cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation


Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:26-11-2015
Executado por Luizinho (administrador) em LUIZINHO-PC (27-11-2015 13:02:17)
Executando a partir de C:\Users\Luizinho\Downloads
Perfis Carregados: Luizinho (Perfis Disponíveis: Luizinho)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files (x86)\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apache Software Foundation) C:\Program Files (x86)\Xampp\apache\bin\httpd.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
() C:\Program Files\Mouse\Amoumain.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
() C:\Program Files (x86)\Xampp\mysql\bin\mysqld.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(AVAST Software) C:\Program Files (x86)\Avast\avastui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Philips Display\SmartControl II\dthtml.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Portrait Displays\Pivot Software\Floater.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Portrait Displays Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Apache Software Foundation) C:\Program Files (x86)\Xampp\apache\bin\httpd.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Avast Software) C:\Program Files (x86)\Avast\ng\vbox\AvastVBoxSVC.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [WheelMouse] => C:\Program Files\Mouse\Amoumain.exe [196608 1999-12-31] ()
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5299320 1999-12-31] (VIA)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files (x86)\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] ()
HKLM-x32\...\Run: [DT PHL] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [86016 2009-10-08] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-705712820-3890963375-3929579329-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-705712820-3890963375-3929579329-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-705712820-3890963375-3929579329-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\Avast\ashShA64.dll [2015-08-22] (AVAST Software)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 189.7.144.37 189.7.144.15 189.7.144.16
Tcpip\..\Interfaces\{6855F084-7737-45D1-B078-30D612B62AD6}: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{6855F084-7737-45D1-B078-30D612B62AD6}: [DhcpNameServer] 189.7.144.37 189.7.144.15 189.7.144.16

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-705712820-3890963375-3929579329-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-705712820-3890963375-3929579329-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-705712820-3890963375-3929579329-1000 -> {41B64CB3-3AC7-4AAC-94E0-3CE8DBB7BE6A} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files (x86)\Avast\aswWebRepIE64.dll [2015-08-22] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files (x86)\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files (x86)\Avast\WebRep\FF [2015-08-22] [não assinado]
FF HKU\S-1-5-21-705712820-3890963375-3929579329-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => não encontrado

Chrome:
=======
CHR Profile: C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-22]
CHR Extension: (Google Docs) - C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-22]
CHR Extension: (Google Drive) - C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Tampermonkey) - C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-11-21]
CHR Extension: (Planilhas do Google) - C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-22]
CHR Extension: (Documentos Google off-line) - C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-22]
CHR Extension: (Gmail) - C:\Users\Luizinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-22]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files (x86)\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files (x86)\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-22]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [Arquivo não assinado]
R2 Apache2.4; C:\program files (x86)\xampp\apache\bin\httpd.exe [22528 2015-07-12] (Apache Software Foundation) [Arquivo não assinado]
R2 avast! Antivirus; C:\Program Files (x86)\Avast\AvastSvc.exe [146600 2015-08-22] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files (x86)\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-22] (Avast Software)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [69632 2009-10-08] () [Arquivo não assinado]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 mysql; C:\program files (x86)\xampp\mysql\bin\mysqld.exe [11053568 2015-07-14] () [Arquivo não assinado]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 1999-12-31] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 1999-12-31] (Advanced Micro Devices Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-22] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-22] (AVAST Software)
S3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33592 2015-09-11] (Dev47Apps)
S3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [229432 2015-09-11] (Dev47Apps)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-22] (AVAST Software)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2009-07-15] (Portrait Displays, Inc.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-11-27] (SlimWare Utilities, Inc.)
R2 VBoxAswDrv; C:\Program Files (x86)\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-22] (Avast Software)
S3 VGPU; não ImagePath
R3 VMfilt; C:\Windows\System32\drivers\VMfilt64.sys [25600 1999-12-31] (Creative Technology Ltd.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
S3 xspirit; \??\C:\Windows\xspirit.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criado arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-11-27 13:02 - 2015-11-27 13:03 - 00014802 _____ C:\Users\Luizinho\Downloads\FRST.txt
2015-11-27 13:02 - 2015-11-27 13:02 - 00000000 ____D C:\FRST
2015-11-27 13:01 - 2015-11-27 13:02 - 02348544 _____ (Farbar) C:\Users\Luizinho\Downloads\FRST64.exe
2015-11-27 04:35 - 2015-11-27 04:35 - 00642632 _____ (EFD Software ) C:\Users\Luizinho\Downloads\hdtune_255.exe
2015-11-27 04:29 - 2015-11-27 04:29 - 00981592 _____ (SlimWare Utilities, Inc.) C:\Users\Luizinho\Downloads\SlimDrivers-setup.exe
2015-11-26 22:59 - 2015-11-26 22:59 - 00019446 _____ C:\Users\Luizinho\Downloads\Luiz00.txt
2015-11-26 17:19 - 2015-11-26 17:19 - 00000000 ____D C:\Users\Luizinho\Documents\My Cheat Tables
2015-11-19 20:42 - 2015-11-24 22:10 - 00000000 ____D C:\Users\Luizinho\AppData\LocalLow\uTorrent
2015-11-19 18:16 - 2015-11-19 18:16 - 00000000 ____D C:\Users\Luizinho\Downloads\uTorrentPortable
2015-11-16 08:55 - 2015-11-16 08:55 - 00000000 ____D C:\Users\Luizinho\Desktop\Pancadao
2015-11-15 13:21 - 2015-11-15 13:21 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\AVAST Software
2015-11-15 13:21 - 2015-11-15 13:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\AVAST Software
2015-11-15 13:21 - 2015-11-15 13:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\AVAST Software
2015-11-13 21:40 - 2015-11-13 21:40 - 00000000 ____D C:\Users\Luizinho\Documents\PointBlank
2015-11-05 17:19 - 2015-11-05 17:19 - 00000000 ____D C:\Users\Luizinho\AppData\Local\SanDiskSecureAccessV2_win
2015-11-05 17:16 - 2015-11-05 17:16 - 00000000 ____D C:\Users\Luizinho\AppData\Roaming\EncryptStick
2015-10-28 17:36 - 2015-10-26 11:15 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-10-28 17:29 - 2015-10-28 17:49 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator

==================== Um Mês Modificado arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-11-27 13:02 - 2009-07-14 01:20 - 00000000 ____D C:\Windows
2015-11-27 12:51 - 2015-09-27 15:00 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-27 12:44 - 2015-08-22 00:01 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-27 09:44 - 2015-08-22 00:01 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-27 07:30 - 2009-07-14 02:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-27 07:30 - 2009-07-14 02:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-27 07:29 - 2015-09-27 15:03 - 00000000 ____D C:\Users\Luizinho\AppData\Local\Steam
2015-11-27 07:27 - 2010-11-21 07:37 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2015-11-27 07:27 - 2010-11-21 07:37 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2015-11-27 07:27 - 2009-07-14 03:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-27 07:27 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2015-11-27 07:22 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-27 04:44 - 2015-08-22 02:35 - 00000000 ____D C:\Windows\Minidump
2015-11-27 04:31 - 2015-09-08 22:31 - 00000000 ____D C:\Program Files (x86)\wamp
2015-11-27 04:30 - 2015-08-22 00:07 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2015-11-27 03:54 - 2015-08-22 00:16 - 00000000 ____D C:\Users\Luizinho\AppData\Roaming\TS3Client
2015-11-26 23:04 - 2015-08-22 00:11 - 00000000 ____D C:\Users\Luizinho\AppData\Roaming\Skype
2015-11-25 19:38 - 2015-09-07 22:26 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-25 19:06 - 2015-08-22 01:35 - 00000000 ____D C:\Users\Luizinho\AppData\Roaming\uTorrent
2015-11-25 02:23 - 2015-10-10 00:17 - 00000000 ____D C:\Users\Luizinho\AppData\Roaming\DMCache
2015-11-24 12:18 - 2015-08-22 01:56 - 00002120 _____ C:\Users\Public\Desktop\MTA San Andreas 1.5.lnk
2015-11-24 12:18 - 2015-08-22 01:56 - 00000000 ____D C:\Users\Todos os Usuários\MTA San Andreas All
2015-11-24 12:18 - 2015-08-22 01:56 - 00000000 ____D C:\ProgramData\MTA San Andreas All
2015-11-24 12:18 - 2015-08-22 01:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.5
2015-11-23 22:43 - 2015-08-22 01:40 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2015-11-23 22:43 - 2015-08-22 01:40 - 00000000 ____D C:\ProgramData\Oracle
2015-11-23 22:41 - 2015-08-26 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-11-23 22:41 - 2015-08-22 01:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-23 22:41 - 2015-08-22 01:40 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-23 22:39 - 2015-08-26 12:56 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-11-23 22:39 - 2015-08-22 01:41 - 00000000 ____D C:\Users\Luizinho\.oracle_jre_usage
2015-11-23 22:38 - 2015-08-26 12:53 - 00000000 ____D C:\Program Files\Java
2015-11-23 03:56 - 2015-08-26 12:56 - 00000000 ____D C:\Program Files (x86)\NetBeans 8.0.2
2015-11-22 17:55 - 2015-08-22 07:38 - 00004164 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-22 17:55 - 2015-08-22 07:35 - 00000000 ____D C:\Program Files (x86)\Avast
2015-11-19 22:56 - 2015-08-28 00:23 - 00000132 _____ C:\Users\Luizinho\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2015-11-19 20:15 - 2015-10-10 01:02 - 00000000 ____D C:\Users\Luizinho\AppData\Local\PointBlank
2015-11-16 08:59 - 2015-10-25 17:42 - 00000000 ____D C:\Users\Luizinho\Desktop\Minecraft
2015-11-14 03:31 - 2015-08-21 23:47 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-11-13 20:15 - 2015-10-10 00:35 - 00000000 ____D C:\Program Files (x86)\Pointblank
2015-11-11 03:48 - 2015-08-22 00:02 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-06 19:38 - 2015-08-22 07:38 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-06 19:38 - 2015-08-22 07:38 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-10-31 21:37 - 2015-09-07 22:30 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-30 13:49 - 2015-03-15 20:00 - 00000000 ____D C:\Users\Luizinho\Desktop\Luizinho
2015-10-28 17:43 - 2015-08-26 12:56 - 00326752 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

==================== Arquivos na raiz de alguns diretórios =======

2015-08-28 00:23 - 2015-11-19 22:56 - 0000132 _____ () C:\Users\Luizinho\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2015-09-11 05:26 - 2015-09-13 20:31 - 0000033 _____ () C:\ProgramData\droidcam-settings

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2015-11-27 07:52

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité