Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 31-08-2016
Executado por IURD VILA SÃO PEDRO (administrador) em IURDVILASÃOPEDR (03-09-2016 20:10:19)
Executando a partir de C:\Users\IURD VILA SÃO PEDRO\Desktop
Perfis Carregados: IURD VILA SÃO PEDRO (Perfis Disponíveis: IURD VILA SÃO PEDRO)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Smart Software, Inc.) C:\Program Files (x86)\WindowsTM\TMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Smart Software, Inc.) C:\Program Files (x86)\WindowsTM\TMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILDE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-03] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\Run: [GoogleChromeAutoLaunch_DFC2A344A7EC8407A8662F39B3BE9466] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [961352 2016-08-02] (Google Inc.)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\RunOnce: [Uninstall C:\Users\IURD VILA S�O PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\RunOnce: [Uninstall C:\Users\IURD VILA S�O PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1"
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\RunOnce: [Uninstall C:\Users\IURD VILA S�O PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509"
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\MountPoints2: {5cc407fd-5fad-11e5-addd-b025aa00caa4} - E:\LG_PC_Programs.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-03] (AVAST Software)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => Nenhum Arquivo
Startup: C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - .lnk [2016-06-21]
ShortcutTarget: Monitorar alertas de tinta - .lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Officejet Pro 8100.lnk [2016-09-03]
ShortcutTarget: Monitorar alertas de tinta - HP Officejet Pro 8100.lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E6810BBB-5728-42CC-BDF3-33E1A3D5B7E4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-03] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-09-03] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-03] (AVAST Software)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-03] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1442950460&z=48de1189d906c2fddbb2065g9z6zdoat2wde5o6b5g&from=cor&uid=TOSHIBAXMQ01ABD050_54ITTP8ATXX54ITTP8AT
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-03] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-03-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-03-18] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-03]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.br/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"
CHR Profile: C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-18]
CHR Extension: (AniButton) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb [2015-03-26]
CHR Extension: (Google Docs) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-18]
CHR Extension: (Google Drive) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Planilhas do Google) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-18]
CHR Extension: (Documentos Google off-line) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Avast Online Security) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-20]
CHR Extension: (Skype) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-09-02]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Universe) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\oecmlnmneeeeiccpcohlffnipjhngmdk [2015-09-22]
CHR Extension: (Gmail) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-31]
CHR Profile: C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Ask Search) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2015-04-07]
CHR Extension: (Google Docs) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-07]
CHR Extension: (Google Drive) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-07]
CHR Extension: (YouTube) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-07]
CHR Extension: (Google Search) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-07]
CHR Extension: (avast! WebRep) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2015-04-05]
CHR Extension: (Google Wallet) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-05]
CHR Extension: (Gmail) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-03] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980040 2016-09-01] (Microsoft Corporation)
R2 DMConfigUpdate; C:\Windows\SysWOW64\normalscript.dll [413936 2009-07-13] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-10-20] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129488 2012-12-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165328 2012-12-19] (Intel Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-13] ()
R2 TMService; C:\Program Files (x86)\WindowsTM\TMService.exe [232448 2016-04-09] (Smart Software, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-09-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-03] (AVAST Software)
R2 bitszexternal; C:\Windows\system32\drivers\winsvsech.sys [140400 2009-07-13] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
R2 SoilIO; C:\Windows\System32\Drivers\SoilIO.sys [17912 2010-08-19] ()
R3 soilkbc; C:\Windows\System32\Drivers\soilkbc.sys [13816 2009-12-03] (Systems Internals)
R2 TMKernel; C:\Windows\system32\drivers\TMKernel.sys [180264 2016-04-09] (Smart Software, Inc.)
R1 vonetframe; C:\Windows\system32\drivers\vonetframe.sys [907368 2016-08-08] () [Arquivo não assinado]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-09-03 20:10 - 2016-09-03 20:11 - 00024077 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\FRST.txt
2016-09-03 20:08 - 2016-09-03 20:10 - 00000000 ____D C:\FRST
2016-09-03 20:06 - 2016-09-03 20:07 - 02397696 _____ (Farbar) C:\Users\IURD VILA SÃO PEDRO\Desktop\FRST64.exe
2016-09-03 19:35 - 2016-09-03 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-09-03 19:35 - 2016-09-03 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-09-03 19:29 - 2016-09-03 19:29 - 00000000 ____D C:\Windows\PCHEALTH
2016-09-03 19:29 - 2016-09-03 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-09-03 19:29 - 2016-09-03 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2016-09-03 19:29 - 2016-09-03 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-09-03 19:24 - 2016-09-03 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-09-03 19:22 - 2016-09-03 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-09-03 19:21 - 2016-09-03 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-03 19:20 - 2016-09-03 19:20 - 00020017 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\Microsoft_Office_2010_RTM_X64.5502283.TPB.torrent
2016-09-03 19:20 - 2016-09-03 19:20 - 00000000 __RHD C:\MSOCache
2016-09-03 19:05 - 2016-09-03 19:05 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2016-09-03 19:05 - 2016-09-03 19:05 - 00000000 ____D C:\ProgramData\TEMP
2016-09-03 18:35 - 2016-09-03 18:35 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-09-03 18:07 - 2016-09-03 18:07 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-09-03 17:59 - 2016-09-03 18:36 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-09-03 17:59 - 2016-09-03 18:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-03 17:54 - 2016-09-03 17:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-03 17:02 - 2016-09-03 17:02 - 00003300 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task
2016-09-03 16:41 - 2016-09-03 17:02 - 00002215 _____ C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-09-03 16:41 - 2016-09-03 17:02 - 00000000 ___RD C:\Users\IURD VILA SÃO PEDRO\OneDrive
2016-09-03 16:41 - 2016-09-03 16:41 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-09-03 16:41 - 2016-09-03 16:41 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-09-03 16:41 - 2016-09-03 16:41 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-09-03 16:41 - 2016-09-03 16:41 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-09-03 16:41 - 2016-09-03 16:41 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-03 16:41 - 2016-09-03 16:41 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-09-03 16:07 - 2016-09-03 17:55 - 01804512 _____ C:\Windows\GABRIOLA.tt2
2016-09-03 16:05 - 2016-09-03 19:23 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-03 14:42 - 2016-09-03 14:46 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7 x64
2016-09-03 14:42 - 2016-09-03 14:46 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2016-09-03 14:24 - 2016-09-03 14:38 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7
2016-09-03 14:24 - 2016-09-03 14:38 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7
2016-09-03 14:11 - 2016-09-03 14:11 - 00000000 ____D C:\Users\Todos os Usuários\UniqueId
2016-09-03 14:11 - 2016-09-03 14:11 - 00000000 ____D C:\ProgramData\UniqueId
2016-09-03 13:53 - 2016-09-03 13:53 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\AVAST Software
2016-09-03 13:53 - 2016-09-03 13:53 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\AppData\Local\CEF
2016-09-03 13:50 - 2016-09-03 13:50 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-09-03 13:50 - 2016-09-03 13:50 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-09-03 13:42 - 2016-09-03 17:47 - 00003910 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1472920937
2016-09-03 13:42 - 2016-09-03 13:42 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-09-03 13:34 - 2016-09-03 13:34 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-09-03 13:34 - 2016-09-03 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-09-03 13:30 - 2016-09-03 13:30 - 00000020 _____ C:\Users\Todos os Usuários\nbc.ini
2016-09-03 13:30 - 2016-09-03 13:30 - 00000020 _____ C:\ProgramData\nbc.ini
2016-09-03 13:12 - 2016-09-03 13:12 - 00000000 ____D C:\Windows\system32\appmgmt
2016-08-29 16:28 - 2016-08-29 16:28 - 00017870 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\LISTA OBREIROS ATUALIZADA.xlsx
2016-08-29 16:28 - 2016-08-29 16:28 - 00017870 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\LISTA OBREIROS ATUALIZADA (1).xlsx
2016-08-29 00:05 - 2016-08-29 00:05 - 00157809 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\WhatsApp Image 2016-08-28 at 22.07.47.jpeg
2016-08-27 22:39 - 2016-08-27 22:38 - 00198638 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-27 at 22.38.28.jpeg
2016-08-27 22:38 - 2016-08-27 22:38 - 00198638 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\WhatsApp Image 2016-08-27 at 22.38.28.jpeg
2016-08-27 01:18 - 2016-08-27 01:18 - 00000000 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\Untitled Video[3].part
2016-08-27 01:14 - 2016-08-27 01:15 - 17618816 _____ (DsNET Corp ) C:\Users\IURD VILA SÃO PEDRO\Downloads\aTube_Catcher_ATU3_9029.exe
2016-08-27 01:09 - 2016-08-27 01:09 - 00000000 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\Untitled Video[2].part
2016-08-27 00:46 - 2016-08-27 00:46 - 00000000 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\Untitled Video[1].part
2016-08-27 00:40 - 2016-08-27 00:40 - 00000000 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\Untitled Video.part
2016-08-27 00:32 - 2016-08-27 00:33 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\Nova pasta (2)
2016-08-25 10:43 - 2016-08-25 10:43 - 00267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-08-25 10:36 - 2016-08-25 10:36 - 00390400 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-08-25 10:36 - 2016-08-25 10:36 - 00333080 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-08-25 10:36 - 2016-08-25 10:36 - 00088816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-08-25 10:36 - 2016-08-25 10:36 - 00085232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-08-25 10:35 - 2016-08-25 10:35 - 00635120 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-08-25 10:35 - 2016-08-25 10:35 - 00439536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-08-25 10:35 - 2016-08-25 10:35 - 00243480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-08-20 20:55 - 2016-08-20 20:55 - 00107481 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-20 at 20.26.29.jpeg
2016-08-19 20:11 - 2016-08-19 20:12 - 00095156 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\treino de agosto
2016-08-15 15:06 - 2016-08-15 15:06 - 00106833 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-15 at 14.29.27.jpeg
2016-08-14 21:45 - 2016-08-14 21:45 - 00674017 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\palestra.pdf
2016-08-14 21:44 - 2016-08-14 21:44 - 00674017 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\ESTUDO SEGUNDA FEIRA.pdf
2016-08-14 21:40 - 2016-08-14 21:37 - 00056510 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-14 at 21.34.50.jpeg
2016-08-13 21:09 - 2016-08-13 21:08 - 00114930 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-13 at 20.48.45.jpeg
2016-08-13 21:09 - 2016-08-13 21:08 - 00016232 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-13 at 20.46.34.jpeg
2016-08-13 21:09 - 2016-08-13 21:07 - 00102750 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-13 at 20.49.57.jpeg
2016-08-13 21:08 - 2016-08-13 21:08 - 00114930 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\WhatsApp Image 2016-08-13 at 20.48.45.jpeg
2016-08-13 21:08 - 2016-08-13 21:08 - 00016232 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\WhatsApp Image 2016-08-13 at 20.46.34.jpeg
2016-08-13 21:07 - 2016-08-13 21:07 - 00102750 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\WhatsApp Image 2016-08-13 at 20.49.57.jpeg
2016-08-12 00:47 - 2016-08-12 00:47 - 15715595 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Video 2016-08-11 at 22.15.39 (1).mp4
2016-08-12 00:36 - 2016-08-12 00:35 - 00138205 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-12 at 00.03.58.jpeg
2016-08-08 07:57 - 2016-08-08 07:57 - 00247327 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-08 at 06.47.05 (2).jpeg
2016-07-30 20:22 - 2016-07-30 20:22 - 00068936 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\casamento dia 15.xlsx
2016-07-30 20:22 - 2016-07-30 20:22 - 00000165 ____H C:\Users\IURD VILA SÃO PEDRO\Downloads\~$casamento dia 15.xlsx
2016-07-12 18:24 - 2016-09-03 13:49 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-12 18:24 - 2015-08-14 23:13 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2A74.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4690.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5051.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5F8E.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3290.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\asw39D2.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3F20.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3713.tmp
2016-07-12 18:18 - 2016-07-12 18:10 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-12 18:18 - 2016-07-12 18:10 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-07-01 22:51 - 2016-07-01 22:51 - 00128688 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\NOME santo andré.pdf
2016-06-19 18:07 - 2016-06-19 18:07 - 00011088 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\VALINHO SOBRA.xlsx
2016-06-17 21:34 - 2016-06-23 21:55 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\Nova pasta
2016-06-11 02:46 - 2016-06-11 02:46 - 00190309 ____H C:\Users\IURD VILA SÃO PEDRO\Desktop\~WRL2320.tmp
2016-06-11 01:30 - 2016-06-18 23:21 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\jejum uma palavra 2
2016-06-08 23:35 - 2016-06-08 23:35 - 00000165 ____H C:\Users\IURD VILA SÃO PEDRO\Downloads\~$Apresentação2.pptx
2016-06-08 23:16 - 2016-06-08 23:16 - 00165739 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\Apresentação2.pptx
2016-06-08 08:28 - 2016-06-08 08:28 - 00000165 ____H C:\Users\IURD VILA SÃO PEDRO\Desktop\~$Fichas de Núcleo.pptx
2016-06-07 00:55 - 2016-06-07 00:56 - 00319917 ____H C:\Users\IURD VILA SÃO PEDRO\Desktop\~WRL1504.tmp
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-09-03 20:07 - 2016-01-23 04:17 - 00000000 ____D C:\Users\Todos os Usuários\winfirewall
2016-09-03 20:07 - 2016-01-23 04:17 - 00000000 ____D C:\ProgramData\winfirewall
2016-09-03 20:07 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-03 20:07 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-03 20:00 - 2015-03-18 01:41 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-03 19:59 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-03 19:59 - 2009-07-14 01:45 - 00444120 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-03 19:58 - 2016-01-23 04:14 - 00807528 _____ C:\Windows\vonetframeHelp.dll
2016-09-03 19:43 - 2015-03-18 01:31 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-09-03 19:38 - 2015-12-15 23:38 - 00000727 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {F7ED5377-D9ED-41F9-A177-14E132A797FD}.job
2016-09-03 19:38 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-09-03 19:33 - 2009-07-14 15:11 - 00000000 ____D C:\Windows\ShellNew
2016-09-03 19:32 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-03 19:25 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-09-03 19:23 - 2009-07-13 23:34 - 00000478 _____ C:\Windows\win.ini
2016-09-03 17:59 - 2015-03-18 01:01 - 00112576 _____ C:\Users\IURD VILA SÃO PEDRO\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-03 17:53 - 2016-04-12 21:23 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Skype
2016-09-03 17:52 - 2016-04-12 21:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-03 17:52 - 2016-04-12 21:22 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-09-03 17:52 - 2016-04-12 21:22 - 00000000 ____D C:\ProgramData\Skype
2016-09-03 16:41 - 2015-03-18 00:32 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO
2016-09-03 16:37 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-09-03 14:10 - 2009-07-14 14:55 - 00655508 _____ C:\Windows\system32\prfh0416.dat
2016-09-03 14:10 - 2009-07-14 14:55 - 00125458 _____ C:\Windows\system32\prfc0416.dat
2016-09-03 14:10 - 2009-07-14 02:13 - 01495354 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-03 13:51 - 2015-03-18 01:29 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-09-03 13:50 - 2015-08-05 18:12 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-09-03 13:50 - 2015-08-05 18:12 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-09-03 13:50 - 2015-08-05 18:00 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-09-03 13:50 - 2015-08-05 18:00 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-09-03 13:50 - 2015-08-05 18:00 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-09-03 13:50 - 2015-03-18 01:26 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-09-03 13:50 - 2015-03-18 01:26 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-09-03 13:49 - 2015-03-18 01:26 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-09-03 13:30 - 2015-04-07 23:18 - 00000000 ____D C:\Users\Todos os Usuários\Baidu Security
2016-09-03 13:30 - 2015-04-07 23:18 - 00000000 ____D C:\ProgramData\Baidu Security
2016-09-03 13:29 - 2015-06-23 10:33 - 00000692 _____ C:\Windows\wininit.ini
2016-09-03 13:29 - 2015-06-23 10:32 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Baidu
2016-09-03 13:25 - 2015-03-18 01:28 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2016-09-03 13:25 - 2015-03-18 01:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-03 13:25 - 2015-03-18 01:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-09-03 13:22 - 2015-03-18 01:16 - 00000000 ____D C:\Program Files (x86)\GRETECH
2016-09-03 13:21 - 2015-08-24 16:21 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\DOMINGO
2016-09-03 13:14 - 2015-09-22 16:34 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\istartsurf
2016-08-27 17:39 - 2015-08-24 16:20 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\SÁBADO
2016-08-26 22:04 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-08-21 08:45 - 2015-12-03 13:18 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\Planilhas. Cupom
2016-08-21 08:45 - 2015-03-15 14:45 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\SEXTA-FEIRA
2016-08-21 08:44 - 2015-03-21 07:58 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\SEGUNDA-FEIRA
2016-08-08 17:16 - 2015-03-18 01:42 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 08:03 - 2016-01-23 04:14 - 00907368 _____ C:\Windows\system32\Drivers\vonetframe.sys
==================== Arquivos na raiz de alguns diretórios =======
2015-06-29 13:27 - 2015-06-29 13:47 - 0003584 _____ () C:\Users\IURD VILA SÃO PEDRO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-07 11:43 - 2015-12-07 11:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-03-18 00:53 - 2015-03-18 00:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-18 00:59 - 2015-03-18 00:59 - 0510976 _____ () C:\ProgramData\DRV10.tmp
2015-03-18 00:59 - 2015-03-18 00:59 - 9891328 _____ (OEM) C:\ProgramData\E1010.tmp
2016-09-03 13:30 - 2016-09-03 13:30 - 0000020 _____ () C:\ProgramData\nbc.ini
2016-04-09 15:25 - 2016-04-09 15:25 - 1384504 _____ (Smart Software, Inc.) C:\ProgramData\TMSetup0303.exe
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\TMSetup0303.exe
C:\Users\Todos os Usuários\TMSetup0303.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-26 06:20
==================== Fim de FRST.txt ============================
Executado por IURD VILA SÃO PEDRO (administrador) em IURDVILASÃOPEDR (03-09-2016 20:10:19)
Executando a partir de C:\Users\IURD VILA SÃO PEDRO\Desktop
Perfis Carregados: IURD VILA SÃO PEDRO (Perfis Disponíveis: IURD VILA SÃO PEDRO)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Smart Software, Inc.) C:\Program Files (x86)\WindowsTM\TMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Smart Software, Inc.) C:\Program Files (x86)\WindowsTM\TMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILDE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-03] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\Run: [GoogleChromeAutoLaunch_DFC2A344A7EC8407A8662F39B3BE9466] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [961352 2016-08-02] (Google Inc.)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\RunOnce: [Uninstall C:\Users\IURD VILA S�O PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\RunOnce: [Uninstall C:\Users\IURD VILA S�O PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1"
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\RunOnce: [Uninstall C:\Users\IURD VILA S�O PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Microsoft\OneDrive\17.3.6390.0509"
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\...\MountPoints2: {5cc407fd-5fad-11e5-addd-b025aa00caa4} - E:\LG_PC_Programs.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-03] (AVAST Software)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => Nenhum Arquivo
Startup: C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - .lnk [2016-06-21]
ShortcutTarget: Monitorar alertas de tinta - .lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Officejet Pro 8100.lnk [2016-09-03]
ShortcutTarget: Monitorar alertas de tinta - HP Officejet Pro 8100.lnk -> C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E6810BBB-5728-42CC-BDF3-33E1A3D5B7E4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\S-1-5-21-1289909612-2110396360-3352851573-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-03] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-09-03] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-03] (AVAST Software)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-03] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-09-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1442950460&z=48de1189d906c2fddbb2065g9z6zdoat2wde5o6b5g&from=cor&uid=TOSHIBAXMQ01ABD050_54ITTP8ATXX54ITTP8AT
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-03] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-03-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Nenhum Arquivo]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-03-18] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-03]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.br/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"
CHR Profile: C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-18]
CHR Extension: (AniButton) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\acklnhgjphbhhomkneonohbjnbmkclfb [2015-03-26]
CHR Extension: (Google Docs) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-18]
CHR Extension: (Google Drive) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Planilhas do Google) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-18]
CHR Extension: (Documentos Google off-line) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Avast Online Security) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-20]
CHR Extension: (Skype) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-09-02]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Universe) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\oecmlnmneeeeiccpcohlffnipjhngmdk [2015-09-22]
CHR Extension: (Gmail) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-31]
CHR Profile: C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Ask Search) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg [2015-04-07]
CHR Extension: (Google Docs) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-07]
CHR Extension: (Google Drive) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-07]
CHR Extension: (YouTube) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-07]
CHR Extension: (Google Search) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-07]
CHR Extension: (avast! WebRep) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2015-04-05]
CHR Extension: (Google Wallet) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-05]
CHR Extension: (Gmail) - C:\Users\IURD VILA SÃO PEDRO\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-03] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980040 2016-09-01] (Microsoft Corporation)
R2 DMConfigUpdate; C:\Windows\SysWOW64\normalscript.dll [413936 2009-07-13] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-10-20] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129488 2012-12-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165328 2012-12-19] (Intel Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-13] ()
R2 TMService; C:\Program Files (x86)\WindowsTM\TMService.exe [232448 2016-04-09] (Smart Software, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-09-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-03] (AVAST Software)
R2 bitszexternal; C:\Windows\system32\drivers\winsvsech.sys [140400 2009-07-13] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation )
R2 SoilIO; C:\Windows\System32\Drivers\SoilIO.sys [17912 2010-08-19] ()
R3 soilkbc; C:\Windows\System32\Drivers\soilkbc.sys [13816 2009-12-03] (Systems Internals)
R2 TMKernel; C:\Windows\system32\drivers\TMKernel.sys [180264 2016-04-09] (Smart Software, Inc.)
R1 vonetframe; C:\Windows\system32\drivers\vonetframe.sys [907368 2016-08-08] () [Arquivo não assinado]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-09-03 20:10 - 2016-09-03 20:11 - 00024077 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\FRST.txt
2016-09-03 20:08 - 2016-09-03 20:10 - 00000000 ____D C:\FRST
2016-09-03 20:06 - 2016-09-03 20:07 - 02397696 _____ (Farbar) C:\Users\IURD VILA SÃO PEDRO\Desktop\FRST64.exe
2016-09-03 19:35 - 2016-09-03 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-09-03 19:35 - 2016-09-03 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-09-03 19:29 - 2016-09-03 19:29 - 00000000 ____D C:\Windows\PCHEALTH
2016-09-03 19:29 - 2016-09-03 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-09-03 19:29 - 2016-09-03 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2016-09-03 19:29 - 2016-09-03 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-09-03 19:24 - 2016-09-03 19:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-09-03 19:22 - 2016-09-03 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-09-03 19:21 - 2016-09-03 19:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-03 19:20 - 2016-09-03 19:20 - 00020017 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\Microsoft_Office_2010_RTM_X64.5502283.TPB.torrent
2016-09-03 19:20 - 2016-09-03 19:20 - 00000000 __RHD C:\MSOCache
2016-09-03 19:05 - 2016-09-03 19:05 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2016-09-03 19:05 - 2016-09-03 19:05 - 00000000 ____D C:\ProgramData\TEMP
2016-09-03 18:35 - 2016-09-03 18:35 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-09-03 18:07 - 2016-09-03 18:07 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-03 18:07 - 2016-09-03 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-09-03 17:59 - 2016-09-03 18:36 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-09-03 17:59 - 2016-09-03 18:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-03 17:54 - 2016-09-03 17:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-03 17:02 - 2016-09-03 17:02 - 00003300 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task
2016-09-03 16:41 - 2016-09-03 17:02 - 00002215 _____ C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-09-03 16:41 - 2016-09-03 17:02 - 00000000 ___RD C:\Users\IURD VILA SÃO PEDRO\OneDrive
2016-09-03 16:41 - 2016-09-03 16:41 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-09-03 16:41 - 2016-09-03 16:41 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-09-03 16:41 - 2016-09-03 16:41 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-09-03 16:41 - 2016-09-03 16:41 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-09-03 16:41 - 2016-09-03 16:41 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-03 16:41 - 2016-09-03 16:41 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-09-03 16:07 - 2016-09-03 17:55 - 01804512 _____ C:\Windows\GABRIOLA.tt2
2016-09-03 16:05 - 2016-09-03 19:23 - 00000000 ____D C:\Program Files\Microsoft Office
2016-09-03 14:42 - 2016-09-03 14:46 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7 x64
2016-09-03 14:42 - 2016-09-03 14:46 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2016-09-03 14:24 - 2016-09-03 14:38 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7
2016-09-03 14:24 - 2016-09-03 14:38 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7
2016-09-03 14:11 - 2016-09-03 14:11 - 00000000 ____D C:\Users\Todos os Usuários\UniqueId
2016-09-03 14:11 - 2016-09-03 14:11 - 00000000 ____D C:\ProgramData\UniqueId
2016-09-03 13:53 - 2016-09-03 13:53 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\AVAST Software
2016-09-03 13:53 - 2016-09-03 13:53 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\AppData\Local\CEF
2016-09-03 13:50 - 2016-09-03 13:50 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-09-03 13:50 - 2016-09-03 13:50 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-09-03 13:42 - 2016-09-03 17:47 - 00003910 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1472920937
2016-09-03 13:42 - 2016-09-03 13:42 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-09-03 13:34 - 2016-09-03 13:34 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-09-03 13:34 - 2016-09-03 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-09-03 13:30 - 2016-09-03 13:30 - 00000020 _____ C:\Users\Todos os Usuários\nbc.ini
2016-09-03 13:30 - 2016-09-03 13:30 - 00000020 _____ C:\ProgramData\nbc.ini
2016-09-03 13:12 - 2016-09-03 13:12 - 00000000 ____D C:\Windows\system32\appmgmt
2016-08-29 16:28 - 2016-08-29 16:28 - 00017870 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\LISTA OBREIROS ATUALIZADA.xlsx
2016-08-29 16:28 - 2016-08-29 16:28 - 00017870 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\LISTA OBREIROS ATUALIZADA (1).xlsx
2016-08-29 00:05 - 2016-08-29 00:05 - 00157809 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\WhatsApp Image 2016-08-28 at 22.07.47.jpeg
2016-08-27 22:39 - 2016-08-27 22:38 - 00198638 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-27 at 22.38.28.jpeg
2016-08-27 22:38 - 2016-08-27 22:38 - 00198638 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\WhatsApp Image 2016-08-27 at 22.38.28.jpeg
2016-08-27 01:18 - 2016-08-27 01:18 - 00000000 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\Untitled Video[3].part
2016-08-27 01:14 - 2016-08-27 01:15 - 17618816 _____ (DsNET Corp ) C:\Users\IURD VILA SÃO PEDRO\Downloads\aTube_Catcher_ATU3_9029.exe
2016-08-27 01:09 - 2016-08-27 01:09 - 00000000 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\Untitled Video[2].part
2016-08-27 00:46 - 2016-08-27 00:46 - 00000000 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\Untitled Video[1].part
2016-08-27 00:40 - 2016-08-27 00:40 - 00000000 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\Untitled Video.part
2016-08-27 00:32 - 2016-08-27 00:33 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\Nova pasta (2)
2016-08-25 10:43 - 2016-08-25 10:43 - 00267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-08-25 10:36 - 2016-08-25 10:36 - 00390400 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-08-25 10:36 - 2016-08-25 10:36 - 00333080 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-08-25 10:36 - 2016-08-25 10:36 - 00088816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-08-25 10:36 - 2016-08-25 10:36 - 00085232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-08-25 10:35 - 2016-08-25 10:35 - 00635120 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-08-25 10:35 - 2016-08-25 10:35 - 00439536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-08-25 10:35 - 2016-08-25 10:35 - 00243480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-08-20 20:55 - 2016-08-20 20:55 - 00107481 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-20 at 20.26.29.jpeg
2016-08-19 20:11 - 2016-08-19 20:12 - 00095156 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\treino de agosto
2016-08-15 15:06 - 2016-08-15 15:06 - 00106833 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-15 at 14.29.27.jpeg
2016-08-14 21:45 - 2016-08-14 21:45 - 00674017 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\palestra.pdf
2016-08-14 21:44 - 2016-08-14 21:44 - 00674017 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\ESTUDO SEGUNDA FEIRA.pdf
2016-08-14 21:40 - 2016-08-14 21:37 - 00056510 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-14 at 21.34.50.jpeg
2016-08-13 21:09 - 2016-08-13 21:08 - 00114930 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-13 at 20.48.45.jpeg
2016-08-13 21:09 - 2016-08-13 21:08 - 00016232 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-13 at 20.46.34.jpeg
2016-08-13 21:09 - 2016-08-13 21:07 - 00102750 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-13 at 20.49.57.jpeg
2016-08-13 21:08 - 2016-08-13 21:08 - 00114930 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\WhatsApp Image 2016-08-13 at 20.48.45.jpeg
2016-08-13 21:08 - 2016-08-13 21:08 - 00016232 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\WhatsApp Image 2016-08-13 at 20.46.34.jpeg
2016-08-13 21:07 - 2016-08-13 21:07 - 00102750 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\WhatsApp Image 2016-08-13 at 20.49.57.jpeg
2016-08-12 00:47 - 2016-08-12 00:47 - 15715595 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Video 2016-08-11 at 22.15.39 (1).mp4
2016-08-12 00:36 - 2016-08-12 00:35 - 00138205 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-12 at 00.03.58.jpeg
2016-08-08 07:57 - 2016-08-08 07:57 - 00247327 _____ C:\Users\IURD VILA SÃO PEDRO\Desktop\WhatsApp Image 2016-08-08 at 06.47.05 (2).jpeg
2016-07-30 20:22 - 2016-07-30 20:22 - 00068936 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\casamento dia 15.xlsx
2016-07-30 20:22 - 2016-07-30 20:22 - 00000165 ____H C:\Users\IURD VILA SÃO PEDRO\Downloads\~$casamento dia 15.xlsx
2016-07-12 18:24 - 2016-09-03 13:49 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-12 18:24 - 2015-08-14 23:13 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\asw2A74.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4690.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5051.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5F8E.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3290.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\asw39D2.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3F20.tmp
2016-07-12 18:24 - 2015-08-05 18:11 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3713.tmp
2016-07-12 18:18 - 2016-07-12 18:10 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-12 18:18 - 2016-07-12 18:10 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-07-01 22:51 - 2016-07-01 22:51 - 00128688 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\NOME santo andré.pdf
2016-06-19 18:07 - 2016-06-19 18:07 - 00011088 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\VALINHO SOBRA.xlsx
2016-06-17 21:34 - 2016-06-23 21:55 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\Nova pasta
2016-06-11 02:46 - 2016-06-11 02:46 - 00190309 ____H C:\Users\IURD VILA SÃO PEDRO\Desktop\~WRL2320.tmp
2016-06-11 01:30 - 2016-06-18 23:21 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\jejum uma palavra 2
2016-06-08 23:35 - 2016-06-08 23:35 - 00000165 ____H C:\Users\IURD VILA SÃO PEDRO\Downloads\~$Apresentação2.pptx
2016-06-08 23:16 - 2016-06-08 23:16 - 00165739 _____ C:\Users\IURD VILA SÃO PEDRO\Downloads\Apresentação2.pptx
2016-06-08 08:28 - 2016-06-08 08:28 - 00000165 ____H C:\Users\IURD VILA SÃO PEDRO\Desktop\~$Fichas de Núcleo.pptx
2016-06-07 00:55 - 2016-06-07 00:56 - 00319917 ____H C:\Users\IURD VILA SÃO PEDRO\Desktop\~WRL1504.tmp
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-09-03 20:07 - 2016-01-23 04:17 - 00000000 ____D C:\Users\Todos os Usuários\winfirewall
2016-09-03 20:07 - 2016-01-23 04:17 - 00000000 ____D C:\ProgramData\winfirewall
2016-09-03 20:07 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-03 20:07 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-03 20:00 - 2015-03-18 01:41 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-03 19:59 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-03 19:59 - 2009-07-14 01:45 - 00444120 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-03 19:58 - 2016-01-23 04:14 - 00807528 _____ C:\Windows\vonetframeHelp.dll
2016-09-03 19:43 - 2015-03-18 01:31 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-09-03 19:38 - 2015-12-15 23:38 - 00000727 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {F7ED5377-D9ED-41F9-A177-14E132A797FD}.job
2016-09-03 19:38 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-09-03 19:33 - 2009-07-14 15:11 - 00000000 ____D C:\Windows\ShellNew
2016-09-03 19:32 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-03 19:25 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-09-03 19:23 - 2009-07-13 23:34 - 00000478 _____ C:\Windows\win.ini
2016-09-03 17:59 - 2015-03-18 01:01 - 00112576 _____ C:\Users\IURD VILA SÃO PEDRO\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-03 17:53 - 2016-04-12 21:23 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Skype
2016-09-03 17:52 - 2016-04-12 21:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-03 17:52 - 2016-04-12 21:22 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-09-03 17:52 - 2016-04-12 21:22 - 00000000 ____D C:\ProgramData\Skype
2016-09-03 16:41 - 2015-03-18 00:32 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO
2016-09-03 16:37 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-09-03 14:10 - 2009-07-14 14:55 - 00655508 _____ C:\Windows\system32\prfh0416.dat
2016-09-03 14:10 - 2009-07-14 14:55 - 00125458 _____ C:\Windows\system32\prfc0416.dat
2016-09-03 14:10 - 2009-07-14 02:13 - 01495354 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-03 13:51 - 2015-03-18 01:29 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-09-03 13:50 - 2015-08-05 18:12 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-09-03 13:50 - 2015-08-05 18:12 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-09-03 13:50 - 2015-08-05 18:00 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-09-03 13:50 - 2015-08-05 18:00 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-09-03 13:50 - 2015-08-05 18:00 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-09-03 13:50 - 2015-03-18 01:26 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-09-03 13:50 - 2015-03-18 01:26 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-09-03 13:49 - 2015-03-18 01:26 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-09-03 13:30 - 2015-04-07 23:18 - 00000000 ____D C:\Users\Todos os Usuários\Baidu Security
2016-09-03 13:30 - 2015-04-07 23:18 - 00000000 ____D C:\ProgramData\Baidu Security
2016-09-03 13:29 - 2015-06-23 10:33 - 00000692 _____ C:\Windows\wininit.ini
2016-09-03 13:29 - 2015-06-23 10:32 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\Baidu
2016-09-03 13:25 - 2015-03-18 01:28 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2016-09-03 13:25 - 2015-03-18 01:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-03 13:25 - 2015-03-18 01:28 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2016-09-03 13:22 - 2015-03-18 01:16 - 00000000 ____D C:\Program Files (x86)\GRETECH
2016-09-03 13:21 - 2015-08-24 16:21 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\DOMINGO
2016-09-03 13:14 - 2015-09-22 16:34 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\AppData\Roaming\istartsurf
2016-08-27 17:39 - 2015-08-24 16:20 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\SÁBADO
2016-08-26 22:04 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-08-21 08:45 - 2015-12-03 13:18 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\Planilhas. Cupom
2016-08-21 08:45 - 2015-03-15 14:45 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\SEXTA-FEIRA
2016-08-21 08:44 - 2015-03-21 07:58 - 00000000 ____D C:\Users\IURD VILA SÃO PEDRO\Desktop\SEGUNDA-FEIRA
2016-08-08 17:16 - 2015-03-18 01:42 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 08:03 - 2016-01-23 04:14 - 00907368 _____ C:\Windows\system32\Drivers\vonetframe.sys
==================== Arquivos na raiz de alguns diretórios =======
2015-06-29 13:27 - 2015-06-29 13:47 - 0003584 _____ () C:\Users\IURD VILA SÃO PEDRO\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-07 11:43 - 2015-12-07 11:43 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-03-18 00:53 - 2015-03-18 00:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-18 00:59 - 2015-03-18 00:59 - 0510976 _____ () C:\ProgramData\DRV10.tmp
2015-03-18 00:59 - 2015-03-18 00:59 - 9891328 _____ (OEM) C:\ProgramData\E1010.tmp
2016-09-03 13:30 - 2016-09-03 13:30 - 0000020 _____ () C:\ProgramData\nbc.ini
2016-04-09 15:25 - 2016-04-09 15:25 - 1384504 _____ (Smart Software, Inc.) C:\ProgramData\TMSetup0303.exe
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\TMSetup0303.exe
C:\Users\Todos os Usuários\TMSetup0303.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-26 06:20
==================== Fim de FRST.txt ============================