Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 01-03-2017 01
Executado por Mauricio Savariz (administrador) em MAURICIOSAVARIZ (03-03-2017 11:58:59)
Executando a partir de C:\Users\Mauricio Savariz\Desktop
Perfis Carregados: Mauricio Savariz (Perfis Disponíveis: Mauricio Savariz)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnp325.exe
() C:\Windows\vsnp325.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\UdaterUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(© 2015 Microsoft Corporation) C:\Users\Mauricio Savariz\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\McTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
() C:\Users\Mauricio Savariz\AppData\Roaming\uTorrent\uTorrent7268.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Mauricio Savariz\Desktop\FRST (1).exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-07-11] ()
HKLM\...\Run: [tsnp325] => C:\Windows\tsnp325.exe [270336 2007-04-21] ()
HKLM\...\Run: [snp325] => C:\Windows\vsnp325.exe [835584 2007-05-10] ()
HKLM\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Common Framework\udaterui.exe [161088 2011-01-12] (McAfee, Inc.)
HKLM\...\Run: [ShStatEXE] => C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [215360 2011-01-12] (McAfee, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\...\Run: [DTLite] => C:\Users\Mauricio Savariz\AppData\Roaming\uTorrent\uTorrent7268.exe [6372104 2015-01-13] ()
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\...\Run: [BingSvc] => C:\Users\Mauricio Savariz\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\...\MountPoints2: {efbd42e1-9979-11db-af68-806e6f6e6963} - E:\P1100_P1560_P1600.exe
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2009-07-13] (Microsoft Corporation)
IFEO\instup.exe: [Debugger] regedit /s
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 177.84.172.70 8.8.8.8
Tcpip\..\Interfaces\{5B621671-10CC-4236-8EE6-089A13C001EF}: [DhcpNameServer] 177.84.172.70 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=pt-br
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://br.msn.com/?ocid=iehp
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.capinzalnet.com.br/portal/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20140702091453.dll [2014-07-02] (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2014-06-28] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2014-06-28] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default [2017-03-03]
CHR Extension: (Google Docs) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Google Search) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-20]
CHR Extension: (Adobe Acrobat) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-23]
CHR Extension: (Documentos Google off-line) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Skype) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-03]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Arquivo não assinado]
R2 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [120128 2011-01-12] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [272136 2017-01-19] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [159320 2014-07-02] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760 2011-01-12] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [145936 2014-07-02] (McAfee, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [Arquivo não assinado]
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [116104 2014-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [171296 2014-07-02] (McAfee, Inc.)
R3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [58456 2014-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [436728 2014-07-02] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [85152 2014-07-02] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [162928 2014-07-02] (McAfee, Inc.)
R3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10394624 2007-07-24] (Sonix Co. Ltd.)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
U3 mfeavfk02; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-03 11:56 - 2017-03-03 11:58 - 00020247 _____ C:\Users\Mauricio Savariz\Desktop\Addition.txt
2017-03-03 11:54 - 2017-03-03 11:58 - 00013105 _____ C:\Users\Mauricio Savariz\Desktop\FRST.txt
2017-03-03 11:54 - 2017-03-03 11:58 - 00000000 ____D C:\FRST
2017-03-03 11:54 - 2017-03-03 11:54 - 01765888 _____ (Farbar) C:\Users\Mauricio Savariz\Desktop\FRST (1).exe
2017-03-03 11:53 - 2017-03-03 11:54 - 01765888 _____ (Farbar) C:\Users\Mauricio Savariz\Downloads\FRST.exe
2017-03-03 08:03 - 2017-03-03 08:03 - 00000000 ___RD C:\Program Files\Skype
2017-03-03 08:03 - 2017-03-03 08:03 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-03-03 08:03 - 2017-03-03 08:03 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-03 08:03 - 2017-03-03 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-03 08:03 - 2017-03-03 08:03 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-03-01 13:39 - 2017-03-01 13:39 - 00050841 _____ C:\Users\Mauricio Savariz\Downloads\boletos kiandra.pdf
2017-02-21 11:12 - 2017-02-21 11:12 - 00065381 _____ C:\Users\Mauricio Savariz\Downloads\MAURICIO SAVARIZ (1).xlsx
2017-02-17 16:37 - 2017-02-17 16:51 - 00000000 ____D C:\Users\Mauricio Savariz\Desktop\SUPRISIGNAL
2017-02-16 08:39 - 2017-02-16 08:39 - 00159839 _____ C:\Users\Mauricio Savariz\Desktop\Comprovante de Pagamento Newcomp.pdf
2017-02-14 09:24 - 2017-02-14 09:24 - 00650902 _____ C:\Users\Mauricio Savariz\Downloads\Solicitação de compra 1614 - Suprisul.pdf
2017-02-10 17:28 - 2017-02-10 17:28 - 00317171 _____ C:\Users\Mauricio Savariz\Desktop\FITNESS.pdf
2017-02-10 17:26 - 2017-02-10 17:26 - 00317171 _____ C:\Users\Mauricio Savariz\Downloads\ebook.pdf
2017-02-10 15:08 - 2017-02-10 15:08 - 00130603 _____ C:\Users\Mauricio Savariz\Downloads\boleto (19).pdf
2017-02-10 15:03 - 2017-02-10 15:03 - 00130603 _____ C:\Users\Mauricio Savariz\Downloads\boleto (18).pdf
2017-02-07 07:28 - 2017-02-07 07:28 - 00102881 _____ C:\Users\Mauricio Savariz\Downloads\autorização de compra.PDF
2017-02-02 17:07 - 2017-02-02 17:07 - 00184318 _____ C:\Users\Mauricio Savariz\Downloads\BOLETO_JAIME LAGO INFORMÁTICA - ME (4).pdf
2017-02-02 17:07 - 2017-02-02 17:07 - 00136735 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015551071535352-nfe.PDF
2017-02-02 15:43 - 2017-02-02 15:43 - 00184326 _____ C:\Users\Mauricio Savariz\Downloads\BOLETO_JAIME LAGO INFORMÁTICA - ME (3).pdf
2017-02-02 15:42 - 2017-02-02 15:42 - 00134090 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015541071535282-nfe.PDF
2017-02-02 14:33 - 2017-02-02 14:33 - 00184329 _____ C:\Users\Mauricio Savariz\Downloads\BOLETO_JAIME LAGO INFORMÁTICA - ME (2).pdf
2017-02-02 14:31 - 2017-02-02 14:31 - 00139360 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015531071535218-nfe.PDF
2017-02-02 14:29 - 2017-02-02 14:29 - 00132632 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015521071535148-nfe.PDF
2017-02-02 14:26 - 2017-02-02 14:26 - 00503436 _____ C:\Users\Mauricio Savariz\Downloads\BOLETO_JAIME LAGO INFORMÁTICA - ME (1).pdf
2017-02-02 14:24 - 2017-02-02 14:24 - 00135490 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015511007153577-nfe.PDF
2017-02-02 14:23 - 2017-02-02 14:23 - 00503586 _____ C:\Users\Mauricio Savariz\Downloads\BOLETO_JAIME LAGO INFORMÁTICA - ME .pdf
2017-02-02 14:21 - 2017-02-02 14:21 - 00147882 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015501007153502-nfe.PDF
2017-02-02 13:56 - 2017-02-02 13:56 - 00016946 _____ C:\Users\Mauricio Savariz\Downloads\adm111.pdf
2017-02-02 13:40 - 2017-02-02 16:25 - 00000000 ____D C:\Users\Mauricio Savariz\AppData\Local\Microsoft Games
2017-02-02 12:54 - 2017-02-02 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-01-11 15:38 - 2017-01-11 15:38 - 00075051 _____ C:\Users\Mauricio Savariz\Downloads\req-solicitacao-correcao.pdf
2017-01-11 14:31 - 2017-01-11 14:31 - 00223412 _____ C:\Users\Mauricio Savariz\Downloads\2017 TABELA 270 A - ESPORTE DO TIRO_AC-AM-ES-PR-RR-RS-SC-SP.pdf
2017-01-10 07:27 - 2017-01-10 07:27 - 00130581 _____ C:\Users\Mauricio Savariz\Downloads\boleto (17).pdf
2017-01-10 07:27 - 2017-01-10 07:27 - 00130581 _____ C:\Users\Mauricio Savariz\Downloads\boleto (16).pdf
2017-01-09 14:50 - 2017-01-09 14:50 - 00381816 _____ C:\Users\Mauricio Savariz\Desktop\NOVA FICHA CADASTRAL - Supri Wireless.pdf
2017-01-09 14:49 - 2017-01-09 14:49 - 00381816 _____ C:\Users\Mauricio Savariz\Downloads\Ficha cadastral - Supri Wireless.pdf
2017-01-09 13:30 - 2017-01-09 13:30 - 00127384 _____ C:\Users\Mauricio Savariz\Downloads\https___mpag.bb.com.pdf
2017-01-06 07:27 - 2017-01-06 07:27 - 00082869 _____ C:\Users\Mauricio Savariz\Downloads\Anexos_201716.zip
2017-01-06 07:26 - 2017-01-06 07:26 - 00055044 _____ C:\Users\Mauricio Savariz\Downloads\GRUAutAqMauricio (1).pdf
2017-01-06 07:17 - 2017-01-17 10:44 - 00000000 ____D C:\Users\Mauricio Savariz\Desktop\CLUBE DE TIRO
2017-01-05 07:21 - 2017-01-05 07:21 - 00035779 _____ C:\Users\Mauricio Savariz\Downloads\anatel-sc.xlsx
2017-01-04 10:24 - 2017-01-04 10:24 - 00055049 _____ C:\Users\Mauricio Savariz\Downloads\GRU CRAF.pdf
2017-01-04 10:24 - 2017-01-04 10:24 - 00055049 _____ C:\Users\Mauricio Savariz\Downloads\GRU Apostilamento.pdf
2017-01-04 10:24 - 2017-01-04 10:24 - 00055045 _____ C:\Users\Mauricio Savariz\Downloads\GRU RegistroMauricio.pdf
2017-01-04 10:11 - 2017-01-04 10:11 - 00055044 _____ C:\Users\Mauricio Savariz\Downloads\GRUAutAqMauricio.pdf
2016-12-21 16:03 - 2016-12-21 16:03 - 00119263 _____ C:\Users\Mauricio Savariz\Downloads\WhatsApp Image 2016-12-21 at 14.49.34.jpeg
2016-12-21 08:06 - 2016-12-21 08:06 - 00111544 _____ C:\Users\Mauricio Savariz\Downloads\CONTAS ANA E MAU 2 (1).xlsx
2016-12-19 17:05 - 2016-12-19 17:05 - 00255843 _____ C:\Users\Mauricio Savariz\Downloads\playboy-paolla oliveira-edicao-especial.pdf
2016-12-15 16:01 - 2016-12-15 16:01 - 00012028 _____ C:\Users\Mauricio Savariz\Downloads\k.docx
2016-12-15 14:13 - 2016-12-15 14:13 - 00130604 _____ C:\Users\Mauricio Savariz\Downloads\boleto (15).pdf
2016-12-15 09:01 - 2017-01-25 09:57 - 00613010 _____ C:\Users\Mauricio Savariz\Desktop\PRODUTOS PARA CONFERENCIA DE ESTOQUE SC.xlsx
2016-12-12 13:36 - 2016-12-12 13:36 - 00130591 _____ C:\Users\Mauricio Savariz\Downloads\boleto (14).pdf
2016-12-12 10:03 - 2016-12-12 10:03 - 00111544 _____ C:\Users\Mauricio Savariz\Downloads\CONTAS ANA E MAU 2.xlsx
2016-12-09 15:12 - 2016-12-09 15:12 - 00063097 _____ C:\Users\Mauricio Savariz\Downloads\matr110.pdf
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-03 08:19 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-03 08:19 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-03 08:11 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-03 08:03 - 2014-06-28 21:14 - 00000000 ____D C:\Users\Mauricio Savariz\AppData\Roaming\Skype
2017-03-03 08:03 - 2014-06-28 21:13 - 00002687 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-03 08:03 - 2014-06-28 21:13 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2017-03-03 08:03 - 2014-06-28 21:13 - 00000000 ____D C:\ProgramData\Skype
2017-02-23 08:38 - 2016-06-09 09:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 08:31 - 2014-06-28 06:51 - 01507408 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-23 08:31 - 2009-07-14 05:31 - 00660080 _____ C:\Windows\system32\prfh0416.dat
2017-02-23 08:31 - 2009-07-14 05:31 - 00126412 _____ C:\Windows\system32\prfc0416.dat
2017-02-23 08:31 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2017-02-10 07:30 - 2015-05-18 14:32 - 00000000 ____D C:\Program Files\TeamViewer
2017-02-03 14:47 - 2014-06-28 21:08 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-03 14:47 - 2014-06-28 21:08 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-02 12:54 - 2016-06-09 09:53 - 00002045 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-02-02 12:54 - 2016-06-09 09:53 - 00000000 ____D C:\Program Files\McAfee Security Scan
Alguns arquivos em TEMP:
====================
2016-05-10 09:02 - 2016-05-10 09:02 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Mauricio Savariz\AppData\Local\Temp\BSvcProcessor.exe
2016-05-10 09:02 - 2016-05-10 09:02 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Mauricio Savariz\AppData\Local\Temp\BSvcUpdater.exe
2010-05-14 19:18 - 2010-05-14 19:18 - 0145184 ____R (Microsoft Corporation) C:\Users\Mauricio Savariz\AppData\Local\Temp\ose00000.exe
2016-03-02 09:56 - 2016-03-02 10:03 - 0192512 _____ () C:\Users\Mauricio Savariz\AppData\Local\Temp\sfamcc00001.dll
2015-02-10 14:56 - 2015-02-10 14:56 - 0105984 _____ () C:\Users\Mauricio Savariz\AppData\Local\Temp\sfextra.dll
2017-01-13 07:17 - 2017-01-19 07:10 - 43918808 _____ (Skype Technologies S.A.) C:\Users\Mauricio Savariz\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-02-22 09:58
==================== Fim de FRST.txt ============================
Executado por Mauricio Savariz (administrador) em MAURICIOSAVARIZ (03-03-2017 11:58:59)
Executando a partir de C:\Users\Mauricio Savariz\Desktop
Perfis Carregados: Mauricio Savariz (Perfis Disponíveis: Mauricio Savariz)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnp325.exe
() C:\Windows\vsnp325.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\UdaterUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(© 2015 Microsoft Corporation) C:\Users\Mauricio Savariz\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(McAfee, Inc.) C:\Program Files\McAfee\Common Framework\McTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
() C:\Users\Mauricio Savariz\AppData\Roaming\uTorrent\uTorrent7268.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Mauricio Savariz\Desktop\FRST (1).exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-07-11] ()
HKLM\...\Run: [tsnp325] => C:\Windows\tsnp325.exe [270336 2007-04-21] ()
HKLM\...\Run: [snp325] => C:\Windows\vsnp325.exe [835584 2007-05-10] ()
HKLM\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Common Framework\udaterui.exe [161088 2011-01-12] (McAfee, Inc.)
HKLM\...\Run: [ShStatEXE] => C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [215360 2011-01-12] (McAfee, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\...\Run: [DTLite] => C:\Users\Mauricio Savariz\AppData\Roaming\uTorrent\uTorrent7268.exe [6372104 2015-01-13] ()
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\...\Run: [BingSvc] => C:\Users\Mauricio Savariz\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\...\MountPoints2: {efbd42e1-9979-11db-af68-806e6f6e6963} - E:\P1100_P1560_P1600.exe
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [413696 2009-07-13] (Microsoft Corporation)
IFEO\instup.exe: [Debugger] regedit /s
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-02]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 177.84.172.70 8.8.8.8
Tcpip\..\Interfaces\{5B621671-10CC-4236-8EE6-089A13C001EF}: [DhcpNameServer] 177.84.172.70 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=pt-br
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://br.msn.com/?ocid=iehp
HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.capinzalnet.com.br/portal/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20140702091453.dll [2014-07-02] (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2014-06-28] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2014-06-28] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=pt-br
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default [2017-03-03]
CHR Extension: (Google Docs) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-16]
CHR Extension: (Google Search) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-20]
CHR Extension: (Adobe Acrobat) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-23]
CHR Extension: (Documentos Google off-line) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Skype) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-03]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Mauricio Savariz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1200118184-1175093033-1529445378-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Arquivo não assinado]
R2 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [120128 2011-01-12] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [272136 2017-01-19] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [159320 2014-07-02] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760 2011-01-12] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [145936 2014-07-02] (McAfee, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [Arquivo não assinado]
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [116104 2014-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [171296 2014-07-02] (McAfee, Inc.)
R3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [58456 2014-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [436728 2014-07-02] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [85152 2014-07-02] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [162928 2014-07-02] (McAfee, Inc.)
R3 SNP325; C:\Windows\System32\DRIVERS\snp325.sys [10394624 2007-07-24] (Sonix Co. Ltd.)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
U3 mfeavfk02; não ImagePath
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-03 11:56 - 2017-03-03 11:58 - 00020247 _____ C:\Users\Mauricio Savariz\Desktop\Addition.txt
2017-03-03 11:54 - 2017-03-03 11:58 - 00013105 _____ C:\Users\Mauricio Savariz\Desktop\FRST.txt
2017-03-03 11:54 - 2017-03-03 11:58 - 00000000 ____D C:\FRST
2017-03-03 11:54 - 2017-03-03 11:54 - 01765888 _____ (Farbar) C:\Users\Mauricio Savariz\Desktop\FRST (1).exe
2017-03-03 11:53 - 2017-03-03 11:54 - 01765888 _____ (Farbar) C:\Users\Mauricio Savariz\Downloads\FRST.exe
2017-03-03 08:03 - 2017-03-03 08:03 - 00000000 ___RD C:\Program Files\Skype
2017-03-03 08:03 - 2017-03-03 08:03 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-03-03 08:03 - 2017-03-03 08:03 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-03 08:03 - 2017-03-03 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-03-03 08:03 - 2017-03-03 08:03 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-03-01 13:39 - 2017-03-01 13:39 - 00050841 _____ C:\Users\Mauricio Savariz\Downloads\boletos kiandra.pdf
2017-02-21 11:12 - 2017-02-21 11:12 - 00065381 _____ C:\Users\Mauricio Savariz\Downloads\MAURICIO SAVARIZ (1).xlsx
2017-02-17 16:37 - 2017-02-17 16:51 - 00000000 ____D C:\Users\Mauricio Savariz\Desktop\SUPRISIGNAL
2017-02-16 08:39 - 2017-02-16 08:39 - 00159839 _____ C:\Users\Mauricio Savariz\Desktop\Comprovante de Pagamento Newcomp.pdf
2017-02-14 09:24 - 2017-02-14 09:24 - 00650902 _____ C:\Users\Mauricio Savariz\Downloads\Solicitação de compra 1614 - Suprisul.pdf
2017-02-10 17:28 - 2017-02-10 17:28 - 00317171 _____ C:\Users\Mauricio Savariz\Desktop\FITNESS.pdf
2017-02-10 17:26 - 2017-02-10 17:26 - 00317171 _____ C:\Users\Mauricio Savariz\Downloads\ebook.pdf
2017-02-10 15:08 - 2017-02-10 15:08 - 00130603 _____ C:\Users\Mauricio Savariz\Downloads\boleto (19).pdf
2017-02-10 15:03 - 2017-02-10 15:03 - 00130603 _____ C:\Users\Mauricio Savariz\Downloads\boleto (18).pdf
2017-02-07 07:28 - 2017-02-07 07:28 - 00102881 _____ C:\Users\Mauricio Savariz\Downloads\autorização de compra.PDF
2017-02-02 17:07 - 2017-02-02 17:07 - 00184318 _____ C:\Users\Mauricio Savariz\Downloads\BOLETO_JAIME LAGO INFORMÁTICA - ME (4).pdf
2017-02-02 17:07 - 2017-02-02 17:07 - 00136735 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015551071535352-nfe.PDF
2017-02-02 15:43 - 2017-02-02 15:43 - 00184326 _____ C:\Users\Mauricio Savariz\Downloads\BOLETO_JAIME LAGO INFORMÁTICA - ME (3).pdf
2017-02-02 15:42 - 2017-02-02 15:42 - 00134090 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015541071535282-nfe.PDF
2017-02-02 14:33 - 2017-02-02 14:33 - 00184329 _____ C:\Users\Mauricio Savariz\Downloads\BOLETO_JAIME LAGO INFORMÁTICA - ME (2).pdf
2017-02-02 14:31 - 2017-02-02 14:31 - 00139360 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015531071535218-nfe.PDF
2017-02-02 14:29 - 2017-02-02 14:29 - 00132632 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015521071535148-nfe.PDF
2017-02-02 14:26 - 2017-02-02 14:26 - 00503436 _____ C:\Users\Mauricio Savariz\Downloads\BOLETO_JAIME LAGO INFORMÁTICA - ME (1).pdf
2017-02-02 14:24 - 2017-02-02 14:24 - 00135490 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015511007153577-nfe.PDF
2017-02-02 14:23 - 2017-02-02 14:23 - 00503586 _____ C:\Users\Mauricio Savariz\Downloads\BOLETO_JAIME LAGO INFORMÁTICA - ME .pdf
2017-02-02 14:21 - 2017-02-02 14:21 - 00147882 _____ C:\Users\Mauricio Savariz\Downloads\42170220310964000224550010000015501007153502-nfe.PDF
2017-02-02 13:56 - 2017-02-02 13:56 - 00016946 _____ C:\Users\Mauricio Savariz\Downloads\adm111.pdf
2017-02-02 13:40 - 2017-02-02 16:25 - 00000000 ____D C:\Users\Mauricio Savariz\AppData\Local\Microsoft Games
2017-02-02 12:54 - 2017-02-02 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-01-11 15:38 - 2017-01-11 15:38 - 00075051 _____ C:\Users\Mauricio Savariz\Downloads\req-solicitacao-correcao.pdf
2017-01-11 14:31 - 2017-01-11 14:31 - 00223412 _____ C:\Users\Mauricio Savariz\Downloads\2017 TABELA 270 A - ESPORTE DO TIRO_AC-AM-ES-PR-RR-RS-SC-SP.pdf
2017-01-10 07:27 - 2017-01-10 07:27 - 00130581 _____ C:\Users\Mauricio Savariz\Downloads\boleto (17).pdf
2017-01-10 07:27 - 2017-01-10 07:27 - 00130581 _____ C:\Users\Mauricio Savariz\Downloads\boleto (16).pdf
2017-01-09 14:50 - 2017-01-09 14:50 - 00381816 _____ C:\Users\Mauricio Savariz\Desktop\NOVA FICHA CADASTRAL - Supri Wireless.pdf
2017-01-09 14:49 - 2017-01-09 14:49 - 00381816 _____ C:\Users\Mauricio Savariz\Downloads\Ficha cadastral - Supri Wireless.pdf
2017-01-09 13:30 - 2017-01-09 13:30 - 00127384 _____ C:\Users\Mauricio Savariz\Downloads\https___mpag.bb.com.pdf
2017-01-06 07:27 - 2017-01-06 07:27 - 00082869 _____ C:\Users\Mauricio Savariz\Downloads\Anexos_201716.zip
2017-01-06 07:26 - 2017-01-06 07:26 - 00055044 _____ C:\Users\Mauricio Savariz\Downloads\GRUAutAqMauricio (1).pdf
2017-01-06 07:17 - 2017-01-17 10:44 - 00000000 ____D C:\Users\Mauricio Savariz\Desktop\CLUBE DE TIRO
2017-01-05 07:21 - 2017-01-05 07:21 - 00035779 _____ C:\Users\Mauricio Savariz\Downloads\anatel-sc.xlsx
2017-01-04 10:24 - 2017-01-04 10:24 - 00055049 _____ C:\Users\Mauricio Savariz\Downloads\GRU CRAF.pdf
2017-01-04 10:24 - 2017-01-04 10:24 - 00055049 _____ C:\Users\Mauricio Savariz\Downloads\GRU Apostilamento.pdf
2017-01-04 10:24 - 2017-01-04 10:24 - 00055045 _____ C:\Users\Mauricio Savariz\Downloads\GRU RegistroMauricio.pdf
2017-01-04 10:11 - 2017-01-04 10:11 - 00055044 _____ C:\Users\Mauricio Savariz\Downloads\GRUAutAqMauricio.pdf
2016-12-21 16:03 - 2016-12-21 16:03 - 00119263 _____ C:\Users\Mauricio Savariz\Downloads\WhatsApp Image 2016-12-21 at 14.49.34.jpeg
2016-12-21 08:06 - 2016-12-21 08:06 - 00111544 _____ C:\Users\Mauricio Savariz\Downloads\CONTAS ANA E MAU 2 (1).xlsx
2016-12-19 17:05 - 2016-12-19 17:05 - 00255843 _____ C:\Users\Mauricio Savariz\Downloads\playboy-paolla oliveira-edicao-especial.pdf
2016-12-15 16:01 - 2016-12-15 16:01 - 00012028 _____ C:\Users\Mauricio Savariz\Downloads\k.docx
2016-12-15 14:13 - 2016-12-15 14:13 - 00130604 _____ C:\Users\Mauricio Savariz\Downloads\boleto (15).pdf
2016-12-15 09:01 - 2017-01-25 09:57 - 00613010 _____ C:\Users\Mauricio Savariz\Desktop\PRODUTOS PARA CONFERENCIA DE ESTOQUE SC.xlsx
2016-12-12 13:36 - 2016-12-12 13:36 - 00130591 _____ C:\Users\Mauricio Savariz\Downloads\boleto (14).pdf
2016-12-12 10:03 - 2016-12-12 10:03 - 00111544 _____ C:\Users\Mauricio Savariz\Downloads\CONTAS ANA E MAU 2.xlsx
2016-12-09 15:12 - 2016-12-09 15:12 - 00063097 _____ C:\Users\Mauricio Savariz\Downloads\matr110.pdf
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-03 08:19 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-03 08:19 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-03 08:11 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-03 08:03 - 2014-06-28 21:14 - 00000000 ____D C:\Users\Mauricio Savariz\AppData\Roaming\Skype
2017-03-03 08:03 - 2014-06-28 21:13 - 00002687 _____ C:\Users\Public\Desktop\Skype.lnk
2017-03-03 08:03 - 2014-06-28 21:13 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2017-03-03 08:03 - 2014-06-28 21:13 - 00000000 ____D C:\ProgramData\Skype
2017-02-23 08:38 - 2016-06-09 09:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-23 08:31 - 2014-06-28 06:51 - 01507408 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-23 08:31 - 2009-07-14 05:31 - 00660080 _____ C:\Windows\system32\prfh0416.dat
2017-02-23 08:31 - 2009-07-14 05:31 - 00126412 _____ C:\Windows\system32\prfc0416.dat
2017-02-23 08:31 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2017-02-10 07:30 - 2015-05-18 14:32 - 00000000 ____D C:\Program Files\TeamViewer
2017-02-03 14:47 - 2014-06-28 21:08 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-03 14:47 - 2014-06-28 21:08 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-02 12:54 - 2016-06-09 09:53 - 00002045 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-02-02 12:54 - 2016-06-09 09:53 - 00000000 ____D C:\Program Files\McAfee Security Scan
Alguns arquivos em TEMP:
====================
2016-05-10 09:02 - 2016-05-10 09:02 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Mauricio Savariz\AppData\Local\Temp\BSvcProcessor.exe
2016-05-10 09:02 - 2016-05-10 09:02 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Mauricio Savariz\AppData\Local\Temp\BSvcUpdater.exe
2010-05-14 19:18 - 2010-05-14 19:18 - 0145184 ____R (Microsoft Corporation) C:\Users\Mauricio Savariz\AppData\Local\Temp\ose00000.exe
2016-03-02 09:56 - 2016-03-02 10:03 - 0192512 _____ () C:\Users\Mauricio Savariz\AppData\Local\Temp\sfamcc00001.dll
2015-02-10 14:56 - 2015-02-10 14:56 - 0105984 _____ () C:\Users\Mauricio Savariz\AppData\Local\Temp\sfextra.dll
2017-01-13 07:17 - 2017-01-19 07:10 - 43918808 _____ (Skype Technologies S.A.) C:\Users\Mauricio Savariz\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-02-22 09:58
==================== Fim de FRST.txt ============================