cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:25-04-2016
Executado por LUCAS (administrador) em LUCAS-PC (26-04-2016 10:35:57)
Executando a partir de D:\Users\LUCAS\Desktop
Perfis Carregados: LUCAS (Perfis Disponíveis: LUCAS & Convidado)
Platform: Microsoft Windows 7 Professional (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Hagel Technologies Ltd.) C:\Program Files\DU Meter\DUMeterSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
() C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Akamai Technologies, Inc.) C:\Users\LUCAS\AppData\Local\Akamai\netsession_win.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaUI.exe
(Akamai Technologies, Inc.) C:\Users\LUCAS\AppData\Local\Akamai\netsession_win.exe
(Hagel Technologies Ltd.) C:\Program Files\DU Meter\DUMeter.exe
(Autodesk, Inc.) C:\Users\LUCAS\AppData\Local\Temp\AcDeltree.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5074384 2012-11-26] (ESET)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA)
HKLM\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [536576 2008-03-03] ()
HKLM\...\Run: [ADSKAppManager] => C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [716224 2016-03-23] (Autodesk, Inc.)
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
HKU\S-1-5-21-2760936434-1250057660-3909363121-1000\...\Run: [DU Meter] => C:\Program Files\DU Meter\DUMeter.exe [4245400 2013-03-01] (Hagel Technologies Ltd.)
HKU\S-1-5-21-2760936434-1250057660-3909363121-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2760936434-1250057660-3909363121-1000\...\Run: [Akamai NetSession Interface] => C:\Users\LUCAS\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2760936434-1250057660-3909363121-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-2760936434-1250057660-3909363121-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2760936434-1250057660-3909363121-1000\...\MountPoints2: {4006de99-6057-11e3-8e07-00248ccf57f8} - F:\Startme.exe
HKU\S-1-5-21-2760936434-1250057660-3909363121-1000\...\MountPoints2: {aaacb633-1cc4-11e3-a24a-00248ccf57f8} - G:\LGAutoRun.exe
HKU\S-1-5-21-2760936434-1250057660-3909363121-1000\...\MountPoints2: {d6c3de4b-79a7-11e5-bde6-ad1281d89612} - E:\MotorolaDeviceManagerSetup.exe -a
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc.)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2014-03-15]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 189.6.0.73 189.6.0.78
Tcpip\..\Interfaces\{4BC9ADF5-C721-4ED0-8A7A-93508B668DA0}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{7289A65A-79C3-4AF1-B92B-32D591A11974}: [DhcpNameServer] 189.6.0.73 189.6.0.78

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=incore_pay_hp_01_hao123_br
HKU\S-1-5-21-2760936434-1250057660-3909363121-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=incore_pay_hp_05_hao123_br
SearchScopes: HKU\S-1-5-21-2760936434-1250057660-3909363121-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=113480&babsrc=SP_ss&mntrId=1ea1157200000000000000248ccf57f8
SearchScopes: HKU\S-1-5-21-2760936434-1250057660-3909363121-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=113480&babsrc=SP_ss&mntrId=1ea1157200000000000000248ccf57f8
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-25] (Oracle Corporation)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES\GBPLUGIN\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-25] (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\LUCAS\AppData\Roaming\Mozilla\Firefox\Profiles\62mygshb.default-1402541633253
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-25] (Oracle Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2760936434-1250057660-3909363121-1000: gastecnologia.com.br/sf/bb -> C:\Users\LUCAS\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Extension: Quiknowledge - C:\Program Files\Mozilla Firefox\extensions\quiknowledge@quiknowledge.com [2016-04-13] [não assinado]
FF HKLM\...\Firefox\Extensions: [quiknowledge@quiknowledge.com] - C:\Program Files\Mozilla Firefox\extensions\quiknowledge@quiknowledge.com
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-05-23] [não assinado]
FF HKU\S-1-5-21-2760936434-1250057660-3909363121-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\LUCAS\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: GBBD Banco do Brasil - C:\Users\LUCAS\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-06-21] [não assinado]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://start.qone8.com/?type=hp&ts=1401483204&from=epom1&uid=MAXTORXSTM3250310AS_6RYA2TFBXXXX6RYA2TFB","hxxp://start.qone8.com/?type=hppp&ts=1401790863&from=epom1&uid=MAXTORXSTM3250310AS_6RYA2TFBXXXX6RYA2TFB","hxxp://start.qone8.com/?type=hppp&ts=1401812700&from=epom1&uid=MAXTORXSTM3250310AS_6RYA2TFBXXXX6RYA2TFB","hxxp://start.qone8.com/?type=hppp&ts=1401963373&from=epom1&uid=MAXTORXSTM3250310AS_6RYA2TFBXXXX6RYA2TFB","hxxp://start.qone8.com/?type=hppp&ts=1402051088&from=epom1&uid=MAXTORXSTM3250310AS_6RYA2TFBXXXX6RYA2TFB","hxxp://start.qone8.com/?type=hppp&ts=1402056829&from=epom1&uid=MAXTORXSTM3250310AS_6RYA2TFBXXXX6RYA2TFB","hxxp://start.qone8.com/?type=hppp&ts=1402077586&from=epom1&uid=MAXTORXSTM3250310AS_6RYA2TFBXXXX6RYA2TFB","hxxp://start.qone8.com/?type=hppp&ts=1402312100&from=epom1&uid=MAXTORXSTM3250310AS_6RYA2TFBXXXX6RYA2TFB","hxxp://start.qone8.com/?type=hppp&ts=1402324674&from=epom1&uid=MAXTORXSTM3250310AS_6RYA2TFBXXXX6RYA2TFB","hxxp://start.qone8.com/?type=hppp&ts=1402329700&from=epom1&uid=MAXTORXSTM3250310AS_6RYA2TFBXXXX6RYA2TFB","hxxp://www.oursurfing.com/?type=hp&ts=1441292178&z=3fe71c8587264e5293f1c92g1z4z0g7odtdo4gdm8m&from=smt&uid=WDCXWD5000AAKX-003CA0_WD-WCAYUN07914079140"
CHR Profile: C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-07]
CHR Extension: (Google Docs) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-07]
CHR Extension: (Google Drive) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (YouTube) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-07]
CHR Extension: (Google Search) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (Planilhas do Google) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-07]
CHR Extension: (Documentos Google off-line) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-08]
CHR Extension: (Bleaner) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-07]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-07]
CHR Extension: (Search People) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-11-07]
CHR Extension: (Gmail) - C:\Users\LUCAS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-07]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] -

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

"Warsaw Technology" => serviço foi desbloqueado. <===== ATENÇÃO

R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.)
R2 DUMeterSvc; C:\Program Files\DU Meter\DUMeterSvc.exe [2385304 2013-03-01] (Hagel Technologies Ltd.) [Arquivo não assinado]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1329304 2012-11-26] (ESET)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2016-04-26] (Flexera Software LLC)
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [116632 2012-07-17] ()
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Arquivo não assinado]
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [185632 2009-07-14] (Ralink Technology, Corp.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
S3 wampapache; c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe [20549 2010-12-31] (Apache Software Foundation) [Arquivo não assinado]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe [8133120 2010-12-31] () [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus.sys [14336 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag.sys [20736 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps.sys [20096 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem.sys [25088 2012-03-02] (LG Electronics Inc.)
R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-01-23] (Samsung Electronics Co., Ltd.) [Arquivo não assinado]
R3 DUMeterDrv; C:\Program Files\DU Meter\DUMETR32.SYS [19944 2013-03-01] (Hagel Technologies Ltd.) [Arquivo não assinado]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170656 2012-10-08] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [121216 2012-10-08] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [149568 2012-10-08] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [46056 2012-10-08] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [47056 2012-11-28] (ESET)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-08-26] (GAS Tecnologia)
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2015-06-21] (GAS Tecnologia)
R1 qknfd; C:\Windows\System32\drivers\qknfd.sys [52752 2014-04-01] (Quiknowledge)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert32.sys [31448 2015-07-07] (Basil)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [80728 2015-12-01] (GAS Tecnologia)
S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BHipsEx; \??\C:\Windows\System32\drivers\BHipsEx.sys [X]
S1 Bnbase; System32\drivers\bnbasex.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbus.sys [X]
S2 SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-26 10:35 - 2016-04-26 10:35 - 00000000 ____D C:\FRST
2016-04-26 10:26 - 2016-04-26 10:26 - 00000000 ____D C:\Users\Public\Downloads\260FD116-7539-4221-BD72-3775DD831EB5
2016-04-26 10:02 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-04-26 10:02 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-04-26 10:02 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2016-04-26 10:02 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2016-04-26 10:02 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-04-26 09:34 - 2016-04-26 10:09 - 00000000 ____D C:\Users\LUCAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-04-26 09:34 - 2016-04-26 09:34 - 00001496 _____ C:\Users\Public\Desktop\Aplicativo da área de trabalho Autodesk.lnk
2016-04-26 09:31 - 2016-04-26 09:31 - 00002010 _____ C:\Users\Public\Desktop\A360 Desktop.lnk
2016-04-26 09:26 - 2016-04-26 09:26 - 00002107 _____ C:\Users\Public\Desktop\AutoCAD 2017 - Português - Brasil (Brazilian Portuguese).lnk
2016-04-26 09:24 - 2016-04-26 10:26 - 00000000 ____D C:\Users\LUCAS\AppData\Local\Autodesk
2016-04-26 09:23 - 2016-04-26 09:23 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-04-26 09:20 - 2016-04-26 10:09 - 00000000 ____D C:\Program Files\Autodesk
2016-04-26 09:16 - 2016-04-26 09:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-04-26 09:15 - 2016-04-26 09:23 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-04-26 09:14 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-04-26 09:14 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-04-26 09:14 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-04-26 09:14 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-04-26 09:14 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-04-26 09:14 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-04-26 09:14 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-04-26 09:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-04-26 09:14 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-04-26 09:14 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-04-26 09:14 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-04-26 09:14 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-04-26 09:12 - 2016-04-26 09:13 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-04-26 09:12 - 2016-04-26 09:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-26 09:07 - 2016-04-26 10:26 - 00000000 ____D C:\Users\LUCAS\AppData\Roaming\Autodesk
2016-04-26 09:07 - 2016-04-26 09:34 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-04-26 09:07 - 2016-04-26 09:34 - 00000000 ____D C:\ProgramData\Autodesk
2016-04-26 09:06 - 2016-04-26 09:07 - 00000000 ____D C:\Users\LUCAS\AppData\Local\Akamai
2016-04-26 09:06 - 2016-04-26 09:06 - 00000000 ____D C:\Autodesk
2016-04-13 13:27 - 2016-04-16 20:52 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-26 10:15 - 2009-07-14 01:34 - 00014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-26 10:15 - 2009-07-14 01:34 - 00014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-26 10:11 - 2012-09-30 11:00 - 01650158 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-26 10:11 - 2009-07-14 05:31 - 00709154 _____ C:\Windows\system32\prfh0416.dat
2016-04-26 10:11 - 2009-07-14 05:31 - 00150802 _____ C:\Windows\system32\prfc0416.dat
2016-04-26 10:11 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-04-26 10:08 - 2015-10-23 16:53 - 00000000 ____D C:\Temp
2016-04-26 10:07 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-26 09:49 - 2014-11-10 13:18 - 00143248 _____ C:\Users\LUCAS\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-26 09:40 - 2014-11-07 10:26 - 00494208 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-26 09:30 - 2012-09-30 10:56 - 00000000 ____D C:\Users\LUCAS
2016-04-26 09:22 - 2009-07-14 01:52 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-04-26 09:07 - 2012-10-26 17:51 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-26 09:02 - 2015-06-21 22:07 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-04-26 09:02 - 2015-06-21 22:07 - 00000000 ____D C:\ProgramData\GbPlugin
2016-04-16 20:52 - 2013-06-20 15:14 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-08 15:07 - 2012-09-30 11:25 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-04-08 15:07 - 2012-09-30 11:25 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-04-08 00:11 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\NDF
2016-04-07 10:59 - 2015-10-31 14:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-31 16:24 - 2013-04-18 18:43 - 00000000 ____D C:\Users\LUCAS\AppData\Roaming\vlc
2016-03-30 12:37 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Arquivos na raiz de alguns diretórios =======

2016-02-23 10:09 - 2016-03-18 12:14 - 0008928 _____ () C:\Users\LUCAS\AppData\Roaming\SmarThruOptions.xml
2015-06-21 22:06 - 2015-06-21 22:07 - 0018048 _____ () C:\Users\LUCAS\AppData\Roaming\unins000.dat
2015-06-21 22:06 - 2015-06-21 22:06 - 0815826 _____ () C:\Users\LUCAS\AppData\Roaming\unins000.exe
2013-08-19 19:25 - 2013-08-19 19:25 - 0000017 _____ () C:\Users\LUCAS\AppData\Local\resmon.resmoncfg

Alguns arquivos em TEMP:
====================
C:\Users\LUCAS\AppData\Local\Temp\AcDeltree.exe
C:\Users\LUCAS\AppData\Local\Temp\javagiac0.02293416967814077.dll
C:\Users\LUCAS\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\LUCAS\AppData\Local\Temp\MotorolaDeviceManager_2.2.28.exe
C:\Users\LUCAS\AppData\Local\Temp\wmfdist.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-25 12:20

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité