10-24 23:03 - 2022-03-09 01:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2022-10-24 23:03 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-10-24 23:02 - 2020-05-25 13:24 - 000000000 ____D C:\Users\FELIPE\AppData\LocalLow\Temp 2022-10-24 23:01 - 2019-12-07 06:13 - 000000000 ____D C:\WINDOWS\INF 2022-10-24 21:35 - 2021-11-17 19:46 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\WhatsApp 2022-10-24 21:35 - 2021-11-17 19:46 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2022-10-24 21:34 - 2021-11-17 19:46 - 000000000 ____D C:\Users\FELIPE\AppData\Local\WhatsApp 2022-10-24 18:51 - 2021-12-13 12:17 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4080567834-197202263-3443209586-1001 2022-10-24 18:51 - 2020-09-26 12:30 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4080567834-197202263-3443209586-1001 2022-10-24 18:51 - 2020-09-26 12:25 - 000002388 _____ C:\Users\FELIPE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-10-24 18:19 - 2010-01-31 19:00 - 000000000 ____D C:\Users\FELIPE\Desktop\OpenHardwareMonitor 2022-10-22 16:59 - 2021-06-23 18:07 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-10-22 16:59 - 2021-06-23 18:07 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2022-10-22 16:58 - 2021-06-23 18:07 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-10-22 16:58 - 2021-06-23 18:07 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2022-10-22 16:56 - 2021-06-23 18:07 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2022-10-22 16:54 - 2021-06-23 18:02 - 000000000 ____D C:\Program Files\Malwarebytes 2022-10-22 16:54 - 2020-05-29 20:27 - 000000000 ____D C:\ProgramData\Malwarebytes 2022-10-21 13:06 - 2021-11-20 13:18 - 000153048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2022-10-21 13:06 - 2021-06-22 21:02 - 002815456 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2022-10-21 13:06 - 2021-06-22 21:02 - 000452048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2022-10-21 13:06 - 2021-06-22 21:02 - 000243168 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll 2022-10-21 13:06 - 2021-06-22 21:02 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2022-10-21 13:06 - 2021-06-22 21:02 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2022-10-20 23:54 - 2022-02-12 15:20 - 000000000 ____D C:\ProgramData\BSD 2022-10-20 23:54 - 2020-05-29 20:25 - 000000000 ____D C:\AdwCleaner 2022-10-20 10:16 - 2022-04-01 11:39 - 000002372 _____ C:\Users\FELIPE\Desktop\GitHub Desktop.lnk 2022-10-20 10:16 - 2022-04-01 11:39 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2022-10-20 10:15 - 2022-04-01 11:39 - 000000000 ____D C:\Users\FELIPE\AppData\Local\GitHubDesktop 2022-10-20 10:15 - 2020-09-26 12:25 - 000000000 ____D C:\Users\FELIPE 2022-10-20 10:15 - 2020-04-10 16:43 - 000000000 ____D C:\Users\FELIPE\AppData\Local\SquirrelTemp 2022-10-20 08:31 - 2021-11-22 23:59 - 000004232 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1637636362 2022-10-20 08:31 - 2021-11-22 23:59 - 000001437 _____ C:\Users\FELIPE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk 2022-10-20 08:28 - 2022-02-08 11:17 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2022-10-19 11:27 - 2022-02-09 11:38 - 000007576 _____ C:\Users\FELIPE\.bash_history 2022-10-19 06:05 - 2022-09-27 01:24 - 000000000 ____D C:\Users\FELIPE\Documents\Adobe 2022-10-18 11:21 - 2021-01-27 22:56 - 000000000 ____D C:\Users\FELIPE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2022-10-17 09:32 - 2020-10-15 18:38 - 000000000 ____D C:\Program Files\Microsoft Office 2022-10-15 11:18 - 2020-09-26 12:30 - 000003674 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-10-15 11:18 - 2020-09-26 12:30 - 000003550 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-10-14 08:54 - 2020-04-10 13:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-10-13 06:59 - 2020-09-26 12:34 - 002007322 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-10-13 01:10 - 2020-09-26 12:24 - 000299760 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-10-13 01:09 - 2022-03-21 10:54 - 000000000 ___SD C:\WINDOWS\system32\lxss 2022-10-13 01:09 - 2019-12-07 11:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2022-10-13 01:09 - 2019-12-07 06:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-10-13 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2022-10-13 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2022-10-13 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-10-13 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2022-10-13 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\Provisioning 2022-10-13 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-10-13 01:09 - 2019-12-07 06:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-10-12 12:56 - 2019-12-07 06:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2022-10-12 12:52 - 2022-02-10 19:13 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-10-12 11:35 - 2020-04-10 15:09 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-10-12 11:30 - 2020-04-10 15:09 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-10-12 04:39 - 2022-06-08 12:27 - 000316920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInputRedist.dll 2022-10-12 02:55 - 2022-06-08 12:27 - 000199672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInputRedist.dll 2022-10-11 15:25 - 2020-04-10 15:00 - 000000000 ____D C:\Users\FELIPE\AppData\Local\Packages 2022-10-10 14:33 - 2020-04-10 17:08 - 000000000 ____D C:\Users\FELIPE\AppData\Local\ElevatedDiagnostics 2022-09-30 03:48 - 2022-09-24 13:48 - 000000000 ____D C:\Users\FELIPE\Documents\Notas ==================== Arquivos na raiz de alguns diretórios ======== 2021-05-18 12:38 - 2022-08-28 22:32 - 000000032 _____ () C:\Users\FELIPE\AppData\Roaming\.machineId 2021-06-05 13:31 - 2021-06-05 13:31 - 000000016 _____ () C:\Users\FELIPE\AppData\Roaming\obs-virtualcam.txt 2022-05-03 14:40 - 2022-05-03 14:40 - 000000128 _____ () C:\Users\FELIPE\AppData\Local\PUTTY.RND 2022-03-07 14:09 - 2022-03-07 14:13 - 000000385 _____ () C:\Users\FELIPE\AppData\Local\rtb.json 2022-03-07 14:09 - 2022-03-07 14:13 - 000017290 _____ () C:\Users\FELIPE\AppData\Local\rtb.log 2022-02-14 08:51 - 2022-02-14 08:51 - 000000003 _____ () C:\Users\FELIPE\AppData\Local\updater.log 2022-02-14 08:51 - 2022-02-14 08:51 - 000000424 _____ () C:\Users\FELIPE\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================