cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:25-01-2016
Executado por user (administrador) em NILDO (25-01-2016 21:35:33)
Executando a partir de C:\Users\user\Downloads
Perfis Carregados: user (Perfis Disponíveis: user)
Platform: Microsoft Windows 7 Professional (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM\...\Run: [ProductUpdater] => C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [71680 2015-11-23] ()
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA)
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
HKU\S-1-5-21-1675272690-3889190554-3125801143-1000\...\Run: [AdobeBridge] => [X]
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll [1867432 2015-09-01] (Caixa Economica Federal)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.0.1
Tcpip\..\Interfaces\{A8B5F597-1CA1-467C-B668-BB0D040009FD}: [DhcpNameServer] 192.168.1.1 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWcl8MUAgQQBhFJlxeTA1JQgAOeA4IBxQXQA0beA5aBQAVFgAFIk0FA1ADB0VXfVBdFElXTwh3MlBZD14dRGFRIVBU
HKU\S-1-5-21-1675272690-3889190554-3125801143-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggWcl8MUAgQQBhFJlxeTA1JQgAOeA4IBxQXQA0beA5aBQAVFgAFIk0FA1ADB0VXfVBdFElXTwh3MlBZD14dRGFRIVBU
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKBw1AEFRCbV9eBF9cFQ1AdRQAVgkXDFNCeAEAVlsVGFEUdR9aFQQTSEcFME0FCFwEURNNfW1KCFgfRllGFEtZCFU=&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxp://www.globasearch.com/?serie=211&installkey=WCKQEWuauqW4MVDR3VHW&b=3&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKBw1AEFRCbV9eBF9cFQ1AdRQAVgkXDFNCeAEAVlsVGFEUdR9aFQQTSEcFME0FCFwEURNNfW1KCFgfRllGFEtZCFU=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1675272690-3889190554-3125801143-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKBw1AEFRCbV9eBF9cFQ1AdRQAVgkXDFNCeAEAVlsVGFEUdR9aFQQTSEcFME0FCFwEURNNfW1KCFgfRllGFEtZCFU=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1675272690-3889190554-3125801143-1000 -> OldSearch URL = hxxp://www.globasearch.com/?serie=211&installkey=WCKQEWuauqW4MVDR3VHW&b=3&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1675272690-3889190554-3125801143-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQwKBw1AEFRCbV9eBF9cFQ1AdRQAVgkXDFNCeAEAVlsVGFEUdR9aFQQTSEcFME0FCFwEURNNfW1KCFgfRllGFEtZCFU=&q={searchTerms}
BHO: Facilitador de Leitor de Link Adobe PDF -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Sem Nome -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Users\user\AppData\Local\Temp\RarSFX0\SDHelper.dll => Nenhum Arquivo
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-02] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files\GbPlugin\gbiehcef.dll [2015-09-01] (Caixa Economica Federal)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-02] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Toolbar: HKU\S-1-5-21-1675272690-3889190554-3125801143-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-01-05] (Google Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-02] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll [2011-08-30] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2015-11-12] [não assinado]

Chrome:
=======
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-18]
CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-18]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-18]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-18]
CHR Extension: (Forms Count) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cckahkoimnbpflhhobnanhfdihegpedf [2016-01-18]
CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-18]
CHR Extension: (Planilhas do Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-18]
CHR Extension: (Documentos Google off-line) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-18]
CHR Extension: (AdBlock) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-21]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-18]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2016-01-18]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-18]
CHR HKLM\...\Chrome\Extension: [aaaaaejaghnbcjilindpkgmcmdflpgjf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2014-02-21] (Intel Corporation)
R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [587576 2015-08-13] (GAS Tecnologia)
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [Arquivo não assinado]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [250352 2014-02-21] (Intel Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R0 GbpKm; C:\Windows\System32\drivers\GbpKm.sys [49496 2015-09-03] (GAS Tecnologia)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [37576 2014-02-03] ()
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [27944 2015-06-26] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [404776 2015-06-26] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [825640 2015-06-30] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [85464 2013-09-12] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2015-10-20] (GAS Tecnologia)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [359640 2014-01-03] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [2591960 2014-01-10] (Realtek Semiconductor Corporation )
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert32.sys [31448 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [80728 2016-01-25] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [302656 2015-05-19] (Realsil Semiconductor Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-01-25 21:33 - 2016-01-25 21:35 - 00014931 _____ C:\Users\user\Downloads\FRST.txt
2016-01-25 21:33 - 2016-01-25 21:35 - 00000000 ____D C:\FRST
2016-01-25 21:33 - 2016-01-25 21:34 - 00024105 _____ C:\Users\user\Downloads\Addition.txt
2016-01-25 21:32 - 2016-01-25 21:33 - 01721856 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2016-01-25 21:16 - 2016-01-25 21:25 - 09158080 _____ C:\Users\user\Downloads\iTunesSetup (1).exe
2016-01-25 21:03 - 2016-01-25 21:06 - 01592820 _____ C:\Users\user\Downloads\iTunesSetup.exe
2016-01-22 02:47 - 2016-01-22 03:18 - 956301312 _____ C:\Users\user\Downloads\iPad3,2_7.0_11A465_Restore.ipsw
2016-01-21 23:35 - 2016-01-21 23:35 - 00001921 _____ C:\Users\Public\Desktop\Mundo Bíblico.lnk
2016-01-21 23:35 - 2016-01-21 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mundo Bíblico
2016-01-21 23:35 - 2016-01-21 23:35 - 00000000 ____D C:\Program Files\MundoBiblico
2016-01-18 12:12 - 2016-01-25 18:45 - 00080728 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-01-18 12:12 - 2016-01-18 12:13 - 00001024 _____ C:\.rnd
2016-01-18 12:12 - 2015-03-18 10:23 - 00079064 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2016-01-18 12:11 - 2016-01-18 12:11 - 00000000 ___HD C:\Program Files\GAS Tecnologia
2016-01-18 12:11 - 2016-01-18 12:11 - 00000000 ____D C:\Program Files\Diebold
2016-01-18 12:09 - 2016-01-18 12:09 - 02665128 _____ (CAIXA) C:\Users\user\Downloads\iGBPCEFwr.exe
2016-01-18 12:02 - 2016-01-18 12:02 - 00000000 ____D C:\Windows\system32\appmgmt
2016-01-18 11:53 - 2016-01-18 11:53 - 00009710 _____ C:\Users\user\Downloads\boleto convenio.pdf
2016-01-10 16:33 - 2016-01-10 17:40 - 00000000 ____D C:\Users\user\AppData\Roaming\uTorrent
2016-01-05 12:48 - 2016-01-05 12:48 - 00000492 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-01-05 12:48 - 2016-01-05 12:48 - 00000492 __RSH C:\ProgramData\ntuser.pol
2015-12-28 16:20 - 2015-12-28 16:20 - 00000000 _____ C:\Windows\system32\track
2015-12-11 00:32 - 2016-01-18 12:04 - 00000000 ____D C:\Users\user\AppData\Roaming\Opera Software
2015-12-11 00:32 - 2016-01-18 12:04 - 00000000 ____D C:\Users\user\AppData\Local\Opera Software
2015-12-11 00:29 - 2016-01-18 12:04 - 00000000 ____D C:\Program Files\Opera
2015-12-11 00:29 - 2015-12-11 00:29 - 00000987 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\MP3jam.lnk
2015-12-11 00:29 - 2015-12-11 00:29 - 00000963 _____ C:\Users\Public\Desktop\MP3jam.lnk
2015-12-11 00:29 - 2015-12-11 00:29 - 00000000 ____D C:\Users\user\AppData\Roaming\Mp3jam
2015-12-11 00:29 - 2015-12-11 00:29 - 00000000 ____D C:\Program Files\MP3jam
2015-12-11 00:10 - 2015-12-11 00:10 - 00000000 ____D C:\Users\user\AppData\Roaming\TuneUp Software
2015-12-11 00:10 - 2015-12-11 00:10 - 00000000 ____D C:\Users\user\AppData\Local\TuneUp Software
2015-12-11 00:09 - 2015-12-11 00:11 - 00000000 ____D C:\Users\Todos os Usuários\TuneUp Software
2015-12-11 00:09 - 2015-12-11 00:11 - 00000000 ____D C:\ProgramData\TuneUp Software
2015-12-11 00:06 - 2015-12-11 00:29 - 00000000 ____D C:\Users\user\AppData\Roaming\RPEng
2015-12-11 00:06 - 2015-12-11 00:07 - 00000000 ____D C:\Users\user\Documents\Freemake
2015-12-11 00:06 - 2015-12-11 00:07 - 00000000 ____D C:\Users\Todos os Usuários\Freemake
2015-12-11 00:06 - 2015-12-11 00:07 - 00000000 ____D C:\ProgramData\Freemake
2015-12-11 00:06 - 2015-12-11 00:06 - 00001304 _____ C:\Users\Public\Desktop\Freemake Audio Converter.lnk
2015-12-11 00:06 - 2015-12-11 00:06 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-11 00:06 - 2015-12-11 00:06 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-12-11 00:06 - 2015-12-11 00:06 - 00000000 ____D C:\Users\Public\Documents\Baidu
2015-12-11 00:06 - 2015-12-11 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-11 00:06 - 2015-12-11 00:06 - 00000000 ____D C:\Program Files\Freemake
2015-12-11 00:06 - 2015-12-11 00:06 - 00000000 ____D C:\Program Files\Common Files\Freemake Shared
2015-12-10 23:41 - 2015-12-10 23:42 - 00000000 ____D C:\Users\user\AppData\Roaming\FreeAudioPack
2015-12-10 23:41 - 2015-12-10 23:41 - 00001314 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free mp3 Wma Converter.lnk
2015-12-10 23:40 - 2015-12-10 23:50 - 00000000 ____D C:\Program Files\Free mp3 Wma Converter
2015-12-10 23:40 - 2011-09-29 14:20 - 01986560 _____ (NCT Company Ltd.) C:\Windows\system32\AudFile.dll
2015-12-10 23:40 - 2011-09-29 14:20 - 01212416 _____ (NCT Company Ltd.) C:\Windows\system32\AudioInfos.dll
2015-12-10 23:40 - 2011-09-29 14:20 - 00458752 _____ (NCT Company Ltd.) C:\Windows\system32\AudPlayer.dll
2015-12-10 23:40 - 2011-09-29 14:20 - 00348160 _____ (NCT Company Ltd.) C:\Windows\system32\WMAFile.dll
2015-12-10 23:40 - 2011-09-29 14:20 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2015-12-10 23:40 - 2011-09-29 14:20 - 00116296 _____ C:\Windows\system32\NCTWMAProfiles.prx
2015-12-10 23:40 - 2011-09-29 14:19 - 00662288 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCT2.OCX
2015-12-10 23:40 - 2011-09-29 14:19 - 00224016 _____ (Microsoft Corporation) C:\Windows\system32\TABCTL32.OCX
2015-12-10 23:40 - 2011-09-29 14:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\MSCMCFR.DLL
2015-12-10 23:40 - 2011-09-29 14:19 - 00119568 _____ (Microsoft Corporation) C:\Windows\system32\VB6FR.DLL
2015-12-10 23:40 - 2011-09-29 14:19 - 00115920 _____ (Microsoft Corporation) C:\Windows\system32\msinet.OCX
2015-12-10 23:40 - 2011-09-29 14:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\VB6STKIT.DLL
2015-12-10 23:40 - 2011-09-29 14:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Mscc2fr.dll
2015-12-10 23:40 - 2011-09-29 14:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\CMDLGFR.DLL
2015-12-10 23:40 - 2011-09-29 14:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TABCTFR.DLL
2015-12-10 23:40 - 2011-09-29 14:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetfr.DLL
2015-12-10 16:16 - 2015-12-10 16:16 - 00000000 ____D C:\Users\Todos os Usuários\Pianosoft
2015-12-10 16:16 - 2015-12-10 16:16 - 00000000 ____D C:\ProgramData\Pianosoft
2015-12-10 16:16 - 2011-09-29 14:19 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\COMDLG32.OCX
2015-12-10 16:16 - 2008-07-12 15:59 - 01343488 _____ (MultiMedia Soft) C:\Windows\system32\AdjMmsEng.dll
2015-12-10 16:16 - 2008-06-18 00:42 - 00098708 _____ C:\Windows\system32\activesoundeditor.tlb
2015-12-10 16:16 - 2005-11-05 19:34 - 00145408 _____ C:\Windows\system32\Lame.exe
2015-12-10 16:16 - 2005-05-17 16:37 - 00076800 _____ C:\Windows\system32\Faac.exe
2015-12-10 16:16 - 2005-01-13 16:28 - 00006832 _____ C:\Windows\system32\PulseSoundTouchForVB.tlb
2015-12-10 16:16 - 2002-07-19 12:48 - 00157696 _____ C:\Windows\system32\OggEnc.exe
2015-12-07 22:05 - 2015-12-07 22:05 - 00000000 ____D C:\Users\user\AppData\Roaming\Macromedia
2015-12-02 22:11 - 2015-12-02 22:11 - 00000000 ____D C:\Users\user\AppData\Roaming\Thinstall
2015-12-01 01:00 - 2015-12-01 01:00 - 00000000 ___RD C:\Users\user\Documents\Notes
2015-11-29 18:00 - 2015-11-29 18:00 - 00000000 ____D C:\Users\user\AppData\Roaming\WinRAR
2015-11-26 21:35 - 2015-12-07 22:05 - 00000000 ____D C:\Users\user\AppData\Roaming\Adobe
2015-11-26 21:35 - 2015-11-26 21:35 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2015-11-26 17:03 - 2015-11-26 17:03 - 00000000 ____D C:\Users\user\aTubeCatcher
2015-11-12 12:52 - 2015-11-26 21:35 - 00000000 ____D C:\Users\user\AppData\Local\VirtualStore
2015-11-12 12:39 - 2015-11-12 12:54 - 00000000 ____D C:\Users\user\AppData\Roaming\Google
2015-11-12 12:38 - 2016-01-18 12:04 - 00000000 ____D C:\Users\user\AppData\Local\Google
2015-11-12 12:27 - 2016-01-18 12:26 - 00112312 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-12 12:14 - 2016-01-22 21:21 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2015-11-09 13:21 - 2015-11-12 12:51 - 00000000 ____D C:\Users\Todos os Usuários\HP
2015-11-09 13:21 - 2015-11-12 12:51 - 00000000 ____D C:\ProgramData\HP
2015-11-09 13:18 - 2015-11-12 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-11-09 13:18 - 2015-11-09 13:18 - 00000000 ____D C:\Users\Todos os Usuários\HPSSUPPLY
2015-11-09 13:18 - 2015-11-09 13:18 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2015-11-09 13:18 - 2015-11-09 13:18 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-11-09 13:17 - 2015-11-09 13:17 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard
2015-11-09 13:17 - 2015-11-09 13:17 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-11-09 13:13 - 2015-11-09 13:13 - 00000000 ____H C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2015-11-09 13:13 - 2015-11-09 13:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriver_01011.Wdf
2015-11-09 13:12 - 2015-11-09 13:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_mvusbews_01009.Wdf
2015-11-09 13:12 - 2012-11-08 08:00 - 00049664 _____ C:\Windows\system32\HPM1210SMs.dll
2015-11-09 13:12 - 2012-07-26 00:39 - 00526952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-11-09 13:12 - 2012-07-26 00:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-11-09 13:12 - 2012-07-25 23:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-11-09 13:12 - 2012-06-02 11:34 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-11-09 13:11 - 2012-09-29 13:25 - 01167360 _____ C:\Windows\system32\HPM1210SM.exe
2015-11-09 13:11 - 2012-09-29 13:24 - 00167936 _____ C:\Windows\system32\HPM1210LM.DLL
2015-11-09 13:10 - 2012-11-08 08:00 - 00067072 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\m1130wia2.dll
2015-11-09 13:10 - 2012-11-08 08:00 - 00029184 _____ C:\Windows\system32\HPImgFlt.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 02219152 _____ (LEAD Technologies, Inc.) C:\Windows\system32\Ltwvc15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00482448 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltkrn15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00445584 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltimgsfx15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00302224 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltimgcor15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00257168 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltefx15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00216208 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltimgefx15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00212112 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltimgclr15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00150672 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltfil15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00117904 _____ (LEAD Technologies, Inc.) C:\Windows\system32\Lttwn15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00117904 _____ (LEAD Technologies, Inc.) C:\Windows\system32\Ltimgutl15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00105616 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltpnt15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00068752 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltpdg15u.dll
2015-11-09 13:10 - 2008-12-22 05:02 - 00038032 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltimgopt15u.dll
2015-11-09 13:10 - 2008-12-22 05:01 - 01711248 _____ (LEAD Technologies, Inc.) C:\Windows\system32\ltclr15u.dll
2015-11-09 13:10 - 2008-12-22 05:01 - 01035408 _____ (The OpenSSL Project) C:\Windows\system32\ltcry15u.dll
2015-11-09 13:10 - 2008-12-22 05:01 - 00646288 _____ (LEAD Technologies, Inc.) C:\Windows\system32\Ltdlgfile15u.dll
2015-11-09 13:10 - 2008-12-22 05:01 - 00384144 _____ (LEAD Technologies, Inc.) C:\Windows\system32\Lfcmp15u.dll
2015-11-09 13:10 - 2008-12-22 05:01 - 00261264 _____ (LEAD Technologies, Inc.) C:\Windows\system32\LTDIS15u.dll
2015-11-09 13:10 - 2008-12-22 05:01 - 00232592 _____ (LEAD Technologies, Inc.) C:\Windows\system32\Ltdlgkrn15u.dll
2015-11-09 13:10 - 2008-12-22 05:01 - 00146576 _____ (LEAD Technologies, Inc.) C:\Windows\system32\Lftif15u.dll
2015-11-09 13:10 - 2008-12-22 05:01 - 00097424 _____ (LEAD Technologies, Inc.) C:\Windows\system32\Lffax15u.dll
2015-11-09 13:10 - 2008-12-22 05:01 - 00064656 _____ (LEAD Technologies, Inc.) C:\Windows\system32\LTCON15u.dll
2015-11-09 13:10 - 2008-12-22 05:01 - 00024720 _____ (LEAD Technologies, Inc.) C:\Windows\system32\Lfbmp15u.dll
2015-11-09 13:08 - 2012-11-08 15:32 - 00100232 ____R (HP) C:\Windows\system32\HPSIsvc.exe
2015-11-09 13:08 - 2012-11-08 08:00 - 01461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-11-09 13:08 - 2012-11-08 08:00 - 00081920 _____ C:\Windows\system32\mvusbews.dll
2015-11-09 13:08 - 2012-11-08 08:00 - 00016896 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvusbews.sys
2015-11-09 13:07 - 2015-11-09 13:18 - 00000000 ____D C:\Program Files\HP
2015-11-08 02:03 - 2015-11-12 12:51 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2015-11-08 02:03 - 2015-11-12 12:51 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-11-07 21:29 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\system32\fmcodec.DLL
2015-10-27 21:24 - 2015-10-28 04:06 - 00000000 ____D C:\Users\user\Imagens para películas de unhas

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-01-25 21:33 - 2009-07-13 23:37 - 00000000 ____D C:\Windows
2016-01-25 21:24 - 2015-10-01 21:50 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-25 21:07 - 2015-10-01 21:50 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-25 20:45 - 2009-07-14 01:34 - 00018352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-25 20:45 - 2009-07-14 01:34 - 00018352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-25 20:37 - 2015-10-01 15:02 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-25 20:37 - 2009-07-14 05:31 - 00703080 _____ C:\Windows\system32\prfh0416.dat
2016-01-25 20:37 - 2009-07-14 05:31 - 00145866 _____ C:\Windows\system32\prfc0416.dat
2016-01-25 20:37 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-01-25 18:44 - 2015-10-01 21:50 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-25 18:44 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-20 16:24 - 2015-10-01 21:50 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-01-20 16:24 - 2015-10-01 21:47 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-01-18 13:37 - 2009-07-14 01:33 - 03831400 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-09 17:48 - 2009-07-14 01:53 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-05 11:08 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\GroupPolicy

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-01-20 15:50

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité