cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 27-07-2016
Executado por Rafael (administrador) em RAFAEL-PC (29-07-2016 14:36:23)
Executando a partir de C:\Users\Rafael\Downloads
Perfis Carregados: Rafael (Perfis Disponíveis: Rafael)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmcore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Aeria Games & Entertainment) C:\Program Files\Aeria Games\Ignite\aeriaignite.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Kingsoft Corporation) C:\Program Files\cmcm\Clean Master\cmtray.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Akamai Technologies, Inc.) C:\Users\Rafael\AppData\Local\Akamai\netsession_win.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimDrivers\SlimDrivers.exe
() C:\Program Files\ToolsUpdatePlatform\UpdatePlatform.exe
(Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Akamai Technologies, Inc.) C:\Users\Rafael\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files\WeatherTool\2.0.1.11245\WeatherService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files\WeatherTool\2.0.1.11245\weather.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-11] (AVAST Software)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3837552 2012-01-16] (VIA)
HKLM\...\Run: [cmsc] => c:\program files\cmcm\Clean Master\cmtray.exe [468840 2015-07-27] (Kingsoft Corporation)
HKLM\...\Run: [Aeria Ignite] => C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Run: [Autodesk Desktop App] => C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\...\Run: [uTorrent] => C:\Users\Rafael\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-15] (BitTorrent Inc.)
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\...\Run: [GoogleChromeAutoLaunch_598C37F90B40CD6A2DE809244F52F945] => C:\Users\Rafael\AppData\Local\Chromium\Application\chrome.exe [659456 2015-06-01] (The Chromium Authors)
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Rafael\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\...\MountPoints2: {288cbee4-a272-11e5-b383-c89cdccf47bb} - F:\LGAutoRun.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-07-11] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\..\Interfaces\{81B19F91-3A5D-4C5F-BF19-D6DD97FA6B64}: [DhcpNameServer] 192.168.1.20
Tcpip\..\Interfaces\{C6E958D8-6A08-411B-8956-8C4330307A66}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_06_hao123_br&guid=ec3461b1def4ed15260fed7f15288780
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1438041799&z=f061a4e2f728f4e0c320184g6z1c1b1eez9gem1w2c&from=cor&uid=SAMSUNGXHD502HI_S1ZVJ50SB32955&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1438041799&z=f061a4e2f728f4e0c320184g6z1c1b1eez9gem1w2c&from=cor&uid=SAMSUNGXHD502HI_S1ZVJ50SB32955
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438041799&z=f061a4e2f728f4e0c320184g6z1c1b1eez9gem1w2c&from=cor&uid=SAMSUNGXHD502HI_S1ZVJ50SB32955&q={searchTerms}
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1438041799&z=f061a4e2f728f4e0c320184g6z1c1b1eez9gem1w2c&from=cor&uid=SAMSUNGXHD502HI_S1ZVJ50SB32955&q={searchTerms}
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_06_hao123_br&guid=ec3461b1def4ed15260fed7f15288780
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1438041799&z=f061a4e2f728f4e0c320184g6z1c1b1eez9gem1w2c&from=cor&uid=SAMSUNGXHD502HI_S1ZVJ50SB32955
HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1438041799&z=f061a4e2f728f4e0c320184g6z1c1b1eez9gem1w2c&from=cor&uid=SAMSUNGXHD502HI_S1ZVJ50SB32955&q={searchTerms}
URLSearchHook: HKLM -> Padrão = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com/?bd=ds&oem=Cube&uid=SAMSUNGXHD502HI_S1ZVJ50SB32955&version=2.3.0.8724&pid=414031160&tid=422&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2445349563-3392045865-2520311989-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2445349563-3392045865-2520311989-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHD502HI_S1ZVJ50SB32955&ts=1438041855&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2445349563-3392045865-2520311989-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2445349563-3392045865-2520311989-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHD502HI_S1ZVJ50SB32955&ts=1438041855&type=default&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-07] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-11] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-07] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-07] (Oracle Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-10-08] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2010-10-08] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-11]
FF HKU\S-1-5-21-2445349563-3392045865-2520311989-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi => não encontrado (a)

Chrome:
=======
CHR HomePage: Default -> hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=ec3461b1def4ed15260fed7f15288780
CHR StartupUrls: Default -> "hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=ec3461b1def4ed15260fed7f15288780"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (FVD Video Downloader) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gldknmojgmahkakabglgepoehpplajld [2015-07-28]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rafael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-11] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [315240 2015-07-27] (Kingsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1233376 2016-07-29] (Flexera Software LLC)
R2 TheDesktopWeatherService; C:\Program Files\WeatherTool\2.0.1.11245\WeatherService.exe [141960 2016-03-21] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
S2 scsvc_1.10.0.16; "C:\Program Files\SuperClick_1.10.0.16\Service\scsvc.exe" [X]
S2 Util Swift Record; "C:\Program Files\Swift Record\bin\utilSwiftRecord.exe" [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [327168 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [100096 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-07-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91680 2016-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-07-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [816304 2016-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [438296 2016-07-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118152 2016-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [222056 2016-07-11] (AVAST Software)
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Aladdin Knowledge Systems Ltd.)
R3 ksapi; C:\Windows\system32\drivers\ksapi.sys [81768 2015-07-27] (Kingsoft Corporation)
S3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-09] (Intel Corporation) [Arquivo não assinado]
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2015-03-05] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13368 2016-07-29] (SlimWare Utilities, Inc.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1822832 2012-01-10] (VIA Technologies, Inc.)
R2 vusbbus; C:\Windows\System32\DRIVERS\vusbbus.sys [18432 2009-03-02] (Chingachguk & Denger2k (HL mod)) [Arquivo não assinado]
S3 XDva511; \??\C:\Windows\system32\XDva511.sys [X]
S3 XDva533; \??\C:\Windows\system32\XDva533.sys [X]
S3 XDva534; \??\C:\Windows\system32\XDva534.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-29 14:36 - 2016-07-29 14:36 - 00017600 _____ C:\Users\Rafael\Downloads\FRST.txt
2016-07-29 14:36 - 2016-07-29 14:36 - 00000000 ____D C:\FRST
2016-07-29 14:35 - 2016-07-29 14:35 - 01744384 _____ (Farbar) C:\Users\Rafael\Downloads\FRST.exe
2016-07-29 14:27 - 2016-07-29 14:27 - 00000033 _____ C:\Users\Rafael\Desktop\1000.txt
2016-07-29 14:13 - 2016-07-29 14:14 - 13969576 _____ (Microsoft Corporation) C:\Users\Rafael\Downloads\vc_redist.x86.exe
2016-07-29 13:47 - 2016-07-29 13:47 - 00001489 _____ C:\Users\Public\Desktop\Aplicativo da área de trabalho Autodesk.lnk
2016-07-29 13:45 - 2016-07-29 13:45 - 00002003 _____ C:\Users\Public\Desktop\A360 Desktop.lnk
2016-07-29 13:43 - 2016-07-29 14:02 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-07-29 13:43 - 2016-07-29 13:43 - 00002098 _____ C:\Users\Public\Desktop\AutoCAD 2017 - English.lnk
2016-07-29 13:38 - 2016-07-29 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-07-29 13:32 - 2016-07-29 13:32 - 00000040 _____ C:\Users\Rafael\Desktop\Serie e Key CAD 2017.txt
2016-07-29 13:23 - 2016-07-29 13:05 - 1785471804 ____R C:\Users\Rafael\Desktop\Autodesk AutoCAD 2017 (x86) + Keygen [SadeemPC].zip
2016-07-29 11:57 - 2016-07-29 13:05 - 1785471804 ____R C:\Users\Rafael\Downloads\Autodesk AutoCAD 2017 (x86) + Keygen [SadeemPC].zip
2016-07-29 11:56 - 2016-07-29 11:56 - 00002697 _____ C:\Users\Rafael\Downloads\Flash_Upgrade-win_504.vbs
2016-07-29 00:05 - 2016-07-29 00:05 - 00000000 ____D C:\Users\Rafael\Documents\Inventor Server SDK ACAD 2013
2016-07-29 00:04 - 2016-07-29 00:04 - 00000147 _____ C:\Users\Todos os Usuários\Microsoft.SqlServer.Compact.351.32.bc
2016-07-29 00:04 - 2016-07-29 00:04 - 00000147 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-07-29 00:03 - 2016-07-29 00:03 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-07-28 23:46 - 2016-07-28 23:46 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2016-07-28 23:46 - 2016-07-28 23:46 - 00000000 ____D C:\ProgramData\TEMP
2016-07-28 23:28 - 2016-07-28 23:29 - 00000000 ____D C:\Users\Rafael\Desktop\AutoCad 2014
2016-07-28 23:26 - 2016-07-29 13:47 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-07-28 23:26 - 2016-07-29 13:47 - 00000000 ____D C:\ProgramData\Autodesk
2016-07-28 23:25 - 2016-07-29 13:30 - 00000000 ____D C:\Autodesk
2016-07-25 21:21 - 2016-07-25 21:21 - 323885334 _____ C:\Windows\MEMORY.DMP
2016-07-25 21:21 - 2016-07-25 21:21 - 00469280 _____ C:\Windows\Minidump\072516-20950-01.dmp
2016-07-25 19:58 - 2016-07-25 19:58 - 00000036 _____ C:\Users\Rafael\Desktop\BUILD.txt
2016-07-24 11:49 - 2016-07-29 14:30 - 00008224 _____ C:\Users\Rafael\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-24 11:47 - 2016-07-29 13:51 - 00339328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-17 14:41 - 2016-07-17 14:41 - 03597748 _____ C:\Users\Rafael\Downloads\20160517_SU_SA_B1_2TUNER_2GB_OPTMO_FANTASIA.ssu
2016-07-17 14:28 - 2016-07-17 14:28 - 00002687 _____ C:\Users\Public\Desktop\Skype.lnk
2016-07-17 14:28 - 2016-07-17 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-07-17 14:28 - 2016-07-17 14:28 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-07-17 14:19 - 2016-07-17 14:19 - 00000000 ____D C:\Users\Rafael\AppData\Local\CEF
2016-07-17 14:17 - 2016-07-17 14:17 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-11 14:21 - 2016-07-11 14:20 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-11 14:20 - 2016-07-11 14:20 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2016-07-11 14:20 - 2016-07-11 14:20 - 00319248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-11 14:20 - 2016-07-11 14:20 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-07 19:25 - 2016-06-25 12:43 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-29 14:34 - 2016-05-12 14:15 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-29 14:34 - 2016-05-12 14:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-29 14:34 - 2015-11-27 15:11 - 00000000 ____D C:\Program Files\Opera
2016-07-29 14:32 - 2015-06-06 18:08 - 00000388 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2016-07-29 14:31 - 2015-06-06 17:47 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-29 14:30 - 2016-05-15 12:57 - 00000000 ____D C:\Users\Rafael\AppData\LocalLow\uTorrent
2016-07-29 14:30 - 2015-07-28 17:35 - 00000420 _____ C:\Windows\Tasks\ToolsUpdatePlatform_ScheduledTask.job
2016-07-29 14:30 - 2015-06-06 18:09 - 00000664 _____ C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job
2016-07-29 14:30 - 2015-06-06 18:08 - 00013368 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2016-07-29 14:30 - 2015-06-06 17:47 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-29 14:30 - 2015-06-06 17:39 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-07-29 14:30 - 2015-06-06 17:39 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-29 14:29 - 2015-07-28 17:35 - 00000000 ____D C:\Users\Todos os Usuários\ToolsUpdatePlatform
2016-07-29 14:29 - 2015-07-28 17:35 - 00000000 ____D C:\ProgramData\ToolsUpdatePlatform
2016-07-29 14:29 - 2015-06-06 17:50 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\uTorrent
2016-07-29 14:29 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-29 14:01 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-29 14:01 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-29 13:48 - 2015-06-18 21:31 - 00000000 ____D C:\Users\Rafael\AppData\Local\Autodesk
2016-07-29 13:47 - 2015-06-18 21:31 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Autodesk
2016-07-29 13:47 - 2015-06-18 21:29 - 00000000 ____D C:\Program Files\Autodesk
2016-07-29 13:42 - 2015-06-18 21:29 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-07-29 13:42 - 2009-07-14 01:52 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-07-29 12:15 - 2015-08-13 17:35 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\WeatherTool
2016-07-28 23:54 - 2015-06-06 17:35 - 01595976 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-28 23:54 - 2009-07-17 15:48 - 00703370 _____ C:\Windows\system32\prfh0416.dat
2016-07-28 23:54 - 2009-07-17 15:48 - 00146156 _____ C:\Windows\system32\prfc0416.dat
2016-07-28 23:54 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-07-28 23:25 - 2015-07-31 10:32 - 00000000 ____D C:\Windows\system32\appmgmt
2016-07-28 23:24 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\Help
2016-07-28 23:24 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-07-28 23:20 - 2009-07-14 01:53 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-07-27 16:56 - 2015-11-05 14:44 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Skype
2016-07-27 16:37 - 2015-11-05 14:43 - 00000000 ___RD C:\Program Files\Skype
2016-07-27 16:37 - 2015-11-05 14:43 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-07-27 16:37 - 2015-11-05 14:43 - 00000000 ____D C:\ProgramData\Skype
2016-07-26 14:24 - 2015-06-06 18:00 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-25 21:23 - 2015-11-25 20:37 - 00000000 ____D C:\Users\Rafael\AppData\LocalLow\Temp
2016-07-25 21:21 - 2015-07-27 22:02 - 00000000 ____D C:\Windows\Minidump
2016-07-24 11:47 - 2015-06-06 17:34 - 00000000 ____D C:\Program Files\WinRAR
2016-07-24 02:55 - 2015-06-06 17:34 - 00000000 ____D C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-24 02:55 - 2015-06-06 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-24 02:50 - 2016-04-12 19:56 - 00000000 ____D C:\Program Files\Nanjing Swansoft
2016-07-23 23:28 - 2015-07-29 18:46 - 00000000 ____D C:\Users\Rafael\AppData\Local\Akamai
2016-07-23 12:07 - 2015-09-05 12:00 - 00000000 ____D C:\Users\Rafael\AppData\Local\node-webkit
2016-07-17 19:59 - 2015-08-05 14:16 - 00000000 ____D C:\Windows\system32\MRT
2016-07-17 19:56 - 2015-08-05 14:16 - 141983760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-17 14:28 - 2015-11-05 14:44 - 00000000 ____D C:\Users\Rafael\AppData\Local\Skype
2016-07-17 14:28 - 2015-06-06 18:15 - 00438296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-07-11 14:20 - 2015-06-06 18:15 - 00816304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-07-11 14:20 - 2015-06-06 18:15 - 00222056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-07-11 14:20 - 2015-06-06 18:15 - 00118152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-07-11 14:20 - 2015-06-06 18:15 - 00091680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-07-11 14:20 - 2015-06-06 18:15 - 00091232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-07-11 14:20 - 2015-06-06 18:15 - 00060424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-07-11 14:20 - 2015-06-06 18:15 - 00034008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-11 14:20 - 2015-06-06 18:14 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-11 14:20 - 2015-06-06 18:12 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-07-11 14:20 - 2015-06-06 18:12 - 00000000 ____D C:\ProgramData\AVAST Software

==================== Arquivos na raiz de alguns diretórios =======

2015-06-06 18:32 - 2015-06-06 18:31 - 0613255 _____ (CMI Limited) C:\Users\Rafael\AppData\Local\nsd4316.tmp
2016-07-29 00:04 - 2016-07-29 00:04 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{2A6A6C0A-6DF1-4478-807F-2FF9BF46B935}.job


Alguns arquivos em TEMP:
====================
C:\Users\Rafael\AppData\Local\Temp\AcDeltree.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-24 17:14

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité