Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 18-07-2017
Executado por casa (administrador) em CASA-PC (21-07-2017 02:16:35)
Executando a partir de D:\Usuários\casa\Downloads
Perfis Carregados: casa (Perfis Disponíveis: casa)
Platform: Microsoft Windows 7 Starter (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(AVAST Software s.r.o.) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Google Inc.) D:\Usuários\casa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Usuários\casa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Usuários\casa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Usuários\casa\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\xampp\xampp-control.exe
(Google Inc.) D:\Usuários\casa\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\xampp\xampp-control.exe
() C:\xampp\xampp-control.exe
() C:\xampp\mysql\bin\mysqld.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [213832 2017-07-20] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-3772274880-2835634816-3092852556-1000\...\Run: [Google Update] => C:\Users\casa\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-07-13] (Google Inc.)
HKU\S-1-5-21-3772274880-2835634816-3092852556-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{3024974F-6557-4970-AD4F-7836C58ABA61}: [DhcpNameServer] 192.168.100.1 192.168.100.1
Internet Explorer:
==================
HKU\S-1-5-21-3772274880-2835634816-3092852556-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2017-07-14] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3772274880-2835634816-3092852556-1000: @tools.google.com/Google Update;version=3 -> C:\Users\casa\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-3772274880-2835634816-3092852556-1000: @tools.google.com/Google Update;version=9 -> C:\Users\casa\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-13] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.br/ig?hl=pt-BR&aig=0&reason=1
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default [2017-07-21]
CHR Extension: (Google Docs) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-14]
CHR Extension: (Google Drive) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-14]
CHR Extension: (YouTube) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-14]
CHR Extension: (Puk-Puk) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cngkcldnnppckgbmndaccoffaikjbemc [2017-07-14]
CHR Extension: (Documentos Google off-line) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-14]
CHR Extension: (Pagamentos da Chrome Web Store) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-14]
CHR Extension: (Gmail) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-14]
CHR Extension: (Chrome Media Router) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]
StartMenuInternet: Google Chrome.UJWKJYWFWQRUBP53FDML5YBKOM - C:\Users\casa\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [5815840 2017-07-20] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [263312 2017-07-20] (AVAST Software)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [267008 2017-07-20] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157416 2017-07-20] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276736 2017-07-20] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50384 2017-07-20] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42824 2017-07-14] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39752 2017-07-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [123928 2017-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [99536 2017-07-14] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70840 2017-07-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774288 2017-07-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [496976 2017-07-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [147688 2017-07-14] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296312 2017-07-15] (AVAST Software)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-21 02:03 - 2017-07-21 02:16 - 00000000 ____D C:\FRST
2017-07-21 02:03 - 2017-07-21 02:03 - 00000000 ____D C:\Users\Todos os Usuários\SWCUTemp
2017-07-21 02:03 - 2017-07-21 02:03 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-20 23:11 - 2017-07-21 01:01 - 00000000 ____D C:\xampp
2017-07-20 09:36 - 2017-07-20 09:36 - 00001124 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-07-20 09:36 - 2017-07-20 09:36 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-07-20 09:35 - 2017-07-20 09:34 - 00303280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-07-19 15:20 - 2017-07-19 15:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2017-07-15 17:49 - 2017-07-15 17:45 - 00002819 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X7.lnk
2017-07-15 17:49 - 2017-07-15 17:45 - 00002771 _____ C:\Users\Public\Desktop\CorelDRAW X7.lnk
2017-07-15 17:48 - 2017-07-15 17:48 - 00000000 ____D C:\Program Files\Common Files\Corel
2017-07-15 17:46 - 2017-07-15 17:46 - 00000000 ____D C:\Users\Public\Documents\Corel
2017-07-15 17:45 - 2017-07-15 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7
2017-07-15 17:43 - 2017-07-15 17:44 - 00000000 ____D C:\Program Files\Corel
2017-07-15 13:31 - 2017-07-15 17:48 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2017-07-15 13:31 - 2017-07-15 17:48 - 00000000 ____D C:\ProgramData\Corel
2017-07-15 09:56 - 2017-07-21 00:00 - 00000000 ____D C:\Users\Todos os Usuários\Protexis
2017-07-15 09:56 - 2017-07-21 00:00 - 00000000 ____D C:\ProgramData\Protexis
2017-07-15 09:47 - 2017-07-15 09:47 - 00000000 ____D C:\Program Files\Common Files\Protexis
2017-07-15 09:27 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2017-07-15 09:27 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2017-07-15 09:27 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2017-07-15 09:27 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2017-07-15 09:27 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2017-07-15 09:09 - 2017-07-15 17:58 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7
2017-07-15 09:09 - 2017-07-15 17:58 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7
2017-07-14 23:44 - 2017-07-14 23:44 - 00002014 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-07-14 23:43 - 2017-07-20 09:34 - 00276736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-07-14 23:43 - 2017-07-20 09:34 - 00267008 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-07-14 23:43 - 2017-07-20 09:34 - 00157416 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-07-14 23:43 - 2017-07-20 09:34 - 00050384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-07-14 23:43 - 2017-07-14 23:42 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2017-07-14 23:43 - 2017-07-14 23:42 - 00147688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-07-14 23:43 - 2017-07-14 23:42 - 00042824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-07-14 23:43 - 2017-07-14 23:41 - 00039752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-07-14 21:40 - 2017-07-14 23:42 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2017-07-14 21:40 - 2017-07-14 23:42 - 00000000 ____D C:\ProgramData\AVAST Software
2017-07-14 21:32 - 2017-07-15 08:58 - 00296312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-07-14 21:32 - 2017-07-14 23:42 - 00099536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-07-14 21:32 - 2017-07-14 23:42 - 00070840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-07-14 21:32 - 2017-07-14 23:41 - 00774288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-07-14 21:32 - 2014-01-22 12:51 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-07-14 20:44 - 2017-07-20 16:57 - 00000000 ____D D:\Usuários\casa
2017-07-14 19:44 - 2017-07-14 19:44 - 00000080 _____ C:\Users\casa\AppData\default.pls
2017-07-14 15:01 - 2017-07-21 00:00 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-07-14 15:01 - 2017-07-21 00:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-14 14:53 - 2017-07-20 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2017-07-14 14:44 - 2017-07-14 14:45 - 00000000 ____D C:\Program Files\contrib
2017-07-14 14:44 - 2017-07-14 14:45 - 00000000 ____D C:\Program Files\cgi-bin
2017-07-14 14:44 - 2017-07-14 14:45 - 00000000 ____D C:\Program Files\anonymous
2017-07-14 13:10 - 2017-07-14 13:10 - 00000000 ____D C:\Users\casa\AppData\Local\e2eSoft
2017-07-14 11:51 - 2017-07-14 11:51 - 00003584 _____ C:\Users\casa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-14 10:55 - 2017-07-14 10:55 - 00000000 ____D C:\Users\casa\AppData\Roaming\Google
2017-07-13 21:32 - 2017-07-13 16:44 - 00000000 ____D C:\Windows\Panther
2017-07-13 17:54 - 2017-07-13 17:54 - 00000000 ____D C:\Users\casa\AppData\Local\Ahead
2017-07-13 17:51 - 2017-07-13 17:51 - 00002732 _____ C:\Users\Public\Desktop\Nero StartSmart.lnk
2017-07-13 17:51 - 2017-07-13 17:51 - 00002636 _____ C:\Users\Public\Desktop\Nero Home.lnk
2017-07-13 17:51 - 2017-07-13 17:51 - 00000000 ____D C:\Users\Todos os Usuários\Ahead
2017-07-13 17:51 - 2017-07-13 17:51 - 00000000 ____D C:\Users\casa\AppData\Roaming\Ahead
2017-07-13 17:51 - 2017-07-13 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition
2017-07-13 17:51 - 2017-07-13 17:51 - 00000000 ____D C:\ProgramData\Ahead
2017-07-13 17:50 - 2017-07-13 17:50 - 00000000 ____D C:\Users\Todos os Usuários\Nero
2017-07-13 17:50 - 2017-07-13 17:50 - 00000000 ____D C:\ProgramData\Nero
2017-07-13 17:50 - 2017-07-13 17:50 - 00000000 ____D C:\Program Files\Nero
2017-07-13 17:50 - 2017-07-13 17:50 - 00000000 ____D C:\Program Files\Common Files\Ahead
2017-07-13 17:49 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-07-13 17:49 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-07-13 17:45 - 2012-06-02 19:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-13 17:45 - 2012-06-02 19:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-13 17:45 - 2012-06-02 19:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-07-13 17:45 - 2012-06-02 19:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-07-13 17:45 - 2012-06-02 19:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-07-13 17:45 - 2012-06-02 19:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-07-13 17:45 - 2012-06-02 19:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-13 17:45 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-07-13 17:45 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-07-13 17:43 - 2017-07-20 09:35 - 00123928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2017-07-13 17:43 - 2017-07-14 23:42 - 00496976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-07-13 17:43 - 2010-02-11 16:39 - 00023376 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswRdr.sys
2017-07-13 17:42 - 2017-07-14 23:41 - 00000000 ____D C:\Program Files\Alwil Software
2017-07-13 17:42 - 2017-07-13 17:42 - 00000000 ____D C:\Users\Todos os Usuários\Alwil Software
2017-07-13 17:42 - 2017-07-13 17:42 - 00000000 ____D C:\ProgramData\Alwil Software
2017-07-13 17:31 - 2017-07-13 17:31 - 00002331 _____ C:\Users\casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-13 17:13 - 2017-07-14 11:58 - 00000000 ____D C:\Users\casa\AppData\Local\Google
2017-07-13 17:12 - 2017-07-21 01:03 - 00000308 _____ C:\Windows\Tasks\GlaryInitialize.job
2017-07-13 17:12 - 2017-07-13 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2017-07-13 17:11 - 2017-07-20 23:59 - 00000000 ____D C:\Program Files\Glary Utilities
2017-07-13 17:11 - 2017-07-13 17:11 - 00000000 ____D C:\Users\casa\AppData\Roaming\GlarySoft
2017-07-13 17:09 - 2017-07-13 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-07-13 17:09 - 2017-07-13 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-07-13 17:07 - 2017-07-13 17:07 - 00000000 ____D C:\Windows\PCHEALTH
2017-07-13 17:07 - 2017-07-13 17:07 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2017-07-13 17:07 - 2017-07-13 17:07 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2017-07-13 17:07 - 2017-07-13 17:07 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-07-13 17:07 - 2017-07-13 17:07 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-07-13 17:06 - 2017-07-13 17:06 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2017-07-13 17:05 - 2017-07-13 17:11 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2017-07-13 17:05 - 2017-07-13 17:08 - 00000000 ____D C:\Windows\SHELLNEW
2017-07-13 17:05 - 2017-07-13 17:07 - 00000000 ____D C:\Program Files\Microsoft Office
2017-07-13 17:05 - 2017-07-13 17:05 - 00000000 __RHD C:\MSOCache
2017-07-13 17:05 - 2017-07-13 17:05 - 00000000 ____D C:\Users\casa\AppData\Local\Microsoft Help
2017-07-13 17:05 - 2017-07-13 17:05 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2017-07-13 17:03 - 2017-07-13 17:04 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2017-07-13 17:03 - 2017-07-13 17:04 - 00000000 ____D C:\ProgramData\Adobe
2017-07-13 17:03 - 2017-07-13 17:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2017-07-13 17:03 - 2017-07-13 17:03 - 00001984 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk
2017-07-13 17:03 - 2017-07-13 17:03 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-07-13 17:03 - 2017-07-13 17:03 - 00000000 ____D C:\Program Files\Adobe
2017-07-13 16:58 - 2017-07-15 10:55 - 00133456 _____ C:\Users\casa\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-13 16:57 - 2017-07-14 11:44 - 00000000 ____D C:\Users\casa\AppData\Roaming\WinRAR
2017-07-13 16:57 - 2017-07-13 16:57 - 00000000 ____D C:\Users\casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-13 16:57 - 2017-07-13 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-13 16:57 - 2017-07-13 16:57 - 00000000 ____D C:\Program Files\WinRAR
2017-07-13 16:48 - 2017-07-21 01:07 - 01633574 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-13 16:45 - 2017-07-13 16:45 - 00001393 _____ C:\Users\casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-07-13 16:44 - 2017-07-13 18:17 - 00000000 ____D C:\Users\casa\AppData\Local\VirtualStore
2017-07-13 16:44 - 2017-07-13 16:44 - 00000020 ___SH C:\Users\casa\ntuser.ini
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Modelos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Meus documentos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Configurações locais
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Modelos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Meus documentos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Menu Iniciar
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Configurações locais
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\AppData\Local\Histórico
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\AppData\Local\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Ambiente de rede
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Ambiente de impressão
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Modelos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Favoritos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Documentos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Arquivos de Programas
2017-07-13 16:39 - 2017-07-13 16:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-21 01:10 - 2009-07-14 01:34 - 00010608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-21 01:10 - 2009-07-14 01:34 - 00010608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-21 01:07 - 2009-07-29 15:15 - 00705110 _____ C:\Windows\system32\prfh0416.dat
2017-07-21 01:07 - 2009-07-29 15:15 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2017-07-21 01:07 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2017-07-21 01:02 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-21 01:01 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\registration
2017-07-15 10:50 - 2009-07-14 01:33 - 00477000 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-15 09:47 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-15 05:36 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2017-07-15 00:32 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\rescache
2017-07-14 21:32 - 2009-07-13 23:04 - 00002577 _____ C:\Windows\system32\config.nt
2017-07-13 21:32 - 2009-07-14 01:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-07-13 17:08 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\MSBuild
2017-07-13 17:06 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\System
2017-07-13 17:06 - 2009-07-13 23:04 - 00000478 _____ C:\Windows\win.ini
2017-07-13 16:44 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Windows NT
2017-07-13 16:40 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\sysprep
==================== Arquivos na raiz de alguns diretórios =======
2017-07-14 20:44 - 2017-07-14 21:24 - 0004608 _____ () D:\Usuários\casa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Alguns arquivos em TEMP:
====================
2017-07-14 11:59 - 2017-07-14 13:06 - 44127056 ____T (e2eSoft ) C:\Users\casa\AppData\Local\Temp\MyCam_v2.2.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-07-15 00:14
==================== Fim de FRST.txt ============================
Executado por casa (administrador) em CASA-PC (21-07-2017 02:16:35)
Executando a partir de D:\Usuários\casa\Downloads
Perfis Carregados: casa (Perfis Disponíveis: casa)
Platform: Microsoft Windows 7 Starter (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(AVAST Software s.r.o.) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Google Inc.) D:\Usuários\casa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Usuários\casa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Usuários\casa\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Usuários\casa\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\xampp\xampp-control.exe
(Google Inc.) D:\Usuários\casa\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\xampp\xampp-control.exe
() C:\xampp\xampp-control.exe
() C:\xampp\mysql\bin\mysqld.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [213832 2017-07-20] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrição <==== ATENÇÃO
HKU\S-1-5-21-3772274880-2835634816-3092852556-1000\...\Run: [Google Update] => C:\Users\casa\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-07-13] (Google Inc.)
HKU\S-1-5-21-3772274880-2835634816-3092852556-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{3024974F-6557-4970-AD4F-7836C58ABA61}: [DhcpNameServer] 192.168.100.1 192.168.100.1
Internet Explorer:
==================
HKU\S-1-5-21-3772274880-2835634816-3092852556-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2017-07-14] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3772274880-2835634816-3092852556-1000: @tools.google.com/Google Update;version=3 -> C:\Users\casa\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-13] (Google Inc.)
FF Plugin HKU\S-1-5-21-3772274880-2835634816-3092852556-1000: @tools.google.com/Google Update;version=9 -> C:\Users\casa\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-13] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.br/ig?hl=pt-BR&aig=0&reason=1
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default [2017-07-21]
CHR Extension: (Google Docs) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-14]
CHR Extension: (Google Drive) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-14]
CHR Extension: (YouTube) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-14]
CHR Extension: (Puk-Puk) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cngkcldnnppckgbmndaccoffaikjbemc [2017-07-14]
CHR Extension: (Documentos Google off-line) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-14]
CHR Extension: (Pagamentos da Chrome Web Store) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-14]
CHR Extension: (Gmail) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-14]
CHR Extension: (Chrome Media Router) - D:\Usuários\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]
StartMenuInternet: Google Chrome.UJWKJYWFWQRUBP53FDML5YBKOM - C:\Users\casa\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [5815840 2017-07-20] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [263312 2017-07-20] (AVAST Software)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [267008 2017-07-20] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [157416 2017-07-20] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [276736 2017-07-20] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [50384 2017-07-20] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [42824 2017-07-14] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [39752 2017-07-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [123928 2017-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [99536 2017-07-14] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [70840 2017-07-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774288 2017-07-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [496976 2017-07-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [147688 2017-07-14] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [296312 2017-07-15] (AVAST Software)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-21 02:03 - 2017-07-21 02:16 - 00000000 ____D C:\FRST
2017-07-21 02:03 - 2017-07-21 02:03 - 00000000 ____D C:\Users\Todos os Usuários\SWCUTemp
2017-07-21 02:03 - 2017-07-21 02:03 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-20 23:11 - 2017-07-21 01:01 - 00000000 ____D C:\xampp
2017-07-20 09:36 - 2017-07-20 09:36 - 00001124 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-07-20 09:36 - 2017-07-20 09:36 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-07-20 09:35 - 2017-07-20 09:34 - 00303280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-07-19 15:20 - 2017-07-19 15:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2017-07-15 17:49 - 2017-07-15 17:45 - 00002819 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X7.lnk
2017-07-15 17:49 - 2017-07-15 17:45 - 00002771 _____ C:\Users\Public\Desktop\CorelDRAW X7.lnk
2017-07-15 17:48 - 2017-07-15 17:48 - 00000000 ____D C:\Program Files\Common Files\Corel
2017-07-15 17:46 - 2017-07-15 17:46 - 00000000 ____D C:\Users\Public\Documents\Corel
2017-07-15 17:45 - 2017-07-15 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7
2017-07-15 17:43 - 2017-07-15 17:44 - 00000000 ____D C:\Program Files\Corel
2017-07-15 13:31 - 2017-07-15 17:48 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2017-07-15 13:31 - 2017-07-15 17:48 - 00000000 ____D C:\ProgramData\Corel
2017-07-15 09:56 - 2017-07-21 00:00 - 00000000 ____D C:\Users\Todos os Usuários\Protexis
2017-07-15 09:56 - 2017-07-21 00:00 - 00000000 ____D C:\ProgramData\Protexis
2017-07-15 09:47 - 2017-07-15 09:47 - 00000000 ____D C:\Program Files\Common Files\Protexis
2017-07-15 09:27 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2017-07-15 09:27 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2017-07-15 09:27 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2017-07-15 09:27 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2017-07-15 09:27 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2017-07-15 09:09 - 2017-07-15 17:58 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7
2017-07-15 09:09 - 2017-07-15 17:58 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7
2017-07-14 23:44 - 2017-07-14 23:44 - 00002014 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-07-14 23:43 - 2017-07-20 09:34 - 00276736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-07-14 23:43 - 2017-07-20 09:34 - 00267008 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-07-14 23:43 - 2017-07-20 09:34 - 00157416 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-07-14 23:43 - 2017-07-20 09:34 - 00050384 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-07-14 23:43 - 2017-07-14 23:42 - 00921280 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2017-07-14 23:43 - 2017-07-14 23:42 - 00147688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-07-14 23:43 - 2017-07-14 23:42 - 00042824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-07-14 23:43 - 2017-07-14 23:41 - 00039752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-07-14 21:40 - 2017-07-14 23:42 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2017-07-14 21:40 - 2017-07-14 23:42 - 00000000 ____D C:\ProgramData\AVAST Software
2017-07-14 21:32 - 2017-07-15 08:58 - 00296312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-07-14 21:32 - 2017-07-14 23:42 - 00099536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-07-14 21:32 - 2017-07-14 23:42 - 00070840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-07-14 21:32 - 2017-07-14 23:41 - 00774288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-07-14 21:32 - 2014-01-22 12:51 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2017-07-14 20:44 - 2017-07-20 16:57 - 00000000 ____D D:\Usuários\casa
2017-07-14 19:44 - 2017-07-14 19:44 - 00000080 _____ C:\Users\casa\AppData\default.pls
2017-07-14 15:01 - 2017-07-21 00:00 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-07-14 15:01 - 2017-07-21 00:00 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-14 14:53 - 2017-07-20 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2017-07-14 14:44 - 2017-07-14 14:45 - 00000000 ____D C:\Program Files\contrib
2017-07-14 14:44 - 2017-07-14 14:45 - 00000000 ____D C:\Program Files\cgi-bin
2017-07-14 14:44 - 2017-07-14 14:45 - 00000000 ____D C:\Program Files\anonymous
2017-07-14 13:10 - 2017-07-14 13:10 - 00000000 ____D C:\Users\casa\AppData\Local\e2eSoft
2017-07-14 11:51 - 2017-07-14 11:51 - 00003584 _____ C:\Users\casa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-14 10:55 - 2017-07-14 10:55 - 00000000 ____D C:\Users\casa\AppData\Roaming\Google
2017-07-13 21:32 - 2017-07-13 16:44 - 00000000 ____D C:\Windows\Panther
2017-07-13 17:54 - 2017-07-13 17:54 - 00000000 ____D C:\Users\casa\AppData\Local\Ahead
2017-07-13 17:51 - 2017-07-13 17:51 - 00002732 _____ C:\Users\Public\Desktop\Nero StartSmart.lnk
2017-07-13 17:51 - 2017-07-13 17:51 - 00002636 _____ C:\Users\Public\Desktop\Nero Home.lnk
2017-07-13 17:51 - 2017-07-13 17:51 - 00000000 ____D C:\Users\Todos os Usuários\Ahead
2017-07-13 17:51 - 2017-07-13 17:51 - 00000000 ____D C:\Users\casa\AppData\Roaming\Ahead
2017-07-13 17:51 - 2017-07-13 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition
2017-07-13 17:51 - 2017-07-13 17:51 - 00000000 ____D C:\ProgramData\Ahead
2017-07-13 17:50 - 2017-07-13 17:50 - 00000000 ____D C:\Users\Todos os Usuários\Nero
2017-07-13 17:50 - 2017-07-13 17:50 - 00000000 ____D C:\ProgramData\Nero
2017-07-13 17:50 - 2017-07-13 17:50 - 00000000 ____D C:\Program Files\Nero
2017-07-13 17:50 - 2017-07-13 17:50 - 00000000 ____D C:\Program Files\Common Files\Ahead
2017-07-13 17:49 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-07-13 17:49 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-07-13 17:45 - 2012-06-02 19:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-13 17:45 - 2012-06-02 19:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-13 17:45 - 2012-06-02 19:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-07-13 17:45 - 2012-06-02 19:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-07-13 17:45 - 2012-06-02 19:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-07-13 17:45 - 2012-06-02 19:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-07-13 17:45 - 2012-06-02 19:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-13 17:45 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-07-13 17:45 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-07-13 17:43 - 2017-07-20 09:35 - 00123928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2017-07-13 17:43 - 2017-07-14 23:42 - 00496976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-07-13 17:43 - 2010-02-11 16:39 - 00023376 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswRdr.sys
2017-07-13 17:42 - 2017-07-14 23:41 - 00000000 ____D C:\Program Files\Alwil Software
2017-07-13 17:42 - 2017-07-13 17:42 - 00000000 ____D C:\Users\Todos os Usuários\Alwil Software
2017-07-13 17:42 - 2017-07-13 17:42 - 00000000 ____D C:\ProgramData\Alwil Software
2017-07-13 17:31 - 2017-07-13 17:31 - 00002331 _____ C:\Users\casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-13 17:13 - 2017-07-14 11:58 - 00000000 ____D C:\Users\casa\AppData\Local\Google
2017-07-13 17:12 - 2017-07-21 01:03 - 00000308 _____ C:\Windows\Tasks\GlaryInitialize.job
2017-07-13 17:12 - 2017-07-13 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
2017-07-13 17:11 - 2017-07-20 23:59 - 00000000 ____D C:\Program Files\Glary Utilities
2017-07-13 17:11 - 2017-07-13 17:11 - 00000000 ____D C:\Users\casa\AppData\Roaming\GlarySoft
2017-07-13 17:09 - 2017-07-13 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-07-13 17:09 - 2017-07-13 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-07-13 17:07 - 2017-07-13 17:07 - 00000000 ____D C:\Windows\PCHEALTH
2017-07-13 17:07 - 2017-07-13 17:07 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2017-07-13 17:07 - 2017-07-13 17:07 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2017-07-13 17:07 - 2017-07-13 17:07 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-07-13 17:07 - 2017-07-13 17:07 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-07-13 17:06 - 2017-07-13 17:06 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2017-07-13 17:05 - 2017-07-13 17:11 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2017-07-13 17:05 - 2017-07-13 17:08 - 00000000 ____D C:\Windows\SHELLNEW
2017-07-13 17:05 - 2017-07-13 17:07 - 00000000 ____D C:\Program Files\Microsoft Office
2017-07-13 17:05 - 2017-07-13 17:05 - 00000000 __RHD C:\MSOCache
2017-07-13 17:05 - 2017-07-13 17:05 - 00000000 ____D C:\Users\casa\AppData\Local\Microsoft Help
2017-07-13 17:05 - 2017-07-13 17:05 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2017-07-13 17:03 - 2017-07-13 17:04 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2017-07-13 17:03 - 2017-07-13 17:04 - 00000000 ____D C:\ProgramData\Adobe
2017-07-13 17:03 - 2017-07-13 17:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2017-07-13 17:03 - 2017-07-13 17:03 - 00001984 _____ C:\Users\Public\Desktop\Adobe Reader 9.lnk
2017-07-13 17:03 - 2017-07-13 17:03 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-07-13 17:03 - 2017-07-13 17:03 - 00000000 ____D C:\Program Files\Adobe
2017-07-13 16:58 - 2017-07-15 10:55 - 00133456 _____ C:\Users\casa\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-13 16:57 - 2017-07-14 11:44 - 00000000 ____D C:\Users\casa\AppData\Roaming\WinRAR
2017-07-13 16:57 - 2017-07-13 16:57 - 00000000 ____D C:\Users\casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-13 16:57 - 2017-07-13 16:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-13 16:57 - 2017-07-13 16:57 - 00000000 ____D C:\Program Files\WinRAR
2017-07-13 16:48 - 2017-07-21 01:07 - 01633574 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-13 16:45 - 2017-07-13 16:45 - 00001393 _____ C:\Users\casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-07-13 16:44 - 2017-07-13 18:17 - 00000000 ____D C:\Users\casa\AppData\Local\VirtualStore
2017-07-13 16:44 - 2017-07-13 16:44 - 00000020 ___SH C:\Users\casa\ntuser.ini
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Modelos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Meus documentos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Configurações locais
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Modelos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Meus documentos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Menu Iniciar
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Configurações locais
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\AppData\Local\Histórico
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\AppData\Local\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Ambiente de rede
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Users\casa\Ambiente de impressão
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Modelos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Favoritos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Documentos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2017-07-13 16:44 - 2017-07-13 16:44 - 00000000 _SHDL C:\Arquivos de Programas
2017-07-13 16:39 - 2017-07-13 16:39 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-21 01:10 - 2009-07-14 01:34 - 00010608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-21 01:10 - 2009-07-14 01:34 - 00010608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-21 01:07 - 2009-07-29 15:15 - 00705110 _____ C:\Windows\system32\prfh0416.dat
2017-07-21 01:07 - 2009-07-29 15:15 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2017-07-21 01:07 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2017-07-21 01:02 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-21 01:01 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\registration
2017-07-15 10:50 - 2009-07-14 01:33 - 00477000 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-15 09:47 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-15 05:36 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2017-07-15 00:32 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\rescache
2017-07-14 21:32 - 2009-07-13 23:04 - 00002577 _____ C:\Windows\system32\config.nt
2017-07-13 21:32 - 2009-07-14 01:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2017-07-13 17:08 - 2009-07-14 01:52 - 00000000 ____D C:\Program Files\MSBuild
2017-07-13 17:06 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\System
2017-07-13 17:06 - 2009-07-13 23:04 - 00000478 _____ C:\Windows\win.ini
2017-07-13 16:44 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Windows NT
2017-07-13 16:40 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\sysprep
==================== Arquivos na raiz de alguns diretórios =======
2017-07-14 20:44 - 2017-07-14 21:24 - 0004608 _____ () D:\Usuários\casa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Alguns arquivos em TEMP:
====================
2017-07-14 11:59 - 2017-07-14 13:06 - 44127056 ____T (e2eSoft ) C:\Users\casa\AppData\Local\Temp\MyCam_v2.2.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-07-15 00:14
==================== Fim de FRST.txt ============================