Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:06-06-2016 Executado por Rodrigo (administrador) em RODRIGO-PC (06-06-2016 19:24:45) Executando a partir de C:\Users\Rodrigo\Downloads Perfis Carregados: Rodrigo (Perfis Disponíveis: Rodrigo) Platform: Microsoft Windows 7 Professional (X86) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKU\S-1-5-21-2024768004-3173682834-4123402189-1000\...\Policies\Explorer: [] ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.) ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{D84356AB-B3E1-4B5D-BAFE-B041310F5505}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== FireFox: ======== FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-06] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-06] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-06] CHR Extension: (Google Docs) - C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-06] CHR Extension: (Google Drive) - C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-06] CHR Extension: (YouTube) - C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-06] CHR Extension: (Planilhas do Google) - C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-06] CHR Extension: (Documentos Google off-line) - C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-06] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-06] CHR Extension: (Gmail) - C:\Users\Rodrigo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-06] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S4 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.) S4 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2016-06-06] (Flexera Software LLC) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.) R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2016-06-06] (Atheros Communications, Inc.) ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Um Mês Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-06-06 19:24 - 2016-06-06 19:24 - 00004858 _____ C:\Users\Rodrigo\Downloads\FRST.txt 2016-06-06 19:24 - 2016-06-06 19:24 - 00000000 ____D C:\FRST 2016-06-06 19:23 - 2016-06-06 19:24 - 01735680 _____ (Farbar) C:\Users\Rodrigo\Downloads\FRST.exe 2016-06-06 19:20 - 2016-06-06 19:20 - 00008998 _____ C:\Users\Rodrigo\Downloads\api-ms-win-crt-runtime-l1-1-0 (1).zip 2016-06-06 19:19 - 2015-12-09 14:11 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-06-06 19:18 - 2016-06-06 19:18 - 00003187 _____ C:\Users\Rodrigo\Downloads\api-ms-win-crt-runtime-l1-1-0.zip 2016-06-06 19:18 - 2015-12-09 14:11 - 00016224 ____N (Microsoft Corporation) C:\Users\Rodrigo\Downloads\api-ms-win-crt-runtime-l1-1-0.dll 2016-06-06 19:18 - 2015-07-16 13:48 - 00001925 ____N C:\Users\Rodrigo\Downloads\README.txt 2016-06-06 18:20 - 2016-06-06 18:21 - 01420840 _____ (Microsoft Corporation) C:\Users\Rodrigo\Downloads\vcredist_arm.exe 2016-06-06 18:00 - 2016-06-06 18:00 - 00008192 __RSH C:\BOOTSECT.BAK 2016-06-06 18:00 - 2016-06-06 13:02 - 00000000 ____D C:\Windows\Panther 2016-06-06 18:00 - 2009-07-13 22:38 - 00383562 __RSH C:\bootmgr 2016-06-06 17:56 - 2016-06-06 18:08 - 00000000 ____D C:\Windows\SoftwareDistribution_old 2016-06-06 17:55 - 2016-06-06 18:00 - 00000000 ____D C:\$WINDOWS.~LS 2016-06-06 17:55 - 2016-06-06 17:55 - 00000000 ____D C:\$WINDOWS.~BT 2016-06-06 17:29 - 2016-06-06 17:30 - 06503984 _____ (Microsoft Corporation) C:\Users\Rodrigo\Downloads\vcredist_x86.exe 2016-06-06 17:28 - 2016-06-06 17:29 - 13767776 _____ (Microsoft Corporation) C:\Users\Rodrigo\Downloads\vc_redist.x86 (2).exe 2016-06-06 17:22 - 2016-06-06 17:22 - 00047223 _____ C:\Users\Rodrigo\Downloads\vcruntime140 (1).zip 2016-06-06 17:17 - 2016-06-06 17:17 - 00629006 _____ C:\Users\Rodrigo\Downloads\Windows6.1-KB2999226-x86 (1).msu 2016-06-06 17:14 - 2016-06-06 17:15 - 13384248 _____ (Microsoft Corporation) C:\Users\Rodrigo\Downloads\vc_redist.x86 (1).exe 2016-06-06 17:12 - 2016-06-06 17:12 - 00000000 ____D C:\Windows\system32\Lang 2016-06-06 17:12 - 2016-06-06 17:12 - 00000000 ____D C:\Program Files\Intel 2016-06-06 17:12 - 2009-09-23 11:50 - 00398336 _____ (Intel(R) Corporation) C:\Windows\system32\TVWizudlg.exe 2016-06-06 17:12 - 2009-09-23 11:49 - 00140288 _____ () C:\Windows\system32\igfxtvcx.dll 2016-06-06 17:12 - 2009-09-23 11:47 - 00121232 _____ C:\Windows\system32\IScrNB.bmp 2016-06-06 17:10 - 2016-06-06 17:10 - 00000000 ____D C:\Windows\system32\x64 2016-06-06 17:10 - 2009-09-23 19:30 - 01002008 _____ (Intel Corporation) C:\Windows\system32\igxpun.exe 2016-06-06 17:04 - 2016-06-06 17:10 - 00000000 ____D C:\Windows\system32\MRT 2016-06-06 17:04 - 2016-06-06 17:04 - 136686448 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-06-06 17:02 - 2015-03-18 23:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-06-06 17:02 - 2015-03-18 23:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-06-06 17:02 - 2014-09-14 21:42 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-06-06 17:02 - 2013-03-19 01:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2016-06-06 17:02 - 2013-03-18 23:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2016-06-06 17:02 - 2011-04-09 02:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2016-06-06 17:02 - 2010-12-18 02:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-06-06 17:00 - 2016-06-06 17:00 - 00047223 _____ C:\Users\Rodrigo\Downloads\vcruntime140.zip 2016-06-06 16:54 - 2016-06-06 16:54 - 00380223 __RSH C:\SBYHQ 2016-06-06 16:39 - 2016-06-06 16:39 - 00000000 ____D C:\Users\Rodrigo\AppData\Roaming\WinRAR 2016-06-06 16:39 - 2016-06-06 16:39 - 00000000 ____D C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-06-06 16:39 - 2016-06-06 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-06-06 16:39 - 2016-06-06 16:39 - 00000000 ____D C:\Program Files\WinRAR 2016-06-06 16:39 - 2015-05-04 09:21 - 00000000 ___RD C:\Users\Rodrigo\Downloads\AtvdR W7 By PH Downs 2016-06-06 16:38 - 2016-06-06 16:39 - 01808528 _____ C:\Users\Rodrigo\Downloads\wrar531.exe 2016-06-06 16:29 - 2016-06-06 16:29 - 13767776 _____ (Microsoft Corporation) C:\Users\Rodrigo\Downloads\vc_redist.x86.exe 2016-06-06 16:28 - 2016-06-06 16:29 - 02539067 _____ C:\Users\Rodrigo\Downloads\AtvdR W7 By PH Downs.rar 2016-06-06 16:19 - 2016-06-06 16:20 - 00629006 _____ C:\Users\Rodrigo\Downloads\Windows6.1-KB2999226-x86.msu 2016-06-06 16:13 - 2016-06-06 16:13 - 00000000 ____D C:\Windows\system32\appmgmt 2016-06-06 16:12 - 2016-06-06 16:12 - 00000383 _____ C:\Users\Rodrigo\Desktop\Painel de Controle - Atalho.lnk 2016-06-06 16:10 - 2016-06-06 16:10 - 00000000 ____D C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk 2016-06-06 15:32 - 2016-06-06 16:10 - 00000000 ____D C:\Users\Rodrigo\AppData\Local\Autodesk 2016-06-06 15:32 - 2016-06-06 15:32 - 00002100 _____ C:\Users\Public\Desktop\AutoCAD 2017 - Português - Brasil (Brazilian Portuguese).lnk 2016-06-06 15:32 - 2016-06-06 15:32 - 00000000 ____D C:\Users\Public\Documents\Autodesk 2016-06-06 15:31 - 2016-06-06 15:31 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared 2016-06-06 15:29 - 2016-06-06 16:13 - 00000000 ____D C:\Program Files\Autodesk 2016-06-06 15:20 - 2016-06-06 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2016-06-06 15:20 - 2016-06-06 15:31 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared 2016-06-06 15:16 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-06-06 15:16 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2016-06-06 15:16 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-06-06 15:16 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2016-06-06 15:16 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2016-06-06 15:16 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2016-06-06 15:16 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2016-06-06 15:16 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-06-06 15:16 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll 2016-06-06 15:16 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll 2016-06-06 15:16 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll 2016-06-06 15:16 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll 2016-06-06 15:15 - 2016-06-06 18:20 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-06-06 15:15 - 2016-06-06 18:20 - 00000000 ____D C:\ProgramData\Package Cache 2016-06-06 15:09 - 2016-06-06 16:13 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk 2016-06-06 15:09 - 2016-06-06 16:13 - 00000000 ____D C:\ProgramData\Autodesk 2016-06-06 15:09 - 2016-06-06 16:10 - 00000000 ____D C:\Users\Rodrigo\AppData\Roaming\Autodesk 2016-06-06 15:04 - 2016-06-06 15:05 - 00000000 ____D C:\Users\Rodrigo\AppData\Local\Akamai 2016-06-06 15:04 - 2016-06-06 15:04 - 00000000 ____D C:\Autodesk 2016-06-06 15:03 - 2016-06-06 15:04 - 18514824 _____ C:\Users\Rodrigo\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup.exe 2016-06-06 15:03 - 2016-06-06 15:03 - 00338360 _____ (Autodesk Inc.) C:\Users\Rodrigo\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup_webinstall.exe 2016-06-06 14:50 - 2016-06-06 14:50 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-06 14:50 - 2016-06-06 14:50 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-06-06 14:45 - 2016-06-06 18:56 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-06 14:45 - 2016-06-06 18:19 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-06 14:45 - 2016-06-06 14:50 - 00000000 ____D C:\Program Files\Google 2016-06-06 14:06 - 2016-04-21 15:05 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-06-06 13:29 - 2016-06-06 15:57 - 00000000 ____D C:\Users\Rodrigo\AppData\Local\Google 2016-06-06 13:28 - 2016-06-06 16:21 - 00089576 _____ C:\Users\Rodrigo\AppData\Local\GDIPFONTCACHEV1.DAT 2016-06-06 13:28 - 2016-06-06 14:45 - 00000000 ____D C:\Users\Rodrigo\AppData\Local\Deployment 2016-06-06 13:28 - 2016-06-06 13:28 - 00000000 ____D C:\Users\Rodrigo\AppData\Local\Apps\2.0 2016-06-06 13:27 - 2012-06-02 19:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-06-06 13:27 - 2012-06-02 19:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-06-06 13:27 - 2012-06-02 19:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2016-06-06 13:27 - 2012-06-02 19:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-06-06 13:27 - 2012-06-02 19:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-06-06 13:27 - 2012-06-02 19:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2016-06-06 13:27 - 2012-06-02 19:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2016-06-06 13:27 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2016-06-06 13:27 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2016-06-06 13:19 - 2016-06-06 18:23 - 01491932 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-06 13:17 - 2016-06-06 13:17 - 00001393 _____ C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-06-06 13:17 - 2016-06-06 13:17 - 00000020 ___SH C:\Users\Rodrigo\ntuser.ini 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\Modelos 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\Meus documentos 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\Menu Iniciar 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\Documents\Minhas músicas 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\Documents\Minhas imagens 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\Documents\Meus vídeos 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\Dados de aplicativos 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\Configurações locais 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\AppData\Local\Histórico 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\AppData\Local\Dados de aplicativos 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\Ambiente de rede 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 _SHDL C:\Users\Rodrigo\Ambiente de impressão 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 ____D C:\Users\Rodrigo\AppData\Local\VirtualStore 2016-06-06 13:17 - 2016-06-06 13:17 - 00000000 ____D C:\Users\Rodrigo 2016-06-06 13:17 - 2009-07-14 04:49 - 00000000 ____D C:\Users\Rodrigo\AppData\Roaming\Media Center Programs 2016-06-06 13:16 - 2016-06-06 13:16 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Usuário Padrão 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Todos os Usuários 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\Modelos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\Meus documentos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\Menu Iniciar 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\Configurações locais 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\Ambiente de rede 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\ProgramData\Modelos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\ProgramData\Menu Iniciar 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\ProgramData\Favoritos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\ProgramData\Documentos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Program Files\Common Files\Sistema 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Program Files\Arquivos Comuns 2016-06-06 13:16 - 2016-06-06 13:16 - 00000000 _SHDL C:\Arquivos de Programas 2016-06-06 13:15 - 2016-06-06 17:04 - 00000000 ____D C:\Windows\SoftwareDistribution_antiga 2016-06-06 13:15 - 2016-06-06 13:15 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2016-06-06 00:16 - 2016-06-06 00:16 - 01500160 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athur.sys ==================== Um Mês Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-06-06 18:26 - 2009-07-14 01:34 - 00023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-06-06 18:26 - 2009-07-14 01:34 - 00023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-06-06 18:23 - 2009-07-29 15:38 - 00654272 _____ C:\Windows\system32\prfh0416.dat 2016-06-06 18:23 - 2009-07-29 15:38 - 00124724 _____ C:\Windows\system32\prfc0416.dat 2016-06-06 18:23 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf 2016-06-06 18:19 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-06 18:00 - 2009-07-14 01:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template 2016-06-06 17:11 - 2009-07-14 01:33 - 00339040 _____ C:\Windows\system32\FNTCACHE.DAT 2016-06-06 15:31 - 2009-07-14 01:52 - 00000000 ____D C:\Windows\Downloaded Program Files 2016-06-06 15:15 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-06-06 14:41 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\NDF 2016-06-06 13:26 - 2009-07-13 23:37 - 00000000 __RHD C:\Users\Public\Libraries 2016-06-06 13:16 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Windows NT 2016-06-06 13:15 - 2009-07-14 04:50 - 00000000 ____D C:\Windows\CSC Alguns arquivos em TEMP: ==================== C:\Users\Rodrigo\AppData\Local\Temp\AcDeltree.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-06-06 15:58 ==================== Fim de FRST.txt ============================