Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-03-2017
Executado por Leocir (administrador) em LEOCIR-X8 (10-04-2017 10:50:13)
Executando a partir de C:\Users\Leocir\Downloads
Perfis Carregados: Leocir (Perfis Disponíveis: Leocir)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
() C:\Windows\System32\PnkBstrA.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Farbar) C:\Users\Leocir\Downloads\FRST64(1).exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-04] (AVAST Software)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-04-20] (Caixa Economica Federal)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Run: [Google Update] => C:\Users\Leocir\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-19] (Google Inc.)
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Run: [uTorrent] => C:\Users\Leocir\Downloads\uTorrent(1).exe [2403520 2017-04-10] (BitTorrent Inc.)
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1824608 2015-04-20] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => -> Nenhum Arquivo
BootExecute: autocheck autochk * sh4native Sh4Removal
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0801D538-9610-488C-9721-CB4ADA6FF06B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1787D4CA-453A-49B0-BDF5-02A9FA2DD816}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{601F4A48-0422-46D2-8A9D-958C7D431244}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2811126232-1626097799-3491951287-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2811126232-1626097799-3491951287-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-17] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-04-20] (Caixa Economica Federal)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-17] (Oracle Corporation)
Handler: WSAllMyTubechrome - Nenhum Valor CLSID
FireFox:
========
FF ProfilePath: C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default [2017-04-10]
FF Homepage: Mozilla\Firefox\Profiles\8s36d8gf.default -> www.google.com.br
FF Extension: (Sem Nome) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\Extensions\1451915035_xpi [2016-08-04] [não assinado]
FF Extension: (MEGA) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\Extensions\firefox@mega.co.nz.xpi [2017-04-06]
FF Extension: (YouTube mp3) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\Extensions\info@youtube-mp3.org.xpi [2016-04-27]
FF Extension: (uBlock Origin) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\Extensions\uBlock0@raymondhill.net.xpi [2017-03-14]
FF Extension: (Video DownloadHelper) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Disable Prefetch) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\features\{6870b74d-28bc-4cc1-8224-5c44270fb601}\disable-prefetch@mozilla.org.xpi [2017-04-05]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-29] [não assinado]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-04-04]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Leocir\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => não encontrado (a)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Nenhum Arquivo]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [Nenhum Arquivo]
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Nenhum Arquivo]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [Nenhum Arquivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2811126232-1626097799-3491951287-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Leocir\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-2811126232-1626097799-3491951287-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Leocir\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.trotux.com/?z=80393ec44758021bf6755b5g8zfqab4b5b6q1c8e2b&from=isr&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V&type=hp","hxxp://www.trotux.com/?z=8bde046a7606b97b4507b98gfz3mat4ebbae8t4c3t&from=ftp&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V&type=hp","hxxp://www.amisites.com/?type=hp&ts=1479213064&z=e419cda8d4fb0370da55120gdz0mat9odg5q3magbz&from=che0812&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V","hxxp://www.amisites.com/?type=hp&ts=1482493757&z=f26747f6cb8d7976133eb39g1zfb3ofz9t5m4z6efg&from=che0812&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V","hxxp://www.amisites.com/?type=hp&ts=1484345098&z=94f4439bcffb7b74389d163g3z3bdz5c4zdb9m3w9m&from=che0812&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V","hxxp://www.amisites.com/?type=hp&ts=1484599112&z=3117df5a95ac16e42e2cbb5g7z0bazeq1eaocm6m2q&from=archer1028&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V"
CHR Profile: C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default [2017-04-10]
CHR Extension: (BF4 Auto Seeding) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghnodmijihhdkdilljanmmbmccahbcf [2016-01-14]
CHR Extension: (Google Drive) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-14]
CHR Extension: (Mega Filmes 2.0) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\belpmbjpaaillgehjjdgejiofibfbbih [2016-02-22]
CHR Extension: (WhatsChrome) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-02-16]
CHR Extension: (Adblock Plus) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-03-30]
CHR Extension: (Avast SafePrice) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (Documentos Google off-line) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Magisto - Magical Video Editor) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk [2016-01-26]
CHR Extension: (WhatFont) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2016-06-17]
CHR Extension: (Speed Dial 2) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-03]
CHR Extension: (Skype) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-14]
CHR Extension: (Video DownloadHelper) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-12-21]
CHR Extension: (WhatFontis.com right-click shortcut) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjkkfbddfkkemiejpfdgjcifjmbcloc [2016-01-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-06]
CHR Profile: C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-07]
CHR HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Leocir\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-21]
CHR HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Arquivo não assinado]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-04] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-04] (AVAST Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [565560 2015-01-20] (GAS Tecnologia)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-06-15] ()
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [316992 2007-04-27] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [206400 2007-04-27] (SafeNet, Inc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-07-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40808 2015-09-04] (Google Inc)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [307736 2017-04-04] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-04-04] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334088 2017-04-04] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-04-04] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-04-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-04-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [127112 2017-04-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-04-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-04-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1005048 2017-04-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [556784 2017-04-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [164064 2017-04-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-04-04] (AVAST Software)
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [Arquivo não assinado]
S3 heemndis; C:\Windows\System32\DRIVERS\heemndis.sys [20992 2012-02-20] (HID Global)
S3 heemusb; C:\Windows\System32\DRIVERS\heemusb.sys [39424 2012-02-20] (HID Global)
R1 legendasdrv; C:\Windows\System32\drivers\legendasdrv.sys [57584 2015-12-04] (GT)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2011-10-08] (Marvell Semiconductor, Inc.)
S2 Par1284; C:\Program Files (x86)\Cutting Master 2 1.97\Program\Par1284.sys [53344 2005-03-02] (Warp Nine Engineering) [Arquivo não assinado]
S2 Proteq; C:\Windows\SysWow64\Drivers\Proteq.sys [7598 2012-06-25] (PROTEQ) [Arquivo não assinado]
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [142120 2007-04-27] (SafeNet, Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-07-26] (Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-04-10 10:50 - 2017-04-10 10:51 - 00021977 _____ C:\Users\Leocir\Downloads\FRST.txt
2017-04-10 10:50 - 2017-04-10 10:50 - 00000000 ____D C:\FRST
2017-04-10 10:49 - 2017-04-10 10:49 - 02424832 _____ (Farbar) C:\Users\Leocir\Downloads\FRST64(1).exe
2017-04-10 10:20 - 2017-04-10 10:20 - 14749120 _____ (Microsoft Corporation) C:\Users\Leocir\Downloads\vc_redist.x64.exe
2017-04-10 10:01 - 2017-04-10 10:01 - 02424832 _____ (Farbar) C:\Users\Leocir\Downloads\FRST64.exe
2017-04-10 09:53 - 2017-04-10 09:53 - 00000000 _____ C:\Users\Leocir\Desktop\(VCTOTUROSHD) faltando api-ms-win-crt-runtime-l1-1-0.dll - 64 BISTS.rar
2017-04-10 09:27 - 2017-04-10 09:27 - 41942763 _____ C:\Users\Leocir\Downloads\RATON-Malwarebytes Premium.rar.part
2017-04-10 09:27 - 2017-04-10 09:27 - 00000000 _____ C:\Users\Leocir\Desktop\RATON-SketchUp2017-x64.rar
2017-04-10 09:02 - 2017-04-10 09:21 - 1323913449 _____ C:\Users\Leocir\Downloads\RATON-CorelDRAW Graphics Suite X8 v18.1.0.661.rar
2017-04-10 08:46 - 2017-04-10 08:46 - 776470528 _____ C:\Users\Leocir\Desktop\RATON-CorelDRAW Graphics Suite X8 v18.1.0.661 (1).rar
2017-04-10 08:31 - 2017-04-10 08:31 - 776470528 _____ C:\Users\Leocir\Desktop\RATON-CorelDRAW Graphics Suite X8 v18.1.0.661.rar
2017-04-10 08:21 - 2017-04-10 08:21 - 00000232 _____ C:\Users\Leocir\Desktop\S 10 - PHDowns (1).txt
2017-04-10 08:12 - 2017-04-10 08:12 - 00000000 ____D C:\Users\Leocir\Downloads\updates
2017-04-10 08:11 - 2017-04-10 08:11 - 02403520 _____ (BitTorrent Inc.) C:\Users\Leocir\Downloads\uTorrent(1).exe
2017-04-10 08:04 - 2017-04-10 08:04 - 02403520 _____ (BitTorrent Inc.) C:\Users\Leocir\Downloads\uTorrent.exe
2017-04-10 08:04 - 2017-04-10 08:04 - 00000000 ____D C:\Users\Todos os Usuários\SWCUTemp
2017-04-10 08:04 - 2017-04-10 08:04 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-07 12:06 - 2017-04-07 17:44 - 14583647 _____ C:\Users\Leocir\Desktop\cartao.cdr
2017-04-07 12:06 - 2017-04-07 12:06 - 13375470 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_cartao.cdr
2017-04-07 09:58 - 2017-04-07 12:12 - 294426120 _____ C:\Users\Leocir\Desktop\equilibrio.psd
2017-04-07 07:53 - 2017-04-10 08:12 - 00000000 ____D C:\Users\Leocir\AppData\LocalLow\uTorrent
2017-04-07 07:53 - 2017-04-07 07:53 - 00000000 ___HD C:\$AV_ASW
2017-04-06 14:11 - 2017-04-06 14:11 - 00477237 _____ C:\Users\Leocir\Downloads\Enc__imagens_-_URGENTE_.zip
2017-04-06 14:11 - 2017-04-06 14:11 - 00477237 _____ C:\Users\Leocir\Downloads\Enc__imagens_-_URGENTE_(1).zip
2017-04-06 10:37 - 2017-04-06 10:37 - 00178816 _____ C:\Users\Leocir\Desktop\Acrílico Toledo.dxf
2017-04-06 10:13 - 2017-04-06 10:13 - 10411146 _____ C:\Users\Leocir\Downloads\olive-branch-vector-49972.zip
2017-04-06 10:10 - 2017-04-06 10:10 - 00004004 _____ C:\Users\Leocir\Downloads\olive_wreath.zip
2017-04-06 09:56 - 2017-04-06 09:56 - 01870813 _____ C:\Users\Leocir\Downloads\Champion-emblems-set.zip
2017-04-06 09:51 - 2017-04-06 09:52 - 54637992 _____ C:\Users\Leocir\Downloads\Pack-vintage-round-frames.zip
2017-04-06 09:47 - 2017-04-06 09:47 - 28092662 _____ C:\Users\Leocir\Downloads\Realistic-wood-texture-background.zip
2017-04-06 08:56 - 2017-04-06 08:56 - 00163870 _____ C:\Users\Leocir\Desktop\60x60.dxf
2017-04-05 10:00 - 2017-04-05 14:37 - 00297851 _____ C:\Users\Leocir\Desktop\sokaza.dxf
2017-04-05 09:22 - 2017-04-05 09:22 - 00423145 _____ C:\Users\Leocir\Desktop\Numero.dxf
2017-04-05 08:58 - 2017-04-05 08:58 - 00469795 _____ C:\Users\Leocir\Desktop\buffon.dxf
2017-04-05 08:09 - 2017-04-05 08:10 - 00218710 _____ C:\Users\Leocir\Desktop\Assembléia.dxf
2017-04-04 17:11 - 2017-04-04 17:11 - 00539029 _____ C:\Users\Leocir\Desktop\sokaza.cdr
2017-04-04 17:11 - 2017-04-04 17:11 - 00537812 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_sokaza.cdr
2017-04-04 16:22 - 2017-04-05 15:47 - 02655673 _____ C:\Users\Leocir\Desktop\buffon engenharia arquitetura.dxf
2017-04-04 15:12 - 2017-04-03 16:04 - 00513431 _____ C:\Users\Leocir\Desktop\lado esquerdo.cdr
2017-04-04 15:12 - 2017-04-03 16:02 - 00518142 _____ C:\Users\Leocir\Desktop\Frente.cdr
2017-04-04 15:12 - 2017-04-03 16:00 - 00524410 _____ C:\Users\Leocir\Desktop\Lado direito.cdr
2017-04-04 07:47 - 2017-04-04 07:47 - 00399944 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-04-03 16:20 - 2017-04-03 16:20 - 00025690 _____ C:\Users\Leocir\Desktop\lOGO-BANNER.ai
2017-04-03 13:40 - 2017-04-03 13:41 - 00220288 _____ C:\Users\Leocir\Desktop\sentido da moda 10mm.dxf
2017-04-03 11:44 - 2017-04-03 11:44 - 00165226 _____ C:\Users\Leocir\Desktop\o.dxf
2017-04-03 11:06 - 2017-04-03 11:06 - 00164074 _____ C:\Users\Leocir\Desktop\linha.dxf
2017-04-03 10:12 - 2017-04-03 10:13 - 00163888 _____ C:\Users\Leocir\Desktop\ar condicionado.dxf
2017-04-03 09:39 - 2017-04-03 10:02 - 00168078 _____ C:\Users\Leocir\Desktop\2mm patricia.dxf
2017-04-03 09:14 - 2017-04-03 09:14 - 00169168 _____ C:\Users\Leocir\Desktop\ae.dxf
2017-03-30 14:27 - 2017-03-30 14:27 - 27271749 _____ C:\Users\Leocir\Desktop\patricia 250x250 front.cdr
2017-03-30 11:22 - 2017-03-30 11:22 - 00211115 _____ C:\Users\Leocir\Downloads\correia-160-xl.htm
2017-03-29 17:32 - 2017-03-31 14:04 - 00900826 _____ C:\Users\Leocir\Desktop\corte.cdr
2017-03-29 17:32 - 2017-03-30 17:59 - 00898884 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_corte.cdr
2017-03-28 16:20 - 2017-03-28 17:49 - 00891469 _____ C:\Users\Leocir\Desktop\cortes.cdr
2017-03-28 16:20 - 2017-03-28 16:35 - 00891709 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_cortes.cdr
2017-03-28 11:53 - 2017-03-28 11:55 - 1128139315 _____ C:\Users\Leocir\Desktop\geladeira.psd
2017-03-27 16:31 - 2017-03-27 16:31 - 00583689 _____ C:\Users\Leocir\Desktop\frango-a-passarinho.jpeg
2017-03-27 12:24 - 2017-04-03 15:34 - 21669971 _____ C:\Users\Leocir\Desktop\FRANCISCO.cdr
2017-03-27 12:24 - 2017-04-03 15:30 - 21669172 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_FRANCISCO.cdr
2017-03-23 17:51 - 2017-03-23 17:54 - 02510649 _____ C:\Users\Leocir\Desktop\JIU.cdr
2017-03-23 17:51 - 2017-03-23 17:51 - 02453010 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_JIU.cdr
2017-03-23 17:34 - 2017-03-23 17:34 - 00690457 _____ C:\Users\Leocir\Downloads\dirtee_box.zip
2017-03-23 17:34 - 2017-03-23 17:34 - 00251576 _____ C:\Users\Leocir\Downloads\broken_detroit.zip
2017-03-23 17:33 - 2017-03-23 17:33 - 00064857 _____ C:\Users\Leocir\Downloads\bad_grunge.zip
2017-03-23 17:31 - 2017-03-23 17:31 - 00198034 _____ C:\Users\Leocir\Downloads\28_days_later.zip
2017-03-23 15:45 - 2017-03-23 15:46 - 05124096 _____ C:\Users\Leocir\Downloads\eu, wolverine - 01 de 04.cbr
2017-03-23 08:14 - 2017-03-23 08:14 - 07149463 _____ C:\Users\Leocir\Downloads\arte_para_impressao_de_cartoes.zip
2017-03-22 14:55 - 2017-03-22 14:55 - 00070458 _____ C:\Users\Leocir\Desktop\stock-vector-modern-pet-logo-red-paw-pet-clinic-symbol-445130953.ai
2017-03-22 12:04 - 2017-03-29 16:55 - 79485158 _____ C:\Users\Leocir\Desktop\BIG LANCHES.cdr
2017-03-22 12:04 - 2017-03-27 17:19 - 75279634 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_BIG LANCHES.cdr
2017-03-22 09:25 - 2017-03-22 09:25 - 46061765 _____ C:\Users\Leocir\Downloads\Pacote de 120 cartoes.zip
2017-03-22 08:42 - 2017-03-22 08:43 - 02491485 _____ C:\Users\Leocir\Desktop\51.cdr
2017-03-22 08:42 - 2017-03-22 08:42 - 02482728 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_51.cdr
2017-03-22 08:11 - 2017-03-22 08:11 - 00165350 _____ C:\Users\Leocir\Downloads\litro51.cdr
2017-03-17 10:31 - 2017-03-17 10:31 - 00184627 _____ C:\Users\Leocir\Desktop\danhara 20mm.dxf
2017-03-16 16:48 - 2017-03-16 16:48 - 00110942 _____ C:\Users\Leocir\Desktop\logos-22-0.ai
2017-03-16 11:51 - 2017-03-16 11:52 - 10532838 _____ C:\Users\Leocir\Desktop\bosta.skb
2017-03-16 11:46 - 2017-03-16 12:06 - 10278838 _____ C:\Users\Leocir\Desktop\bosta.skp
2017-03-16 11:13 - 2017-03-17 13:42 - 01523512 _____ C:\Users\Leocir\Desktop\danhara.dxf
2017-03-16 10:04 - 2017-03-16 10:04 - 01167869 _____ C:\Users\Leocir\Desktop\f0e371af-6bc2-4775-aca8-2a64315ab482.ai
2017-03-15 17:38 - 2017-03-15 17:38 - 04850871 _____ C:\Users\Leocir\Desktop\ISABELI CPF.cdr
2017-03-15 17:29 - 2017-03-23 14:36 - 04542305 _____ C:\Users\Leocir\Desktop\cpf ok.cdr
2017-03-15 17:29 - 2017-03-15 17:29 - 04588459 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_cpf ok.cdr
2017-03-15 17:23 - 2017-03-23 14:37 - 00982950 _____ C:\Users\Leocir\Desktop\SUS.cdr
2017-03-15 17:23 - 2017-03-15 17:23 - 00297710 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_SUS.cdr
2017-03-15 16:26 - 2017-03-17 10:12 - 69962614 _____ C:\Users\Leocir\Desktop\coroados.cdr
2017-03-15 16:26 - 2017-03-16 09:19 - 69963640 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_coroados.cdr
2017-03-15 16:20 - 2017-03-17 14:48 - 02915319 _____ C:\Users\Leocir\Desktop\danhara.cdr
2017-03-15 16:20 - 2017-03-16 18:01 - 04578892 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_danhara.cdr
2017-03-15 08:53 - 2017-03-17 11:33 - 36736277 _____ C:\Users\Leocir\Desktop\metalurgica werich 410x210.cdr
2017-03-15 08:53 - 2017-03-15 08:53 - 36522013 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_metalurgica werich 410x210.cdr
2017-03-14 17:11 - 2017-03-14 17:11 - 11366720 _____ C:\Users\Leocir\Desktop\apf reformas em geral.cdr
2017-03-14 16:11 - 2017-03-23 11:18 - 162907086 _____ C:\Users\Leocir\Desktop\fotos.cdr
2017-03-14 16:11 - 2017-03-15 17:19 - 128299484 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_fotos.cdr
2017-03-14 11:16 - 2017-03-14 11:32 - 04773625 _____ C:\Users\Leocir\Desktop\março 2017.cdr
2017-03-14 11:16 - 2017-03-14 11:30 - 09558664 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_março 2017.cdr
2017-03-14 09:45 - 2017-03-14 17:00 - 49073260 _____ C:\Users\Leocir\Desktop\ladrilho cozinha.cdr
2017-03-13 18:00 - 2017-03-13 18:00 - 00077619 _____ C:\Users\Leocir\Desktop\Jesuis.cdr
2017-03-13 12:04 - 2017-03-13 12:04 - 00066872 _____ C:\Users\Leocir\Downloads\karate-1664258.svg
2017-03-13 08:00 - 2017-03-13 08:00 - 00170034 _____ C:\Users\Leocir\Desktop\acrilico preto.dxf
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-04-10 10:24 - 2014-09-30 07:36 - 00000000 ____D C:\Users\Leocir\AppData\Roaming\uTorrent
2017-04-10 09:47 - 2010-11-21 06:37 - 03758256 _____ C:\Windows\system32\prfh0416.dat
2017-04-10 09:47 - 2010-11-21 06:37 - 03061716 _____ C:\Windows\system32\prfc0416.dat
2017-04-10 09:47 - 2009-07-14 02:13 - 00006418 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-10 09:42 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-04-10 08:09 - 2017-02-13 06:46 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-04-10 08:06 - 2009-07-14 01:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-10 08:06 - 2009-07-14 01:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-10 08:01 - 2016-11-18 12:26 - 00000000 ____D C:\Users\Leocir\AppData\LocalLow\Mozilla
2017-04-10 08:00 - 2014-11-24 14:01 - 00000000 ___RD C:\Users\Leocir\Google Drive
2017-04-10 07:59 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-07 17:49 - 2016-12-05 10:04 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-04-07 12:24 - 2014-09-30 09:25 - 00000132 _____ C:\Users\Leocir\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2017-04-06 08:05 - 2014-12-22 16:30 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-04 15:55 - 2016-02-13 07:56 - 00000000 ____D C:\Program Files (x86)\Delcam
2017-04-04 15:54 - 2016-02-13 07:56 - 00000000 ____D C:\Users\Leocir\AppData\Roaming\PS-Exchange
2017-04-04 15:51 - 2015-07-14 09:37 - 00000000 ____D C:\Users\Leocir\AppData\LocalLow\Jet Propulsion Laboratory
2017-04-04 15:51 - 2015-07-14 09:35 - 00000000 ____D C:\Users\Leocir\AppData\Roaming\JPL-NASA-Caltech
2017-04-04 09:32 - 2016-06-09 09:02 - 00000000 ____D C:\Users\Todos os Usuários\Legendas
2017-04-04 09:32 - 2016-06-09 09:02 - 00000000 ____D C:\ProgramData\Legendas
2017-04-04 07:57 - 2016-08-24 07:49 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1466073223
2017-04-04 07:56 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2017-04-04 07:53 - 2009-07-14 01:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-04-04 07:47 - 2017-02-13 06:46 - 00334088 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-04-04 07:47 - 2017-02-13 06:46 - 00307736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-04-04 07:47 - 2017-02-13 06:46 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-04-04 07:47 - 2017-02-13 06:46 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-04-04 07:47 - 2016-06-15 07:59 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 01005048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00164064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-04-03 17:50 - 2016-08-04 08:45 - 00000000 ____D C:\Users\Leocir\Desktop\Nova pasta
2017-03-30 07:46 - 2016-01-04 16:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-29 11:24 - 2016-11-18 08:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-27 13:46 - 2014-11-24 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-03-24 07:51 - 2014-09-29 13:48 - 03446432 _____ C:\Users\Leocir\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-24 07:51 - 2009-07-14 01:45 - 18084032 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-23 14:49 - 2014-11-11 15:09 - 00000000 ____D C:\Users\Leocir\AppData\Local\ElevatedDiagnostics
2017-03-21 09:17 - 2015-04-24 09:21 - 01672046 _____ C:\Windows\FontData.fdb
2017-03-20 08:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-20 07:47 - 2015-07-21 08:22 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.149000686835504
2017-03-20 07:47 - 2015-07-21 08:22 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.149000686879206
2017-03-14 09:42 - 2014-12-19 13:30 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-14 09:42 - 2014-12-19 13:30 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-14 09:42 - 2014-12-19 13:30 - 00004384 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 09:42 - 2014-09-29 15:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 09:42 - 2014-09-29 15:36 - 00000000 ____D C:\Windows\system32\Macromed
==================== Arquivos na raiz de alguns diretórios =======
2016-02-13 08:00 - 2008-06-18 04:36 - 0006148 _____ () C:\Program Files (x86)\.DS_Store
2014-11-11 14:55 - 2016-02-16 07:03 - 4778946 _____ () C:\Program Files (x86)\Uninstal.exe
2015-04-14 13:28 - 2015-04-14 13:28 - 0004387 _____ () C:\Users\Leocir\AppData\Roaming\7eknsVU2EeKLI
2015-04-19 09:20 - 2015-10-14 11:07 - 0000626 _____ () C:\Users\Leocir\AppData\Roaming\DrUVcBNcLKZlQy9V
2015-04-19 09:20 - 2015-10-14 11:07 - 0000626 _____ () C:\Users\Leocir\AppData\Roaming\F5kTQLBvyWeh
2015-04-14 13:28 - 2015-04-14 13:28 - 0004387 _____ () C:\Users\Leocir\AppData\Roaming\inMR9qTWkaB5MbsKyCa2
2015-08-11 11:52 - 2015-11-12 16:22 - 0000132 _____ () C:\Users\Leocir\AppData\Roaming\Preferências do Formato GIF do Adobe CS6
2014-09-30 09:25 - 2017-04-07 12:24 - 0000132 _____ () C:\Users\Leocir\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2015-04-19 09:20 - 2015-10-14 11:07 - 0000626 _____ () C:\Users\Leocir\AppData\Roaming\pusYaamvpQig5ZH7OmVE4
2015-04-14 13:28 - 2015-04-14 13:28 - 0004387 _____ () C:\Users\Leocir\AppData\Roaming\QysZGxwMBA6YMXcKUdMgXRp2
2015-04-14 13:28 - 2015-04-14 13:28 - 0004387 _____ () C:\Users\Leocir\AppData\Roaming\SPVJ4lsQgXPh7V
2015-04-19 09:20 - 2015-04-19 09:20 - 0005872 _____ () C:\Users\Leocir\AppData\Roaming\TYffoyMB
2015-11-12 16:13 - 2015-11-12 16:37 - 0001456 _____ () C:\Users\Leocir\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2015-08-07 16:48 - 2016-11-14 06:50 - 0007601 _____ () C:\Users\Leocir\AppData\Local\Resmon.ResmonCfg
2015-06-11 16:51 - 2015-06-11 16:51 - 0000000 _____ () C:\Users\Leocir\AppData\Local\Temp.dat
2015-04-22 07:47 - 2015-04-22 07:47 - 0000131 _____ () C:\Users\Leocir\AppData\Local\Temphistor3534reg
2015-04-20 07:48 - 2015-04-20 07:48 - 0000131 _____ () C:\Users\Leocir\AppData\Local\Temphistor3549reg
2015-04-20 07:48 - 2015-04-20 07:48 - 0000004 _____ () C:\ProgramData\16
2015-03-31 07:47 - 2015-03-31 07:47 - 0000020 _____ () C:\ProgramData\bc.ini
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-04-03 08:20
==================== Fim de FRST.txt ============================
Executado por Leocir (administrador) em LEOCIR-X8 (10-04-2017 10:50:13)
Executando a partir de C:\Users\Leocir\Downloads
Perfis Carregados: Leocir (Perfis Disponíveis: Leocir)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
() C:\Windows\System32\PnkBstrA.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Corel Corporation) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDRW.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Farbar) C:\Users\Leocir\Downloads\FRST64(1).exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-04] (AVAST Software)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-04-20] (Caixa Economica Federal)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Run: [Google Update] => C:\Users\Leocir\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe [601752 2016-12-19] (Google Inc.)
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Run: [uTorrent] => C:\Users\Leocir\Downloads\uTorrent(1).exe [2403520 2017-04-10] (BitTorrent Inc.)
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1824608 2015-04-20] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-04] (AVAST Software)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => -> Nenhum Arquivo
BootExecute: autocheck autochk * sh4native Sh4Removal
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0801D538-9610-488C-9721-CB4ADA6FF06B}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1787D4CA-453A-49B0-BDF5-02A9FA2DD816}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{601F4A48-0422-46D2-8A9D-958C7D431244}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2811126232-1626097799-3491951287-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2811126232-1626097799-3491951287-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-17] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-04-20] (Caixa Economica Federal)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-17] (Oracle Corporation)
Handler: WSAllMyTubechrome - Nenhum Valor CLSID
FireFox:
========
FF ProfilePath: C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default [2017-04-10]
FF Homepage: Mozilla\Firefox\Profiles\8s36d8gf.default -> www.google.com.br
FF Extension: (Sem Nome) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\Extensions\1451915035_xpi [2016-08-04] [não assinado]
FF Extension: (MEGA) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\Extensions\firefox@mega.co.nz.xpi [2017-04-06]
FF Extension: (YouTube mp3) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\Extensions\info@youtube-mp3.org.xpi [2016-04-27]
FF Extension: (uBlock Origin) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\Extensions\uBlock0@raymondhill.net.xpi [2017-03-14]
FF Extension: (Video DownloadHelper) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Disable Prefetch) - C:\Users\Leocir\AppData\Roaming\Mozilla\Firefox\Profiles\8s36d8gf.default\features\{6870b74d-28bc-4cc1-8224-5c44270fb601}\disable-prefetch@mozilla.org.xpi [2017-04-05]
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-03-29] [não assinado]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-04-04]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Leocir\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => não encontrado (a)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Nenhum Arquivo]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [Nenhum Arquivo]
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Nenhum Arquivo]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [Nenhum Arquivo]
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2811126232-1626097799-3491951287-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Leocir\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-2811126232-1626097799-3491951287-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Leocir\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-19] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.trotux.com/?z=80393ec44758021bf6755b5g8zfqab4b5b6q1c8e2b&from=isr&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V&type=hp","hxxp://www.trotux.com/?z=8bde046a7606b97b4507b98gfz3mat4ebbae8t4c3t&from=ftp&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V&type=hp","hxxp://www.amisites.com/?type=hp&ts=1479213064&z=e419cda8d4fb0370da55120gdz0mat9odg5q3magbz&from=che0812&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V","hxxp://www.amisites.com/?type=hp&ts=1482493757&z=f26747f6cb8d7976133eb39g1zfb3ofz9t5m4z6efg&from=che0812&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V","hxxp://www.amisites.com/?type=hp&ts=1484345098&z=94f4439bcffb7b74389d163g3z3bdz5c4zdb9m3w9m&from=che0812&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V","hxxp://www.amisites.com/?type=hp&ts=1484599112&z=3117df5a95ac16e42e2cbb5g7z0bazeq1eaocm6m2q&from=archer1028&uid=ST500DM002-1BD142_Z3T9HB9VXXXXZ3T9HB9V"
CHR Profile: C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default [2017-04-10]
CHR Extension: (BF4 Auto Seeding) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghnodmijihhdkdilljanmmbmccahbcf [2016-01-14]
CHR Extension: (Google Drive) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-14]
CHR Extension: (Mega Filmes 2.0) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\belpmbjpaaillgehjjdgejiofibfbbih [2016-02-22]
CHR Extension: (WhatsChrome) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan [2016-02-16]
CHR Extension: (Adblock Plus) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-22]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-03-30]
CHR Extension: (Avast SafePrice) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-17]
CHR Extension: (Documentos Google off-line) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Magisto - Magical Video Editor) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk [2016-01-26]
CHR Extension: (WhatFont) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2016-06-17]
CHR Extension: (Speed Dial 2) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-06-03]
CHR Extension: (Skype) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-14]
CHR Extension: (Video DownloadHelper) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-12-21]
CHR Extension: (WhatFontis.com right-click shortcut) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncjkkfbddfkkemiejpfdgjcifjmbcloc [2016-01-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Chrome Media Router) - C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-06]
CHR Profile: C:\Users\Leocir\AppData\Local\Google\Chrome\User Data\System Profile [2017-04-07]
CHR HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Leocir\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-21]
CHR HKU\S-1-5-21-2811126232-1626097799-3491951287-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S4 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Arquivo não assinado]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-04] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-04] (AVAST Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [565560 2015-01-20] (GAS Tecnologia)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-06-15] ()
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [316992 2007-04-27] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [206400 2007-04-27] (SafeNet, Inc)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-07-26] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40808 2015-09-04] (Google Inc)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [307736 2017-04-04] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-04-04] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334088 2017-04-04] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-04-04] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-04-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-04-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [127112 2017-04-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-04-04] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-04-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1005048 2017-04-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [556784 2017-04-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [164064 2017-04-04] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-04-04] (AVAST Software)
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [Arquivo não assinado]
S3 heemndis; C:\Windows\System32\DRIVERS\heemndis.sys [20992 2012-02-20] (HID Global)
S3 heemusb; C:\Windows\System32\DRIVERS\heemusb.sys [39424 2012-02-20] (HID Global)
R1 legendasdrv; C:\Windows\System32\drivers\legendasdrv.sys [57584 2015-12-04] (GT)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2011-10-08] (Marvell Semiconductor, Inc.)
S2 Par1284; C:\Program Files (x86)\Cutting Master 2 1.97\Program\Par1284.sys [53344 2005-03-02] (Warp Nine Engineering) [Arquivo não assinado]
S2 Proteq; C:\Windows\SysWow64\Drivers\Proteq.sys [7598 2012-06-25] (PROTEQ) [Arquivo não assinado]
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [142120 2007-04-27] (SafeNet, Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-07-26] (Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-04-10 10:50 - 2017-04-10 10:51 - 00021977 _____ C:\Users\Leocir\Downloads\FRST.txt
2017-04-10 10:50 - 2017-04-10 10:50 - 00000000 ____D C:\FRST
2017-04-10 10:49 - 2017-04-10 10:49 - 02424832 _____ (Farbar) C:\Users\Leocir\Downloads\FRST64(1).exe
2017-04-10 10:20 - 2017-04-10 10:20 - 14749120 _____ (Microsoft Corporation) C:\Users\Leocir\Downloads\vc_redist.x64.exe
2017-04-10 10:01 - 2017-04-10 10:01 - 02424832 _____ (Farbar) C:\Users\Leocir\Downloads\FRST64.exe
2017-04-10 09:53 - 2017-04-10 09:53 - 00000000 _____ C:\Users\Leocir\Desktop\(VCTOTUROSHD) faltando api-ms-win-crt-runtime-l1-1-0.dll - 64 BISTS.rar
2017-04-10 09:27 - 2017-04-10 09:27 - 41942763 _____ C:\Users\Leocir\Downloads\RATON-Malwarebytes Premium.rar.part
2017-04-10 09:27 - 2017-04-10 09:27 - 00000000 _____ C:\Users\Leocir\Desktop\RATON-SketchUp2017-x64.rar
2017-04-10 09:02 - 2017-04-10 09:21 - 1323913449 _____ C:\Users\Leocir\Downloads\RATON-CorelDRAW Graphics Suite X8 v18.1.0.661.rar
2017-04-10 08:46 - 2017-04-10 08:46 - 776470528 _____ C:\Users\Leocir\Desktop\RATON-CorelDRAW Graphics Suite X8 v18.1.0.661 (1).rar
2017-04-10 08:31 - 2017-04-10 08:31 - 776470528 _____ C:\Users\Leocir\Desktop\RATON-CorelDRAW Graphics Suite X8 v18.1.0.661.rar
2017-04-10 08:21 - 2017-04-10 08:21 - 00000232 _____ C:\Users\Leocir\Desktop\S 10 - PHDowns (1).txt
2017-04-10 08:12 - 2017-04-10 08:12 - 00000000 ____D C:\Users\Leocir\Downloads\updates
2017-04-10 08:11 - 2017-04-10 08:11 - 02403520 _____ (BitTorrent Inc.) C:\Users\Leocir\Downloads\uTorrent(1).exe
2017-04-10 08:04 - 2017-04-10 08:04 - 02403520 _____ (BitTorrent Inc.) C:\Users\Leocir\Downloads\uTorrent.exe
2017-04-10 08:04 - 2017-04-10 08:04 - 00000000 ____D C:\Users\Todos os Usuários\SWCUTemp
2017-04-10 08:04 - 2017-04-10 08:04 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-04-07 12:06 - 2017-04-07 17:44 - 14583647 _____ C:\Users\Leocir\Desktop\cartao.cdr
2017-04-07 12:06 - 2017-04-07 12:06 - 13375470 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_cartao.cdr
2017-04-07 09:58 - 2017-04-07 12:12 - 294426120 _____ C:\Users\Leocir\Desktop\equilibrio.psd
2017-04-07 07:53 - 2017-04-10 08:12 - 00000000 ____D C:\Users\Leocir\AppData\LocalLow\uTorrent
2017-04-07 07:53 - 2017-04-07 07:53 - 00000000 ___HD C:\$AV_ASW
2017-04-06 14:11 - 2017-04-06 14:11 - 00477237 _____ C:\Users\Leocir\Downloads\Enc__imagens_-_URGENTE_.zip
2017-04-06 14:11 - 2017-04-06 14:11 - 00477237 _____ C:\Users\Leocir\Downloads\Enc__imagens_-_URGENTE_(1).zip
2017-04-06 10:37 - 2017-04-06 10:37 - 00178816 _____ C:\Users\Leocir\Desktop\Acrílico Toledo.dxf
2017-04-06 10:13 - 2017-04-06 10:13 - 10411146 _____ C:\Users\Leocir\Downloads\olive-branch-vector-49972.zip
2017-04-06 10:10 - 2017-04-06 10:10 - 00004004 _____ C:\Users\Leocir\Downloads\olive_wreath.zip
2017-04-06 09:56 - 2017-04-06 09:56 - 01870813 _____ C:\Users\Leocir\Downloads\Champion-emblems-set.zip
2017-04-06 09:51 - 2017-04-06 09:52 - 54637992 _____ C:\Users\Leocir\Downloads\Pack-vintage-round-frames.zip
2017-04-06 09:47 - 2017-04-06 09:47 - 28092662 _____ C:\Users\Leocir\Downloads\Realistic-wood-texture-background.zip
2017-04-06 08:56 - 2017-04-06 08:56 - 00163870 _____ C:\Users\Leocir\Desktop\60x60.dxf
2017-04-05 10:00 - 2017-04-05 14:37 - 00297851 _____ C:\Users\Leocir\Desktop\sokaza.dxf
2017-04-05 09:22 - 2017-04-05 09:22 - 00423145 _____ C:\Users\Leocir\Desktop\Numero.dxf
2017-04-05 08:58 - 2017-04-05 08:58 - 00469795 _____ C:\Users\Leocir\Desktop\buffon.dxf
2017-04-05 08:09 - 2017-04-05 08:10 - 00218710 _____ C:\Users\Leocir\Desktop\Assembléia.dxf
2017-04-04 17:11 - 2017-04-04 17:11 - 00539029 _____ C:\Users\Leocir\Desktop\sokaza.cdr
2017-04-04 17:11 - 2017-04-04 17:11 - 00537812 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_sokaza.cdr
2017-04-04 16:22 - 2017-04-05 15:47 - 02655673 _____ C:\Users\Leocir\Desktop\buffon engenharia arquitetura.dxf
2017-04-04 15:12 - 2017-04-03 16:04 - 00513431 _____ C:\Users\Leocir\Desktop\lado esquerdo.cdr
2017-04-04 15:12 - 2017-04-03 16:02 - 00518142 _____ C:\Users\Leocir\Desktop\Frente.cdr
2017-04-04 15:12 - 2017-04-03 16:00 - 00524410 _____ C:\Users\Leocir\Desktop\Lado direito.cdr
2017-04-04 07:47 - 2017-04-04 07:47 - 00399944 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-04-03 16:20 - 2017-04-03 16:20 - 00025690 _____ C:\Users\Leocir\Desktop\lOGO-BANNER.ai
2017-04-03 13:40 - 2017-04-03 13:41 - 00220288 _____ C:\Users\Leocir\Desktop\sentido da moda 10mm.dxf
2017-04-03 11:44 - 2017-04-03 11:44 - 00165226 _____ C:\Users\Leocir\Desktop\o.dxf
2017-04-03 11:06 - 2017-04-03 11:06 - 00164074 _____ C:\Users\Leocir\Desktop\linha.dxf
2017-04-03 10:12 - 2017-04-03 10:13 - 00163888 _____ C:\Users\Leocir\Desktop\ar condicionado.dxf
2017-04-03 09:39 - 2017-04-03 10:02 - 00168078 _____ C:\Users\Leocir\Desktop\2mm patricia.dxf
2017-04-03 09:14 - 2017-04-03 09:14 - 00169168 _____ C:\Users\Leocir\Desktop\ae.dxf
2017-03-30 14:27 - 2017-03-30 14:27 - 27271749 _____ C:\Users\Leocir\Desktop\patricia 250x250 front.cdr
2017-03-30 11:22 - 2017-03-30 11:22 - 00211115 _____ C:\Users\Leocir\Downloads\correia-160-xl.htm
2017-03-29 17:32 - 2017-03-31 14:04 - 00900826 _____ C:\Users\Leocir\Desktop\corte.cdr
2017-03-29 17:32 - 2017-03-30 17:59 - 00898884 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_corte.cdr
2017-03-28 16:20 - 2017-03-28 17:49 - 00891469 _____ C:\Users\Leocir\Desktop\cortes.cdr
2017-03-28 16:20 - 2017-03-28 16:35 - 00891709 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_cortes.cdr
2017-03-28 11:53 - 2017-03-28 11:55 - 1128139315 _____ C:\Users\Leocir\Desktop\geladeira.psd
2017-03-27 16:31 - 2017-03-27 16:31 - 00583689 _____ C:\Users\Leocir\Desktop\frango-a-passarinho.jpeg
2017-03-27 12:24 - 2017-04-03 15:34 - 21669971 _____ C:\Users\Leocir\Desktop\FRANCISCO.cdr
2017-03-27 12:24 - 2017-04-03 15:30 - 21669172 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_FRANCISCO.cdr
2017-03-23 17:51 - 2017-03-23 17:54 - 02510649 _____ C:\Users\Leocir\Desktop\JIU.cdr
2017-03-23 17:51 - 2017-03-23 17:51 - 02453010 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_JIU.cdr
2017-03-23 17:34 - 2017-03-23 17:34 - 00690457 _____ C:\Users\Leocir\Downloads\dirtee_box.zip
2017-03-23 17:34 - 2017-03-23 17:34 - 00251576 _____ C:\Users\Leocir\Downloads\broken_detroit.zip
2017-03-23 17:33 - 2017-03-23 17:33 - 00064857 _____ C:\Users\Leocir\Downloads\bad_grunge.zip
2017-03-23 17:31 - 2017-03-23 17:31 - 00198034 _____ C:\Users\Leocir\Downloads\28_days_later.zip
2017-03-23 15:45 - 2017-03-23 15:46 - 05124096 _____ C:\Users\Leocir\Downloads\eu, wolverine - 01 de 04.cbr
2017-03-23 08:14 - 2017-03-23 08:14 - 07149463 _____ C:\Users\Leocir\Downloads\arte_para_impressao_de_cartoes.zip
2017-03-22 14:55 - 2017-03-22 14:55 - 00070458 _____ C:\Users\Leocir\Desktop\stock-vector-modern-pet-logo-red-paw-pet-clinic-symbol-445130953.ai
2017-03-22 12:04 - 2017-03-29 16:55 - 79485158 _____ C:\Users\Leocir\Desktop\BIG LANCHES.cdr
2017-03-22 12:04 - 2017-03-27 17:19 - 75279634 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_BIG LANCHES.cdr
2017-03-22 09:25 - 2017-03-22 09:25 - 46061765 _____ C:\Users\Leocir\Downloads\Pacote de 120 cartoes.zip
2017-03-22 08:42 - 2017-03-22 08:43 - 02491485 _____ C:\Users\Leocir\Desktop\51.cdr
2017-03-22 08:42 - 2017-03-22 08:42 - 02482728 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_51.cdr
2017-03-22 08:11 - 2017-03-22 08:11 - 00165350 _____ C:\Users\Leocir\Downloads\litro51.cdr
2017-03-17 10:31 - 2017-03-17 10:31 - 00184627 _____ C:\Users\Leocir\Desktop\danhara 20mm.dxf
2017-03-16 16:48 - 2017-03-16 16:48 - 00110942 _____ C:\Users\Leocir\Desktop\logos-22-0.ai
2017-03-16 11:51 - 2017-03-16 11:52 - 10532838 _____ C:\Users\Leocir\Desktop\bosta.skb
2017-03-16 11:46 - 2017-03-16 12:06 - 10278838 _____ C:\Users\Leocir\Desktop\bosta.skp
2017-03-16 11:13 - 2017-03-17 13:42 - 01523512 _____ C:\Users\Leocir\Desktop\danhara.dxf
2017-03-16 10:04 - 2017-03-16 10:04 - 01167869 _____ C:\Users\Leocir\Desktop\f0e371af-6bc2-4775-aca8-2a64315ab482.ai
2017-03-15 17:38 - 2017-03-15 17:38 - 04850871 _____ C:\Users\Leocir\Desktop\ISABELI CPF.cdr
2017-03-15 17:29 - 2017-03-23 14:36 - 04542305 _____ C:\Users\Leocir\Desktop\cpf ok.cdr
2017-03-15 17:29 - 2017-03-15 17:29 - 04588459 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_cpf ok.cdr
2017-03-15 17:23 - 2017-03-23 14:37 - 00982950 _____ C:\Users\Leocir\Desktop\SUS.cdr
2017-03-15 17:23 - 2017-03-15 17:23 - 00297710 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_SUS.cdr
2017-03-15 16:26 - 2017-03-17 10:12 - 69962614 _____ C:\Users\Leocir\Desktop\coroados.cdr
2017-03-15 16:26 - 2017-03-16 09:19 - 69963640 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_coroados.cdr
2017-03-15 16:20 - 2017-03-17 14:48 - 02915319 _____ C:\Users\Leocir\Desktop\danhara.cdr
2017-03-15 16:20 - 2017-03-16 18:01 - 04578892 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_danhara.cdr
2017-03-15 08:53 - 2017-03-17 11:33 - 36736277 _____ C:\Users\Leocir\Desktop\metalurgica werich 410x210.cdr
2017-03-15 08:53 - 2017-03-15 08:53 - 36522013 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_metalurgica werich 410x210.cdr
2017-03-14 17:11 - 2017-03-14 17:11 - 11366720 _____ C:\Users\Leocir\Desktop\apf reformas em geral.cdr
2017-03-14 16:11 - 2017-03-23 11:18 - 162907086 _____ C:\Users\Leocir\Desktop\fotos.cdr
2017-03-14 16:11 - 2017-03-15 17:19 - 128299484 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_fotos.cdr
2017-03-14 11:16 - 2017-03-14 11:32 - 04773625 _____ C:\Users\Leocir\Desktop\março 2017.cdr
2017-03-14 11:16 - 2017-03-14 11:30 - 09558664 _____ C:\Users\Leocir\Desktop\Cópia_de_segurança_de_março 2017.cdr
2017-03-14 09:45 - 2017-03-14 17:00 - 49073260 _____ C:\Users\Leocir\Desktop\ladrilho cozinha.cdr
2017-03-13 18:00 - 2017-03-13 18:00 - 00077619 _____ C:\Users\Leocir\Desktop\Jesuis.cdr
2017-03-13 12:04 - 2017-03-13 12:04 - 00066872 _____ C:\Users\Leocir\Downloads\karate-1664258.svg
2017-03-13 08:00 - 2017-03-13 08:00 - 00170034 _____ C:\Users\Leocir\Desktop\acrilico preto.dxf
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-04-10 10:24 - 2014-09-30 07:36 - 00000000 ____D C:\Users\Leocir\AppData\Roaming\uTorrent
2017-04-10 09:47 - 2010-11-21 06:37 - 03758256 _____ C:\Windows\system32\prfh0416.dat
2017-04-10 09:47 - 2010-11-21 06:37 - 03061716 _____ C:\Windows\system32\prfc0416.dat
2017-04-10 09:47 - 2009-07-14 02:13 - 00006418 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-10 09:42 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-04-10 08:09 - 2017-02-13 06:46 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-04-10 08:06 - 2009-07-14 01:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-04-10 08:06 - 2009-07-14 01:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-04-10 08:01 - 2016-11-18 12:26 - 00000000 ____D C:\Users\Leocir\AppData\LocalLow\Mozilla
2017-04-10 08:00 - 2014-11-24 14:01 - 00000000 ___RD C:\Users\Leocir\Google Drive
2017-04-10 07:59 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-07 17:49 - 2016-12-05 10:04 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-04-07 12:24 - 2014-09-30 09:25 - 00000132 _____ C:\Users\Leocir\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2017-04-06 08:05 - 2014-12-22 16:30 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-04 15:55 - 2016-02-13 07:56 - 00000000 ____D C:\Program Files (x86)\Delcam
2017-04-04 15:54 - 2016-02-13 07:56 - 00000000 ____D C:\Users\Leocir\AppData\Roaming\PS-Exchange
2017-04-04 15:51 - 2015-07-14 09:37 - 00000000 ____D C:\Users\Leocir\AppData\LocalLow\Jet Propulsion Laboratory
2017-04-04 15:51 - 2015-07-14 09:35 - 00000000 ____D C:\Users\Leocir\AppData\Roaming\JPL-NASA-Caltech
2017-04-04 09:32 - 2016-06-09 09:02 - 00000000 ____D C:\Users\Todos os Usuários\Legendas
2017-04-04 09:32 - 2016-06-09 09:02 - 00000000 ____D C:\ProgramData\Legendas
2017-04-04 07:57 - 2016-08-24 07:49 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1466073223
2017-04-04 07:56 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2017-04-04 07:53 - 2009-07-14 01:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-04-04 07:47 - 2017-02-13 06:46 - 00334088 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-04-04 07:47 - 2017-02-13 06:46 - 00307736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-04-04 07:47 - 2017-02-13 06:46 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-04-04 07:47 - 2017-02-13 06:46 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-04-04 07:47 - 2016-06-15 07:59 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 01005048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00556784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00164064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00127112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-04-04 07:47 - 2015-07-21 08:22 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-04-03 17:50 - 2016-08-04 08:45 - 00000000 ____D C:\Users\Leocir\Desktop\Nova pasta
2017-03-30 07:46 - 2016-01-04 16:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-29 11:24 - 2016-11-18 08:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-27 13:46 - 2014-11-24 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-03-24 07:51 - 2014-09-29 13:48 - 03446432 _____ C:\Users\Leocir\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-24 07:51 - 2009-07-14 01:45 - 18084032 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-23 14:49 - 2014-11-11 15:09 - 00000000 ____D C:\Users\Leocir\AppData\Local\ElevatedDiagnostics
2017-03-21 09:17 - 2015-04-24 09:21 - 01672046 _____ C:\Windows\FontData.fdb
2017-03-20 08:19 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-20 07:47 - 2015-07-21 08:22 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.149000686835504
2017-03-20 07:47 - 2015-07-21 08:22 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.149000686879206
2017-03-14 09:42 - 2014-12-19 13:30 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-14 09:42 - 2014-12-19 13:30 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-14 09:42 - 2014-12-19 13:30 - 00004384 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-03-14 09:42 - 2014-09-29 15:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-14 09:42 - 2014-09-29 15:36 - 00000000 ____D C:\Windows\system32\Macromed
==================== Arquivos na raiz de alguns diretórios =======
2016-02-13 08:00 - 2008-06-18 04:36 - 0006148 _____ () C:\Program Files (x86)\.DS_Store
2014-11-11 14:55 - 2016-02-16 07:03 - 4778946 _____ () C:\Program Files (x86)\Uninstal.exe
2015-04-14 13:28 - 2015-04-14 13:28 - 0004387 _____ () C:\Users\Leocir\AppData\Roaming\7eknsVU2EeKLI
2015-04-19 09:20 - 2015-10-14 11:07 - 0000626 _____ () C:\Users\Leocir\AppData\Roaming\DrUVcBNcLKZlQy9V
2015-04-19 09:20 - 2015-10-14 11:07 - 0000626 _____ () C:\Users\Leocir\AppData\Roaming\F5kTQLBvyWeh
2015-04-14 13:28 - 2015-04-14 13:28 - 0004387 _____ () C:\Users\Leocir\AppData\Roaming\inMR9qTWkaB5MbsKyCa2
2015-08-11 11:52 - 2015-11-12 16:22 - 0000132 _____ () C:\Users\Leocir\AppData\Roaming\Preferências do Formato GIF do Adobe CS6
2014-09-30 09:25 - 2017-04-07 12:24 - 0000132 _____ () C:\Users\Leocir\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2015-04-19 09:20 - 2015-10-14 11:07 - 0000626 _____ () C:\Users\Leocir\AppData\Roaming\pusYaamvpQig5ZH7OmVE4
2015-04-14 13:28 - 2015-04-14 13:28 - 0004387 _____ () C:\Users\Leocir\AppData\Roaming\QysZGxwMBA6YMXcKUdMgXRp2
2015-04-14 13:28 - 2015-04-14 13:28 - 0004387 _____ () C:\Users\Leocir\AppData\Roaming\SPVJ4lsQgXPh7V
2015-04-19 09:20 - 2015-04-19 09:20 - 0005872 _____ () C:\Users\Leocir\AppData\Roaming\TYffoyMB
2015-11-12 16:13 - 2015-11-12 16:37 - 0001456 _____ () C:\Users\Leocir\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2015-08-07 16:48 - 2016-11-14 06:50 - 0007601 _____ () C:\Users\Leocir\AppData\Local\Resmon.ResmonCfg
2015-06-11 16:51 - 2015-06-11 16:51 - 0000000 _____ () C:\Users\Leocir\AppData\Local\Temp.dat
2015-04-22 07:47 - 2015-04-22 07:47 - 0000131 _____ () C:\Users\Leocir\AppData\Local\Temphistor3534reg
2015-04-20 07:48 - 2015-04-20 07:48 - 0000131 _____ () C:\Users\Leocir\AppData\Local\Temphistor3549reg
2015-04-20 07:48 - 2015-04-20 07:48 - 0000004 _____ () C:\ProgramData\16
2015-03-31 07:47 - 2015-03-31 07:47 - 0000020 _____ () C:\ProgramData\bc.ini
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-04-03 08:20
==================== Fim de FRST.txt ============================