Resultado do análise da Farbar Recovery Scan Tool (FRST) (x64) Versão: 02-05-2023 Executado por Gustavo (administrador) em DESKTOP-K0H11UE (Micro-Star International Co., Ltd. MS-7B29) (05-05-2023 09:06:05) Executando a partir de E:\Users\Gustavo\Downloads\scoped_dir10544_1447955971\FRST64.exe Perfis Carregados: Gustavo Plataforma: Microsoft Windows 10 Pro Versão 22H2 19045.2006 (X64) Idioma: Português (Brasil) Navegador padrão: Opera Modo da Inicialização: Normal ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avpui.exe (C:\Users\Gustavo\AppData\Local\Programs\Opera GX\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Gustavo\AppData\Local\Programs\Opera GX\98.0.4759.22\opera_crashreporter.exe (Discord Inc. -> Discord Inc.) C:\Users\Gustavo\AppData\Local\Discord\app-1.0.9013\Discord.exe <6> (E:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <9> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15> (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SndVol.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) E:\Program Files (x86)\Steam\steam.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe (Opera Norway AS -> Opera Software) C:\Users\Gustavo\AppData\Local\Programs\Opera GX\opera.exe <44> (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.55.0_x64__8wekyb3d8bbwe\Calculator.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.34.28001.0_x64__8wekyb3d8bbwe\GameBar.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (svchost.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe (svchost.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe ==================== Registro (Whitelisted) =================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restrição <==== ATENÇÃO HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restrição <==== ATENÇÃO HKU\S-1-5-21-2600387558-1737254078-316386221-1001\...\Run: [MicrosoftEdgeAutoLaunch_13D4356C2D6FC08EDBFD76EFF813DDCE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139936 2023-05-01] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2600387558-1737254078-316386221-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-28] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-2600387558-1737254078-316386221-1001\...\Run: [Discord] => C:\Users\Gustavo\AppData\Local\Discord\Update.exe [1525016 2023-04-26] (Discord Inc. -> GitHub) HKU\S-1-5-21-2600387558-1737254078-316386221-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Gustavo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Nenhum Arquivo) HKU\S-1-5-21-2600387558-1737254078-316386221-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Gustavo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Nenhum Arquivo) HKU\S-1-5-21-2600387558-1737254078-316386221-1001\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gustavo\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" (Nenhum Arquivo) HKU\S-1-5-21-2600387558-1737254078-316386221-1001\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Gustavo\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" (Nenhum Arquivo) ==================== Tarefas Agendadas (Whitelisted) ============ (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) Task: {3FB908A5-ACE2-423D-B67F-D6595F96C446} - System32\Tasks\Opera GX scheduled Autoupdate 1683202812 => C:\Users\Gustavo\AppData\Local\Programs\Opera GX\launcher.exe [2611608 2023-04-26] (Opera Norway AS -> Opera Software) (Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.15.1 Tcpip\..\Interfaces\{60d345ca-6a37-4e9e-b02c-4e71c4e6d4d6}: [DhcpNameServer] 192.168.15.1 Edge: ======= Edge Profile: C:\Users\Gustavo\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-05] Edge Extension: (Edge relevant text changes) - C:\Users\Gustavo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-04] Opera: ======= StartMenuInternet: (HKU\S-1-5-21-2600387558-1737254078-316386221-1001) Opera GXStable - "C:\Users\Gustavo\AppData\Local\Programs\Opera GX\Launcher.exe" ==================== Serviços (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 AVP21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\avp.exe [32008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2023-05-04] (EasyAntiCheat Oy -> Epic Games, Inc) S3 klvssbridge64_21.13; C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.13\x64\vssbridge64.exe [501008 2023-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224192 2022-09-08] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Drivers (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Arquivo não assinado] R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [240264 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S1 klbackupdisk.Kaspersky4Win-21-13; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-13\klbackupdisk.sys [112936 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S1 klbackupflt.Kaspersky4Win-21-13; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-13\klbackupflt.sys [234216 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kldisk.Kaspersky4Win-21-13; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-13\kldisk.sys [125736 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [53576 2023-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt.Kaspersky4Win-21-13; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-13\klflt.sys [548072 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klgse.Kaspersky4Win-21-13; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-13\klgse.sys [713240 2023-05-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klhk.Kaspersky4Win-21-13; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-13\klhk.sys [1779264 2023-05-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids.Kaspersky4Win-21-13; C:\ProgramData\Kaspersky Lab\AVP21.13\Bases\klids.sys [235720 2023-05-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF.Kaspersky4Win-21-13; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-13\klif.sys [1163544 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98552 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klkbdflt.Kaspersky4Win-21-13; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-13\klkbdflt.sys [115960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 klmouflt.Kaspersky4Win-21-13; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-13\klmouflt.sys [113448 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpd.Kaspersky4Win-21-13; C:\Windows\System32\DRIVERS\Kaspersky4Win-21-13\klpd.sys [80672 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klpnpflt.Kaspersky4Win-21-13; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-13\klpnpflt.sys [98040 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) U0 klupd_Kaspersky4Win-21-13_arkmon; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-13_arkmon.sys [353896 2023-05-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) U3 klupd_Kaspersky4Win-21-13_arkmon_884A2DE3; C:\ProgramData\Kaspersky Lab\AVP21.13\Temp\884A2DE375AE76CB792BE5F52BE82064\klupd_Kaspersky4Win-21-13_arkmon.sys [353896 2023-05-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) U3 klupd_Kaspersky4Win-21-13_klark; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-13_klark.sys [350352 2023-05-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) U0 klupd_Kaspersky4Win-21-13_klbg; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-13_klbg.sys [179320 2023-05-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) U3 klupd_Kaspersky4Win-21-13_mark; C:\Windows\System32\Drivers\klupd_Kaspersky4Win-21-13_mark.sys [259488 2023-05-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S1 klwfp.Kaspersky4Win-21-13; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-13\klwfp.sys [179960 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 klwtp.Kaspersky4Win-21-13; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-13\klwtp.sys [415480 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 kneps.Kaspersky4Win-21-13; C:\Windows\system32\DRIVERS\Kaspersky4Win-21-13\kneps.sys [340264 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2023-05-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [498944 2023-05-04] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-04] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um mês (criados) (Whitelisted) ========= (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-05-05 09:05 - 2023-05-05 09:06 - 000000000 ____D C:\FRST 2023-05-05 09:03 - 2023-05-05 09:03 - 000039047 _____ C:\Users\Gustavo\Downloads\FRST.txt 2023-05-04 23:15 - 2023-05-04 23:15 - 000001202 _____ C:\Users\Gustavo\Desktop\Koalageddon.lnk 2023-05-04 23:15 - 2023-05-04 23:15 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Koalageddon 2023-05-04 23:15 - 2023-05-04 23:15 - 000000000 ____D C:\ProgramData\acidicoala 2023-05-04 22:45 - 2023-05-05 08:48 - 000000000 ____D C:\Users\Gustavo\AppData\Local\Discord 2023-05-04 22:45 - 2023-05-05 07:40 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\discord 2023-05-04 22:45 - 2023-05-04 22:45 - 000002237 _____ C:\Users\Gustavo\Desktop\Discord.lnk 2023-05-04 22:45 - 2023-05-04 22:45 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\NVIDIA 2023-05-04 22:45 - 2023-05-04 22:45 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2023-05-04 22:45 - 2023-05-04 22:45 - 000000000 ____D C:\Users\Gustavo\AppData\Local\SquirrelTemp 2023-05-04 22:34 - 2023-05-04 22:34 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky.lnk 2023-05-04 22:34 - 2023-05-04 22:34 - 000000000 ____D C:\Windows\system32\Drivers\Kaspersky4Win-21-13 2023-05-04 22:34 - 2023-05-04 22:34 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2023-05-04 22:34 - 2023-05-04 22:34 - 000000000 ____D C:\Program Files\Common Files\AV 2023-05-04 22:34 - 2023-05-04 22:34 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2023-05-04 22:34 - 2023-05-04 22:34 - 000000000 ____D C:\Program Files (x86)\dotnet 2023-05-04 22:30 - 2023-05-04 22:31 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2023-05-04 22:28 - 2023-05-04 22:28 - 000000000 ____D C:\Users\Gustavo\AppData\Local\OneDrive 2023-05-04 10:48 - 2023-05-04 10:48 - 000000000 ____D C:\Users\Gustavo\AppData\Local\NVIDIA Corporation 2023-05-04 10:47 - 2023-05-04 10:48 - 000000000 ____D C:\Users\Gustavo\AppData\Local\DeadByDaylight 2023-05-04 10:47 - 2023-05-04 10:47 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\EasyAntiCheat 2023-05-04 10:47 - 2023-05-04 10:47 - 000000000 ____D C:\Users\Gustavo\AppData\Local\UnrealEngine 2023-05-04 10:45 - 2023-05-04 22:34 - 000000000 ____D C:\ProgramData\Package Cache 2023-05-04 10:44 - 2023-05-04 10:47 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2023-05-04 10:13 - 2023-05-04 10:13 - 000000000 ____D C:\Users\Gustavo\AppData\Local\PeerDistRepub 2023-05-04 09:27 - 2023-05-04 23:16 - 000000000 ____D C:\SteamLibrary 2023-05-04 09:27 - 2023-05-04 09:27 - 000000222 _____ C:\Users\Gustavo\Desktop\Dead by Daylight.url 2023-05-04 09:27 - 2023-05-04 09:27 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2023-05-04 09:23 - 2023-05-04 09:23 - 000000000 ____D C:\Users\Gustavo\AppData\Local\Steam 2023-05-04 09:23 - 2023-05-04 09:23 - 000000000 ____D C:\Users\Gustavo\AppData\Local\CEF 2023-05-04 09:22 - 2023-05-04 09:22 - 000000761 _____ C:\Users\Public\Desktop\Steam.lnk 2023-05-04 09:22 - 2023-05-04 09:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2023-05-04 09:21 - 2023-05-04 09:21 - 000000000 ____D C:\Users\Gustavo\AppData\Local\Comms 2023-05-04 09:20 - 2023-05-04 09:20 - 000004240 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1683202812 2023-05-04 09:20 - 2023-05-04 09:20 - 000001444 _____ C:\Users\Gustavo\Desktop\Navegador Opera GX.lnk 2023-05-04 09:20 - 2023-05-04 09:20 - 000001434 _____ C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk 2023-05-04 09:20 - 2023-05-04 09:20 - 000000000 ____D C:\Users\Gustavo\AppData\Local\Opera Software 2023-05-04 09:18 - 2023-05-04 09:18 - 003492448 _____ (Opera Software) C:\Users\Gustavo\Downloads\OperaGXSetup.exe 2023-05-04 09:18 - 2023-05-04 09:18 - 000000000 ___HD C:\Users\Gustavo\Downloads\.opera 2023-05-04 09:18 - 2023-05-04 09:18 - 000000000 ___HD C:\$WinREAgent 2023-05-04 09:18 - 2023-05-04 09:18 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Opera Software 2023-05-04 09:18 - 2023-05-04 09:18 - 000000000 ____D C:\Users\Gustavo\AppData\Local\DBG 2023-05-03 10:09 - 2023-05-03 10:09 - 009773297 _____ (Hasleo Software. ) C:\Users\Gustavo\Downloads\WinToHDD_Free.exe 2023-05-03 10:09 - 2023-05-03 10:09 - 000001066 _____ C:\Users\Public\Desktop\Hasleo WinToHDD.lnk 2023-05-03 10:09 - 2023-05-03 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo WinToHDD 2023-05-03 10:09 - 2023-05-03 10:09 - 000000000 ____D C:\Program Files\Hasleo 2023-05-03 10:05 - 2023-05-03 10:05 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Microsoft\MMC 2023-05-03 10:03 - 2023-05-03 10:03 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Microsoft\Spelling 2023-05-03 10:02 - 2023-05-04 23:17 - 000000000 ____D C:\Users\Gustavo\AppData\Local\D3DSCache 2023-05-03 10:01 - 2023-05-04 22:48 - 000000000 ____D C:\Users\Gustavo\AppData\Local\PlaceholderTileLogoFolder 2023-05-03 10:01 - 2023-05-04 10:01 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2600387558-1737254078-316386221-1001 2023-05-03 10:01 - 2023-05-04 10:01 - 000003382 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2600387558-1737254078-316386221-1001 2023-05-03 10:01 - 2023-05-03 10:01 - 000000000 ___RD C:\Users\Gustavo\OneDrive 2023-05-03 10:00 - 2023-05-03 10:00 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2023-05-03 09:59 - 2023-05-04 09:24 - 001651882 _____ C:\Windows\system32\PerfStringBackup.INI 2023-05-03 09:58 - 2023-05-04 11:18 - 000000000 ____D C:\Users\Gustavo\AppData\Local\Packages 2023-05-03 09:58 - 2023-05-04 11:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2023-05-03 09:58 - 2023-05-04 09:21 - 000000000 ____D C:\ProgramData\Packages 2023-05-03 09:58 - 2023-05-04 09:17 - 000000000 ____D C:\ProgramData\NVIDIA 2023-05-03 09:58 - 2023-05-03 10:00 - 000002348 _____ C:\Users\Gustavo\Desktop\Microsoft Edge.lnk 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 __RHD C:\Users\Public\AccountPictures 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ___SD C:\Users\Gustavo\AppData\Roaming\Microsoft\SystemCertificates 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ___SD C:\Users\Gustavo\AppData\Roaming\Microsoft\Protect 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ___SD C:\Users\Gustavo\AppData\Roaming\Microsoft\Crypto 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ___SD C:\Users\Gustavo\AppData\Roaming\Microsoft\Credentials 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ___RD C:\Users\Gustavo\3D Objects 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ____D C:\Windows\system32\lxss 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Microsoft\Vault 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Microsoft\Network 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Adobe 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ____D C:\Users\Gustavo\AppData\Local\VirtualStore 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ____D C:\Users\Gustavo\AppData\Local\Publishers 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ____D C:\Users\Gustavo\AppData\Local\NVIDIA 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ____D C:\Users\Gustavo\AppData\Local\ConnectedDevicesPlatform 2023-05-03 09:58 - 2023-05-03 09:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2023-05-03 09:57 - 2022-08-23 23:26 - 001905912 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2023-05-03 09:57 - 2022-08-23 23:26 - 001905912 _____ C:\Windows\system32\vulkaninfo.exe 2023-05-03 09:57 - 2022-08-23 23:26 - 001478408 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2023-05-03 09:57 - 2022-08-23 23:26 - 001478408 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2023-05-03 09:57 - 2022-08-23 23:26 - 001145592 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2023-05-03 09:57 - 2022-08-23 23:26 - 001145592 _____ C:\Windows\SysWOW64\vulkan-1.dll 2023-05-03 09:57 - 2022-08-23 23:25 - 001471984 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2023-05-03 09:57 - 2022-08-23 23:25 - 001432312 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2023-05-03 09:57 - 2022-08-23 23:25 - 001432312 _____ C:\Windows\system32\vulkan-1.dll 2023-05-03 09:57 - 2022-08-23 23:25 - 001213424 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2023-05-03 09:57 - 2022-08-23 23:22 - 001536512 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2023-05-03 09:57 - 2022-08-23 23:22 - 001182704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2023-05-03 09:57 - 2022-08-23 23:22 - 000865784 _____ C:\Windows\system32\nvofapi64.dll 2023-05-03 09:57 - 2022-08-23 23:22 - 000771584 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2023-05-03 09:57 - 2022-08-23 23:22 - 000714752 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2023-05-03 09:57 - 2022-08-23 23:22 - 000687616 _____ C:\Windows\SysWOW64\nvofapi.dll 2023-05-03 09:57 - 2022-08-23 23:22 - 000139248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2023-05-03 09:57 - 2022-08-23 23:22 - 000052208 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll 2023-05-03 09:57 - 2022-08-23 23:21 - 010269696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2023-05-03 09:57 - 2022-08-23 23:21 - 008803840 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2023-05-03 09:57 - 2022-08-23 23:21 - 005362688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2023-05-03 09:57 - 2022-08-23 23:21 - 003066864 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2023-05-03 09:57 - 2022-08-23 23:21 - 002127856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2023-05-03 09:57 - 2022-08-23 23:21 - 001607664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2023-05-03 09:57 - 2022-08-23 23:21 - 001059320 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2023-05-03 09:57 - 2022-08-23 23:21 - 000845312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2023-05-03 09:57 - 2022-08-23 23:21 - 000456192 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2023-05-03 09:57 - 2022-08-23 23:20 - 005735936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2023-05-03 09:57 - 2022-08-23 23:20 - 000852984 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2023-05-03 09:57 - 2022-08-23 23:19 - 007483416 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2023-05-03 09:57 - 2022-08-23 23:19 - 006367424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2023-05-03 09:57 - 2022-08-23 22:57 - 000093241 _____ C:\Windows\system32\nvinfo.pb 2023-05-03 09:56 - 2023-05-04 10:01 - 000002391 _____ C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-05-03 09:56 - 2023-05-04 09:17 - 000000000 ____D C:\Users\Gustavo 2023-05-03 09:56 - 2023-05-03 09:58 - 000000000 ____D C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows 2023-05-03 09:56 - 2023-05-03 09:56 - 000000020 ___SH C:\Users\Gustavo\ntuser.ini 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\Modelos 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\Meus Documentos 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\Menu Iniciar 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\Documents\Minhas Músicas 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\Documents\Minhas Imagens 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\Documents\Meus Vídeos 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\Dados de Aplicativos 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\Configurações Locais 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\AppData\Local\Histórico 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\AppData\Local\Dados de Aplicativos 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\Ambiente de Rede 2023-05-03 09:56 - 2023-05-03 09:56 - 000000000 _SHDL C:\Users\Gustavo\Ambiente de Impressão 2023-05-03 09:51 - 2023-05-03 09:51 - 000000000 ____D C:\Windows\CSC 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Usuário Padrão 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Todos os Usuários 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Public\Documents\Minhas Músicas 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Public\Documents\Minhas Imagens 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Public\Documents\Meus Vídeos 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\Modelos 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\Meus Documentos 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\Menu Iniciar 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\Documents\Minhas Músicas 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\Documents\Minhas Imagens 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\Documents\Meus Vídeos 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\Dados de Aplicativos 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\Configurações Locais 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\AppData\Local\Histórico 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dados de Aplicativos 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\Ambiente de Rede 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Users\Default\Ambiente de Impressão 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\ProgramData\Modelos 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\ProgramData\Menu Iniciar 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\ProgramData\Documentos 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\ProgramData\Dados de Aplicativos 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Program Files\Common Files\Sistema 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Program Files\Arquivos Comuns 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Documents and Settings 2023-05-03 09:49 - 2023-05-03 09:49 - 000000000 _SHDL C:\Arquivos de Programas 2023-05-03 09:46 - 2023-05-03 09:52 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-05-03 09:45 - 2023-05-03 09:47 - 000003674 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-05-03 09:45 - 2023-05-03 09:47 - 000003550 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-05-03 09:44 - 2023-05-04 09:28 - 000000000 ____D C:\Windows\system32\Drivers\wd 2023-05-03 09:44 - 2023-05-04 09:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2023-05-03 09:43 - 2023-05-04 10:41 - 000000000 ____D C:\Windows\system32\SleepStudy 2023-05-03 09:43 - 2023-05-04 09:17 - 000008192 ___SH C:\DumpStack.log.tmp 2023-05-03 09:43 - 2023-05-03 09:43 - 000258152 _____ C:\Windows\system32\FNTCACHE.DAT 2023-05-03 09:43 - 2023-05-03 09:43 - 000000000 ____D C:\Windows\ServiceProfiles 2023-05-03 09:38 - 2023-05-03 09:48 - 000000000 ____D C:\Windows\Panther ==================== Um mês (modificados) ================== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2023-05-04 22:34 - 2019-12-07 06:14 - 000000000 ___HD C:\Windows\ELAMBKUP 2023-05-04 22:34 - 2019-12-07 06:13 - 000000000 ____D C:\Windows\INF 2023-05-04 22:34 - 2019-12-07 06:03 - 000032768 _____ C:\Windows\system32\config\ELAM 2023-05-04 11:23 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\AppReadiness 2023-05-04 11:18 - 2019-12-07 06:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-05-04 11:17 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-05-04 10:45 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-05-04 10:13 - 2019-12-07 06:03 - 000000000 ____D C:\Windows\CbsTemp 2023-05-04 09:28 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Windows Defender 2023-05-04 09:26 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\appcompat 2023-05-04 09:24 - 2019-12-07 11:53 - 000715446 _____ C:\Windows\system32\prfh0416.dat 2023-05-04 09:24 - 2019-12-07 11:53 - 000140602 _____ C:\Windows\system32\prfc0416.dat 2023-05-04 09:18 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\PrintDialog 2023-05-04 09:18 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\ServiceState 2023-05-03 09:58 - 2019-12-07 06:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2023-05-03 09:56 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2023-05-03 09:54 - 2019-12-07 06:14 - 000000000 ___SD C:\Windows\system32\UNP 2023-05-03 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\SystemResources 2023-05-03 09:54 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2023-05-03 09:54 - 2019-12-07 06:03 - 000524288 _____ C:\Windows\system32\config\BBI 2023-05-03 09:51 - 2019-12-07 11:54 - 000000000 ____D C:\Windows\system32\FxsTmp 2023-05-03 09:51 - 2019-12-07 06:14 - 000000000 ____D C:\Windows\system32\spool 2023-05-03 09:49 - 2019-12-07 06:14 - 000000000 ____D C:\Program Files\Windows NT 2023-05-03 09:46 - 2019-12-07 06:14 - 000000000 ____D C:\ProgramData\USOPrivate 2023-05-03 09:38 - 2019-12-07 06:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template ==================== SigCheck ============================ (Não há correção automática para arquivos que não passaram na verificação.) ==================== Fim de FRST.txt ========================