cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Florentino Inácio de (administrator) on VERDE (12-11-2015 18:27:44)
Running from C:\Users\Florentino Inácio de\Desktop
Loaded Profiles: Florentino Inácio de (Available Profiles: Florentino Inácio de)
Platform: Windows 8.1 Connected Single Language (Update 1) (X64) Language: Português (Brasil)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Windows\KMS-R@1n.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)
HKLM-x32\...\Run: [Panda Security URL Filtering] => "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe"
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Atheros Communications)
HKU\S-1-5-21-3096635972-2010766299-2450612999-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-09-09] (Spotify Ltd)
HKU\S-1-5-21-3096635972-2010766299-2450612999-1001\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 192.168.1.1
Tcpip\..\Interfaces\{4F6E5C2C-01BC-43E5-A3D9-A611DF251F4D}: [DhcpNameServer] 10.42.2.3 10.42.2.33 10.42.2.44
Tcpip\..\Interfaces\{C074ABB3-6D91-47F3-AC86-E227791F3FB9}: [DhcpNameServer] 8.8.8.8 8.8.4.4 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3096635972-2010766299-2450612999-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.br/
HKU\S-1-5-21-3096635972-2010766299-2450612999-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3096635972-2010766299-2450612999-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3096635972-2010766299-2450612999-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3096635972-2010766299-2450612999-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()

FireFox:
========
FF ProfilePath: C:\Users\Florentino Inácio de\AppData\Roaming\Mozilla\Firefox\Profiles\45mah25v.default
FF Homepage: www.google.com.br
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Florentino Inácio de\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Florentino Inácio de\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-19]
CHR Extension: (Google Docs) - C:\Users\Florentino Inácio de\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-19]
CHR Extension: (Google Drive) - C:\Users\Florentino Inácio de\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-19]
CHR Extension: (YouTube) - C:\Users\Florentino Inácio de\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-19]
CHR Extension: (Google Search) - C:\Users\Florentino Inácio de\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-19]
CHR Extension: (Planilhas do Google) - C:\Users\Florentino Inácio de\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Florentino Inácio de\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-27]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Florentino Inácio de\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Gmail) - C:\Users\Florentino Inácio de\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2014-01-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2015-11-11] () [File not signed]
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2015-07-27] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [296760 2014-09-19] (Panda Security)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-04-28] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-04-28] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-09-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [100072 2013-08-02] (GenesysLogic)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-09-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [237400 2014-09-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2014-09-10] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-12 18:27 - 2015-11-12 18:28 - 00015966 _____ C:\Users\Florentino Inácio de\Desktop\FRST.txt
2015-11-12 18:26 - 2015-11-12 18:27 - 00000000 ____D C:\FRST
2015-11-12 18:25 - 2015-11-12 18:25 - 02198528 _____ (Farbar) C:\Users\Florentino Inácio de\Desktop\FRST64.exe
2015-11-12 13:53 - 2015-11-12 18:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-12 12:27 - 2015-11-12 12:27 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-12 12:26 - 2015-11-12 12:27 - 02870984 _____ (ESET) C:\Users\Florentino Inácio de\Desktop\esetsmartinstaller_enu.exe
2015-11-12 06:28 - 2015-11-12 18:12 - 00000000 ____D C:\Users\Todos os Usuários\MCShield
2015-11-12 06:28 - 2015-11-12 18:12 - 00000000 ____D C:\ProgramData\MCShield
2015-11-12 06:28 - 2015-11-12 06:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2015-11-12 06:28 - 2015-11-12 06:28 - 00000000 ____D C:\Program Files (x86)\MCShield
2015-11-12 06:27 - 2015-11-12 06:27 - 02856736 _____ (MyCity) C:\Users\Florentino Inácio de\Desktop\MCShield-Setup.exe
2015-11-11 21:14 - 2015-11-11 21:15 - 00000000 ____D C:\Program Files\WinRAR
2015-11-11 21:14 - 2015-11-11 21:14 - 00000000 ____D C:\Users\Florentino Inácio de\AppData\Roaming\WinRAR
2015-11-11 21:14 - 2015-11-11 21:14 - 00000000 ____D C:\Users\Florentino Inácio de\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-11 21:14 - 2015-11-11 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-11 21:13 - 2015-11-11 21:13 - 00000428 _____ C:\Users\Florentino Inácio de\Desktop\[FOGUINHO DOWNS] - Key Winrar 5.21.rar
2015-11-11 21:09 - 2015-11-11 21:10 - 03970104 _____ C:\Users\Florentino Inácio de\Desktop\winrar-x64-521br.exe
2015-11-11 20:52 - 2015-11-11 20:55 - 05082360 _____ (AVAST Software) C:\Users\Florentino Inácio de\Desktop\avast_free_antivirus_setup_online.exe
2015-11-11 15:50 - 2015-11-11 15:50 - 00863577 _____ C:\Users\Florentino Inácio de\Desktop\UsbFix [Clean 2] VERDE.txt
2015-11-11 15:40 - 2015-11-11 15:40 - 00863574 _____ C:\Users\Florentino Inácio de\Desktop\UsbFix_Report.txt
2015-11-11 15:26 - 2015-11-11 15:46 - 00000000 ____D C:\UsbFix
2015-11-11 15:26 - 2015-11-11 15:26 - 00001460 _____ C:\Users\Florentino Inácio de\Desktop\UsbFix.lnk
2015-11-11 09:09 - 2015-11-11 09:09 - 00026112 _____ C:\Windows\KMS-R@1n.exe
2015-11-11 09:09 - 2015-11-11 09:09 - 00005120 _____ C:\Windows\KMS-R@1nHook.exe
2015-11-11 09:09 - 2015-11-11 09:09 - 00004096 _____ C:\Windows\KMS-R@1nHook.dll
2015-11-11 09:09 - 2015-11-11 09:09 - 00000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2015-11-11 09:09 - 2015-11-11 09:09 - 00000000 ____D C:\Users\Florentino Inácio de\AppData\Local\mpress

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-12 18:27 - 2015-01-11 19:42 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3096635972-2010766299-2450612999-1001
2015-11-12 18:22 - 2014-09-09 21:49 - 01272821 _____ C:\Windows\WindowsUpdate.log
2015-11-12 18:22 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-12 18:12 - 2015-01-20 19:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-12 18:12 - 2015-01-19 21:50 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-12 18:11 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-12 17:41 - 2014-09-09 21:50 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-11-12 16:46 - 2015-01-19 21:50 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-12 06:37 - 2014-09-10 01:49 - 00774900 _____ C:\Windows\system32\prfh0416.dat
2015-11-12 06:37 - 2014-09-10 01:49 - 00158494 _____ C:\Windows\system32\prfc0416.dat
2015-11-12 06:37 - 2014-03-18 06:53 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-12 06:25 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-12 06:24 - 2014-03-18 06:44 - 00002546 _____ C:\Windows\PFRO.log
2015-11-11 15:39 - 2015-01-11 19:47 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{79732BC4-15AC-4262-A2A0-C48E66411CA4}
2015-11-11 12:41 - 2015-01-19 21:50 - 00004060 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-11 12:41 - 2015-01-19 21:50 - 00003824 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-11 09:21 - 2014-09-09 22:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-11-11 09:08 - 2013-08-22 11:46 - 00017628 _____ C:\Windows\setupact.log
2015-11-11 08:53 - 2015-01-19 22:06 - 00000000 ____D C:\Users\Todos os Usuários\panda_url_filtering
2015-11-11 08:53 - 2015-01-19 22:06 - 00000000 ____D C:\ProgramData\panda_url_filtering

==================== Files in the root of some directories =======

2014-09-09 21:48 - 2014-09-09 21:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-11 16:10

==================== End of FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité