cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:05-03-2016 01
Executado por Admin (administrador) em ADMIN-PC (08-04-2016 09:37:16)
Executando a partir de C:\Users\Admin\Downloads
Perfis Carregados: Admin (Perfis Disponíveis: Admin)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Realtek) C:\Program Files (x86)\oem\11n USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\oem\11n USB Wireless LAN Utility\RtWLan.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKU\S-1-5-21-3182983935-984955775-2459463201-1000\...\Run: [GoogleChromeAutoLaunch_A5B343D047FD8BD2F268B0EA0F8DBD7C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136 2016-03-27] (Google Inc.)
HKU\S-1-5-21-3182983935-984955775-2459463201-1000\...\MountPoints2: E - E:\LGAutoRun.exe
HKU\S-1-5-21-3182983935-984955775-2459463201-1000\...\MountPoints2: {31255ee7-ff2f-11e4-bb79-806e6f6e6963} - D:\install.exe
HKU\S-1-5-21-3182983935-984955775-2459463201-1000\...\MountPoints2: {d84b2abc-3274-11e5-825a-00016c7b6099} - E:\LGAutoRun.exe
HKU\S-1-5-21-3182983935-984955775-2459463201-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2009-07-13] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MYMAX Wireless Utility.lnk [2015-09-12]
ShortcutTarget: MYMAX Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2015-09-13]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{2ACB5974-E09A-4987-A496-0CF28B9B6166}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{8D5B93D7-93EF-4FF6-8900-C79C2A906C49}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{94D51CA1-D9A0-492E-ABB2-56B07C4550BA}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{F6A546BB-68D6-417E-A3BA-F4704F39785E}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)

Chrome:
=======
CHR HomePage: Profile 1 -> hxxps://www.google.com.br/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com.br/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-22]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-22]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-22]
CHR Extension: (Unfollowers for Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcbaokcchpeocidhfccllamniooiefin [2015-06-10]
CHR Extension: (Open Tweet Filter) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdmjagdcpkfpebaaffpafncgkleijako [2015-06-10]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-22]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-22]
CHR Extension: (Planilhas do Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-22]
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-10]
CHR Extension: (Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-10]
CHR Extension: (Avast Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-10]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-06-10]
CHR Extension: (PSafe Segurança Online) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\higfhiimhkcmfppmdckdpkdcdolcjooo [2015-05-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-22]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-22]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-22]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (AdBlock) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Arquivo não assinado]
R2 Realtek11nSU; C:\Program Files (x86)\oem\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [Arquivo não assinado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-08 09:37 - 2016-04-08 09:38 - 00011718 _____ C:\Users\Admin\Downloads\FRST.txt
2016-04-08 09:36 - 2016-04-08 09:37 - 00000000 ____D C:\FRST
2016-04-08 09:35 - 2016-04-08 09:35 - 02374144 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2016-04-08 09:23 - 2016-04-08 09:23 - 14572000 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\vc_redist.x64.exe
2016-04-08 07:11 - 2016-04-08 09:23 - 00000000 ____D C:\Users\Admin\Downloads\citra-latest-windows-amd64
2016-04-07 14:34 - 2016-04-07 14:35 - 00140916 _____ C:\Windows\ntbtlog.txt
2016-04-03 00:55 - 2016-04-03 00:57 - 3503717658 _____ C:\Users\Admin\Downloads\04 - Raciocínio Lógico Matemático - Edgar Abreu.zip
2016-04-02 23:00 - 2016-04-02 23:01 - 1094201487 _____ C:\Users\Admin\Downloads\03 - Redação - Maria Tereza.zip
2016-04-02 22:26 - 2016-04-02 22:28 - 1646599622 _____ C:\Users\Admin\Downloads\02 - Português - Maria Tereza.zip
2016-03-26 18:36 - 2016-03-26 19:57 - 1409344697 _____ C:\Users\Admin\Downloads\-Getintopc.com-Pinnacle_Studio_17_Ultimate_17.0.2.137.zip
2016-03-20 19:08 - 2016-03-20 19:09 - 00000000 ____D C:\Users\Admin\Downloads\The.Big.Short.2015.DVDScr.XVID.AC3.HQ.Hive-CM8
2016-03-20 12:34 - 2016-03-20 12:34 - 00000000 ____D C:\Users\Admin\Desktop\Halliday
2016-03-20 12:26 - 2016-03-20 12:26 - 02751900 _____ C:\Users\Admin\Downloads\Resolução Fund. de Fisica Halliday 8 ed vol. 3.rar
2016-03-16 11:16 - 2016-03-16 11:16 - 00000015 _____ C:\Users\Admin\Desktop\davis.txt
2016-03-12 19:35 - 2016-03-12 19:35 - 01090107 _____ C:\Users\Admin\Desktop\ronan.html
2016-03-12 19:35 - 2016-03-12 19:35 - 00000000 ____D C:\Users\Admin\Desktop\ronan_files
2016-03-12 09:07 - 2016-03-12 09:07 - 00011488 _____ C:\Users\Admin\Downloads\MP RJ ANALISTA PROCESSUAL - MARÇO.2016.pdf
2016-03-12 08:39 - 2016-03-12 08:39 - 15893263 _____ C:\Users\Admin\Downloads\O Príncipe do Egito 1998 (Clip 9-10) HD - Milagres São Reais.mp4
2016-03-12 08:38 - 2016-03-12 08:38 - 15732529 _____ C:\Users\Admin\Downloads\O Príncipe do Egito 1998 (Clip 6-10) HD - A Sarça Ardente.mp4
2016-03-12 08:37 - 2016-03-12 08:44 - 15431436 _____ C:\Users\Admin\Downloads\O Príncipe do Egito 1998 (Clip 3-10) HD - Pesadelo.mp4
2016-03-12 08:37 - 2016-03-12 08:38 - 12322155 _____ C:\Users\Admin\Downloads\O Príncipe do Egito 1998 (Clip 5-10) HD - Olhar Com O Olhar Do Céu.mp4
2016-03-12 08:30 - 2016-03-12 08:30 - 00000000 ____D C:\Users\Admin\Downloads\100LGDSC
2016-03-05 23:39 - 2016-03-05 23:39 - 00813522 _____ C:\Users\Admin\Downloads\unirio0116_edital.zip
2016-03-05 23:31 - 2016-03-05 23:32 - 33333948 _____ C:\Users\Admin\Downloads\apostila-ufmt-2015-assistenteemadministracao.pdf
2016-03-05 23:31 - 2016-03-05 23:31 - 00249920 _____ C:\Users\Admin\Downloads\Aula 1 -Direito Penal - Felipe Novaes - Aplicação da Lei Penal e Teoria do Crime.pdf
2016-03-05 23:28 - 2016-03-05 23:29 - 00534864 _____ C:\Users\Admin\Downloads\edital_UFMT2015.pdf
2016-02-20 10:06 - 2016-02-20 10:06 - 00072489 _____ C:\Users\Admin\Downloads\GerarPDF_2022016100605.pdf
2016-02-16 00:12 - 2016-02-16 00:20 - 00000000 ____D C:\Users\Admin\Downloads\bachur
2016-02-06 07:08 - 2016-02-06 07:08 - 00072634 _____ C:\Users\Admin\Downloads\GerarPDF_622016080829.pdf
2016-02-05 19:20 - 2016-02-05 19:20 - 00557986 _____ C:\Users\Admin\Downloads\COMPILADO COMEERJ 2016.pdf
2016-02-05 19:06 - 2016-02-05 19:06 - 00007855 _____ C:\Users\Admin\Downloads\Polo II Florescer a Caridade (2).pdf
2016-01-27 20:21 - 2016-01-27 20:32 - 00000000 ____D C:\Users\Admin\Desktop\Curso L.F.G - O Novo CPC - F.D.J. (2015)
2016-01-27 19:54 - 2016-01-27 19:54 - 00000000 ____D C:\Users\Admin\Desktop\Disco Local
2016-01-27 19:41 - 2016-01-27 19:53 - 00000000 ____D C:\Users\Admin\Desktop\Modulo Constitucional Sarmento
2016-01-27 19:39 - 2016-01-27 19:41 - 00000000 ____D C:\Users\Admin\Desktop\ofice 2010
2016-01-27 19:25 - 2016-01-27 19:39 - 00000000 ____D C:\Users\Admin\Desktop\Rafarel C. R. Oliveira - Direito Administrativo - 2014
2016-01-27 19:25 - 2016-01-27 19:25 - 00000000 ____D C:\Users\Admin\Desktop\Sinopses para Concursos - JusPodivm (2014)
2016-01-27 19:24 - 2015-04-14 20:49 - 76881206 _____ C:\Users\Admin\Desktop\NEVES, Daniel Amorim Assumpção - Manual de Direito Processual Civil (2015).pdf
2016-01-27 19:15 - 2016-01-27 19:19 - 00000000 ____D C:\Users\Admin\Desktop\Curso E. - Direito Penal - Ana P. V. de Carvalho (2014)
2016-01-27 19:14 - 2015-05-12 21:27 - 32741042 _____ C:\Users\Admin\Desktop\DIDIER, Fredie Jr. - Curso de Direito Processual Civil, Vol. 01, 17° Ed., 2015.pdf
2016-01-27 19:14 - 2015-05-12 21:27 - 30410818 _____ C:\Users\Admin\Desktop\DIDIER, Fredie Jr. - Curso de Direito Processual Civil, Vol. 02, 10° Ed., 2015.pdf
2016-01-21 13:30 - 2016-01-21 13:30 - 00362248 _____ C:\Windows\Minidump\012116-15178-01.dmp
2016-01-20 21:38 - 2016-01-20 21:39 - 03382092 _____ C:\Users\Admin\Downloads\Calculo Diferencial e Integral II.pdf
2016-01-19 20:56 - 2016-01-19 20:56 - 00019029 _____ C:\Users\Admin\Downloads\Gabarito_DPU_2010.PDF
2016-01-19 20:51 - 2016-01-19 20:51 - 00708392 _____ C:\Users\Admin\Downloads\Prova_DPU_2010.pdf
2016-01-19 13:23 - 2016-01-19 13:23 - 00228461 _____ C:\Users\Admin\Downloads\2016 Lista de publicacao - 11 a 15 jan.pdf
2016-01-17 21:10 - 2016-01-17 21:11 - 05391290 _____ C:\Users\Admin\Downloads\pdf-analista-tec-administrativo-direito-constitucional-p-dpu-analista-tecnico-administrativo-aula (4).pdf
2016-01-17 11:25 - 2016-01-17 11:25 - 00361496 _____ C:\Windows\Minidump\011716-14710-01.dmp

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-08 09:30 - 2015-05-22 16:14 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-08 09:25 - 2015-11-29 01:02 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-04-08 09:25 - 2015-11-29 01:02 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-08 09:10 - 2009-07-14 01:45 - 00013616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-08 09:10 - 2009-07-14 01:45 - 00013616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-08 07:08 - 2009-07-29 12:58 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-04-08 07:08 - 2009-07-29 12:58 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-04-08 07:08 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-08 07:08 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-04-08 07:03 - 2015-05-22 16:14 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-08 07:03 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-07 20:11 - 2015-12-12 19:59 - 00000026 _____ C:\Users\Admin\.mjsync_pt_BR
2016-04-07 20:11 - 2015-12-12 19:58 - 00000000 ____D C:\Users\Admin\MegaJogos
2016-03-31 11:58 - 2015-06-13 18:34 - 00000000 ____D C:\Windows\System32\Tasks\Games
2016-03-30 17:36 - 2015-05-22 16:16 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-30 17:35 - 2015-05-22 16:16 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-20 21:10 - 2015-09-19 19:32 - 00000000 ____D C:\Users\Admin\AppData\Roaming\uTorrent
2016-03-20 19:07 - 2015-12-19 22:32 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\uTorrent
2016-03-20 12:07 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-09 12:00 - 2015-05-22 13:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

Alguns arquivos em TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\_is2CAA.exe
C:\Users\Admin\AppData\Local\Temp\_is68B1.exe
C:\Users\Admin\AppData\Local\Temp\_is8342.exe
C:\Users\Admin\AppData\Local\Temp\_is8D50.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 20:38] - [2015-05-22 14:13] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2009-07-13 20:24] - [2015-05-22 14:13] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-08 09:06

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité