Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 01-01-2017
Executado por Rony (administrador) em RONY-PC (02-01-2017 10:10:58)
Executando a partir de C:\Users\Rony\Downloads
Perfis Carregados: Rony (Perfis Disponíveis: Rony)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
( ) C:\HRFATServ\hrfatserv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HR Tech Automação Ltda) \\Pc-01-snc\e\HRTECH\HRClient\hrclient.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe [36864 2007-05-04] ( )
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\Hewlett-Packard\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKU\S-1-5-21-1488505444-3736089274-2598576872-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-1488505444-3736089274-2598576872-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1488505444-3736089274-2598576872-1000\...\MountPoints2: {70bc0f65-b3b7-11e5-a288-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-01-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-24] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
Startup: C:\Users\Rony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HRFATServ.lnk [2016-02-01]
ShortcutTarget: HRFATServ.lnk -> C:\HRFATServ\hrfatserv.exe ( )
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\..\Interfaces\{BBEB431C-86E1-4B14-ACC5-D858ED009075}: [NameServer] 8.8.8.8,8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-1488505444-3736089274-2598576872-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-01-02] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-02] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-01-02] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-02] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-24] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-14]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-02] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> teoma.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://teoma.com
CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default [2017-01-02]
CHR Extension: (Google Apresentações) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-05]
CHR Extension: (Google Docs) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-05]
CHR Extension: (Google Drive) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-05]
CHR Extension: (YouTube) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-05]
CHR Extension: (Google Search) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-05]
CHR Extension: (Planilhas do Google) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-05]
CHR Extension: (Teoma) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhnobihfdnklhoilcilfogdcegekpgfn [2016-10-02]
CHR Extension: (Documentos Google off-line) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Certisign) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjoehgfmpefldljiipnmgnfmcbfjkaad [2016-11-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR HKLM\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx [2016-06-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx [2016-06-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-24] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3019968 2016-12-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
S2 HP LaserJet Service; C:\Program Files (x86)\Hewlett-Packard\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Arquivo não assinado]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-09] (Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-24] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2009-10-26] (Marvell Semiconductor, Inc.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-02 10:10 - 2017-01-02 10:11 - 00020172 _____ C:\Users\Rony\Downloads\FRST.txt
2017-01-02 10:10 - 2017-01-02 10:10 - 00000000 ____D C:\FRST
2017-01-02 09:43 - 2017-01-02 09:44 - 02418176 _____ (Farbar) C:\Users\Rony\Downloads\FRST64.exe
2017-01-02 09:43 - 2017-01-02 09:44 - 02418176 _____ (Farbar) C:\Users\Rony\Downloads\FRST64 (1).exe
2017-01-02 08:53 - 2017-01-02 09:41 - 947070088 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\Não confirmado 216014.crdownload
2017-01-02 08:47 - 2017-01-02 08:48 - 13767776 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x86 (1).exe
2017-01-02 08:42 - 2017-01-02 08:44 - 13767776 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x86.exe
2017-01-02 08:38 - 2017-01-02 08:38 - 14749120 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x64 (3).exe
2017-01-02 08:37 - 2017-01-02 08:38 - 00172128 _____ C:\Users\Rony\Downloads\-100522090.xls
2017-01-02 08:22 - 2017-01-02 08:22 - 00629006 _____ C:\Users\Rony\Downloads\Windows6.1-KB2999226-x86 (1).msu
2017-01-02 08:21 - 2017-01-02 08:21 - 00629006 _____ C:\Users\Rony\Downloads\Windows6.1-KB2999226-x86.msu
2017-01-02 07:50 - 2017-01-02 07:50 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-02 07:11 - 2017-01-02 07:11 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2017-01-02 07:05 - 2017-01-02 07:51 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-01-02 07:05 - 2017-01-02 07:51 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-02 06:51 - 2017-01-02 06:51 - 21543568 _____ C:\Windows\MSYH.tt2
2017-01-02 06:51 - 2017-01-02 06:51 - 14381616 _____ C:\Windows\MSYHBD.tt2
2017-01-02 06:51 - 2017-01-02 06:49 - 21302624 _____ C:\Windows\MSJH.tt2
2017-01-02 06:51 - 2017-01-02 06:49 - 14343024 _____ C:\Windows\MSJHBD.tt2
2017-01-02 06:46 - 2017-01-02 07:05 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-02 06:46 - 2017-01-02 06:46 - 00000000 ____D C:\Users\Rony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda
2017-01-02 06:45 - 2017-01-02 06:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-02 06:11 - 2017-01-02 06:12 - 01017572 _____ C:\Users\Rony\Downloads\o15-ctrremove (2).diagcab
2017-01-02 06:11 - 2017-01-02 06:11 - 01017572 _____ C:\Users\Rony\Downloads\o15-ctrremove (1).diagcab
2017-01-02 05:54 - 2017-01-02 05:55 - 14749120 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x64 (2).exe
2017-01-02 05:53 - 2017-01-02 05:55 - 14749120 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x64 (1).exe
2017-01-02 05:52 - 2017-01-02 05:54 - 14749120 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x64.exe
2016-12-31 11:30 - 2017-01-02 07:53 - 00002162 _____ C:\Users\Rony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-31 11:30 - 2017-01-02 07:53 - 00000000 ___RD C:\Users\Rony\OneDrive
2016-12-31 11:30 - 2016-12-31 11:30 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-31 11:30 - 2016-12-31 11:30 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-31 11:30 - 2016-12-31 11:30 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-31 11:30 - 2016-12-31 11:30 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-12-31 11:30 - 2016-12-31 11:30 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-31 11:30 - 2016-12-31 11:30 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-12-31 10:55 - 2016-12-31 10:55 - 00053864 _____ C:\Users\Rony\Downloads\Tabela de Pedido NOVA.xlsx
2016-12-31 10:55 - 2016-12-31 10:55 - 00027251 _____ C:\Users\Rony\Downloads\PRECOS FLV NOVO.xlsx
2016-12-31 10:00 - 2016-12-31 10:00 - 01017572 _____ C:\Users\Rony\Downloads\o15-ctrremove.diagcab
2016-12-31 09:27 - 2017-01-02 06:47 - 01804512 _____ C:\Windows\GABRIOLA.tt2
2016-12-31 08:57 - 2016-12-31 08:58 - 00000000 ____D C:\Users\Rony\Documents\Novimento Cimar
2016-12-31 07:22 - 2016-12-31 07:24 - 00908532 _____ C:\Users\Rony\Downloads\NF JU DE QUEIROZ.png
2016-12-30 09:14 - 2016-12-30 09:14 - 00053602 _____ C:\Users\Rony\Downloads\Entrada e Saidas- Atualizada (4).xlsx
2016-12-29 18:01 - 2016-12-29 18:01 - 00053602 _____ C:\Users\Rony\Downloads\Entrada e Saidas- Atualizada (2).xlsx
2016-12-29 12:11 - 2016-12-29 12:11 - 00024629 _____ C:\Users\Rony\Desktop\LIS.pdf
2016-12-29 12:09 - 2016-12-29 12:09 - 00000165 ____H C:\Users\Rony\Desktop\~$LARANJA.xlsx
2016-12-29 10:19 - 2016-12-29 10:23 - 00022328 _____ C:\Users\Rony\Downloads\LARANJA (2).xlsx
2016-12-22 07:02 - 2016-12-31 08:55 - 00121818 _____ C:\Users\Rony\Desktop\HOJE - MATRIZ DE PEDIDOS - ATUALIZADO.xlsx
2016-12-22 05:25 - 2016-12-22 05:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 15:15 - 2016-12-21 15:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-12-21 15:15 - 2016-12-21 15:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-12-21 15:15 - 2016-12-21 15:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-12-21 15:15 - 2016-12-21 15:15 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-12-12 09:05 - 2016-12-31 13:04 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{b4aa6457-c046-11e6-afb6-9c27793e50ff}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 09:05 - 2016-12-31 13:04 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{b4aa6457-c046-11e6-afb6-9c27793e50ff}.TM.blf
2016-12-12 09:05 - 2016-12-12 09:16 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{b4aa6457-c046-11e6-afb6-9c27793e50ff}.TMContainer00000000000000000002.regtrans-ms
2016-12-08 16:14 - 2017-01-02 05:59 - 04325265 ____H C:\Users\Rony\AppData\Local\IconCache.db
2016-12-06 12:22 - 2016-12-11 05:20 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{5e65628c-bbc6-11e6-8e3b-cd4a9ca46985}.TMContainer00000000000000000001.regtrans-ms
2016-12-06 12:22 - 2016-12-11 05:20 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{5e65628c-bbc6-11e6-8e3b-cd4a9ca46985}.TM.blf
2016-12-06 12:22 - 2016-12-06 12:32 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{5e65628c-bbc6-11e6-8e3b-cd4a9ca46985}.TMContainer00000000000000000002.regtrans-ms
2016-12-06 06:20 - 2016-12-06 06:32 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{9d713a78-bb94-11e6-8f70-9b2ba21ceef8}.TMContainer00000000000000000002.regtrans-ms
2016-12-06 06:20 - 2016-12-06 06:32 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{9d713a78-bb94-11e6-8f70-9b2ba21ceef8}.TMContainer00000000000000000001.regtrans-ms
2016-12-06 06:20 - 2016-12-06 06:32 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{9d713a78-bb94-11e6-8f70-9b2ba21ceef8}.TM.blf
2016-12-04 05:13 - 2016-12-05 06:57 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{d0884c83-b9f8-11e6-93c4-b24b2f3f7c81}.TMContainer00000000000000000001.regtrans-ms
2016-12-04 05:13 - 2016-12-05 06:57 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{d0884c83-b9f8-11e6-93c4-b24b2f3f7c81}.TM.blf
2016-12-04 05:13 - 2016-12-04 05:26 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{d0884c83-b9f8-11e6-93c4-b24b2f3f7c81}.TMContainer00000000000000000002.regtrans-ms
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-02 10:12 - 2016-11-14 06:56 - 00001016 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-01-02 10:11 - 2016-05-19 09:06 - 00000000 ____D C:\Users\Rony\AppData\Roaming\Skype
2017-01-02 08:44 - 2016-02-01 11:15 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-01-02 08:44 - 2016-02-01 11:15 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-02 07:59 - 2009-07-14 01:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 07:59 - 2009-07-14 01:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 07:50 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-01-02 07:12 - 2016-11-14 06:56 - 00001012 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-01-02 06:46 - 2016-05-19 09:11 - 00002532 _____ C:\Users\Rony\Desktop\Manifesto de Documentos Fiscais Eletronico.lnk
2017-01-02 06:25 - 2016-01-07 09:26 - 00000000 ____D C:\temp
2017-01-02 06:05 - 2016-11-14 07:14 - 00000000 ___RD C:\Users\Rony\Dropbox
2017-01-02 06:04 - 2016-01-05 12:29 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-02 06:00 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-02 05:51 - 2016-01-05 11:26 - 00112184 _____ C:\Users\Rony\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-31 11:30 - 2016-01-05 10:26 - 00000000 ____D C:\Users\Rony
2016-12-31 11:30 - 2009-07-14 00:20 - 00000000 ___RD C:\Users\Default\Links
2016-12-31 11:30 - 2009-07-14 00:20 - 00000000 ___RD C:\Program Files (x86)
2016-12-31 11:30 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-31 11:30 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-31 11:30 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-31 11:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\DriverStore
2016-12-31 11:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-12-31 11:27 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\System32\Tasks\Microsoft
2016-12-31 10:24 - 2016-02-22 10:36 - 00000000 ____D C:\Users\Rony\AppData\Local\ElevatedDiagnostics
2016-12-31 09:54 - 2009-07-14 01:45 - 00438784 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-31 09:12 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\winsxs
2016-12-31 09:03 - 2016-01-05 10:34 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-12-31 09:03 - 2016-01-05 10:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-31 09:02 - 2009-07-14 04:46 - 00000000 ____D C:\Windows\ShellNew
2016-12-31 09:02 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-31 08:57 - 2016-01-05 10:26 - 00000000 ___RD C:\Users\Rony\Documents
2016-12-31 08:57 - 2009-07-18 02:15 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-12-31 08:57 - 2009-07-18 02:15 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-12-31 08:57 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-31 08:57 - 2009-07-13 23:36 - 00653526 _____ C:\Windows\system32\perfh009.dat
2016-12-31 08:57 - 2009-07-13 23:36 - 00121398 _____ C:\Windows\system32\perfc009.dat
2016-12-30 11:17 - 2016-01-05 10:26 - 00000000 ___RD C:\Users\Rony\Pictures
2016-12-30 11:12 - 2016-07-02 09:48 - 00016298 _____ C:\Users\Rony\Desktop\RESULTADO DE SAÍDAS.xlsx
2016-12-30 10:11 - 2016-01-07 15:35 - 00052802 _____ C:\Users\Rony\Desktop\Entrada e Saidas- Atualizada.xlsx
2016-12-29 12:11 - 2016-06-01 08:13 - 00000000 ____D C:\Users\Rony\AppData\Local\CutePDF Writer
2016-12-29 11:05 - 2016-11-04 10:38 - 00022337 _____ C:\Users\Rony\Desktop\LARANJA.xlsx
2016-12-29 05:23 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\wdi
2016-12-28 11:10 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-28 11:08 - 2016-01-21 05:18 - 00000000 ____D C:\Users\Rony\AppData\Local\Diagnostics
2016-12-27 06:52 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\catroot2
2016-12-24 05:47 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\config\RegBack
2016-12-22 18:07 - 2016-01-08 12:05 - 00045908 _____ C:\Users\Rony\Desktop\ESTOQUE ENTRADAS E SAÍDAS.xlsx
2016-12-22 05:25 - 2016-11-14 06:56 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-22 05:24 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\drivers
2016-12-20 10:40 - 2016-01-05 11:36 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-19 05:09 - 2016-01-05 11:26 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-19 05:09 - 2016-01-05 11:26 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-19 05:09 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Tasks
2016-12-16 06:48 - 2016-01-05 10:26 - 00000000 ___RD C:\Users\Rony\Music
2016-12-16 06:47 - 2016-01-05 10:26 - 00000000 ___RD C:\Users\Rony\Videos
2016-12-15 05:51 - 2016-01-05 11:29 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 05:51 - 2016-01-05 11:29 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 12:12 - 2016-01-05 12:19 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 12:09 - 2016-01-05 12:19 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-08 06:10 - 2016-02-03 08:16 - 00831320 _____ C:\Windows\ntbtlog.txt
2016-12-07 09:36 - 2016-01-07 08:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-03 07:48 - 2016-12-02 13:48 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{7ed3aafc-b8ae-11e6-8e27-f65e58646082}.TMContainer00000000000000000001.regtrans-ms
2016-12-03 07:48 - 2016-12-02 13:48 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{7ed3aafc-b8ae-11e6-8e27-f65e58646082}.TM.blf
2016-12-03 03:00 - 2016-11-14 06:56 - 00000000 ____D C:\Users\Rony\AppData\Local\Dropbox
Alguns arquivos em TEMP:
====================
C:\Users\Rony\AppData\Local\Temp\ose00000.exe
C:\Users\Rony\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-12-24 05:47
==================== Fim de FRST.txt ============================
Executado por Rony (administrador) em RONY-PC (02-01-2017 10:10:58)
Executando a partir de C:\Users\Rony\Downloads
Perfis Carregados: Rony (Perfis Disponíveis: Rony)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
( ) C:\HRFATServ\hrfatserv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HR Tech Automação Ltda) \\Pc-01-snc\e\HRTECH\HRClient\hrclient.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-16] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTracking] => C:\Program Files (x86)\Hewlett-Packard\HP UT\bin\hppusg.exe [36864 2007-05-04] ( )
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\Hewlett-Packard\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKU\S-1-5-21-1488505444-3736089274-2598576872-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-1488505444-3736089274-2598576872-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1488505444-3736089274-2598576872-1000\...\MountPoints2: {70bc0f65-b3b7-11e5-a288-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-01-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-24] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
Startup: C:\Users\Rony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HRFATServ.lnk [2016-02-01]
ShortcutTarget: HRFATServ.lnk -> C:\HRFATServ\hrfatserv.exe ( )
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\..\Interfaces\{BBEB431C-86E1-4B14-ACC5-D858ED009075}: [NameServer] 8.8.8.8,8.8.4.4
Internet Explorer:
==================
HKU\S-1-5-21-1488505444-3736089274-2598576872-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2017-01-02] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-01-02] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2017-01-02] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-02] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-24] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-01-02] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-12-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-12-21] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-14]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-02] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-01-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> teoma.com/?gct=hp
CHR DefaultSearchURL: Default -> hxxps://www.teoma.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://teoma.com
CHR DefaultSuggestURL: Default -> hxxp://www.teoma.com/ss?type=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default [2017-01-02]
CHR Extension: (Google Apresentações) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-05]
CHR Extension: (Google Docs) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-05]
CHR Extension: (Google Drive) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-05]
CHR Extension: (YouTube) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-05]
CHR Extension: (Google Search) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-05]
CHR Extension: (Planilhas do Google) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-05]
CHR Extension: (Teoma) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhnobihfdnklhoilcilfogdcegekpgfn [2016-10-02]
CHR Extension: (Documentos Google off-line) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Certisign) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjoehgfmpefldljiipnmgnfmcbfjkaad [2016-11-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-05]
CHR Extension: (Chrome Media Router) - C:\Users\Rony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-16]
CHR HKLM\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx [2016-06-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhnobihfdnklhoilcilfogdcegekpgfn] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\fhnobihfdnklhoilcilfogdcegekpgfn.crx [2016-06-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-24] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3019968 2016-12-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
S2 HP LaserJet Service; C:\Program Files (x86)\Hewlett-Packard\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Arquivo não assinado]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-09] (Intel Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-24] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2009-10-26] (Marvell Semiconductor, Inc.)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-02 10:10 - 2017-01-02 10:11 - 00020172 _____ C:\Users\Rony\Downloads\FRST.txt
2017-01-02 10:10 - 2017-01-02 10:10 - 00000000 ____D C:\FRST
2017-01-02 09:43 - 2017-01-02 09:44 - 02418176 _____ (Farbar) C:\Users\Rony\Downloads\FRST64.exe
2017-01-02 09:43 - 2017-01-02 09:44 - 02418176 _____ (Farbar) C:\Users\Rony\Downloads\FRST64 (1).exe
2017-01-02 08:53 - 2017-01-02 09:41 - 947070088 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\Não confirmado 216014.crdownload
2017-01-02 08:47 - 2017-01-02 08:48 - 13767776 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x86 (1).exe
2017-01-02 08:42 - 2017-01-02 08:44 - 13767776 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x86.exe
2017-01-02 08:38 - 2017-01-02 08:38 - 14749120 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x64 (3).exe
2017-01-02 08:37 - 2017-01-02 08:38 - 00172128 _____ C:\Users\Rony\Downloads\-100522090.xls
2017-01-02 08:22 - 2017-01-02 08:22 - 00629006 _____ C:\Users\Rony\Downloads\Windows6.1-KB2999226-x86 (1).msu
2017-01-02 08:21 - 2017-01-02 08:21 - 00629006 _____ C:\Users\Rony\Downloads\Windows6.1-KB2999226-x86.msu
2017-01-02 07:50 - 2017-01-02 07:50 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2017-01-02 07:11 - 2017-01-02 07:11 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-01-02 07:11 - 2017-01-02 07:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2017-01-02 07:05 - 2017-01-02 07:51 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2017-01-02 07:05 - 2017-01-02 07:51 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-02 06:51 - 2017-01-02 06:51 - 21543568 _____ C:\Windows\MSYH.tt2
2017-01-02 06:51 - 2017-01-02 06:51 - 14381616 _____ C:\Windows\MSYHBD.tt2
2017-01-02 06:51 - 2017-01-02 06:49 - 21302624 _____ C:\Windows\MSJH.tt2
2017-01-02 06:51 - 2017-01-02 06:49 - 14343024 _____ C:\Windows\MSJHBD.tt2
2017-01-02 06:46 - 2017-01-02 07:05 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-02 06:46 - 2017-01-02 06:46 - 00000000 ____D C:\Users\Rony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas Secretaria da Fazenda
2017-01-02 06:45 - 2017-01-02 06:45 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-01-02 06:11 - 2017-01-02 06:12 - 01017572 _____ C:\Users\Rony\Downloads\o15-ctrremove (2).diagcab
2017-01-02 06:11 - 2017-01-02 06:11 - 01017572 _____ C:\Users\Rony\Downloads\o15-ctrremove (1).diagcab
2017-01-02 05:54 - 2017-01-02 05:55 - 14749120 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x64 (2).exe
2017-01-02 05:53 - 2017-01-02 05:55 - 14749120 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x64 (1).exe
2017-01-02 05:52 - 2017-01-02 05:54 - 14749120 _____ (Microsoft Corporation) C:\Users\Rony\Downloads\vc_redist.x64.exe
2016-12-31 11:30 - 2017-01-02 07:53 - 00002162 _____ C:\Users\Rony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-31 11:30 - 2017-01-02 07:53 - 00000000 ___RD C:\Users\Rony\OneDrive
2016-12-31 11:30 - 2016-12-31 11:30 - 00002110 _____ C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-31 11:30 - 2016-12-31 11:30 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-31 11:30 - 2016-12-31 11:30 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-31 11:30 - 2016-12-31 11:30 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft OneDrive
2016-12-31 11:30 - 2016-12-31 11:30 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-12-31 11:30 - 2016-12-31 11:30 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-12-31 10:55 - 2016-12-31 10:55 - 00053864 _____ C:\Users\Rony\Downloads\Tabela de Pedido NOVA.xlsx
2016-12-31 10:55 - 2016-12-31 10:55 - 00027251 _____ C:\Users\Rony\Downloads\PRECOS FLV NOVO.xlsx
2016-12-31 10:00 - 2016-12-31 10:00 - 01017572 _____ C:\Users\Rony\Downloads\o15-ctrremove.diagcab
2016-12-31 09:27 - 2017-01-02 06:47 - 01804512 _____ C:\Windows\GABRIOLA.tt2
2016-12-31 08:57 - 2016-12-31 08:58 - 00000000 ____D C:\Users\Rony\Documents\Novimento Cimar
2016-12-31 07:22 - 2016-12-31 07:24 - 00908532 _____ C:\Users\Rony\Downloads\NF JU DE QUEIROZ.png
2016-12-30 09:14 - 2016-12-30 09:14 - 00053602 _____ C:\Users\Rony\Downloads\Entrada e Saidas- Atualizada (4).xlsx
2016-12-29 18:01 - 2016-12-29 18:01 - 00053602 _____ C:\Users\Rony\Downloads\Entrada e Saidas- Atualizada (2).xlsx
2016-12-29 12:11 - 2016-12-29 12:11 - 00024629 _____ C:\Users\Rony\Desktop\LIS.pdf
2016-12-29 12:09 - 2016-12-29 12:09 - 00000165 ____H C:\Users\Rony\Desktop\~$LARANJA.xlsx
2016-12-29 10:19 - 2016-12-29 10:23 - 00022328 _____ C:\Users\Rony\Downloads\LARANJA (2).xlsx
2016-12-22 07:02 - 2016-12-31 08:55 - 00121818 _____ C:\Users\Rony\Desktop\HOJE - MATRIZ DE PEDIDOS - ATUALIZADO.xlsx
2016-12-22 05:25 - 2016-12-22 05:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 15:15 - 2016-12-21 15:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-12-21 15:15 - 2016-12-21 15:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-12-21 15:15 - 2016-12-21 15:15 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-12-21 15:15 - 2016-12-21 15:15 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-12-12 09:05 - 2016-12-31 13:04 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{b4aa6457-c046-11e6-afb6-9c27793e50ff}.TMContainer00000000000000000001.regtrans-ms
2016-12-12 09:05 - 2016-12-31 13:04 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{b4aa6457-c046-11e6-afb6-9c27793e50ff}.TM.blf
2016-12-12 09:05 - 2016-12-12 09:16 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{b4aa6457-c046-11e6-afb6-9c27793e50ff}.TMContainer00000000000000000002.regtrans-ms
2016-12-08 16:14 - 2017-01-02 05:59 - 04325265 ____H C:\Users\Rony\AppData\Local\IconCache.db
2016-12-06 12:22 - 2016-12-11 05:20 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{5e65628c-bbc6-11e6-8e3b-cd4a9ca46985}.TMContainer00000000000000000001.regtrans-ms
2016-12-06 12:22 - 2016-12-11 05:20 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{5e65628c-bbc6-11e6-8e3b-cd4a9ca46985}.TM.blf
2016-12-06 12:22 - 2016-12-06 12:32 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{5e65628c-bbc6-11e6-8e3b-cd4a9ca46985}.TMContainer00000000000000000002.regtrans-ms
2016-12-06 06:20 - 2016-12-06 06:32 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{9d713a78-bb94-11e6-8f70-9b2ba21ceef8}.TMContainer00000000000000000002.regtrans-ms
2016-12-06 06:20 - 2016-12-06 06:32 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{9d713a78-bb94-11e6-8f70-9b2ba21ceef8}.TMContainer00000000000000000001.regtrans-ms
2016-12-06 06:20 - 2016-12-06 06:32 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{9d713a78-bb94-11e6-8f70-9b2ba21ceef8}.TM.blf
2016-12-04 05:13 - 2016-12-05 06:57 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{d0884c83-b9f8-11e6-93c4-b24b2f3f7c81}.TMContainer00000000000000000001.regtrans-ms
2016-12-04 05:13 - 2016-12-05 06:57 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{d0884c83-b9f8-11e6-93c4-b24b2f3f7c81}.TM.blf
2016-12-04 05:13 - 2016-12-04 05:26 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{d0884c83-b9f8-11e6-93c4-b24b2f3f7c81}.TMContainer00000000000000000002.regtrans-ms
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-02 10:12 - 2016-11-14 06:56 - 00001016 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-01-02 10:11 - 2016-05-19 09:06 - 00000000 ____D C:\Users\Rony\AppData\Roaming\Skype
2017-01-02 08:44 - 2016-02-01 11:15 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-01-02 08:44 - 2016-02-01 11:15 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-02 07:59 - 2009-07-14 01:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-02 07:59 - 2009-07-14 01:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-02 07:50 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-01-02 07:12 - 2016-11-14 06:56 - 00001012 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-01-02 06:46 - 2016-05-19 09:11 - 00002532 _____ C:\Users\Rony\Desktop\Manifesto de Documentos Fiscais Eletronico.lnk
2017-01-02 06:25 - 2016-01-07 09:26 - 00000000 ____D C:\temp
2017-01-02 06:05 - 2016-11-14 07:14 - 00000000 ___RD C:\Users\Rony\Dropbox
2017-01-02 06:04 - 2016-01-05 12:29 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-02 06:00 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-02 05:51 - 2016-01-05 11:26 - 00112184 _____ C:\Users\Rony\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-31 11:30 - 2016-01-05 10:26 - 00000000 ____D C:\Users\Rony
2016-12-31 11:30 - 2009-07-14 00:20 - 00000000 ___RD C:\Users\Default\Links
2016-12-31 11:30 - 2009-07-14 00:20 - 00000000 ___RD C:\Program Files (x86)
2016-12-31 11:30 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-31 11:30 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-31 11:30 - 2009-07-14 00:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-31 11:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\DriverStore
2016-12-31 11:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-12-31 11:27 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\System32\Tasks\Microsoft
2016-12-31 10:24 - 2016-02-22 10:36 - 00000000 ____D C:\Users\Rony\AppData\Local\ElevatedDiagnostics
2016-12-31 09:54 - 2009-07-14 01:45 - 00438784 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-31 09:12 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\winsxs
2016-12-31 09:03 - 2016-01-05 10:34 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-12-31 09:03 - 2016-01-05 10:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-31 09:02 - 2009-07-14 04:46 - 00000000 ____D C:\Windows\ShellNew
2016-12-31 09:02 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-31 08:57 - 2016-01-05 10:26 - 00000000 ___RD C:\Users\Rony\Documents
2016-12-31 08:57 - 2009-07-18 02:15 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-12-31 08:57 - 2009-07-18 02:15 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-12-31 08:57 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-31 08:57 - 2009-07-13 23:36 - 00653526 _____ C:\Windows\system32\perfh009.dat
2016-12-31 08:57 - 2009-07-13 23:36 - 00121398 _____ C:\Windows\system32\perfc009.dat
2016-12-30 11:17 - 2016-01-05 10:26 - 00000000 ___RD C:\Users\Rony\Pictures
2016-12-30 11:12 - 2016-07-02 09:48 - 00016298 _____ C:\Users\Rony\Desktop\RESULTADO DE SAÍDAS.xlsx
2016-12-30 10:11 - 2016-01-07 15:35 - 00052802 _____ C:\Users\Rony\Desktop\Entrada e Saidas- Atualizada.xlsx
2016-12-29 12:11 - 2016-06-01 08:13 - 00000000 ____D C:\Users\Rony\AppData\Local\CutePDF Writer
2016-12-29 11:05 - 2016-11-04 10:38 - 00022337 _____ C:\Users\Rony\Desktop\LARANJA.xlsx
2016-12-29 05:23 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\wdi
2016-12-28 11:10 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-12-28 11:08 - 2016-01-21 05:18 - 00000000 ____D C:\Users\Rony\AppData\Local\Diagnostics
2016-12-27 06:52 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\catroot2
2016-12-24 05:47 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\config\RegBack
2016-12-22 18:07 - 2016-01-08 12:05 - 00045908 _____ C:\Users\Rony\Desktop\ESTOQUE ENTRADAS E SAÍDAS.xlsx
2016-12-22 05:25 - 2016-11-14 06:56 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-12-22 05:24 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\drivers
2016-12-20 10:40 - 2016-01-05 11:36 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-12-19 05:09 - 2016-01-05 11:26 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-19 05:09 - 2016-01-05 11:26 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-19 05:09 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\Tasks
2016-12-16 06:48 - 2016-01-05 10:26 - 00000000 ___RD C:\Users\Rony\Music
2016-12-16 06:47 - 2016-01-05 10:26 - 00000000 ___RD C:\Users\Rony\Videos
2016-12-15 05:51 - 2016-01-05 11:29 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-15 05:51 - 2016-01-05 11:29 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-14 12:12 - 2016-01-05 12:19 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 12:09 - 2016-01-05 12:19 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-08 06:10 - 2016-02-03 08:16 - 00831320 _____ C:\Windows\ntbtlog.txt
2016-12-07 09:36 - 2016-01-07 08:59 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-03 07:48 - 2016-12-02 13:48 - 00524288 ___SH C:\Windows\system32\config\COMPONENTS{7ed3aafc-b8ae-11e6-8e27-f65e58646082}.TMContainer00000000000000000001.regtrans-ms
2016-12-03 07:48 - 2016-12-02 13:48 - 00065536 ___SH C:\Windows\system32\config\COMPONENTS{7ed3aafc-b8ae-11e6-8e27-f65e58646082}.TM.blf
2016-12-03 03:00 - 2016-11-14 06:56 - 00000000 ____D C:\Users\Rony\AppData\Local\Dropbox
Alguns arquivos em TEMP:
====================
C:\Users\Rony\AppData\Local\Temp\ose00000.exe
C:\Users\Rony\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-12-24 05:47
==================== Fim de FRST.txt ============================