Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 17.02.2018
Executado por mathe (administrador) em DESKTOP-GIRSH35 (17-02-2018 21:27:37)
Executando a partir de C:\Users\mathe\Desktop
Perfis Carregados: mathe (Perfis Disponíveis: mathe & outro)
Platform: Windows 10 Pro 10240.16384 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(BitTorrent Inc.) C:\Users\mathe\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\mathe\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(BitTorrent Inc.) C:\Users\mathe\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Falha ao acessar processo -> explorer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Remo Software) C:\Program Files (x86)\Remo File Eraser 2.0\rs-fileeraser.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.17020_none_1152834562020692\TiWorker.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-23] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2017-11-09] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\RunOnce: [SlimCleaner Plus] => cmd /c "start "" "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /delay=5 /mode=toaster "
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENÇÃO
Winlogon\Notify\ GbPluginCef:
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\Run: [uTorrent] => C:\Users\mathe\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2017-12-28] (BitTorrent Inc.)
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4105328 2017-12-28] (Tonec Inc.)
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\Run: [IDM trial reset] => D:\IDM_6.28_Build__Registered_(32bit_+_64bit_Patch)\02 Ativador IDM 2017 SIGAN TUTORIAIS E DICAS\idm_trial_reset 17.exe [1179136 2015-04-11] ()
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [1332736 2018-01-10] (Adobe Systems Incorporated)
ShellExecuteHooks-x32: GbIehCefObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\Diebold\Warsaw\wsaxbco.dll [971312 2017-08-11] (GAS Tecnologia LTDA)
Startup: C:\Users\mathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2017-11-10]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8a53388c-ca3f-4593-9056-59ae02238ee7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{93753ff1-d8ea-4b0e-b716-9caf8f8ac3c0}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9b643aaf-646b-42fe-99a3-2dc66d65a1a7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-390941324-379733044-1376603182-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung15.msn.com/?pc=SMTE
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-12-14] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-02-17] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-12-14] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-02-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-19] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> Nenhum Arquivo
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-02-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-19] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-17] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-390941324-379733044-1376603182-1001 -> hxxp://www.google.com.br/
FireFox:
========
FF HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\mathe\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\mathe\AppData\Roaming\IDM\idmmzcc5 [2017-11-12] [Legacy] [não assinado]
FF HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-02-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-02-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR NewTab: Default -> Not-active:"chrome-extension://ihncdclhgglipafcfgicbgajlkdogdhg/redirect.html"
CHR Profile: C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default [2018-02-17]
CHR Extension: (Google Tradutor) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-11-09]
CHR Extension: (Apresentações) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-09]
CHR Extension: (Documentos) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-09]
CHR Extension: (Google Drive) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-09]
CHR Extension: (YouTube) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-09]
CHR Extension: (Adblock Plus) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-02-06]
CHR Extension: (Save Tabs) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjepfldodmdfmdidhhgamnklbdibndi [2017-11-10]
CHR Extension: (Avast SafePrice) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-17]
CHR Extension: (Planilhas) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-09]
CHR Extension: (Documentos Google off-line) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-09]
CHR Extension: (Avast Online Security) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-10]
CHR Extension: (NewtabTV) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihncdclhgglipafcfgicbgajlkdogdhg [2017-12-10]
CHR Extension: (Coca-Cola FM) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbkhcdbchpnghcidmbpgfdhglfofknac [2017-11-09]
CHR Extension: (Happy Friday!) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lagckjdgadpknikjoegcibbollkafpid [2017-11-09]
CHR Extension: (Webcam Toy) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2017-11-09]
CHR Extension: (Google Play Books) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2017-11-09]
CHR Extension: (Microcosm - New Tab) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nagnmfhgkjkplbhplkbicmpkfopmnefp [2017-11-09]
CHR Extension: (IDM Integration Module) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-01-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-09]
CHR Extension: (Outlook.com) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2017-11-09]
CHR Extension: (Gmail) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-09]
CHR Extension: (Chrome Media Router) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-12-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nagnmfhgkjkplbhplkbicmpkfopmnefp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-12-29]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Arquivo não assinado]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-23] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-23] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968432 2018-01-30] (Microsoft Corporation)
R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [252096 2016-10-25] (SlimWare Utilities, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2017-11-09] (Synaptics Incorporated)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1056304 2017-08-30] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2018-01-23] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-01-23] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-01-23] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-01-23] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-01-23] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344 2018-01-23] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-01-23] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146664 2018-01-23] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2018-01-23] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2018-01-23] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2018-01-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457400 2018-01-23] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2018-01-23] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2018-01-23] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2017-11-09] (Advanced Micro Devices)
S1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [28192 2018-01-31] (EldoS Corporation)
R3 NETJME; C:\WINDOWS\System32\drivers\NETJME.sys [137728 2015-07-10] (JMicron Technology Corp.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3749888 2015-07-10] (Realtek Semiconductor Corporation )
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [16056 2018-02-17] (SlimWare Utilities, Inc.)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2018-02-17] (GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-06-21] (GAS Tecnologia)
S1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [25184 2016-06-08] (GAS Tecnologia)
S3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-07] (GAS Tecnologia)
S3 BstkDrv; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-02-17 21:27 - 2018-02-17 21:29 - 000020274 _____ C:\Users\mathe\Desktop\FRST.txt
2018-02-17 21:27 - 2018-02-17 21:27 - 000000000 ____D C:\FRST
2018-02-17 21:25 - 2018-02-17 21:22 - 002403840 ____N (Farbar) C:\Users\mathe\Desktop\FRST64.exe
2018-02-17 21:10 - 2018-02-17 21:10 - 000002922 _____ C:\WINDOWS\System32\Tasks\SlimDrivers Startup
2018-02-17 21:10 - 2018-02-17 21:10 - 000002481 _____ C:\Users\Public\Desktop\SlimCleaner Plus.lnk
2018-02-17 21:10 - 2018-02-17 21:10 - 000000442 _____ C:\WINDOWS\Tasks\SlimDrivers Startup.job
2018-02-17 21:10 - 2018-02-17 21:10 - 000000000 ____D C:\Users\Todos os Usuários\SlimWare Utilities Inc
2018-02-17 21:10 - 2018-02-17 21:10 - 000000000 ____D C:\ProgramData\SlimWare Utilities Inc
2018-02-17 21:10 - 2018-02-17 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2018-02-17 21:09 - 2018-02-17 21:10 - 000000000 ____D C:\Program Files\SlimService
2018-02-17 21:09 - 2018-02-17 21:10 - 000000000 ____D C:\Program Files\SlimCleaner Plus
2018-02-17 21:09 - 2018-02-17 21:09 - 000000000 ____D C:\Users\mathe\AppData\Local\Downloaded Installers
2018-02-17 21:08 - 2018-02-17 21:08 - 000016056 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2018-02-17 21:08 - 2018-02-17 21:08 - 000000000 ____D C:\Users\mathe\AppData\Local\SlimWare Utilities Inc
2018-02-17 21:07 - 2018-02-17 21:07 - 000002499 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2018-02-17 21:07 - 2018-02-17 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
2018-02-17 21:07 - 2018-02-17 21:07 - 000000000 ____D C:\Program Files (x86)\SlimDrivers
2018-02-17 20:52 - 2018-02-17 20:52 - 000016148 _____ C:\WINDOWS\system32\DESKTOP-GIRSH35_mathe_HistoryPrediction.bin
2018-02-17 19:32 - 2018-02-17 19:42 - 000000000 ____D C:\Program Files\CCleaner
2018-02-17 19:32 - 2018-02-17 19:32 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-17 19:32 - 2018-02-17 19:32 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-17 19:32 - 2018-02-17 19:32 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-02-17 19:32 - 2018-02-17 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-17 19:07 - 2018-01-31 15:53 - 000028192 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys
2018-02-17 19:04 - 2018-02-17 20:45 - 000000000 ____D C:\Users\mathe\AppData\Roaming\Remo File Eraser
2018-02-17 19:04 - 2018-02-17 19:10 - 000000000 ____D C:\Users\mathe\AppData\Roaming\Remo
2018-02-17 19:03 - 2018-02-17 20:42 - 000000000 ____D C:\Program Files (x86)\Remo File Eraser 2.0
2018-02-17 19:03 - 2018-02-17 19:03 - 000001187 _____ C:\Users\Public\Desktop\Remo File Eraser.lnk
2018-02-17 19:03 - 2018-02-17 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo File Eraser 2.0
2018-02-17 18:29 - 2018-02-17 18:29 - 000000000 ___HD C:\OneDriveTemp
2018-02-06 14:44 - 2018-02-06 14:44 - 000016148 _____ C:\WINDOWS\system32\DESKTOP-GIRSH35_outro_HistoryPrediction.bin
2018-02-06 14:32 - 2018-02-06 14:32 - 000000000 ____D C:\Users\outro\AppData\Roaming\Sun
2018-02-06 14:32 - 2018-02-06 14:32 - 000000000 ____D C:\Users\outro\AppData\LocalLow\Sun
2018-01-30 16:33 - 2018-01-30 16:33 - 000000000 _____ C:\Users\mathe\AppData\Local\{AF888BED-6DED-43F9-BD78-90959D6C318E}
2018-01-23 17:38 - 2018-01-23 17:45 - 000000000 ____D C:\Program Files (x86)\Prodap
2018-01-23 14:29 - 2018-01-23 14:29 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-01-23 14:23 - 2018-01-23 14:23 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-01-23 14:23 - 2018-01-23 14:23 - 000000000 ____D C:\Program Files\MSBuild
2018-01-23 14:23 - 2018-01-23 14:23 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-01-23 14:23 - 2018-01-23 14:23 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-01-23 14:01 - 2018-01-23 13:54 - 000149344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-01-23 14:01 - 2015-05-29 21:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-01-23 14:01 - 2015-05-29 21:07 - 000102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-01-23 14:01 - 2015-05-29 21:07 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-01-23 14:00 - 2015-06-17 18:10 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-01-23 14:00 - 2015-06-17 18:10 - 000124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-01-23 14:00 - 2015-06-17 18:10 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-01-23 13:59 - 2018-01-23 13:57 - 000365680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-01-12 20:01 - 2018-01-12 20:01 - 000000000 ____D C:\Users\outro\AppData\Local\PeerDistRepub
2018-01-10 11:06 - 2018-01-10 11:06 - 000001890 _____ C:\WINDOWS\diagwrn.xml
2018-01-10 11:06 - 2018-01-10 11:06 - 000001890 _____ C:\WINDOWS\diagerr.xml
2018-01-10 10:56 - 2018-01-10 10:56 - 004448768 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-01-08 20:41 - 2018-01-08 20:41 - 000471482 _____ C:\Users\outro\Downloads\ANEXO_IV_PROGRAMA_DAS_PROVAS_SANEAGO_2017_retificado_n1.pdf
2018-01-08 19:35 - 2018-01-08 19:35 - 000012305 _____ C:\Users\outro\Downloads\resultado_isencao (Bianca).pdf
2018-01-08 18:50 - 2018-01-08 18:50 - 000012305 _____ C:\Users\outro\Downloads\resultado_isencao (rildo).pdf
2018-01-08 18:13 - 2018-01-08 18:13 - 000012313 _____ C:\Users\outro\Downloads\resultado_isencao.pdf
2018-01-03 11:54 - 2018-02-17 19:54 - 000028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2018-01-03 11:54 - 2018-01-03 11:54 - 000003038 _____ C:\WINDOWS\System32\Tasks\Rerun Warsaw's CoreFixer
2018-01-03 11:54 - 2018-01-03 11:54 - 000000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2018-01-03 11:54 - 2018-01-03 11:54 - 000000000 ___HD C:\Program Files (x86)\Diebold
2018-01-03 11:54 - 2016-11-07 14:54 - 000025184 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddprm.sys
2018-01-03 11:54 - 2016-06-21 16:24 - 000047176 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddntf.sys
2018-01-03 11:54 - 2016-06-21 16:24 - 000010345 _____ C:\WINDOWS\system32\Drivers\wsddntf.cat
2018-01-03 11:54 - 2016-06-08 18:43 - 000025184 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddpp.sys
2018-01-03 11:44 - 2018-01-03 11:44 - 000000000 ____D C:\Program Files\Diebold
2017-12-31 14:58 - 2017-12-31 14:58 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-390941324-379733044-1376603182-1003
2017-12-31 10:35 - 2017-12-31 10:35 - 000002136 _____ C:\Users\mathe\Desktop\Counter Strike 1.6 No Steam.lnk
2017-12-31 10:35 - 2017-12-31 10:35 - 000002132 _____ C:\Users\mathe\Desktop\Dedicated Server.lnk
2017-12-29 00:32 - 2017-12-28 23:47 - 000226024 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2017-12-28 20:35 - 2017-12-28 20:35 - 000000000 ____D C:\Users\outro\AppData\Roaming\Macromedia
2017-12-28 18:08 - 2017-12-28 18:05 - 188803755 ____N C:\Users\outro\Desktop\Counter Strike 1.6 Maps.exe
2017-12-28 17:40 - 2017-12-31 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2017-12-28 17:33 - 2017-12-31 10:36 - 000000000 ____D C:\Program Files (x86)\Counter-Strike 1.6
2017-12-28 17:32 - 2017-12-28 17:31 - 000317022 ____N C:\Users\outro\Desktop\cs-1697-de_rats.rar
2017-12-28 17:18 - 2018-02-06 14:25 - 000000000 ____D C:\Users\outro\AppData\LocalLow\uTorrent
2017-12-28 17:18 - 2017-12-28 17:20 - 238617038 _____ (KingSOFT DVD ) C:\Users\outro\Desktop\Counter-Strike 1.6 No Steam.exe
2017-12-28 16:21 - 2018-02-17 17:57 - 000000000 ____D C:\Users\mathe\AppData\LocalLow\uTorrent
2017-12-23 20:44 - 2017-12-31 14:58 - 000000000 ___RD C:\Users\outro\OneDrive
2017-12-23 20:44 - 2017-12-31 14:57 - 000002369 _____ C:\Users\outro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-23 20:39 - 2018-02-06 14:43 - 000000000 ____D C:\Users\outro\AppData\Roaming\uTorrent
2017-12-23 20:39 - 2017-12-23 20:39 - 000000896 _____ C:\Users\outro\Desktop\µTorrent.lnk
2017-12-23 20:39 - 2017-12-23 20:39 - 000000876 _____ C:\Users\outro\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-12-22 08:33 - 2017-12-23 20:38 - 000000000 ____D C:\Users\outro\AppData\Local\Comms
2017-12-21 22:52 - 2017-12-23 20:35 - 000000000 ____D C:\Users\outro\AppData\Local\MicrosoftEdge
2017-12-21 22:45 - 2017-12-21 22:45 - 000000000 ____D C:\Users\outro\AppData\Local\NetworkTiles
2017-12-21 22:42 - 2017-12-21 22:42 - 000000000 ____D C:\Users\outro\AppData\Roaming\AVAST Software
2017-12-21 22:42 - 2017-12-21 22:42 - 000000000 ____D C:\Users\outro\AppData\Local\CEF
2017-12-21 22:30 - 2017-12-28 17:41 - 000000000 ____D C:\Users\outro\AppData\Local\AMD
2017-12-21 22:29 - 2017-12-21 22:29 - 000000000 ____D C:\Users\outro\AppData\Roaming\ATI
2017-12-21 22:29 - 2017-12-21 22:29 - 000000000 ____D C:\Users\outro\AppData\Local\ATI
2017-12-21 22:27 - 2017-12-21 22:27 - 000000000 ____D C:\Users\outro\AppData\Local\Publishers
2017-12-21 22:24 - 2018-01-12 20:32 - 000000000 ____D C:\Users\outro\AppData\Local\Google
2017-12-21 22:24 - 2017-12-28 20:03 - 000002330 _____ C:\Users\outro\Desktop\Google Chrome.lnk
2017-12-21 22:24 - 2017-12-28 18:22 - 000000000 ____D C:\Users\outro\AppData\Local\Packages
2017-12-21 22:24 - 2017-12-21 22:24 - 000000000 ____D C:\Users\outro\AppData\Roaming\Adobe
2017-12-21 22:24 - 2017-12-21 22:24 - 000000000 ____D C:\Users\outro\AppData\Local\TileDataLayer
2017-12-21 22:23 - 2017-12-28 17:43 - 000000000 ____D C:\Users\outro\AppData\Local\VirtualStore
2017-12-21 22:23 - 2017-12-21 22:23 - 000000020 ___SH C:\Users\outro\ntuser.ini
2017-12-21 22:23 - 2017-12-21 22:23 - 000000000 _SHDL C:\Users\outro\Configurações Locais
2017-12-21 22:23 - 2017-12-21 22:23 - 000000000 _SHDL C:\Users\outro\AppData\Local\Histórico
2017-12-21 22:23 - 2017-12-21 22:23 - 000000000 _SHDL C:\Users\outro\AppData\Local\Dados de Aplicativos
2017-12-21 22:22 - 2018-02-06 14:44 - 000000000 ____D C:\Users\outro
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Modelos
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Meus Documentos
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Menu Iniciar
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Dados de Aplicativos
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Ambiente de Rede
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Ambiente de Impressão
2017-12-20 21:04 - 2017-12-20 21:04 - 000000000 ____D C:\Users\mathe\AppData\Roaming\java
2017-12-20 21:02 - 2017-12-20 21:17 - 000000000 ____D C:\Users\mathe\AppData\Roaming\.minecraft
2017-12-16 17:23 - 2017-12-16 17:23 - 000000000 ____D C:\Users\mathe\AppData\Roaming\Macromedia
2017-12-08 18:52 - 2017-12-18 20:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2017-12-08 18:51 - 2017-12-08 18:51 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-12-07 21:28 - 2017-12-07 21:28 - 000000000 ____D C:\Users\mathe\AppData\Local\RadeonInstaller
2017-12-03 23:44 - 2017-12-03 23:44 - 000641696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000389296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000331432 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000087728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000440128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000083792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2017-12-03 14:15 - 2017-12-03 14:15 - 000000000 ____D C:\Users\mathe\AppData\Roaming\Umeng
2017-12-03 14:14 - 2017-12-03 14:14 - 000001279 _____ C:\Users\Public\Desktop\SHAREit.lnk
2017-12-03 14:14 - 2017-12-03 14:14 - 000000000 ____D C:\Users\mathe\AppData\Local\SHAREit Technologies
2017-12-03 14:14 - 2017-12-03 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2017-12-03 14:14 - 2017-12-03 14:14 - 000000000 ____D C:\Program Files (x86)\SHAREit Technologies
2017-12-02 08:52 - 2017-12-02 08:52 - 000000655 _____ C:\Users\mathe\Desktop\gta_sa - Atalho.lnk
2017-12-02 08:51 - 2017-12-02 09:33 - 000000000 ____D C:\Program Files (x86)\GTA San Andreas
2017-12-01 22:02 - 2017-12-11 17:41 - 000000000 ____D C:\Users\mathe\OneDrive\Documentos\GTA San Andreas User Files
2017-12-01 21:16 - 2017-12-01 21:16 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-12-01 19:24 - 2017-12-01 19:24 - 000000000 ____D C:\Users\Todos os Usuários\SWCUTemp
2017-12-01 19:24 - 2017-12-01 19:24 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-28 18:05 - 2017-11-28 18:05 - 000058201 _____ C:\Users\mathe\OneDrive\Documentos\Arrow.S06E08.720p.HDTV.x264-AVS_2.srt
2017-11-26 18:08 - 2017-11-26 18:08 - 000000000 _____ C:\Users\mathe\AppData\Local\{0C614E00-A8C4-4BD8-9EFE-3686A1ECEDE7}
2017-11-19 16:24 - 2017-11-19 16:24 - 000000000 ____D C:\Users\mathe\AppData\Roaming\Sun
2017-11-19 16:24 - 2017-11-19 16:24 - 000000000 ____D C:\Users\mathe\AppData\LocalLow\Sun
2017-11-19 16:23 - 2017-11-19 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-19 16:23 - 2017-11-19 16:22 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-11-19 16:21 - 2017-11-19 17:18 - 000000000 ____D C:\Users\Todos os Usuários\Oracle
2017-11-19 16:21 - 2017-11-19 17:18 - 000000000 ____D C:\ProgramData\Oracle
2017-11-19 16:21 - 2017-11-19 16:21 - 000000000 ____D C:\Program Files (x86)\Java
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-02-17 21:29 - 2017-11-09 18:40 - 000000000 ____D C:\Users\mathe\AppData\Roaming\uTorrent
2018-02-17 21:27 - 2015-07-10 09:04 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-17 21:20 - 2015-07-10 09:04 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-17 20:53 - 2015-07-10 09:04 - 000000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2018-02-17 20:53 - 2015-07-10 09:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-17 20:44 - 2017-11-10 15:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-17 20:38 - 2017-11-09 17:52 - 000000000 ____D C:\SDFGHJ.old
2018-02-17 20:20 - 2015-07-10 09:02 - 000000000 ____D C:\WINDOWS\INF
2018-02-17 20:04 - 2017-11-12 21:14 - 000000000 ____D C:\Users\mathe\AppData\Roaming\IDM
2018-02-17 19:59 - 2015-07-10 08:55 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-17 19:58 - 2017-11-09 18:02 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-17 19:57 - 2017-11-10 17:09 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-17 18:29 - 2017-11-09 17:44 - 000000000 ___RD C:\Users\mathe\OneDrive
2018-02-17 18:25 - 2017-11-09 17:52 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-390941324-379733044-1376603182-1001
2018-02-17 18:25 - 2017-11-09 17:44 - 000002414 _____ C:\Users\mathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-17 18:25 - 2017-11-09 17:31 - 001810446 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-17 18:25 - 2015-07-10 14:36 - 000782022 _____ C:\WINDOWS\system32\prfh0416.dat
2018-02-17 18:25 - 2015-07-10 14:36 - 000153010 _____ C:\WINDOWS\system32\prfc0416.dat
2018-02-17 17:54 - 2017-11-09 17:32 - 000000000 ____D C:\Users\mathe
2018-02-17 17:53 - 2015-07-10 10:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-06 16:10 - 2017-11-12 21:13 - 000000000 ____D C:\Users\mathe\AppData\Roaming\DMCache
2018-01-23 17:16 - 2017-11-09 18:50 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-01-23 14:29 - 2015-07-10 09:04 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-01-23 14:29 - 2015-07-10 09:04 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-01-23 14:28 - 2017-11-16 16:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-23 14:28 - 2017-11-16 16:26 - 000000000 ____D C:\Program Files\rempl
2018-01-23 14:12 - 2017-11-16 16:58 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-23 14:10 - 2017-11-16 16:57 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-23 13:58 - 2017-11-09 18:48 - 000457400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-01-23 13:58 - 2017-11-09 18:48 - 000358672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-01-23 13:58 - 2017-11-09 18:48 - 000204456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-01-23 13:57 - 2017-11-09 18:48 - 000185096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-01-23 13:57 - 2017-11-09 18:48 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-01-23 13:57 - 2017-11-09 18:48 - 000110336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-01-23 13:57 - 2017-11-09 18:48 - 000084384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-01-23 13:57 - 2017-11-09 18:48 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-01-23 13:55 - 2017-11-09 18:48 - 001025176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-01-23 13:54 - 2017-11-09 18:48 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-01-23 13:54 - 2017-11-09 18:48 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-01-23 13:54 - 2017-11-09 18:48 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-01-23 13:54 - 2017-11-09 18:48 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-01-23 13:49 - 2017-11-12 21:12 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-01-23 13:38 - 2015-07-10 09:04 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-23 13:03 - 2017-11-10 15:17 - 000004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{36AAE019-EBCA-40F6-9406-766C507580D1}
==================== Arquivos na raiz de alguns diretórios =======
2017-11-26 18:08 - 2017-11-26 18:08 - 000000000 _____ () C:\Users\mathe\AppData\Local\{0C614E00-A8C4-4BD8-9EFE-3686A1ECEDE7}
2018-01-30 16:33 - 2018-01-30 16:33 - 000000000 _____ () C:\Users\mathe\AppData\Local\{AF888BED-6DED-43F9-BD78-90959D6C318E}
Alguns arquivos em TEMP:
====================
2018-02-17 21:06 - 2018-02-17 21:06 - 000225472 _____ (SlimWare Utilities, Inc.) C:\Users\mathe\AppData\Local\Temp\scpE236.tmp.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2018-01-12 19:58
==================== Fim de FRST.txt ============================
Executado por mathe (administrador) em DESKTOP-GIRSH35 (17-02-2018 21:27:37)
Executando a partir de C:\Users\mathe\Desktop
Perfis Carregados: mathe (Perfis Disponíveis: mathe & outro)
Platform: Windows 10 Pro 10240.16384 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(BitTorrent Inc.) C:\Users\mathe\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\mathe\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(BitTorrent Inc.) C:\Users\mathe\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
Falha ao acessar processo -> explorer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Remo Software) C:\Program Files (x86)\Remo File Eraser 2.0\rs-fileeraser.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimService\SlimServiceFactory.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.17020_none_1152834562020692\TiWorker.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-23] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2017-11-09] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\RunOnce: [SlimCleaner Plus] => cmd /c "start "" "C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe" /delay=5 /mode=toaster "
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENÇÃO
Winlogon\Notify\ GbPluginCef:
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\Run: [uTorrent] => C:\Users\mathe\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2017-12-28] (BitTorrent Inc.)
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4105328 2017-12-28] (Tonec Inc.)
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\Run: [IDM trial reset] => D:\IDM_6.28_Build__Registered_(32bit_+_64bit_Patch)\02 Ativador IDM 2017 SIGAN TUTORIAIS E DICAS\idm_trial_reset 17.exe [1179136 2015-04-11] ()
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [1332736 2018-01-10] (Adobe Systems Incorporated)
ShellExecuteHooks-x32: GbIehCefObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\Diebold\Warsaw\wsaxbco.dll [971312 2017-08-11] (GAS Tecnologia LTDA)
Startup: C:\Users\mathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2017-11-10]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8a53388c-ca3f-4593-9056-59ae02238ee7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{93753ff1-d8ea-4b0e-b716-9caf8f8ac3c0}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9b643aaf-646b-42fe-99a3-2dc66d65a1a7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-390941324-379733044-1376603182-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung15.msn.com/?pc=SMTE
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-12-14] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-02-17] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-12-14] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-02-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-19] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> Nenhum Arquivo
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-02-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-19] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-17] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-390941324-379733044-1376603182-1001 -> hxxp://www.google.com.br/
FireFox:
========
FF HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\mathe\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\mathe\AppData\Roaming\IDM\idmmzcc5 [2017-11-12] [Legacy] [não assinado]
FF HKU\S-1-5-21-390941324-379733044-1376603182-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-02-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-02-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR NewTab: Default -> Not-active:"chrome-extension://ihncdclhgglipafcfgicbgajlkdogdhg/redirect.html"
CHR Profile: C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default [2018-02-17]
CHR Extension: (Google Tradutor) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-11-09]
CHR Extension: (Apresentações) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-09]
CHR Extension: (Documentos) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-09]
CHR Extension: (Google Drive) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-11-09]
CHR Extension: (YouTube) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-09]
CHR Extension: (Adblock Plus) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-02-06]
CHR Extension: (Save Tabs) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjepfldodmdfmdidhhgamnklbdibndi [2017-11-10]
CHR Extension: (Avast SafePrice) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-17]
CHR Extension: (Planilhas) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-09]
CHR Extension: (Documentos Google off-line) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-11-09]
CHR Extension: (Avast Online Security) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-10]
CHR Extension: (NewtabTV) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihncdclhgglipafcfgicbgajlkdogdhg [2017-12-10]
CHR Extension: (Coca-Cola FM) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbkhcdbchpnghcidmbpgfdhglfofknac [2017-11-09]
CHR Extension: (Happy Friday!) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lagckjdgadpknikjoegcibbollkafpid [2017-11-09]
CHR Extension: (Webcam Toy) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2017-11-09]
CHR Extension: (Google Play Books) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2017-11-09]
CHR Extension: (Microcosm - New Tab) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nagnmfhgkjkplbhplkbicmpkfopmnefp [2017-11-09]
CHR Extension: (IDM Integration Module) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-01-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-11-09]
CHR Extension: (Outlook.com) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2017-11-09]
CHR Extension: (Gmail) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-09]
CHR Extension: (Chrome Media Router) - C:\Users\mathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-12-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nagnmfhgkjkplbhplkbicmpkfopmnefp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-12-29]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Arquivo não assinado]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-23] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-23] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968432 2018-01-30] (Microsoft Corporation)
R2 SlimService; C:\Program Files\SlimService\SlimServiceFactory.exe [252096 2016-10-25] (SlimWare Utilities, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2017-11-09] (Synaptics Incorporated)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1056304 2017-08-30] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [185096 2018-01-23] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321512 2018-01-23] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199448 2018-01-23] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343768 2018-01-23] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57696 2018-01-23] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [149344 2018-01-23] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-01-23] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146664 2018-01-23] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110336 2018-01-23] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84384 2018-01-23] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1025176 2018-01-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [457400 2018-01-23] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [204456 2018-01-23] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [358672 2018-01-23] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2017-11-09] (Advanced Micro Devices)
S1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [28192 2018-01-31] (EldoS Corporation)
R3 NETJME; C:\WINDOWS\System32\drivers\NETJME.sys [137728 2015-07-10] (JMicron Technology Corp.)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3749888 2015-07-10] (Realtek Semiconductor Corporation )
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [16056 2018-02-17] (SlimWare Utilities, Inc.)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [28376 2018-02-17] (GAS Tecnologia)
R1 wsddntf; C:\WINDOWS\system32\DRIVERS\wsddntf.sys [47176 2016-06-21] (GAS Tecnologia)
S1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [25184 2016-06-08] (GAS Tecnologia)
S3 wsddprm; C:\WINDOWS\system32\drivers\wsddprm.sys [25184 2016-11-07] (GAS Tecnologia)
S3 BstkDrv; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-02-17 21:27 - 2018-02-17 21:29 - 000020274 _____ C:\Users\mathe\Desktop\FRST.txt
2018-02-17 21:27 - 2018-02-17 21:27 - 000000000 ____D C:\FRST
2018-02-17 21:25 - 2018-02-17 21:22 - 002403840 ____N (Farbar) C:\Users\mathe\Desktop\FRST64.exe
2018-02-17 21:10 - 2018-02-17 21:10 - 000002922 _____ C:\WINDOWS\System32\Tasks\SlimDrivers Startup
2018-02-17 21:10 - 2018-02-17 21:10 - 000002481 _____ C:\Users\Public\Desktop\SlimCleaner Plus.lnk
2018-02-17 21:10 - 2018-02-17 21:10 - 000000442 _____ C:\WINDOWS\Tasks\SlimDrivers Startup.job
2018-02-17 21:10 - 2018-02-17 21:10 - 000000000 ____D C:\Users\Todos os Usuários\SlimWare Utilities Inc
2018-02-17 21:10 - 2018-02-17 21:10 - 000000000 ____D C:\ProgramData\SlimWare Utilities Inc
2018-02-17 21:10 - 2018-02-17 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2018-02-17 21:09 - 2018-02-17 21:10 - 000000000 ____D C:\Program Files\SlimService
2018-02-17 21:09 - 2018-02-17 21:10 - 000000000 ____D C:\Program Files\SlimCleaner Plus
2018-02-17 21:09 - 2018-02-17 21:09 - 000000000 ____D C:\Users\mathe\AppData\Local\Downloaded Installers
2018-02-17 21:08 - 2018-02-17 21:08 - 000016056 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2018-02-17 21:08 - 2018-02-17 21:08 - 000000000 ____D C:\Users\mathe\AppData\Local\SlimWare Utilities Inc
2018-02-17 21:07 - 2018-02-17 21:07 - 000002499 _____ C:\Users\Public\Desktop\SlimDrivers.lnk
2018-02-17 21:07 - 2018-02-17 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
2018-02-17 21:07 - 2018-02-17 21:07 - 000000000 ____D C:\Program Files (x86)\SlimDrivers
2018-02-17 20:52 - 2018-02-17 20:52 - 000016148 _____ C:\WINDOWS\system32\DESKTOP-GIRSH35_mathe_HistoryPrediction.bin
2018-02-17 19:32 - 2018-02-17 19:42 - 000000000 ____D C:\Program Files\CCleaner
2018-02-17 19:32 - 2018-02-17 19:32 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-17 19:32 - 2018-02-17 19:32 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-17 19:32 - 2018-02-17 19:32 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-02-17 19:32 - 2018-02-17 19:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-17 19:07 - 2018-01-31 15:53 - 000028192 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys
2018-02-17 19:04 - 2018-02-17 20:45 - 000000000 ____D C:\Users\mathe\AppData\Roaming\Remo File Eraser
2018-02-17 19:04 - 2018-02-17 19:10 - 000000000 ____D C:\Users\mathe\AppData\Roaming\Remo
2018-02-17 19:03 - 2018-02-17 20:42 - 000000000 ____D C:\Program Files (x86)\Remo File Eraser 2.0
2018-02-17 19:03 - 2018-02-17 19:03 - 000001187 _____ C:\Users\Public\Desktop\Remo File Eraser.lnk
2018-02-17 19:03 - 2018-02-17 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo File Eraser 2.0
2018-02-17 18:29 - 2018-02-17 18:29 - 000000000 ___HD C:\OneDriveTemp
2018-02-06 14:44 - 2018-02-06 14:44 - 000016148 _____ C:\WINDOWS\system32\DESKTOP-GIRSH35_outro_HistoryPrediction.bin
2018-02-06 14:32 - 2018-02-06 14:32 - 000000000 ____D C:\Users\outro\AppData\Roaming\Sun
2018-02-06 14:32 - 2018-02-06 14:32 - 000000000 ____D C:\Users\outro\AppData\LocalLow\Sun
2018-01-30 16:33 - 2018-01-30 16:33 - 000000000 _____ C:\Users\mathe\AppData\Local\{AF888BED-6DED-43F9-BD78-90959D6C318E}
2018-01-23 17:38 - 2018-01-23 17:45 - 000000000 ____D C:\Program Files (x86)\Prodap
2018-01-23 14:29 - 2018-01-23 14:29 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-01-23 14:23 - 2018-01-23 14:23 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-01-23 14:23 - 2018-01-23 14:23 - 000000000 ____D C:\Program Files\MSBuild
2018-01-23 14:23 - 2018-01-23 14:23 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-01-23 14:23 - 2018-01-23 14:23 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-01-23 14:01 - 2018-01-23 13:54 - 000149344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-01-23 14:01 - 2015-05-29 21:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-01-23 14:01 - 2015-05-29 21:07 - 000102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-01-23 14:01 - 2015-05-29 21:07 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-01-23 14:00 - 2015-06-17 18:10 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-01-23 14:00 - 2015-06-17 18:10 - 000124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-01-23 14:00 - 2015-06-17 18:10 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-01-23 13:59 - 2018-01-23 13:57 - 000365680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-01-12 20:01 - 2018-01-12 20:01 - 000000000 ____D C:\Users\outro\AppData\Local\PeerDistRepub
2018-01-10 11:06 - 2018-01-10 11:06 - 000001890 _____ C:\WINDOWS\diagwrn.xml
2018-01-10 11:06 - 2018-01-10 11:06 - 000001890 _____ C:\WINDOWS\diagerr.xml
2018-01-10 10:56 - 2018-01-10 10:56 - 004448768 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2018-01-08 20:41 - 2018-01-08 20:41 - 000471482 _____ C:\Users\outro\Downloads\ANEXO_IV_PROGRAMA_DAS_PROVAS_SANEAGO_2017_retificado_n1.pdf
2018-01-08 19:35 - 2018-01-08 19:35 - 000012305 _____ C:\Users\outro\Downloads\resultado_isencao (Bianca).pdf
2018-01-08 18:50 - 2018-01-08 18:50 - 000012305 _____ C:\Users\outro\Downloads\resultado_isencao (rildo).pdf
2018-01-08 18:13 - 2018-01-08 18:13 - 000012313 _____ C:\Users\outro\Downloads\resultado_isencao.pdf
2018-01-03 11:54 - 2018-02-17 19:54 - 000028376 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2018-01-03 11:54 - 2018-01-03 11:54 - 000003038 _____ C:\WINDOWS\System32\Tasks\Rerun Warsaw's CoreFixer
2018-01-03 11:54 - 2018-01-03 11:54 - 000000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2018-01-03 11:54 - 2018-01-03 11:54 - 000000000 ___HD C:\Program Files (x86)\Diebold
2018-01-03 11:54 - 2016-11-07 14:54 - 000025184 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddprm.sys
2018-01-03 11:54 - 2016-06-21 16:24 - 000047176 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddntf.sys
2018-01-03 11:54 - 2016-06-21 16:24 - 000010345 _____ C:\WINDOWS\system32\Drivers\wsddntf.cat
2018-01-03 11:54 - 2016-06-08 18:43 - 000025184 ____N (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddpp.sys
2018-01-03 11:44 - 2018-01-03 11:44 - 000000000 ____D C:\Program Files\Diebold
2017-12-31 14:58 - 2017-12-31 14:58 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-390941324-379733044-1376603182-1003
2017-12-31 10:35 - 2017-12-31 10:35 - 000002136 _____ C:\Users\mathe\Desktop\Counter Strike 1.6 No Steam.lnk
2017-12-31 10:35 - 2017-12-31 10:35 - 000002132 _____ C:\Users\mathe\Desktop\Dedicated Server.lnk
2017-12-29 00:32 - 2017-12-28 23:47 - 000226024 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys
2017-12-28 20:35 - 2017-12-28 20:35 - 000000000 ____D C:\Users\outro\AppData\Roaming\Macromedia
2017-12-28 18:08 - 2017-12-28 18:05 - 188803755 ____N C:\Users\outro\Desktop\Counter Strike 1.6 Maps.exe
2017-12-28 17:40 - 2017-12-31 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2017-12-28 17:33 - 2017-12-31 10:36 - 000000000 ____D C:\Program Files (x86)\Counter-Strike 1.6
2017-12-28 17:32 - 2017-12-28 17:31 - 000317022 ____N C:\Users\outro\Desktop\cs-1697-de_rats.rar
2017-12-28 17:18 - 2018-02-06 14:25 - 000000000 ____D C:\Users\outro\AppData\LocalLow\uTorrent
2017-12-28 17:18 - 2017-12-28 17:20 - 238617038 _____ (KingSOFT DVD ) C:\Users\outro\Desktop\Counter-Strike 1.6 No Steam.exe
2017-12-28 16:21 - 2018-02-17 17:57 - 000000000 ____D C:\Users\mathe\AppData\LocalLow\uTorrent
2017-12-23 20:44 - 2017-12-31 14:58 - 000000000 ___RD C:\Users\outro\OneDrive
2017-12-23 20:44 - 2017-12-31 14:57 - 000002369 _____ C:\Users\outro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-23 20:39 - 2018-02-06 14:43 - 000000000 ____D C:\Users\outro\AppData\Roaming\uTorrent
2017-12-23 20:39 - 2017-12-23 20:39 - 000000896 _____ C:\Users\outro\Desktop\µTorrent.lnk
2017-12-23 20:39 - 2017-12-23 20:39 - 000000876 _____ C:\Users\outro\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-12-22 08:33 - 2017-12-23 20:38 - 000000000 ____D C:\Users\outro\AppData\Local\Comms
2017-12-21 22:52 - 2017-12-23 20:35 - 000000000 ____D C:\Users\outro\AppData\Local\MicrosoftEdge
2017-12-21 22:45 - 2017-12-21 22:45 - 000000000 ____D C:\Users\outro\AppData\Local\NetworkTiles
2017-12-21 22:42 - 2017-12-21 22:42 - 000000000 ____D C:\Users\outro\AppData\Roaming\AVAST Software
2017-12-21 22:42 - 2017-12-21 22:42 - 000000000 ____D C:\Users\outro\AppData\Local\CEF
2017-12-21 22:30 - 2017-12-28 17:41 - 000000000 ____D C:\Users\outro\AppData\Local\AMD
2017-12-21 22:29 - 2017-12-21 22:29 - 000000000 ____D C:\Users\outro\AppData\Roaming\ATI
2017-12-21 22:29 - 2017-12-21 22:29 - 000000000 ____D C:\Users\outro\AppData\Local\ATI
2017-12-21 22:27 - 2017-12-21 22:27 - 000000000 ____D C:\Users\outro\AppData\Local\Publishers
2017-12-21 22:24 - 2018-01-12 20:32 - 000000000 ____D C:\Users\outro\AppData\Local\Google
2017-12-21 22:24 - 2017-12-28 20:03 - 000002330 _____ C:\Users\outro\Desktop\Google Chrome.lnk
2017-12-21 22:24 - 2017-12-28 18:22 - 000000000 ____D C:\Users\outro\AppData\Local\Packages
2017-12-21 22:24 - 2017-12-21 22:24 - 000000000 ____D C:\Users\outro\AppData\Roaming\Adobe
2017-12-21 22:24 - 2017-12-21 22:24 - 000000000 ____D C:\Users\outro\AppData\Local\TileDataLayer
2017-12-21 22:23 - 2017-12-28 17:43 - 000000000 ____D C:\Users\outro\AppData\Local\VirtualStore
2017-12-21 22:23 - 2017-12-21 22:23 - 000000020 ___SH C:\Users\outro\ntuser.ini
2017-12-21 22:23 - 2017-12-21 22:23 - 000000000 _SHDL C:\Users\outro\Configurações Locais
2017-12-21 22:23 - 2017-12-21 22:23 - 000000000 _SHDL C:\Users\outro\AppData\Local\Histórico
2017-12-21 22:23 - 2017-12-21 22:23 - 000000000 _SHDL C:\Users\outro\AppData\Local\Dados de Aplicativos
2017-12-21 22:22 - 2018-02-06 14:44 - 000000000 ____D C:\Users\outro
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Modelos
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Meus Documentos
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Menu Iniciar
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Dados de Aplicativos
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Ambiente de Rede
2017-12-21 22:22 - 2017-12-21 22:22 - 000000000 _SHDL C:\Users\outro\Ambiente de Impressão
2017-12-20 21:04 - 2017-12-20 21:04 - 000000000 ____D C:\Users\mathe\AppData\Roaming\java
2017-12-20 21:02 - 2017-12-20 21:17 - 000000000 ____D C:\Users\mathe\AppData\Roaming\.minecraft
2017-12-16 17:23 - 2017-12-16 17:23 - 000000000 ____D C:\Users\mathe\AppData\Roaming\Macromedia
2017-12-08 18:52 - 2017-12-18 20:56 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2017-12-08 18:51 - 2017-12-08 18:51 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2017-12-07 21:28 - 2017-12-07 21:28 - 000000000 ____D C:\Users\mathe\AppData\Local\RadeonInstaller
2017-12-03 23:44 - 2017-12-03 23:44 - 000641696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000389296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000331432 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2017-12-03 23:44 - 2017-12-03 23:44 - 000087728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000440128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2017-12-03 23:38 - 2017-12-03 23:38 - 000083792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2017-12-03 14:15 - 2017-12-03 14:15 - 000000000 ____D C:\Users\mathe\AppData\Roaming\Umeng
2017-12-03 14:14 - 2017-12-03 14:14 - 000001279 _____ C:\Users\Public\Desktop\SHAREit.lnk
2017-12-03 14:14 - 2017-12-03 14:14 - 000000000 ____D C:\Users\mathe\AppData\Local\SHAREit Technologies
2017-12-03 14:14 - 2017-12-03 14:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2017-12-03 14:14 - 2017-12-03 14:14 - 000000000 ____D C:\Program Files (x86)\SHAREit Technologies
2017-12-02 08:52 - 2017-12-02 08:52 - 000000655 _____ C:\Users\mathe\Desktop\gta_sa - Atalho.lnk
2017-12-02 08:51 - 2017-12-02 09:33 - 000000000 ____D C:\Program Files (x86)\GTA San Andreas
2017-12-01 22:02 - 2017-12-11 17:41 - 000000000 ____D C:\Users\mathe\OneDrive\Documentos\GTA San Andreas User Files
2017-12-01 21:16 - 2017-12-01 21:16 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-12-01 19:24 - 2017-12-01 19:24 - 000000000 ____D C:\Users\Todos os Usuários\SWCUTemp
2017-12-01 19:24 - 2017-12-01 19:24 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-28 18:05 - 2017-11-28 18:05 - 000058201 _____ C:\Users\mathe\OneDrive\Documentos\Arrow.S06E08.720p.HDTV.x264-AVS_2.srt
2017-11-26 18:08 - 2017-11-26 18:08 - 000000000 _____ C:\Users\mathe\AppData\Local\{0C614E00-A8C4-4BD8-9EFE-3686A1ECEDE7}
2017-11-19 16:24 - 2017-11-19 16:24 - 000000000 ____D C:\Users\mathe\AppData\Roaming\Sun
2017-11-19 16:24 - 2017-11-19 16:24 - 000000000 ____D C:\Users\mathe\AppData\LocalLow\Sun
2017-11-19 16:23 - 2017-11-19 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-11-19 16:23 - 2017-11-19 16:22 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-11-19 16:21 - 2017-11-19 17:18 - 000000000 ____D C:\Users\Todos os Usuários\Oracle
2017-11-19 16:21 - 2017-11-19 17:18 - 000000000 ____D C:\ProgramData\Oracle
2017-11-19 16:21 - 2017-11-19 16:21 - 000000000 ____D C:\Program Files (x86)\Java
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2018-02-17 21:29 - 2017-11-09 18:40 - 000000000 ____D C:\Users\mathe\AppData\Roaming\uTorrent
2018-02-17 21:27 - 2015-07-10 09:04 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-17 21:20 - 2015-07-10 09:04 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-17 20:53 - 2015-07-10 09:04 - 000000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2018-02-17 20:53 - 2015-07-10 09:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-17 20:44 - 2017-11-10 15:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-17 20:38 - 2017-11-09 17:52 - 000000000 ____D C:\SDFGHJ.old
2018-02-17 20:20 - 2015-07-10 09:02 - 000000000 ____D C:\WINDOWS\INF
2018-02-17 20:04 - 2017-11-12 21:14 - 000000000 ____D C:\Users\mathe\AppData\Roaming\IDM
2018-02-17 19:59 - 2015-07-10 08:55 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-17 19:58 - 2017-11-09 18:02 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-17 19:57 - 2017-11-10 17:09 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-17 18:29 - 2017-11-09 17:44 - 000000000 ___RD C:\Users\mathe\OneDrive
2018-02-17 18:25 - 2017-11-09 17:52 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-390941324-379733044-1376603182-1001
2018-02-17 18:25 - 2017-11-09 17:44 - 000002414 _____ C:\Users\mathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-17 18:25 - 2017-11-09 17:31 - 001810446 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-17 18:25 - 2015-07-10 14:36 - 000782022 _____ C:\WINDOWS\system32\prfh0416.dat
2018-02-17 18:25 - 2015-07-10 14:36 - 000153010 _____ C:\WINDOWS\system32\prfc0416.dat
2018-02-17 17:54 - 2017-11-09 17:32 - 000000000 ____D C:\Users\mathe
2018-02-17 17:53 - 2015-07-10 10:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-06 16:10 - 2017-11-12 21:13 - 000000000 ____D C:\Users\mathe\AppData\Roaming\DMCache
2018-01-23 17:16 - 2017-11-09 18:50 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-01-23 14:29 - 2015-07-10 09:04 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-01-23 14:29 - 2015-07-10 09:04 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-01-23 14:28 - 2017-11-16 16:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-23 14:28 - 2017-11-16 16:26 - 000000000 ____D C:\Program Files\rempl
2018-01-23 14:12 - 2017-11-16 16:58 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-23 14:10 - 2017-11-16 16:57 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-23 13:58 - 2017-11-09 18:48 - 000457400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-01-23 13:58 - 2017-11-09 18:48 - 000358672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-01-23 13:58 - 2017-11-09 18:48 - 000204456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-01-23 13:57 - 2017-11-09 18:48 - 000185096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-01-23 13:57 - 2017-11-09 18:48 - 000146664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-01-23 13:57 - 2017-11-09 18:48 - 000110336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-01-23 13:57 - 2017-11-09 18:48 - 000084384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-01-23 13:57 - 2017-11-09 18:48 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-01-23 13:55 - 2017-11-09 18:48 - 001025176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-01-23 13:54 - 2017-11-09 18:48 - 000343768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-01-23 13:54 - 2017-11-09 18:48 - 000321512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-01-23 13:54 - 2017-11-09 18:48 - 000199448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-01-23 13:54 - 2017-11-09 18:48 - 000057696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-01-23 13:49 - 2017-11-12 21:12 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-01-23 13:38 - 2015-07-10 09:04 - 000000000 __RHD C:\Users\Public\Libraries
2018-01-23 13:03 - 2017-11-10 15:17 - 000004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{36AAE019-EBCA-40F6-9406-766C507580D1}
==================== Arquivos na raiz de alguns diretórios =======
2017-11-26 18:08 - 2017-11-26 18:08 - 000000000 _____ () C:\Users\mathe\AppData\Local\{0C614E00-A8C4-4BD8-9EFE-3686A1ECEDE7}
2018-01-30 16:33 - 2018-01-30 16:33 - 000000000 _____ () C:\Users\mathe\AppData\Local\{AF888BED-6DED-43F9-BD78-90959D6C318E}
Alguns arquivos em TEMP:
====================
2018-02-17 21:06 - 2018-02-17 21:06 - 000225472 _____ (SlimWare Utilities, Inc.) C:\Users\mathe\AppData\Local\Temp\scpE236.tmp.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2018-01-12 19:58
==================== Fim de FRST.txt ============================