cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:21-02-2016 01
Executado por zeneida (administrador) em ZENEIDA (23-02-2016 13:58:19)
Executando a partir de C:\Users\zeneida\Downloads
Perfis Carregados: zeneida (Perfis Disponíveis: zeneida)
Platform: Windows 8.1 Single Language (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão não detectado!)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
() C:\Users\zeneida\AppData\Local\Crsoft\crsvc.exe
() C:\Users\zeneida\AppData\Roaming\DNSHelper\DNSSVC.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(QNT) C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Netlog\Netlog.exe
(QNT) C:\Users\zeneida\AppData\Roaming\NetService\netservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Users\zeneida\AppData\Roaming\WinNetSvc\WinNetSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\ProgramData\msiql.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\ProgramData\Joaeajioht\1.0.7.1\ivuesesa.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\ProgramData\Joaeajioht\1.0.7.1\ivuesesa.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11189\calendar.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.68\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.68\opera.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.68\opera.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [gmsd_br_494] => [X]
HKLM-x32\...\Run: [rec_br_01] => [X]
HKLM-x32\...\Run: [LightGate] => c:\programdata\lightgate.exe [1081344 2015-12-04] ()
HKLM-x32\...\Run: [HomePageHelper] => c:\programdata\homepage.exe [1100288 2015-11-25] ()
HKLM-x32\...\Run: [sun7] => [X]
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\Run: [Facebook Update] => C:\Users\zeneida\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-10-04] (Facebook Inc.)
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-02-16] (SUPERAntiSpyware)
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\Run: [Google Update] => C:\Users\zeneida\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-22] (Google Inc.)
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\Run: [YeaInstaller] => C:\Users\zeneida\AppData\Local\Temp\setup_767.exe <===== ATENÇÃO
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\Run: [Birds] => C:\Users\zeneida\AppData\Local\Birds\birds365.exe
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\Run: [msiql] => c:\users\zeneida\appdata\roaming\msiql.exe [2415616 2016-01-26] ()
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\Run: [Yeaplayer] => C:\Program Files (x86)\Yeaplayer\Yeaplayermd.exe /autostart
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [Google Update] => "C:\WINDOWS\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-18\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro3\JSDriver\1.42.1.10644\jsdrv.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Nenhum Arquivo
Startup: C:\Users\zeneida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2014-11-27]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FA3444B1-8818-4519-9525-FD5334D174C8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=mbtkv3&uid=TE8522L90UGGKS_HGSTHTS545050A7E380&tm=1431777953
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv3&uid=TE8522L90UGGKS_HGSTHTS545050A7E380&tm=1431777953
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv3&uid=TE8522L90UGGKS_HGSTHTS545050A7E380&tm=1431777953
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ibyte.com.br
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.ibyte.com.br
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv3&uid=TE8522L90UGGKS_HGSTHTS545050A7E380&tm=1431777953
HKU\S-1-5-21-1745426921-2193795256-1152630720-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.ibyte.com.br
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_5&ent=ch_5153&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1745426921-2193795256-1152630720-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Sem Nome -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> Nenhum Arquivo
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Sem Nome -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> Nenhum Arquivo
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\WINDOWS\SysWow64\config\systemprofile\AppData\Local\PriceFountain\PriceFountainIE.dll [2015-06-18] ()
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\zeneida\AppData\Roaming\Mozilla\Firefox\Profiles\sprtnad7.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Ask Web Search
FF SelectedSearchEngine: Ask Web Search
FF Homepage: www.123rede.com?oem=mbtkv3&uid=TE8522L90UGGKS_HGSTHTS545050A7E380&tm=1431777953
FF Keyword.URL: hxxp://int.search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=234D5120-91E8-480D-BC46-8DF431F812AA&n=7829e680&ind=2016011904&p2=^BYC^xdm005^YYA^br&searchfor=
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Nenhum Arquivo]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-07] (Google Inc.)
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=3 -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\Google\Update\1.3.28.17\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=9 -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\Google\Update\1.3.28.17\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-1745426921-2193795256-1152630720-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\zeneida\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1745426921-2193795256-1152630720-1001: @tools.google.com/Google Update;version=3 -> C:\Users\zeneida\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1745426921-2193795256-1152630720-1001: @tools.google.com/Google Update;version=9 -> C:\Users\zeneida\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF SearchPlugin: C:\Users\zeneida\AppData\Roaming\Mozilla\Firefox\Profiles\sprtnad7.default\searchplugins\ask-web-search.xml [2016-01-19]
FF Extension: PConverter - C:\Users\zeneida\AppData\Roaming\Mozilla\Firefox\Profiles\sprtnad7.default\Extensions\_dzMembers_@www.pconverter.com [2016-01-19]
FF HKU\.DEFAULT\...\Firefox\Extensions: [{58931F90-7418-F91C-7D0E-6744BB523292}] - C:\Program Files (x86)\version09CheckMeUp\194.xpi => não encontrado (a)
StartMenuInternet: FIREFOX.EXE - firefox.exe
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!13A3B0CB03E278C95E82FF9A2DD0CE0613A3.js [2015-10-12] <==== ATENÇÃO
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\13A3B0CB03E278C95E82FF9A2DD0CE0613A3 [2015-10-12] <==== ATENÇÃO
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\24096A8E456874ED393908843E94B7A02409 [2015-09-20] <==== ATENÇÃO

Chrome:
=======
CHR HomePage: Default -> www.qqovd.com?oem=mbtkv3&uid=TE8522L90UGGKS_HGSTHTS545050A7E380&tm=1431777953
CHR NewTab: Default -> "chrome-extension://ikgjglmlehllifdekcggaapkaplbdpje/stubby.html"
CHR DefaultSearchURL: Default -> hxxps://mystart.com/default-search/rsc001__moss__org103__103_55f20019a6fde1d80a7b23c6__2_4_5__moc__nt__yr/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> yahoo
CHR Profile: C:\Users\zeneida\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SavePages) - C:\Users\zeneida\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfcamfllailmlhibpelbdcpehpegbbjk [2016-01-08]
CHR Extension: (Easy Search) - C:\Users\zeneida\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdnadicfhkbpdafdildanpbjapjlmkab [2016-02-23]
CHR Extension: (Sem Nome) - C:\Users\zeneida\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijepgjdjkdbopbnaopmlmobimmhjklhd [2016-02-22] [UpdateUrl: hxxps://clients2.googlee.com/service/update2/crx] <==== ATENÇÃO
CHR Extension: (VideoDownloadConverter) - C:\Users\zeneida\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikgjglmlehllifdekcggaapkaplbdpje [2016-02-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\zeneida\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-07]
CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 Crashhd; C:\Users\zeneida\AppData\Local\Crsoft\crsvc.exe [185800 2015-09-24] ()
R2 DNSSVC; C:\Users\zeneida\AppData\Roaming\DNSHelper\DNSSVC.exe [142792 2015-09-07] ()
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1734656 2016-01-11] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2786816 2016-02-22] (TODO: ) [Arquivo não assinado]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Arquivo não assinado]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [348640 2016-02-22] (DotC United Inc)
R2 NetLogHandler; C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Netlog\Netlog.exe [167704 2015-06-08] (QNT)
R2 NetTcpHandler; C:\Users\zeneida\AppData\Roaming\NetService\netservice.exe [211824 2015-03-20] (QNT)
R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe [141960 2015-12-25] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WinNetSvc; C:\Users\zeneida\AppData\Roaming\WinNetSvc\WinNetSvc.exe [4845408 2015-12-16] ()
S2 Sed; C:\Users\zeneida\AppData\Roaming\ntsvc\ntsvc.exe [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [52032 2014-02-27] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [34624 2014-02-27] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [128992 2014-01-21] (Baidu, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [59112 2016-02-22] (DotC United Inc)
R3 RadioSwitchHid; C:\Windows\System32\drivers\AirplaneCtrl.sys [25184 2012-09-07] (Compal Electronics, INC.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-02-23 13:58 - 2016-02-23 13:58 - 00019917 _____ C:\Users\zeneida\Downloads\FRST.txt
2016-02-23 13:56 - 2016-02-23 13:58 - 00000000 ____D C:\FRST
2016-02-23 13:55 - 2016-02-23 13:56 - 02371072 _____ (Farbar) C:\Users\zeneida\Downloads\FRST64.exe
2016-02-23 13:49 - 2016-02-23 13:49 - 00000000 ____D C:\Users\zeneida\AppData\Roaming\CalendarTool
2016-02-23 13:49 - 2016-02-23 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-02-23 13:49 - 2016-02-23 13:49 - 00000000 ____D C:\Program Files (x86)\CalendarTool
2016-02-23 13:49 - 2015-12-10 14:43 - 00600312 _____ C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe
2016-02-23 13:49 - 2015-12-10 14:43 - 00600312 _____ C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
2016-02-23 13:49 - 2015-11-25 14:31 - 01100288 _____ C:\Users\Todos os Usuários\HomePage.exe
2016-02-23 13:49 - 2015-11-25 14:31 - 01100288 _____ C:\ProgramData\HomePage.exe
2016-02-23 13:39 - 2016-02-23 13:39 - 00000000 ____D C:\WebShield
2016-02-23 13:11 - 2016-02-23 13:11 - 00000081 _____ C:\Users\Todos os Usuários\xcgui_debug.txt
2016-02-23 13:11 - 2016-02-23 13:11 - 00000081 _____ C:\ProgramData\xcgui_debug.txt
2016-02-23 11:25 - 2016-02-23 11:25 - 00000000 ____D C:\Program Files (x86)\OLBPre
2016-02-23 10:49 - 2016-02-23 10:49 - 00000000 ____D C:\Users\zeneida\AppData\Roaming\LightGate
2016-02-22 22:10 - 2016-02-22 22:10 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-02-22 22:08 - 2016-02-22 22:08 - 00000000 ____D C:\Users\Todos os Usuários\1524f85c-14c1-0
2016-02-22 22:08 - 2016-02-22 22:08 - 00000000 ____D C:\ProgramData\1524f85c-14c1-0
2016-02-22 22:02 - 2016-02-22 22:02 - 00000000 ____D C:\Users\Todos os Usuários\1524f85c-2721-1
2016-02-22 22:02 - 2016-02-22 22:02 - 00000000 ____D C:\ProgramData\1524f85c-2721-1
2016-02-22 21:58 - 2016-02-23 13:49 - 00001748 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-02-22 20:42 - 2016-02-23 13:37 - 00003440 _____ C:\WINDOWS\System32\Tasks\Joaeajioht
2016-02-22 20:42 - 2016-02-22 20:42 - 00000000 ____D C:\Users\Todos os Usuários\Joaeajioht
2016-02-22 20:42 - 2016-02-22 20:42 - 00000000 ____D C:\ProgramData\Joaeajioht
2016-02-22 20:41 - 2016-02-22 20:41 - 00003666 _____ C:\WINDOWS\System32\Tasks\PFExe
2016-02-22 20:38 - 2016-02-22 20:40 - 00000000 ____D C:\Users\zeneida\AppData\Local\BrowserHelper
2016-02-22 20:37 - 2016-02-23 13:18 - 00002497 _____ C:\WINDOWS\patsearch.bin
2016-02-22 20:37 - 2016-02-23 13:03 - 00000000 ____D C:\Program Files (x86)\YTDownloader
2016-02-22 20:37 - 2016-02-22 20:37 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_webTinstMKTN84_01009.Wdf
2016-02-22 20:37 - 2016-02-22 20:37 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-02-22 20:36 - 2016-02-23 13:31 - 00000000 ____D C:\Program Files (x86)\version09CheckMeUp
2016-02-22 20:36 - 2016-02-22 22:07 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-02-22 20:36 - 2016-02-22 20:36 - 00059112 _____ (DotC United Inc) C:\WINDOWS\system32\Drivers\MPCKpt.sys
2016-02-22 20:34 - 2016-02-23 13:49 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-02-22 20:34 - 2016-02-23 13:49 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-02-22 20:34 - 2016-02-23 13:49 - 00000000 ____D C:\Program Files (x86)\osTip
2016-02-22 20:34 - 2016-02-22 20:34 - 00001650 ____R C:\Yeabeats Browser.lnk
2016-02-22 20:34 - 2016-02-18 07:13 - 02963253 _____ ( ) C:\Users\zeneida\AppData\Roaming\yeaplayer_wajam2.exe
2016-02-22 20:33 - 2016-02-23 13:48 - 00010365 _____ C:\Users\Todos os Usuários\webad.xml
2016-02-22 20:33 - 2016-02-23 13:48 - 00010365 _____ C:\ProgramData\webad.xml
2016-02-22 20:33 - 2016-02-23 12:17 - 02786816 _____ (TODO: ) C:\Users\zeneida\AppData\Roaming\svrupg.exe
2016-02-22 20:33 - 2016-02-23 12:17 - 00010365 _____ C:\Users\zeneida\AppData\Roaming\webad.xml
2016-02-22 20:33 - 2016-02-22 20:33 - 00002944 _____ C:\WINDOWS\System32\Tasks\svchost
2016-02-22 20:33 - 2016-02-22 20:33 - 00001794 ____R C:\Users\zeneida\Desktop\Yeabeats Browser.lnk
2016-02-22 20:33 - 2016-02-22 20:33 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-02-22 20:33 - 2016-02-22 20:33 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-02-22 20:33 - 2016-02-22 20:33 - 00000000 ____D C:\ProgramData\Windows Update
2016-02-22 20:33 - 2016-01-26 10:54 - 02415616 _____ C:\Users\zeneida\AppData\Roaming\msiql.exe
2016-02-22 20:33 - 2016-01-26 10:54 - 02415616 _____ C:\Users\Todos os Usuários\msiql.exe
2016-02-22 20:33 - 2016-01-26 10:54 - 02415616 _____ C:\ProgramData\msiql.exe
2016-02-22 20:33 - 2016-01-11 14:49 - 01734656 _____ C:\Users\Todos os Usuários\service.exe
2016-02-22 20:33 - 2016-01-11 14:49 - 01734656 _____ C:\ProgramData\service.exe
2016-02-22 20:33 - 2015-12-10 14:43 - 00600312 _____ C:\Users\zeneida\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-02-22 20:33 - 2015-12-04 12:14 - 01081344 _____ C:\Users\Todos os Usuários\LightGate.exe
2016-02-22 20:33 - 2015-12-04 12:14 - 01081344 _____ C:\ProgramData\LightGate.exe
2016-02-22 20:33 - 2015-11-25 14:31 - 01100288 _____ C:\Users\zeneida\AppData\Roaming\HomePage.exe
2016-02-18 22:42 - 2016-02-18 22:43 - 00772016 _____ (Reimage®) C:\Users\zeneida\Downloads\ReimageRepair.exe
2016-02-10 14:43 - 2016-02-06 07:48 - 25839104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-10 14:43 - 2016-02-06 07:24 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-10 14:43 - 2016-02-06 07:01 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-10 14:43 - 2016-02-06 06:43 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-10 14:43 - 2016-02-06 06:32 - 14458368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-10 14:43 - 2016-02-06 06:16 - 12857856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-10 14:43 - 2016-02-06 06:09 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-10 14:43 - 2016-02-06 05:54 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-10 14:29 - 2016-01-14 22:42 - 00033472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-02-10 14:29 - 2016-01-14 17:44 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-10 14:29 - 2016-01-14 17:44 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-10 14:29 - 2016-01-14 17:44 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-10 14:29 - 2016-01-14 17:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-10 14:29 - 2016-01-14 17:44 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-10 14:29 - 2016-01-14 17:44 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-10 14:29 - 2016-01-10 16:37 - 00442720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-10 14:29 - 2016-01-10 15:39 - 00332640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-10 14:29 - 2016-01-10 15:15 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-02-10 14:29 - 2016-01-10 15:15 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-02-10 14:29 - 2016-01-10 14:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-10 14:29 - 2016-01-10 14:43 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-02-10 14:29 - 2016-01-10 14:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-10 14:29 - 2016-01-10 14:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-02-10 14:29 - 2016-01-10 14:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-10 14:29 - 2016-01-10 14:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-02-10 14:29 - 2016-01-10 14:09 - 01442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-10 14:29 - 2016-01-10 14:09 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-02-10 14:29 - 2016-01-10 14:02 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-10 14:29 - 2016-01-10 13:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-10 14:29 - 2016-01-10 13:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-02-10 14:29 - 2016-01-10 13:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-02-10 14:29 - 2016-01-10 13:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2016-02-10 14:29 - 2016-01-10 13:43 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-10 14:29 - 2016-01-10 13:40 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-10 14:29 - 2016-01-07 15:34 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-10 14:29 - 2015-12-29 12:45 - 07783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-02-10 14:29 - 2015-12-29 12:45 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-02-10 14:29 - 2015-12-29 12:43 - 05267968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-02-10 14:29 - 2015-12-29 12:42 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-02-10 14:28 - 2016-01-22 05:01 - 22365992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-10 14:28 - 2016-01-22 04:11 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-10 14:28 - 2016-01-22 03:29 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-10 14:28 - 2016-01-22 02:25 - 14467072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-10 14:28 - 2016-01-22 02:14 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-10 14:28 - 2016-01-22 02:07 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-10 14:28 - 2016-01-22 01:58 - 02464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-10 14:28 - 2016-01-19 16:14 - 07453024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-10 14:28 - 2016-01-19 16:13 - 02175008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-10 14:28 - 2016-01-19 16:13 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-10 14:28 - 2016-01-19 16:12 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-10 14:28 - 2016-01-19 16:12 - 01133744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-10 14:28 - 2016-01-19 15:23 - 01564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-10 14:28 - 2016-01-19 15:23 - 01501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-10 14:28 - 2016-01-19 15:23 - 00548024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-10 14:28 - 2016-01-19 15:15 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-10 14:28 - 2016-01-19 14:30 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-10 14:28 - 2016-01-19 13:37 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-02-10 14:28 - 2016-01-06 15:25 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-10 14:28 - 2015-12-28 18:42 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2016-02-10 14:28 - 2015-12-28 17:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2016-02-10 14:27 - 2016-01-22 03:40 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-10 14:27 - 2016-01-22 03:28 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-10 14:27 - 2016-01-22 03:27 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-10 14:27 - 2016-01-22 03:02 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-10 14:27 - 2016-01-22 02:55 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-02-10 14:27 - 2016-01-22 02:52 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-10 14:27 - 2016-01-22 02:51 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-10 14:27 - 2016-01-22 02:50 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-02-10 14:27 - 2016-01-22 02:48 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-10 14:27 - 2016-01-22 02:48 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-10 14:27 - 2016-01-22 02:47 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-10 14:27 - 2016-01-22 02:46 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-10 14:27 - 2016-01-22 02:35 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-10 14:27 - 2016-01-22 02:31 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-10 14:27 - 2016-01-22 02:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-02-10 14:27 - 2016-01-22 02:28 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-02-10 14:27 - 2016-01-22 02:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-02-10 14:27 - 2016-01-22 02:25 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-10 14:27 - 2016-01-22 02:25 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-10 14:27 - 2016-01-22 02:24 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-10 14:27 - 2016-01-22 02:08 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-02-10 14:27 - 2016-01-22 02:07 - 02120704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-10 14:27 - 2016-01-22 02:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-02-10 14:27 - 2016-01-10 16:37 - 00136912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-10 14:27 - 2016-01-10 13:51 - 03707392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-10 14:27 - 2016-01-10 13:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-02-10 14:27 - 2016-01-10 13:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-02-10 14:27 - 2016-01-10 13:36 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-02-10 14:27 - 2016-01-10 13:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-02-10 14:27 - 2016-01-10 13:35 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-02-10 14:27 - 2016-01-10 13:35 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-02-10 14:27 - 2016-01-10 13:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-02-10 14:27 - 2016-01-10 13:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-02-10 14:27 - 2016-01-10 13:27 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-02-10 14:27 - 2016-01-10 13:26 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-02-10 14:27 - 2015-12-17 15:29 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-02-10 14:27 - 2015-12-17 13:17 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-02-07 14:16 - 2016-02-07 14:16 - 00267413 _____ C:\Users\zeneida\Downloads\FaturaHipercard-02-2016.pdf
2016-02-02 14:12 - 2016-02-02 14:12 - 00001050 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1745426921-2193795256-1152630720-1001Core1d15ddcd86a00d4.job
2016-01-27 09:13 - 2016-01-29 07:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-02-23 13:55 - 2015-12-22 07:50 - 00001156 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2016-02-23 13:54 - 2013-10-01 21:11 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1745426921-2193795256-1152630720-1001
2016-02-23 13:49 - 2015-05-25 15:35 - 00001182 ____R C:\Users\Public\Desktop\Opera.lnk
2016-02-23 13:49 - 2015-05-25 15:35 - 00001118 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-23 13:49 - 2015-05-25 15:14 - 00001230 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-23 13:49 - 2015-05-25 15:14 - 00001120 ____R C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-23 13:49 - 2014-08-27 09:05 - 00000000 ___DO C:\Users\zeneida\OneDrive
2016-02-23 13:49 - 2013-10-04 13:43 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-23 13:48 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-23 13:45 - 2013-10-11 10:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-02-23 13:45 - 2013-10-11 10:34 - 00000000 ____D C:\Program Files (x86)\HP
2016-02-23 13:29 - 2013-03-18 11:27 - 00000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2016-02-23 13:28 - 2015-05-17 12:04 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-02-23 13:28 - 2015-05-17 12:04 - 00000286 __RSH C:\ProgramData\ntuser.pol
2016-02-23 13:28 - 2013-10-04 13:43 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-23 13:28 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Inf
2016-02-23 13:26 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-02-23 13:01 - 2015-05-24 14:47 - 00000000 ____D C:\Program Files (x86)\HQ-Video-Pro-2.1cV23.05
2016-02-23 10:51 - 2014-08-26 16:41 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C746F45F-F03F-4EA2-B21B-5E9FFD210542}
2016-02-22 22:17 - 2014-08-26 15:16 - 00000000 ____D C:\Users\zeneida
2016-02-22 20:33 - 2015-12-22 07:40 - 00002485 ____R C:\Users\zeneida\Desktop\Google Chrome.lnk
2016-02-22 20:32 - 2015-05-16 09:05 - 00000000 ____D C:\Users\zeneida\AppData\Roaming\RunDir
2016-02-20 12:31 - 2015-12-22 07:40 - 00002622 _____ C:\Users\zeneida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 20:21 - 2015-05-25 15:35 - 00003850 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1432578946
2016-02-17 20:21 - 2015-05-25 13:16 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-17 20:14 - 2015-10-13 11:39 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-02-17 08:00 - 2014-03-18 07:09 - 01797166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-17 08:00 - 2014-03-18 06:29 - 00774900 _____ C:\WINDOWS\system32\prfh0416.dat
2016-02-17 08:00 - 2014-03-18 06:29 - 00158494 _____ C:\WINDOWS\system32\prfc0416.dat
2016-02-16 19:38 - 2015-06-30 13:21 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-12 17:21 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache
2016-02-12 09:42 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-11 11:27 - 2013-08-22 11:44 - 00481680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-10 22:39 - 2014-12-09 23:39 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-10 22:39 - 2014-03-18 06:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 22:39 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-02-10 15:16 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-10 15:16 - 2012-07-26 04:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-10 15:14 - 2013-12-12 16:09 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-02-10 15:14 - 2012-07-26 02:26 - 00000269 _____ C:\WINDOWS\win.ini
2016-02-10 15:03 - 2013-09-29 20:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-10 14:54 - 2013-03-18 12:54 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 14:21 - 2015-11-10 22:34 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-10 14:21 - 2015-11-10 22:34 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-07 14:23 - 2013-10-04 13:43 - 00004064 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-07 14:23 - 2013-10-04 13:43 - 00003828 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 07:55 - 2015-12-22 07:50 - 00001104 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2016-02-01 23:37 - 2015-10-14 21:16 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-01 23:37 - 2015-10-14 21:16 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-29 07:08 - 2015-05-25 15:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-25 22:43 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-24 15:59 - 2013-08-22 10:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

==================== Arquivos na raiz de alguns diretórios =======

2016-02-22 20:33 - 2015-11-25 14:31 - 1100288 _____ () C:\Users\zeneida\AppData\Roaming\HomePage.exe
2016-02-22 20:33 - 2016-01-26 10:54 - 2415616 _____ () C:\Users\zeneida\AppData\Roaming\msiql.exe
2016-02-22 20:33 - 2016-02-23 12:17 - 2786816 _____ (TODO: ) C:\Users\zeneida\AppData\Roaming\svrupg.exe
2016-02-22 20:33 - 2016-02-23 12:17 - 0010365 _____ () C:\Users\zeneida\AppData\Roaming\webad.xml
2016-02-22 20:33 - 2015-12-10 14:43 - 0600312 _____ () C:\Users\zeneida\AppData\Roaming\YeaPlayer_br_IBD_Bundle.exe
2016-02-22 20:34 - 2016-02-18 07:13 - 2963253 _____ ( ) C:\Users\zeneida\AppData\Roaming\yeaplayer_wajam2.exe
2015-05-16 09:22 - 2015-10-13 19:55 - 0003584 _____ () C:\Users\zeneida\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-11 10:34 - 2013-10-11 10:34 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-02-23 13:49 - 2015-11-25 14:31 - 1100288 _____ () C:\ProgramData\HomePage.exe
2016-02-22 20:33 - 2015-12-04 12:14 - 1081344 _____ () C:\ProgramData\LightGate.exe
2016-02-22 20:33 - 2016-01-26 10:54 - 2415616 _____ () C:\ProgramData\msiql.exe
2016-02-22 20:33 - 2016-01-11 14:49 - 1734656 _____ () C:\ProgramData\service.exe
2016-02-22 20:33 - 2016-02-23 13:48 - 0010365 _____ () C:\ProgramData\webad.xml
2016-02-23 13:11 - 2016-02-23 13:11 - 0000081 _____ () C:\ProgramData\xcgui_debug.txt
2016-02-23 13:49 - 2015-12-10 14:43 - 0600312 _____ () C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\HomePage.exe
C:\ProgramData\LightGate.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\ProgramData\YeaPlayer_br_IBD_Bundle.exe
C:\Users\Todos os Usuários\HomePage.exe
C:\Users\Todos os Usuários\LightGate.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe
C:\Users\Todos os Usuários\YeaPlayer_br_IBD_Bundle.exe


Alguns arquivos em TEMP:
====================
C:\Users\zeneida\AppData\Local\Temp\tu17p84.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-02-20 13:11

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité