cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:09-12-2015
Executado por pc (administrador) em PCPC (10-12-2015 18:03:44)
Executando a partir de C:\Users\pc\Desktop
Perfis Carregados: pc (Perfis Disponíveis: pc)
Platform: Windows 8.1 Connected (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164112 2015-05-16] (IvoSoft)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3258406523-349525713-1930050920-1001\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)
HKU\S-1-5-21-3258406523-349525713-1930050920-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-3258406523-349525713-1930050920-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53760128 2015-07-18] (Skype Technologies S.A.)
HKU\S-1-5-21-3258406523-349525713-1930050920-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-3258406523-349525713-1930050920-1001\...\Run: [Ilgvsoft] => C:\Users\pc\AppData\Local\Ilgvsoft\5c08712e01c5d28ec698c8e2ae4fe048.exe [163842 2015-12-07] ()
HKU\S-1-5-21-3258406523-349525713-1930050920-1001\...\Run: [Agdzworks] => regsvr32.exe C:\Users\pc\AppData\Local\Agdzworks\BiomCtrlFace.dll <===== ATENÇÃO
HKU\S-1-5-21-3258406523-349525713-1930050920-1001\...\Run: [YzhsPack] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\pc\AppData\Local\Ilgvsoft\BiomCtrlFace.dll
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
Startup: C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar para o OneNote.lnk [2015-05-20]
ShortcutTarget: Enviar para o OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F221FDEF-479E-417E-89F1-235B9D367919}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3258406523-349525713-1930050920-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1432843398&z=e678a677b867291c2008051gdz1c9obbdzcccc2t8z&from=smt&uid=WDCXWD5000LPVX-80V0TT0_WD-WX91A64C8Z0LC8Z0L&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1432843398&z=e678a677b867291c2008051gdz1c9obbdzcccc2t8z&from=smt&uid=WDCXWD5000LPVX-80V0TT0_WD-WX91A64C8Z0LC8Z0L&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3258406523-349525713-1930050920-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3258406523-349525713-1930050920-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-05-20] (Kaspersky Lab ZAO)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-05-16] (IvoSoft)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-05-20] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-01] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-01] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-05-16] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-05-16] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-05-16] (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rq1v32qz.default
FF Homepage: www.google.com.br
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-01] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2015-05-20] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-05-20] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-05-14]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-05-14]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2015-05-20] [não assinado]
FF Extension: Sem Nome - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rq1v32qz.default\extensions\searchffv2@gmail.com [não encontrado (a)]
FF Extension: Sem Nome - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rq1v32qz.default\extensions\sweetsearch@gmail.com [não encontrado (a)]
FF Extension: SoftKbdRegistry Class - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rq1v32qz.default\Extensions\{6A38EFBF-D827-BF12-97BB-0F64EE56FC08} [2015-12-10] [não assinado]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-05-20] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2015-05-20] [não assinado]

Chrome:
=======
CHR NewTab: Default -> "chrome-extension://icpgjfneehieebagbmdbhnlpiopdcmna/main.html"
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-10]
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-10]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-10]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-10]
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-10]
CHR Extension: (Proteção Kaspersky) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-12-10]
CHR Extension: (ChromeTheme) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhmopeaogdigpkonhpckeokkcaedodi [2015-12-04]
CHR Extension: (Planilhas do Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-10]
CHR Extension: (Facebook for Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-12-10]
CHR Extension: (Documentos Google off-line) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-10]
CHR Extension: (New Tab Redirect) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2015-12-10]
CHR Extension: (Skype Click to Call) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-10]
CHR Extension: (Google Maps API Checker) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlikepnkghhlnkgeejmlkfeheihlehne [2015-12-10]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-10]
CHR Extension: (Outlook.com) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2015-12-10]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-10]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Arquivo não assinado]
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [142344 2015-05-20] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [771272 2015-05-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-12-10 18:03 - 2015-12-10 18:03 - 00023422 _____ C:\Users\pc\Desktop\FRST.txt
2015-12-10 17:12 - 2015-12-10 17:12 - 00001144 _____ C:\Users\pc\Musicas C.lnk
2015-12-10 17:12 - 2015-12-10 17:12 - 00001139 _____ C:\Users\pc\Videos C.lnk
2015-12-10 17:12 - 2015-12-10 17:12 - 00000000 ____D C:\Users\pc\Musicas
2015-12-10 16:56 - 2015-12-10 16:56 - 00001227 _____ C:\Users\pc\Desktop\Adw Cleaner.lnk
2015-12-10 16:55 - 2015-12-10 16:55 - 01738240 _____ C:\Users\pc\Downloads\adwcleaner_5.024.exe
2015-12-10 16:55 - 2015-12-10 16:55 - 00001328 _____ C:\Users\pc\Desktop\MV RegClean 6.9.lnk
2015-12-10 16:43 - 2015-12-10 16:43 - 00004608 _____ C:\Windows\SECOH-QAD.exe
2015-12-10 16:43 - 2015-12-10 16:43 - 00003584 _____ C:\Windows\SECOH-QAD.dll
2015-12-10 16:43 - 2015-12-10 16:43 - 00003358 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2015-12-10 16:43 - 2010-12-06 00:16 - 00090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2015-12-10 16:42 - 2015-12-10 16:42 - 00000000 ____D C:\Users\pc\Downloads\kmspico10
2015-12-10 16:41 - 2015-12-10 16:42 - 07069024 _____ C:\Users\pc\Downloads\kmspico10.rar
2015-12-10 16:34 - 2015-12-10 16:39 - 00000000 ____D C:\Users\pc\AppData\Local\Ilgvsoft
2015-12-10 16:34 - 2015-12-10 16:34 - 00000000 ____D C:\Users\pc\AppData\Local\Agdzworks
2015-12-10 16:31 - 2015-12-10 16:34 - 00000000 ____D C:\Program Files (x86)\KMSPico 10.0.6
2015-12-10 16:31 - 2015-12-10 16:31 - 01881806 _____ C:\Users\pc\Downloads\KMSPico 10.0.9.exe
2015-12-10 16:19 - 2015-12-10 16:20 - 02369024 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2015-12-10 15:14 - 2015-12-10 15:14 - 00000088 _____ C:\Users\pc\Documents\Google Search.txt
2015-12-10 14:17 - 2015-12-10 14:17 - 00000719 _____ C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bastardos Inglórios.lnk
2015-12-10 10:38 - 2015-12-10 10:38 - 00002235 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-10 10:38 - 2015-12-10 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-10 10:36 - 2015-12-10 16:58 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-10 10:36 - 2015-12-10 16:58 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-10 10:36 - 2015-12-10 16:53 - 00004044 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-10 10:36 - 2015-12-10 16:53 - 00003808 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-10 03:56 - 2015-12-10 16:57 - 00000000 ____D C:\AdwCleaner
2015-12-09 00:45 - 2015-12-10 18:03 - 00000000 ____D C:\FRST
2015-12-08 13:23 - 2015-12-08 13:23 - 00000000 ____D C:\Users\pc\AppData\Roaming\TeamViewer
2015-12-07 10:29 - 2015-12-07 10:30 - 00000000 ____D C:\Users\pc\Nota Físcal vestiso Pearl Jam- Maria Joana
2015-12-04 16:14 - 2015-12-10 10:36 - 00000000 ____D C:\Users\pc\AppData\Local\Deployment
2015-12-04 14:57 - 2015-12-04 14:57 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Músicas
2015-12-04 14:57 - 2015-12-04 14:57 - 00000000 _SHDL C:\Users\Public\Documents\Minhas Imagens
2015-12-04 14:57 - 2015-12-04 14:57 - 00000000 _SHDL C:\Users\Public\Documents\Meus Vídeos
2015-12-04 14:57 - 2015-12-04 14:57 - 00000000 _SHDL C:\Arquivos de Programas
2015-12-04 14:53 - 2015-12-04 14:53 - 00008192 _____ C:\Windows\system32\config\userdiff
2015-12-04 14:26 - 2015-12-04 14:26 - 00000000 _SHDL C:\Users\pc\Documents\Minhas Músicas
2015-12-04 14:26 - 2015-12-04 14:26 - 00000000 _SHDL C:\Users\pc\Documents\Minhas Imagens
2015-12-04 14:26 - 2015-12-04 14:26 - 00000000 _SHDL C:\Users\pc\Documents\Meus Vídeos
2015-12-04 14:22 - 2015-12-04 14:22 - 00001373 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2015-12-04 13:19 - 2015-12-04 14:56 - 00009528 _____ C:\Windows\diagwrn.xml
2015-12-04 13:19 - 2015-12-04 14:56 - 00009528 _____ C:\Windows\diagerr.xml
2015-12-03 23:59 - 2015-12-04 00:07 - 00000000 ____D C:\KVRT_Data
2015-12-03 23:47 - 2015-12-03 23:54 - 95881896 _____ (Kaspersky Lab ZAO) C:\Users\pc\Downloads\KVRT (1).exe
2015-12-03 11:17 - 2015-12-03 11:17 - 00000000 ____D C:\Program Files\SRS Labs
2015-11-16 16:24 - 2015-11-16 16:24 - 00000852 _____ C:\Users\pc\Setilist Pearl Jam - São Paulo - 14 - 11 - 2015.txt
2015-11-16 11:03 - 2015-12-04 16:26 - 00000000 ____D C:\Windows\SysWOW64\%Report%
2015-11-11 11:17 - 2015-10-13 13:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 11:17 - 2015-10-13 13:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 11:17 - 2015-10-13 13:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 11:17 - 2015-10-13 13:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 11:17 - 2015-10-13 13:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-11 11:17 - 2015-10-13 13:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-11 11:17 - 2015-10-11 04:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 11:17 - 2015-10-11 04:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 11:17 - 2015-10-10 16:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 11:17 - 2015-10-10 16:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 11:17 - 2015-10-10 16:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 11:17 - 2015-10-10 15:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 11:17 - 2015-10-10 15:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 11:17 - 2015-10-10 15:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 11:17 - 2015-10-10 14:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 11:17 - 2015-09-29 10:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-11 11:16 - 2015-09-04 17:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-11 11:16 - 2015-08-20 18:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-11 11:16 - 2015-08-20 15:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-11 11:16 - 2014-11-04 23:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-11 11:16 - 2014-11-04 23:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-11 11:11 - 2015-10-13 15:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 11:11 - 2015-10-13 15:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 11:11 - 2015-08-28 20:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-11 11:10 - 2015-10-30 21:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 11:10 - 2015-10-30 21:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 11:10 - 2015-10-30 21:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 11:10 - 2015-10-30 21:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 11:10 - 2015-10-30 21:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 11:10 - 2015-10-30 20:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 11:10 - 2015-10-30 20:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 11:10 - 2015-10-30 20:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 11:10 - 2015-10-30 20:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-11 11:10 - 2015-10-30 20:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 11:10 - 2015-10-30 20:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 11:10 - 2015-10-30 20:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 11:10 - 2015-10-30 20:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 11:10 - 2015-10-30 20:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 11:10 - 2015-10-30 20:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 11:10 - 2015-10-30 20:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-11 11:10 - 2015-10-30 20:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 11:10 - 2015-10-30 20:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 11:10 - 2015-10-30 20:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 11:10 - 2015-10-30 19:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 11:10 - 2015-10-30 19:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 11:10 - 2015-10-30 19:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 11:10 - 2015-10-30 19:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 11:10 - 2015-10-20 19:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 11:10 - 2015-10-20 12:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 11:10 - 2015-10-20 12:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 11:10 - 2015-10-20 12:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 11:10 - 2015-10-20 12:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-11 11:10 - 2015-10-20 12:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 11:10 - 2015-10-20 12:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 11:10 - 2015-10-20 12:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 11:10 - 2015-10-20 12:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 11:10 - 2015-10-20 12:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 11:10 - 2015-10-20 12:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 11:10 - 2015-10-20 12:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 11:10 - 2015-10-15 14:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 11:10 - 2015-10-15 13:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 11:10 - 2015-10-14 21:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 11:10 - 2015-10-14 21:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 11:10 - 2015-10-14 21:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-11 11:10 - 2015-10-14 21:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 11:10 - 2015-10-14 21:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-11 11:10 - 2015-09-12 11:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-11 11:10 - 2015-09-07 14:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-11 11:10 - 2015-09-07 13:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-11 11:10 - 2015-09-07 13:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-11 11:09 - 2015-10-17 12:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 11:09 - 2015-10-08 14:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-11 11:09 - 2015-08-10 16:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-11 11:09 - 2015-08-10 16:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-11 11:09 - 2015-08-10 15:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-11 11:09 - 2015-08-10 14:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 11:09 - 2015-08-10 14:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-11 11:09 - 2014-11-10 16:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-12-10 17:55 - 2015-05-20 18:02 - 00000000 ___RD C:\Users\pc\Instalações
2015-12-10 17:55 - 2015-05-19 12:04 - 00000000 ____D C:\Users\pc
2015-12-10 17:13 - 2015-05-20 09:04 - 00000000 ____D C:\Users\pc\AppData\Local\ClassicShell
2015-12-10 17:13 - 2015-05-19 17:37 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-10 17:04 - 2015-05-19 12:10 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3258406523-349525713-1930050920-1001
2015-12-10 17:04 - 2013-08-22 11:36 - 00000000 ____D C:\Windows
2015-12-10 17:01 - 2015-05-20 14:41 - 00000000 ____D C:\Users\pc\Tracing
2015-12-10 16:58 - 2015-05-19 15:14 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-10 16:58 - 2013-08-22 12:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-10 16:53 - 2015-05-22 13:02 - 00003476 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-12-10 16:53 - 2015-05-22 13:02 - 00003466 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-12-10 16:53 - 2015-05-19 15:29 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-12-10 16:53 - 2015-05-19 15:14 - 00002824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-10 16:53 - 2015-05-19 12:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\WebStorage
2015-12-10 16:53 - 2014-07-22 04:12 - 00001968 _____ C:\Windows\System32\Tasks\ASUS Splendid ColorU
2015-12-10 16:53 - 2014-07-22 04:12 - 00001952 _____ C:\Windows\System32\Tasks\ASUS Splendid ACMON
2015-12-10 16:53 - 2014-07-22 04:11 - 00002024 _____ C:\Windows\System32\Tasks\ASUS USB Charger Plus
2015-12-10 16:53 - 2014-07-22 04:09 - 00002522 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher
2015-12-10 16:53 - 2014-07-22 04:03 - 00002048 _____ C:\Windows\System32\Tasks\RtHDVBg
2015-12-10 16:53 - 2014-07-22 04:03 - 00002042 _____ C:\Windows\System32\Tasks\RTKCPL
2015-12-10 16:53 - 2014-07-22 04:02 - 00002892 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3258406523-349525713-1930050920-500
2015-12-10 16:52 - 2015-05-27 13:13 - 00002470 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-12-10 16:52 - 2015-05-22 13:02 - 00002286 _____ C:\Windows\System32\Tasks\Update Checker
2015-12-10 16:52 - 2015-05-19 16:29 - 00002450 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3258406523-349525713-1930050920-1001
2015-12-10 16:49 - 2015-05-19 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-12-10 16:48 - 2015-05-19 12:07 - 00000074 _____ C:\Users\pc\AppData\Roaming\sp_data.sys
2015-12-10 14:15 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\AppReadiness
2015-12-10 10:37 - 2015-05-19 14:14 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-10 10:26 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2015-12-10 10:24 - 2015-05-21 12:09 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-10 10:24 - 2013-08-22 13:36 - 00000000 __RSD C:\Windows\Media
2015-12-10 10:24 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-12-10 10:21 - 2013-08-22 13:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-10 10:13 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\registration
2015-12-10 10:12 - 2015-05-21 00:37 - 00000000 ____D C:\Users\pc\AppData\Roaming\ZHP
2015-12-10 10:12 - 2015-05-19 12:04 - 00000000 ____D C:\Users\pc\AppData\Local\Packages
2015-12-10 10:12 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\Sysprep
2015-12-10 10:09 - 2015-05-19 15:51 - 00000000 ____D C:\Program Files\Microsoft Office
2015-12-10 01:52 - 2015-05-19 15:15 - 00000000 ____D C:\Users\pc\Documents\Documentos variados- Danilo
2015-12-10 00:28 - 2015-05-19 15:51 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 00:26 - 2013-08-22 13:20 - 00000000 ____D C:\Windows\CbsTemp
2015-12-09 23:52 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\NDF
2015-12-04 19:54 - 2014-04-23 09:39 - 00774900 _____ C:\Windows\system32\prfh0416.dat
2015-12-04 19:54 - 2014-04-23 09:39 - 00158494 _____ C:\Windows\system32\prfc0416.dat
2015-12-04 19:54 - 2014-03-18 07:47 - 01797166 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-04 16:49 - 2015-05-21 14:56 - 00003770 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B5EE2EB1-FB03-4E82-9E39-BECF38F7249B}
2015-12-04 16:37 - 2015-05-28 18:32 - 00000000 ____D C:\Users\pc\AppData\Local\Apps\2.0
2015-12-04 16:37 - 2015-05-19 14:14 - 00000000 ____D C:\Users\pc\AppData\Local\Google
2015-12-04 16:26 - 2015-06-26 16:09 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-12-04 16:26 - 2015-06-19 18:16 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter Strike 2011
2015-12-04 16:26 - 2015-06-19 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-04 16:26 - 2015-05-28 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-12-04 16:26 - 2015-05-28 16:02 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-04 16:26 - 2015-05-28 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-04 16:26 - 2015-05-22 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-04 16:26 - 2015-05-22 18:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-04 16:26 - 2015-05-20 18:34 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
2015-12-04 16:26 - 2015-05-20 18:34 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
2015-12-04 16:26 - 2015-05-20 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free
2015-12-04 16:26 - 2015-05-19 18:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-12-04 16:26 - 2015-05-19 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2015-12-04 16:26 - 2015-05-19 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-12-04 16:26 - 2015-05-19 17:23 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2015-12-04 16:26 - 2015-05-19 15:58 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-04 16:26 - 2015-05-19 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security
2015-12-04 16:26 - 2015-05-19 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-12-04 16:26 - 2015-05-19 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-04 16:26 - 2014-07-22 04:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-12-04 16:26 - 2014-07-22 03:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-04 16:26 - 2014-07-22 03:52 - 00000000 ____D C:\Program Files\Intel
2015-12-04 16:26 - 2014-04-23 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-12-04 16:26 - 2014-03-18 08:00 - 00000000 ____D C:\Windows\SysWOW64\ca-es-valencia
2015-12-04 16:26 - 2014-03-18 08:00 - 00000000 ____D C:\Windows\system32\ca-es-valencia
2015-12-04 16:26 - 2014-03-18 07:33 - 00000000 ____D C:\Windows\ShellNew
2015-12-04 16:26 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\spool
2015-12-04 16:26 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\MediaViewer
2015-12-04 16:26 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\Cursors
2015-12-04 16:26 - 2013-08-22 13:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-04 16:26 - 2013-08-22 13:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-04 16:26 - 2013-08-22 13:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-04 16:26 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\oobe
2015-12-04 15:57 - 2015-05-21 08:17 - 00000000 ____D C:\Windows\system32\MRT
2015-12-04 15:08 - 2015-05-19 16:29 - 00000000 ___RD C:\Users\pc\OneDrive
2015-12-04 15:00 - 2015-05-19 15:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-04 14:39 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI(212)
2015-12-04 14:39 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI(211)
2015-12-04 14:39 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-12-04 14:38 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-12-04 13:18 - 2014-04-23 10:28 - 00000000 ____D C:\Windows\Panther
2015-12-04 00:48 - 2015-05-27 13:13 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-12-03 22:11 - 2015-05-20 09:04 - 00000000 ____D C:\ProgramData\ClassicShell
2015-12-03 22:11 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\rescache
2015-12-03 22:02 - 2015-05-20 14:56 - 00000000 ____D C:\Users\pc\AppData\Roaming\Skype
2015-12-03 22:02 - 2015-05-19 15:18 - 00000000 ____D C:\ProgramData\Oracle
2015-12-03 22:02 - 2015-05-19 15:18 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-03 22:02 - 2014-07-22 04:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-12-03 22:02 - 2014-07-22 03:59 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-23 00:24 - 2015-11-01 20:30 - 00000000 ____D C:\Users\pc\.oracle_jre_usage
2015-11-12 13:35 - 2015-09-07 15:28 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-11 23:12 - 2013-08-22 13:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-11 12:10 - 2013-08-22 11:25 - 00000199 _____ C:\Windows\win.ini
2015-11-11 10:07 - 2015-05-19 15:25 - 00000000 ____D C:\Users\pc\AppData\Local\Mozilla

==================== Arquivos na raiz de alguns diretórios =======

2015-05-20 10:46 - 2015-05-20 10:46 - 0007859 _____ () C:\Users\pc\AppData\Roaming\pcouffin.cat
2015-05-20 10:46 - 2015-05-20 10:46 - 0001167 _____ () C:\Users\pc\AppData\Roaming\pcouffin.inf
2015-05-20 10:46 - 2015-05-20 10:46 - 0000055 _____ () C:\Users\pc\AppData\Roaming\pcouffin.log
2015-05-20 10:46 - 2015-05-20 10:46 - 0082816 _____ (VSO Software) C:\Users\pc\AppData\Roaming\pcouffin.sys
2015-05-19 12:07 - 2015-12-10 16:48 - 0000074 _____ () C:\Users\pc\AppData\Roaming\sp_data.sys
2014-07-22 04:03 - 2014-07-22 04:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-23 13:50 - 2012-09-07 09:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-04-23 13:50 - 2009-07-22 08:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-04-23 13:50 - 2012-09-07 09:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2015-12-04 10:56

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité