cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 02-06-2017
Executado por LARA (administrador) em LARA-PC (03-06-2017 21:26:50)
Executando a partir de C:\Users\LARA\Desktop
Perfis Carregados: LARA (Perfis Disponíveis: LARA)
Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
() C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-31] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2641812930-4032325216-1168265853-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [15346664 2017-05-09] (Plex, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-31] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-31] (AVAST Software)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyServer: [S-1-5-21-2641812930-4032325216-1168265853-1000] => xn--no-sia:80
Tcpip\Parameters: [DhcpNameServer] 201.17.128.239 201.17.128.247
Tcpip\..\Interfaces\{8B4C8878-02EC-4C7A-9A3A-3C0A71E39FDD}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{9AB5692C-821E-4E6F-96CC-E3EF874662D8}: [DhcpNameServer] 201.17.128.239 201.17.128.247

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=8d693f0e456d0562ba4b9f93af854d54
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=8d693f0e456d0562ba4b9f93af854d54
HKU\S-1-5-21-2641812930-4032325216-1168265853-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=8d693f0e456d0562ba4b9f93af854d54
HKU\S-1-5-21-2641812930-4032325216-1168265853-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2641812930-4032325216-1168265853-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-05-31] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-05-31] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2641812930-4032325216-1168265853-1000 -> Sem Nome - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Nenhum Arquivo

FireFox:
========
FF DefaultProfile: o96f7dom.default
FF ProfilePath: C:\Users\LARA\AppData\Roaming\Mozilla\Firefox\Profiles\o96f7dom.default [2017-06-03]
FF Extension: (Avast SafePrice) - C:\Users\LARA\AppData\Roaming\Mozilla\Firefox\Profiles\o96f7dom.default\Extensions\sp@avast.com.xpi [2017-05-31]
FF Extension: (Avast Online Security) - C:\Users\LARA\AppData\Roaming\Mozilla\Firefox\Profiles\o96f7dom.default\Extensions\wrc@avast.com.xpi [2017-05-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-31] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-31] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-31] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=8d693f0e456d0562ba4b9f93af854d54
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR NewTab: Default -> Not-active:"chrome-extension://mabloidgodmbnmnhoenmhlcjkfelomgp/stubby.html", Not-active:"chrome-extension://mallpejgeafdahhflmliiahjdpgbegpk/stubby.html"
CHR Profile: C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default [2017-06-03]
CHR Extension: (Google Apresentações) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-25]
CHR Extension: (Google Docs) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-26]
CHR Extension: (Google Drive) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-26]
CHR Extension: (Rapport) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-05-07]
CHR Extension: (YouTube) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-26]
CHR Extension: (Google Search) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-26]
CHR Extension: (Avast SafePrice) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-05-31]
CHR Extension: (Planilhas do Google) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-25]
CHR Extension: (Plex) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2017-01-27]
CHR Extension: (Documentos Google off-line) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-23]
CHR Extension: (Lock for Plex) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\idckmoepkiifambodeekdjjemiailhkj [2016-12-20]
CHR Extension: (EasyDocMerge) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mabloidgodmbnmnhoenmhlcjkfelomgp [2017-05-31]
CHR Extension: (FromDocToPDF) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2017-05-31]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-31]
CHR Extension: (Evernote Web Clipper) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2017-05-31]
CHR Extension: (Gmail) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-26]
CHR Extension: (Chrome Media Router) - C:\Users\LARA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-01]
CHR HKU\S-1-5-21-2641812930-4032325216-1168265853-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-31] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-31] (AVAST Software)
R2 COMLegService; C:\Program Files (x86)\Legendas-3.5\srvlegendas.exe [1855488 2016-01-23] () [Arquivo não assinado]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-07-22] (Intel Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1986536 2017-05-09] (Plex, Inc.)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-31] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-31] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-31] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-31] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-31] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-31] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-31] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-31] (AVAST Software)
R1 legendasdrv; C:\Windows\System32\drivers\legendasdrv.sys [57584 2015-12-04] (GT)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-11-25] (SlimWare Utilities, Inc.)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-06-03 21:25 - 2017-06-03 21:25 - 00033713 _____ C:\Users\LARA\Desktop\1.txt
2017-06-03 21:16 - 2017-06-03 21:18 - 00033868 _____ C:\Users\LARA\Desktop\Addition.txt
2017-06-03 21:15 - 2017-06-03 21:26 - 00014595 _____ C:\Users\LARA\Desktop\FRST.txt
2017-06-03 21:15 - 2017-06-03 21:26 - 00000000 ____D C:\FRST
2017-06-03 21:12 - 2017-06-03 21:13 - 02433536 _____ (Farbar) C:\Users\LARA\Desktop\FRST64.exe
2017-06-03 20:11 - 2017-06-03 20:11 - 00000000 ____D C:\Users\Todos os Usuários\SWCUTemp
2017-06-03 20:11 - 2017-06-03 20:11 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-06-03 01:15 - 2017-06-03 15:14 - 00000134 _____ C:\Users\LARA\Desktop\Internet Explorer Troubleshooting.url
2017-06-03 00:51 - 2017-06-03 00:51 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_NuidFltr_01005.Wdf
2017-06-03 00:45 - 2017-06-03 00:47 - 00000000 ____D C:\Windows\system32\MRT
2017-06-03 00:44 - 2017-06-03 00:44 - 132223576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-02 23:30 - 2017-06-02 23:30 - 00281424 _____ C:\Windows\Minidump\060217-29078-01.dmp
2017-06-02 21:49 - 2017-06-03 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2017-06-02 21:48 - 2017-06-02 21:48 - 00000000 ____D C:\Program Files (x86)\Plex
2017-06-02 21:46 - 2017-06-02 21:47 - 75037800 _____ (Plex, Inc.) C:\Users\LARA\Downloads\Plex-Media-Server-1.5.6.3790-4613ce077 (1).exe
2017-06-02 21:21 - 2017-06-02 21:21 - 00629006 _____ C:\Users\LARA\Downloads\Windows6.1-KB2999226-x86.msu
2017-06-02 21:20 - 2017-06-02 21:20 - 01034556 _____ C:\Users\LARA\Downloads\Windows6.1-KB2999226-x64.msu
2017-06-02 20:47 - 2017-06-02 20:48 - 75037800 _____ (Plex, Inc.) C:\Users\LARA\Downloads\Plex-Media-Server-1.5.6.3790-4613ce077.exe
2017-06-01 15:18 - 2017-06-03 20:34 - 00000000 ____D C:\Users\LARA\Downloads\american-gods-s01e01
2017-06-01 15:18 - 2017-06-01 15:18 - 00000000 ____D C:\Users\LARA\Downloads\american-gods-s01e02
2017-06-01 15:15 - 2017-06-01 15:15 - 00000000 ____D C:\Users\LARA\Downloads\the-leftovers-s03e07
2017-06-01 15:14 - 2017-06-01 15:15 - 00374267 _____ C:\Users\LARA\Downloads\american-gods-s01e02.zip
2017-06-01 15:14 - 2017-06-01 15:14 - 00134449 _____ C:\Users\LARA\Downloads\american-gods-s01e01.zip
2017-05-31 16:12 - 2017-05-31 16:12 - 00707879 _____ ( ) C:\Users\LARA\Downloads\mvregclean.exe
2017-05-31 16:12 - 2017-05-31 16:12 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\MV RegClean 7.0.lnk
2017-05-31 16:12 - 2017-05-31 16:12 - 00001308 _____ C:\Users\Public\Desktop\MV RegClean 7.0.lnk
2017-05-31 16:12 - 2017-05-31 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security
2017-05-31 16:12 - 2017-05-31 16:12 - 00000000 ____D C:\Program Files (x86)\Marcos Velasco Security
2017-05-31 16:11 - 2017-05-31 16:11 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-05-31 16:11 - 2017-05-31 16:09 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-31 16:11 - 2017-05-31 16:09 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-31 16:11 - 2017-05-31 16:09 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-05-31 16:10 - 2017-05-31 16:10 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-31 16:10 - 2017-05-31 16:09 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-31 16:05 - 2017-05-31 16:06 - 06654968 _____ (AVAST Software) C:\Users\LARA\Downloads\avast_free_antivirus_setup_online.exe
2017-05-31 16:04 - 2017-05-31 16:04 - 00000000 ____D C:\Windows\system32\appmgmt
2017-05-31 15:45 - 2017-05-31 15:45 - 00053155 _____ C:\Users\LARA\Downloads\DownloadAdobeAcrobatReaderDC02.exe
2017-05-31 15:44 - 2017-05-31 15:44 - 00053057 _____ C:\Users\LARA\Downloads\AppAdobePlayer_310520171238.exe
2017-05-31 15:07 - 2017-06-03 20:25 - 00005984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-31 15:07 - 2017-06-03 20:25 - 00005984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-31 15:01 - 2017-06-03 20:11 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-05-31 15:00 - 2017-05-31 16:09 - 00000000 _____ C:\Windows\SysWOW64\last.dump

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-06-03 20:31 - 2010-11-21 06:37 - 00708378 _____ C:\Windows\system32\prfh0416.dat
2017-06-03 20:31 - 2010-11-21 06:37 - 00148158 _____ C:\Windows\system32\prfc0416.dat
2017-06-03 20:31 - 2009-07-14 02:13 - 01642390 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-03 20:31 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-06-03 20:27 - 2015-11-28 15:20 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-06-03 20:27 - 2015-11-28 15:20 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-03 20:19 - 2017-01-18 11:35 - 00000000 ____D C:\Users\LARA\AppData\LocalLow\Mozilla
2017-06-03 20:11 - 2015-11-25 07:52 - 00000000 __SHD C:\Users\LARA\IntelGraphicsProfiles
2017-06-03 20:10 - 2017-02-14 12:30 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-03 01:02 - 2015-11-27 07:14 - 01606096 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-06-03 00:44 - 2016-09-10 18:24 - 00000000 ____D C:\Users\Todos os Usuários\Legendas
2017-06-03 00:44 - 2016-09-10 18:24 - 00000000 ____D C:\ProgramData\Legendas
2017-06-02 23:30 - 2016-01-05 15:57 - 482533800 _____ C:\Windows\MEMORY.DMP
2017-06-02 23:30 - 2016-01-05 15:57 - 00000000 ____D C:\Windows\Minidump
2017-06-02 23:30 - 2015-11-23 11:05 - 00000000 ____D C:\Users\LARA
2017-06-02 11:50 - 2017-01-18 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-02 11:50 - 2017-01-18 11:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-01 17:33 - 2015-11-27 16:36 - 00000000 ____D C:\Users\LARA\AppData\Roaming\uTorrent
2017-06-01 16:15 - 2017-01-31 10:21 - 00000000 ____D C:\Users\LARA\Documents\LUAN
2017-06-01 16:04 - 2016-03-25 15:23 - 00000000 ____D C:\Users\LARA\Downloads\The Leftovers - Sèrie
2017-06-01 15:16 - 2017-01-06 11:32 - 00000000 ____D C:\Users\LARA\AppData\LocalLow\uTorrent
2017-06-01 15:06 - 2015-11-25 07:54 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-01 15:06 - 2015-11-25 07:54 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-31 16:47 - 2015-12-11 09:19 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-05-31 16:47 - 2015-12-11 09:19 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-31 16:47 - 2015-12-11 09:19 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-31 16:47 - 2015-11-27 06:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-31 16:30 - 2015-11-25 07:56 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2017-05-31 16:30 - 2015-11-25 07:56 - 00000000 ____D C:\ProgramData\Skype
2017-05-31 16:18 - 2015-11-25 07:58 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2017-05-31 16:18 - 2015-11-25 07:58 - 00000000 ____D C:\ProgramData\AVAST Software
2017-05-31 16:16 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2017-05-31 16:11 - 2015-11-25 08:02 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-31 16:10 - 2015-11-25 08:02 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-31 16:10 - 2015-11-25 08:02 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-31 16:10 - 2015-11-25 08:02 - 00158368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.149625789348802
2017-05-31 16:10 - 2015-11-25 08:02 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-31 16:10 - 2015-11-25 08:02 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-31 16:10 - 2015-11-25 08:02 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-31 16:10 - 2015-11-25 08:02 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-31 16:09 - 2016-04-14 10:21 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-05-31 16:09 - 2015-11-25 08:02 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-31 16:01 - 2016-04-14 10:44 - 00000000 ____D C:\Program Files\Google
2017-05-31 16:01 - 2015-11-25 07:54 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-31 15:59 - 2015-11-27 07:17 - 00000000 ____D C:\Windows\pss
2017-05-31 15:56 - 2016-04-20 14:56 - 00000000 ____D C:\Users\LARA\AppData\Local\Dropbox
2017-05-31 15:55 - 2016-01-04 14:52 - 00000000 ____D C:\Users\LARA\Downloads\Filmes
2017-05-31 15:51 - 2015-11-25 07:55 - 00000000 ____D C:\Users\LARA\AppData\Local\Google
2017-05-31 15:31 - 2016-04-23 08:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-05-31 15:31 - 2015-11-23 11:06 - 01176404 ____H C:\Users\LARA\AppData\Local\IconCache.db.backup
2017-05-31 15:13 - 2016-04-20 15:01 - 00000000 ___RD C:\Users\LARA\Dropbox

==================== Arquivos na raiz de alguns diretórios =======

2016-11-21 16:29 - 2016-11-21 16:34 - 0005120 _____ () C:\Users\LARA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-17 16:19 - 2016-08-17 16:19 - 0000000 _____ () C:\Users\LARA\AppData\Local\thompson.sey

Alguns arquivos em TEMP:
====================
2015-12-29 14:50 - 2015-12-30 10:29 - 0145920 _____ () C:\Users\LARA\AppData\Local\Temp\bitool.dll
2010-11-16 20:48 - 2010-11-16 20:48 - 0468232 ____R (Microsoft Corporation) C:\Users\LARA\AppData\Local\Temp\MSNEEE2.exe
2016-10-27 15:19 - 2016-10-27 15:19 - 50563233 _____ (Popcorn Time ) C:\Users\LARA\AppData\Local\Temp\setup_3436.exe
2015-12-25 01:32 - 2015-12-25 01:32 - 46863488 _____ (Skype Technologies S.A.) C:\Users\LARA\AppData\Local\Temp\SkypeSetup.exe
2017-05-31 16:29 - 2017-05-31 16:29 - 14456872 _____ (Microsoft Corporation) C:\Users\LARA\AppData\Local\Temp\vc_redist.x86.exe
2017-05-31 15:13 - 2017-05-31 15:13 - 0000000 _____ () C:\Users\LARA\AppData\Local\Temp\{574F3B08-5D31-4CC3-AC53-777531AE5A77}-DropboxClient_27.4.22.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2015-11-25 08:29

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité