Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 31-10-2022 02
Executado por Lucas (administrador) em DESKTOP-P6DH16G (01-11-2022 14:10:54)
Executando a partir de C:\Users\Lucas\Desktop
Perfis Carregados: Lucas
Plataforma: Microsoft Windows 10 Pro Versão 21H2 19044.1889 (X64) Idioma: Português (Brasil)
Navegador padrão: Chrome
Modo da Inicialização: Normal

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) E:\Origin\OriginWebHelperService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_85cff5320735903d\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registro (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_85cff5320735903d\RtkAudUService64.exe [3378592 2021-12-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-1334273653-507725005-2384971389-1001\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-1334273653-507725005-2384971389-1001\...\Run: [EpicGamesLauncher] => E:\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32696784 2022-10-28] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1334273653-507725005-2384971389-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2022-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1334273653-507725005-2384971389-1001\...\Run: [MicrosoftEdgeAutoLaunch_8382BF3968AA6F1092659864A1661B32] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1334273653-507725005-2384971389-1001\...\Run: [Microsoft Edge Update] => C:\Users\Lucas\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\MicrosoftEdgeUpdateCore.exe [256440 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-11-01] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{C57B257B-3D92-4AC0-8FE8-7D6FF81AEF73}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"

==================== Tarefas Agendadas (Whitelisted) ============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {014A5C15-7DDA-4816-9F61-F7DBBA469E83} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6484936 2022-10-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {0272253A-A76C-44D6-B6D5-F23421CEBB0A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0F6953AB-275B-4FBF-A4EC-FED6F061039A} - System32\Tasks\AsrPolychromeRGB => C:\Program Files (x86)\ASRock Utility\ASRRGBLED\Bin\AsrPolychromeRGB.exe [12605688 2021-09-17] (ASRock Incorporation -> )
Task: {10FE927F-E5F1-4056-88B7-1AA33D32447C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111000 2022-10-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {12AACC5A-F9A7-40A9-B44D-C3DAFE40A432} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {322AF8DC-91BD-4A76-8EDA-CC0519549ED7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-12-12] (Google LLC -> Google LLC)
Task: {409660F4-C07D-45BB-B8F8-C8C7AA36FCA1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111000 2022-10-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {4423F08B-8D91-4E06-BA75-4B52C7B14C0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-12-12] (Google LLC -> Google LLC)
Task: {4D5938B0-8AFB-487F-8CF4-E8F06F8A57D6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {685E9592-2391-4597-B078-6906740F9F1A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22582200 2022-10-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {70D1F93A-5736-41B3-9683-D2A42EAF5A2E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {75B87C14-07FB-4F26-9547-6FF3AA028E41} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {7D526217-28FF-40D3-8F2B-A7D3FC88F9A5} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7E213E38-5947-45B2-9D10-CEC207C3ACE3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22582200 2022-10-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {85EFAD07-74D5-4249-803A-BBAEB5A58F09} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {88C585D3-55E7-475B-BB62-3A909EB03B0F} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1334273653-507725005-2384971389-1001Core => C:\Users\Lucas\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A6E4D94-4F24-4B5B-A96A-B91914B18800} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {971535DE-4E0C-44D3-A486-91E3B1C0C9EB} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667832 2021-07-16] (Advanced Micro Devices INC. -> )
Task: {9F232190-CF1E-40ED-864F-07F3ACF62B41} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BDDAA58F-BF5C-4DEA-A81D-70F568AAFF91} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6484936 2022-10-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D10850AC-9269-4780-A436-E6905B3D8C30} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-09-12] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D945E5D0-5817-45A9-9708-1026E80B800E} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1334273653-507725005-2384971389-1001UA => C:\Users\Lucas\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-23] (Microsoft Corporation -> Microsoft Corporation)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)


==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: 127.0.0.1 telemetry.malwarebytes.com
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{0f53b7dd-0061-4edc-bd20-18ed24fb077d}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{9650d76f-e7e5-4732-b847-520b234a351b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9650d76f-e7e5-4732-b847-520b234a351b}: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{e4134189-45c6-4ac2-ad2f-7227fd5d6037}: [DhcpNameServer] 192.168.3.1

Edge: 
=======
Edge Profile: C:\Users\Lucas\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-26]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-12-12]
CHR Profile: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-11-01]
CHR HomePage: Profile 2 -> hxxp://google.com/
CHR Extension: (Documentos Google off-line) - C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-01]
CHR Extension: (AdBlock — o melhor bloqueador de anúncios) - C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-10-22]
CHR Extension: (Violentmonkey) - C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jinjaccalgkegednnccohejagnlnfdag [2022-10-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-12]
CHR Profile: C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Serviços (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649976 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
S2 CupDBService; C:\Program Files (x86)\Cupdb 1.0\cupdb.exe [5234 2022-11-01] () [Arquivo não assinado]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2022-09-12] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-06-27] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2022-03-16] (Epic Games Inc. -> Epic Games, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2022-11-01] (Malwarebytes Inc -> Malwarebytes)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [64736 2022-05-31] (OpenVPN Inc. -> The OpenVPN Project)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; E:\Launcher\RockstarService.exe [1908688 2022-06-10] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6255896 2022-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\NisSrv.exe [3191224 2022-10-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe [133536 2022-10-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_70cfb45e19c20af4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AsrDrv102; C:\Windows\SysWOW64\Drivers\AsrDrv102.sys [22248 2021-12-12] (ASROCK Incorporation -> ASRock Incorporation) [Arquivo não assinado]
R3 AsrDrv104; C:\Windows\SysWOW64\Drivers\AsrDrv104.sys [34536 2021-12-12] (ASROCK Incorporation -> ASRock Incorporation) [Arquivo não assinado]
S3 AsrDrv105; C:\Windows\SysWOW64\Drivers\AsrDrv105.sys [40696 2021-12-12] (ASROCK INC. -> ASRock Incorporation)
R1 cupdbdrv; C:\Windows\System32\drivers\cupdbdrv.sys [89600 2021-04-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2022-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2022-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2022-11-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217088 2022-11-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2022-11-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [197280 2022-11-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73880 2022-11-01] (Malwarebytes Inc -> Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2022-11-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131232 2022-11-01] (Malwarebytes Inc -> Malwarebytes)
S3 MpKsl3edeaca5; C:\Windows\system32\MpEngineStore\MpKslDrv.sys [134376 2022-01-10] (Microsoft Windows -> Microsoft Corporation)
R3 MSIO; C:\Program Files (x86)\ASRock Utility\ASRRGBLED\Bin\msio64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2022-10-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [469280 2022-10-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-26] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\System32\drivers\wintun.sys [38176 2022-10-01] (WireGuard LLC -> WireGuard LLC)
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um mês (criados) (Whitelisted) =========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2022-11-01 14:10 - 2022-11-01 14:13 - 000020998 _____ C:\Users\Lucas\Desktop\FRST.txt
2022-11-01 14:10 - 2022-11-01 14:11 - 000000000 ____D C:\FRST
2022-11-01 14:10 - 2022-11-01 14:10 - 002374144 _____ (Farbar) C:\Users\Lucas\Desktop\FRST64.exe
2022-11-01 14:07 - 2022-11-01 14:08 - 000000000 ____D C:\AdwCleaner
2022-11-01 14:07 - 2022-11-01 14:07 - 008791352 _____ (Malwarebytes) C:\Users\Lucas\Desktop\adwcleaner.exe
2022-11-01 13:12 - 2022-11-01 13:12 - 000000000 ___HD C:\$Windows.~WS
2022-11-01 12:18 - 2022-11-01 12:18 - 000197280 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-11-01 12:18 - 2022-11-01 12:18 - 000131232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-11-01 12:18 - 2022-11-01 12:18 - 000073880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-11-01 12:07 - 2022-11-01 12:07 - 000000000 ___HD C:\$WinREAgent
2022-11-01 12:06 - 2022-11-01 12:06 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-11-01 12:06 - 2022-11-01 12:06 - 000217088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-11-01 12:06 - 2022-11-01 12:06 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-11-01 12:06 - 2022-11-01 12:06 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-11-01 12:06 - 2022-11-01 12:06 - 000002045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-01 12:06 - 2022-11-01 12:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-30 12:16 - 2022-10-30 12:16 - 000000000 ____D C:\Users\Lucas\AppData\Local\OPP
2022-10-17 13:36 - 2005-12-19 05:20 - 000238536 _____ C:\Windows\SysWOW64\Spanish.bin
2022-10-17 13:36 - 2005-11-30 23:35 - 000039276 _____ C:\Windows\SysWOW64\SPANISH.TXT
2022-10-17 13:36 - 2005-10-05 23:00 - 000000692 _____ C:\Windows\SysWOW64\LOCALE_SPANISH.loc
2022-10-17 13:21 - 2020-04-11 10:58 - 000242148 ___RH C:\Windows\SysWOW64\1482
2022-10-17 13:21 - 2005-10-19 00:01 - 000040534 ___RH C:\Windows\SysWOW64\1481
2022-10-17 13:21 - 2005-10-06 00:00 - 000000720 ___RH C:\Windows\SysWOW64\1483
2022-10-17 12:59 - 2022-10-17 12:59 - 000000000 ____D C:\Users\Lucas\Documents\NFS Most Wanted
2022-10-17 12:57 - 2022-10-17 12:57 - 000000830 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2022-10-17 12:57 - 2022-10-17 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2022-10-16 21:01 - 2022-10-16 21:11 - 000000000 ____D C:\Users\Lucas\AppData\Local\FlightSimulator
2022-10-16 20:10 - 2022-10-28 18:54 - 000000000 ____D C:\Users\Lucas\Documents\My Games
2022-10-16 20:10 - 2022-10-16 21:12 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\Microsoft Flight Simulator
2022-10-16 20:10 - 2022-10-16 20:52 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\HOODLUM
2022-10-16 20:09 - 2022-10-16 20:09 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2022-10-15 19:09 - 2022-10-15 19:09 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\SmartSteamEmu
2022-10-15 19:09 - 2022-10-15 19:09 - 000000000 ____D C:\Users\Lucas\AppData\LocalLow\Boneloaf
2022-10-15 17:27 - 2022-10-16 15:48 - 000028672 _____ C:\Users\Lucas\AppData\Roaming\crash.bin
2022-10-15 13:18 - 2022-10-15 13:18 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-10-14 12:53 - 2022-10-14 12:53 - 000000868 _____ C:\Users\Public\Desktop\Microsoft Flight Simulator 2020.lnk
2022-10-11 13:12 - 2022-10-11 13:12 - 000066008 _____ C:\Users\Lucas\Downloads\Fatura Dezembro.PDF
2022-10-11 11:39 - 2022-10-24 12:05 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-05 13:15 - 2022-10-05 13:15 - 283333984 _____ C:\Users\Lucas\Downloads\SteelSeriesGG25.0.0Setup.exe
2022-10-03 13:00 - 2022-10-03 13:00 - 000000000 ____D C:\Users\Lucas\AppData\Local\Kena
2022-10-02 18:54 - 2022-10-02 18:54 - 000384328 _____ C:\Users\Lucas\Downloads\cream.rar
2022-10-02 18:51 - 2022-09-22 12:12 - 001905928 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2022-10-02 18:51 - 2022-09-22 12:12 - 001905928 _____ C:\Windows\system32\vulkaninfo.exe
2022-10-02 18:51 - 2022-09-22 12:12 - 001478384 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-10-02 18:51 - 2022-09-22 12:12 - 001478384 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2022-10-02 18:51 - 2022-09-22 12:12 - 001472000 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2022-10-02 18:51 - 2022-09-22 12:12 - 001432328 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2022-10-02 18:51 - 2022-09-22 12:12 - 001432328 _____ C:\Windows\system32\vulkan-1.dll
2022-10-02 18:51 - 2022-09-22 12:12 - 001213416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2022-10-02 18:51 - 2022-09-22 12:12 - 001145608 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2022-10-02 18:51 - 2022-09-22 12:12 - 001145608 _____ C:\Windows\SysWOW64\vulkan-1.dll
2022-10-02 18:51 - 2022-09-22 12:08 - 001536504 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2022-10-02 18:51 - 2022-09-22 12:08 - 001182712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2022-10-02 18:51 - 2022-09-22 12:08 - 000865784 _____ C:\Windows\system32\nvofapi64.dll
2022-10-02 18:51 - 2022-09-22 12:08 - 000771584 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2022-10-02 18:51 - 2022-09-22 12:08 - 000714728 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2022-10-02 18:51 - 2022-09-22 12:08 - 000687616 _____ C:\Windows\SysWOW64\nvofapi.dll
2022-10-02 18:51 - 2022-09-22 12:07 - 002127864 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2022-10-02 18:51 - 2022-09-22 12:07 - 001607672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2022-10-02 18:51 - 2022-09-22 12:07 - 001059320 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2022-10-02 18:51 - 2022-09-22 12:07 - 000845304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2022-10-02 18:51 - 2022-09-22 12:07 - 000456184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2022-10-02 18:51 - 2022-09-22 12:06 - 010270208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2022-10-02 18:51 - 2022-09-22 12:06 - 008803832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2022-10-02 18:51 - 2022-09-22 12:06 - 005751288 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2022-10-02 18:51 - 2022-09-22 12:06 - 005362680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2022-10-02 18:51 - 2022-09-22 12:06 - 003066872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2022-10-02 18:51 - 2022-09-22 12:05 - 000852984 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2022-10-02 18:51 - 2022-09-21 21:35 - 000093312 _____ C:\Windows\system32\nvinfo.pb

==================== Um mês (modificados) ==================

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2022-11-01 14:09 - 2021-12-12 14:16 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-01 14:06 - 2020-07-07 00:12 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-11-01 14:06 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-01 13:58 - 2020-07-07 00:33 - 000000000 ____D C:\Users\Lucas\AppData\Local\D3DSCache
2022-11-01 13:42 - 2021-12-12 14:41 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-01 13:12 - 2020-07-07 00:12 - 000000000 ____D C:\Windows\Panther
2022-11-01 12:57 - 2020-07-07 00:18 - 001742348 _____ C:\Windows\system32\PerfStringBackup.INI
2022-11-01 12:57 - 2019-12-07 11:53 - 000752560 _____ C:\Windows\system32\prfh0416.dat
2022-11-01 12:57 - 2019-12-07 11:53 - 000148674 _____ C:\Windows\system32\prfc0416.dat
2022-11-01 12:57 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF
2022-11-01 12:20 - 2022-04-03 13:40 - 000000000 ____D C:\Program Files (x86)\Cupdb 1.0
2022-11-01 12:19 - 2022-01-01 11:07 - 000003072 _____ C:\Windows\system32\Tasks\AsrPolychromeRGB
2022-11-01 12:18 - 2022-04-03 13:40 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2022-11-01 12:18 - 2020-07-07 00:12 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-01 12:18 - 2020-07-07 00:12 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-11-01 12:17 - 2020-07-07 00:33 - 000000000 ____D C:\Users\Lucas\AppData\Local\Packages
2022-11-01 12:17 - 2019-12-07 06:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-11-01 12:14 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp
2022-11-01 12:06 - 2019-12-07 06:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-11-01 11:44 - 2021-12-12 14:41 - 000002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-01 11:32 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-31 12:09 - 2021-12-15 12:20 - 000000000 ____D C:\Program Files\Cheat Engine 7.3
2022-10-31 00:51 - 2021-12-12 18:13 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\uTorrent
2022-10-31 00:11 - 2021-12-12 18:17 - 000000000 ____D C:\Users\Lucas\AppData\Local\BitTorrentHelper
2022-10-31 00:01 - 2021-12-12 17:03 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\vlc
2022-10-30 14:52 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-30 12:16 - 2020-07-07 00:13 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-29 11:55 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\NDF
2022-10-28 14:05 - 2022-03-13 23:03 - 000000000 ____D C:\Users\Lucas\AppData\Local\ElevatedDiagnostics
2022-10-28 11:03 - 2021-12-12 18:38 - 000000000 ____D C:\ProgramData\Origin
2022-10-28 11:02 - 2021-12-12 18:38 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\Origin
2022-10-28 11:02 - 2021-12-12 18:38 - 000000000 ____D C:\Users\Lucas\AppData\Local\Origin
2022-10-26 13:44 - 2020-07-07 00:12 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-24 15:32 - 2021-12-12 14:11 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1334273653-507725005-2384971389-1001
2022-10-24 15:32 - 2020-07-07 00:32 - 000002397 _____ C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-10-24 12:05 - 2022-01-20 10:36 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-10-21 14:07 - 2022-01-04 11:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-10-21 13:51 - 2021-12-12 16:45 - 000000000 ____D C:\Users\Lucas\AppData\Local\CrashDumps
2022-10-17 13:21 - 2022-05-25 12:29 - 000000000 ____D C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameVicio
2022-10-17 13:21 - 2022-05-25 12:29 - 000000000 ____D C:\Program Files (x86)\GameVicio
2022-10-16 17:04 - 2022-06-24 19:06 - 000000000 ____D C:\Users\Lucas\AppData\Local\MK11
2022-10-15 20:46 - 2020-07-07 00:32 - 000000000 ____D C:\Users\Lucas
2022-10-15 17:24 - 2022-05-14 17:39 - 000000702 _____ C:\Users\Lucas\Desktop\Team Sonic Racing.lnk
2022-10-15 10:54 - 2022-06-23 22:11 - 000003934 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1334273653-507725005-2384971389-1001UA
2022-10-15 10:54 - 2022-06-23 22:11 - 000003870 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1334273653-507725005-2384971389-1001Core
2022-10-15 10:52 - 2020-07-07 00:12 - 000003674 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-15 10:52 - 2020-07-07 00:12 - 000003550 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-14 12:09 - 2021-12-12 18:01 - 000000000 ____D C:\Windows\system32\MRT
2022-10-14 12:07 - 2021-12-12 18:01 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-12 13:03 - 2021-12-12 14:12 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1334273653-507725005-2384971389-1001
2022-10-02 19:40 - 2021-12-12 14:20 - 000000000 ____D C:\Users\Lucas\AppData\Local\NVIDIA
2022-10-02 18:47 - 2021-12-26 18:58 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-02 18:47 - 2021-12-26 18:58 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-02 18:47 - 2021-12-26 18:58 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-02 18:47 - 2021-12-26 18:58 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-02 18:47 - 2021-12-26 18:58 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-02 18:47 - 2021-12-26 18:58 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-02 18:47 - 2021-12-26 18:58 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-02 18:47 - 2021-12-26 18:58 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-02 18:47 - 2021-12-26 18:58 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-10-02 18:47 - 2021-12-12 14:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-10-02 18:47 - 2021-12-12 14:14 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-10-02 18:47 - 2021-12-12 14:14 - 000000000 ____D C:\Program Files\NVIDIA Corporation

==================== Arquivos na raiz de alguns diretórios ========

2022-10-15 17:27 - 2022-10-16 15:48 - 000028672 _____ () C:\Users\Lucas\AppData\Roaming\crash.bin
2021-12-12 16:51 - 2021-12-12 16:51 - 000016438 _____ () C:\Users\Lucas\AppData\Local\partner.bmp
2021-12-13 12:02 - 2021-12-28 21:00 - 000007597 _____ () C:\Users\Lucas\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Não há correção automática para arquivos que não passaram na verificação.)

==================== Fim de FRST.txt ========================