cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:16-05-2016
Executado por samuek (administrador) em SAMUEK-PC (16-05-2016 22:34:51)
Executando a partir de C:\Users\samuek\Downloads\Programs
Perfis Carregados: samuek (Perfis Disponíveis: samuek)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(IObit) C:\Program Files\IObit\Advanced SystemCare\ASCService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare\Monitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14690712 2015-11-27] (Realtek Semiconductor)
HKU\S-1-5-21-1603546185-579458617-1123627998-1000\...\Run: [uTorrent] => C:\Users\samuek\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-14] (BitTorrent Inc.)
HKU\S-1-5-21-1603546185-579458617-1123627998-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-1603546185-579458617-1123627998-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3907152 2015-09-20] (Tonec Inc.)
HKU\S-1-5-21-1603546185-579458617-1123627998-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
HKU\S-1-5-21-1603546185-579458617-1123627998-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\VIDEOWLP.SCR
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5D36B038-C314-4F67-9089-590DFD814814}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D05D89B6-4814-4C52-A81E-973ABA722BFD}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1603546185-579458617-1123627998-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?ocid=iehp
hxxp://go.microsoft.com/fwlink/?linkid=69157
HKU\S-1-5-21-1603546185-579458617-1123627998-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.daemon-search.com/startpage
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1603546185-579458617-1123627998-1000 -> {15FE7BDD-C9BC-4581-A8BC-F8DD18A928E9} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1603546185-579458617-1123627998-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-08-28] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-01-12] (Oracle Corporation)
BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-01-12] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1603546185-579458617-1123627998-1000 -> Sem Nome - {32099AAC-C132-4136-9E9A-4E364A424E17} - Nenhum Arquivo

FireFox:
========
FF ProfilePath: C:\Users\samuek\AppData\Roaming\Mozilla\Firefox\Profiles\z7llgspw.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.youtube.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-12] ()
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-01-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-01-12] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF user.js: detected! => C:\Users\samuek\AppData\Roaming\Mozilla\Firefox\Profiles\z7llgspw.default\user.js [2016-04-24]
FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-08-14]
FF Extension: Facebook Secret Emoticons - C:\Users\samuek\AppData\Roaming\Mozilla\Firefox\Profiles\z7llgspw.default\Extensions\jid0-XZn6pYCdV3ANrfYigxlyyGDrxAM@jetpack.xpi [2016-04-28]
FF HKU\S-1-5-21-1603546185-579458617-1123627998-1000\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files\DAP\DAPFireFox => não encontrado (a)
FF HKU\S-1-5-21-1603546185-579458617-1123627998-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-07-10]
CHR HKU\S-1-5-21-1603546185-579458617-1123627998-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdvancedSystemCareService9; C:\Program Files\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S3 npggsvc; C:\Windows\system32\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2016-02-23] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-01-08] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2016-02-23] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2016-02-07] () [Arquivo não assinado]
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2009-07-13] (Microsoft Corporation)
U3 aotbte1n; C:\Windows\system32\Drivers\aotbte1n.sys [0 ] (Microsoft Corporation) <==== ATENÇÃO (zero byte Arquivo/Pasta)
S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-16 22:33 - 2016-05-16 22:34 - 00000000 ____D C:\FRST
2016-05-16 22:19 - 2016-05-16 22:19 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-16 22:19 - 2016-05-16 22:19 - 00000000 ____D C:\Program Files\AGEIA Technologies
2016-05-16 22:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-05-16 22:19 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-05-16 22:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-05-16 22:19 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-05-16 22:19 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-05-16 22:19 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-05-16 22:19 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-05-16 22:19 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-05-16 22:19 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-05-16 22:19 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-05-16 22:19 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-05-16 22:19 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-05-16 22:19 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-05-16 22:19 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-05-16 22:19 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-05-16 22:19 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-05-16 22:19 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-05-16 22:19 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-05-16 22:19 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-05-16 22:19 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-05-16 22:19 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-05-16 22:19 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-05-16 22:19 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-05-16 22:19 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-05-16 22:19 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-05-16 22:19 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-05-16 22:19 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-05-16 22:19 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-05-16 22:19 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-05-16 22:19 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-05-16 21:26 - 2016-05-16 21:26 - 00000202 _____ C:\Users\samuek\Desktop\Crazy Killer.url
2016-05-16 21:16 - 2016-05-16 21:16 - 00000000 ____D C:\Users\samuek\AppData\LocalLow\Unity
2016-05-16 21:06 - 2016-05-16 21:06 - 00000000 ____D C:\Users\samuek\AppData\LocalLow\Panoramik
2016-05-16 20:39 - 2016-05-16 22:18 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-16 20:39 - 2016-05-16 22:18 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-16 19:53 - 2016-05-16 19:53 - 00000000 ____D C:\Users\samuek\AppData\Roaming\istrolid
2016-05-14 20:58 - 2016-05-15 13:19 - 00000000 ____D C:\Users\samuek\Desktop\Ualpaipers
2016-05-12 11:12 - 2016-05-12 11:12 - 189648837 _____ C:\Windows\MEMORY.DMP
2016-05-11 13:19 - 2016-05-11 13:19 - 00000000 ____D C:\Users\Public\musicas
2016-05-06 15:26 - 2016-05-06 17:10 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-05 12:13 - 2016-05-05 12:13 - 30441472 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2016-05-05 12:13 - 2016-05-05 12:13 - 00229376 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2016-05-05 12:13 - 2016-05-05 12:13 - 00032768 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2016-05-05 12:13 - 2016-05-05 12:13 - 00032768 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2016-05-04 01:00 - 2014-10-16 10:27 - 00024352 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2016-04-29 20:10 - 2016-04-29 20:14 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Transformice
2016-04-29 20:10 - 2016-04-29 20:10 - 00088280 ____H C:\Windows\system32\mlfcache.dat
2016-04-29 20:10 - 2016-04-29 20:10 - 00000893 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transformice.lnk
2016-04-29 20:10 - 2016-04-29 20:10 - 00000881 _____ C:\Users\Public\Desktop\Transformice.lnk
2016-04-29 20:10 - 2016-04-29 20:10 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Roaming\Macromedia
2016-04-29 20:10 - 2016-04-29 20:10 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-04-29 20:10 - 2016-04-29 20:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-04-29 20:10 - 2016-04-29 20:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-04-29 20:10 - 2016-04-29 20:10 - 00000000 ____D C:\ProgramData\Adobe
2016-04-29 20:10 - 2016-04-29 20:10 - 00000000 ____D C:\Program Files\Transformice
2016-04-29 20:10 - 2016-04-29 20:10 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2016-04-29 20:10 - 2016-04-29 20:10 - 00000000 ____D C:\Program Files\Adobe
2016-04-28 23:49 - 2016-05-09 13:18 - 00000000 ____D C:\Program Files\sXe Injected
2016-04-28 23:49 - 2016-04-28 23:49 - 00001013 _____ C:\Users\samuek\Desktop\sXe Injected.lnk
2016-04-28 23:49 - 2016-04-28 23:49 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sXe Injected
2016-04-28 12:50 - 2016-04-28 12:50 - 00770304 _____ (Realtek ) C:\Windows\system32\Drivers\Rt86win7.sys
2016-04-28 12:50 - 2016-04-28 12:50 - 00109640 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2016-04-28 12:50 - 2016-04-28 12:50 - 00085616 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
2016-04-28 12:43 - 2016-04-28 12:43 - 00000000 ____D C:\Windows\simck
2016-04-28 12:40 - 2016-04-28 12:40 - 00000000 ____D C:\Users\Todos os Usuários\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-04-28 12:40 - 2016-04-28 12:40 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-04-28 12:29 - 2016-04-28 12:29 - 00002010 _____ C:\Users\samuek\Desktop\Counter Strike 1.6 Non-Steam.lnk
2016-04-28 12:29 - 2016-04-28 12:29 - 00001028 _____ C:\Users\samuek\Desktop\Server FpS.lnk
2016-04-28 12:29 - 2016-04-28 12:29 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter Strike 1.6
2016-04-28 12:28 - 2016-04-28 23:50 - 00000000 ____D C:\Program Files\valve
2016-04-28 02:43 - 2016-04-29 13:36 - 00000000 ____D C:\Program Files\Simcake
2016-04-27 10:43 - 2016-04-27 10:43 - 00000000 ____D C:\Users\Todos os Usuários\modloader
2016-04-27 10:43 - 2016-04-27 10:43 - 00000000 ____D C:\Users\samuek\AppData\Local\modloader
2016-04-27 10:43 - 2016-04-27 10:43 - 00000000 ____D C:\ProgramData\modloader
2016-04-27 10:37 - 2016-04-27 10:43 - 00000000 ____D C:\Users\samuek\Documents\GTA San Andreas User Files
2016-04-27 10:32 - 2016-04-27 10:32 - 00000000 ____D C:\ThugLife Oficial
2016-04-26 18:39 - 2016-04-27 22:16 - 00000000 ____D C:\Program Files\Half-Life 1 - No Steam
2016-04-26 18:36 - 2016-04-26 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Halflife Logo Creator
2016-04-26 18:36 - 2016-04-26 18:36 - 00000000 ____D C:\Program Files\Robster Productions
2016-04-25 01:57 - 2016-04-25 01:57 - 00000202 _____ C:\Users\samuek\Desktop\Sven Co-op.url
2016-04-22 16:05 - 2016-04-22 16:06 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Winamp
2016-04-22 16:05 - 2016-04-22 16:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2016-04-22 16:05 - 2016-04-22 16:05 - 00000000 ____D C:\Program Files\Winamp
2016-04-22 16:05 - 2016-04-22 16:05 - 00000000 ____D C:\Program Files\Common Files\PX Storage Engine
2016-04-22 15:55 - 2016-05-10 14:25 - 00000000 ____D C:\Users\samuek\Desktop\musicas
2016-04-22 13:06 - 2016-04-22 13:06 - 00000000 ____D C:\Users\samuek\Documents\League of Legends
2016-04-22 12:55 - 2016-04-22 12:55 - 00000000 ____D C:\Users\samuek\AppData\Roaming\LolClient
2016-04-22 01:05 - 2016-04-22 01:05 - 00001613 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-04-22 01:05 - 2016-04-22 01:05 - 00000000 ____D C:\Riot Games
2016-04-22 01:05 - 2016-04-22 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-04-22 01:05 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-04-22 01:05 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-04-22 01:05 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-04-22 01:05 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-04-22 01:05 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-04-20 22:23 - 2016-04-20 22:23 - 00000000 ____H C:\Users\samuek\Documents\Default.rdp
2016-04-20 21:00 - 2016-04-20 21:00 - 00000000 ____D C:\Users\samuek\AppData\Local\Howei
2016-04-20 14:49 - 2016-04-20 14:55 - 00000000 ____D C:\Users\Public\Kung.Fu.Panda.3.HC.HDRip.XviD.DUBLADO-TOM-WWW.FILMESETORRENT.COM
2016-04-20 14:46 - 2016-04-20 15:47 - 00000000 ____D C:\Users\Public\Todo Mundo em Pânico 5 (2013) BDRip 720p dublado
2016-04-19 17:02 - 2016-04-19 17:02 - 00000813 _____ C:\Users\samuek\Desktop\Steam - Atalho.lnk
2016-04-19 17:02 - 2016-04-19 17:02 - 00000000 ____D C:\Users\samuek\AppData\Local\Steam
2016-04-19 17:02 - 2016-04-19 17:02 - 00000000 ____D C:\Users\samuek\AppData\Local\CEF
2016-04-19 16:29 - 2016-04-19 16:55 - 00000000 ____D C:\Users\Public\Steam
2016-04-19 09:54 - 2016-04-19 09:54 - 00000000 ____D C:\Windows\Sun
2016-04-18 22:38 - 2016-04-18 22:38 - 00247265 __RSH C:\ABCDQ
2016-04-18 03:17 - 2016-04-22 01:03 - 00000000 ____D C:\Program Files\Z8Games
2016-04-11 19:47 - 2016-04-19 15:10 - 00012800 ___SH C:\Users\Public\Thumbs.db
2016-04-10 18:53 - 2016-04-10 18:53 - 00000000 ____D C:\Users\Todos os Usuários\Steam
2016-04-10 18:53 - 2016-04-10 18:53 - 00000000 ____D C:\ProgramData\Steam
2016-03-30 01:34 - 2016-03-30 01:34 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-03-27 23:38 - 2016-03-27 23:38 - 00000000 ____D C:\Users\samuek\Documents\Any Video Converter
2016-03-27 23:37 - 2016-03-28 10:52 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Anvsoft
2016-03-26 12:15 - 2016-04-20 06:52 - 00000000 ____D C:\Users\samuek\AppData\Roaming\vlc
2016-03-26 12:14 - 2016-03-26 12:14 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-26 12:14 - 2016-03-26 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-03-26 11:33 - 2016-03-26 12:03 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Solvusoft
2016-03-26 10:53 - 2016-03-26 10:57 - 00087608 _____ C:\Users\samuek\AppData\Roaming\inst.exe
2016-03-26 10:53 - 2016-03-26 10:57 - 00047360 _____ (VSO Software) C:\Users\samuek\AppData\Roaming\pcouffin.sys
2016-03-26 10:53 - 2016-03-26 10:57 - 00007887 _____ C:\Users\samuek\AppData\Roaming\pcouffin.cat
2016-03-26 10:53 - 2016-03-26 10:57 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Vso
2016-03-26 10:52 - 2016-03-26 17:28 - 00000000 ____D C:\Users\Todos os Usuários\VSO
2016-03-26 10:52 - 2016-03-26 17:28 - 00000000 ____D C:\ProgramData\VSO
2016-03-26 01:49 - 2016-03-26 01:49 - 00000000 ____D C:\Users\Todos os Usuários\Baidu
2016-03-26 01:49 - 2016-03-26 01:49 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-03-26 01:49 - 2016-03-26 01:49 - 00000000 ____D C:\ProgramData\Baidu
2016-03-15 07:31 - 2016-05-13 09:05 - 00002202 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-03-15 07:31 - 2016-03-15 07:31 - 00002106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2016-03-15 07:31 - 2016-03-15 07:31 - 00000000 ____D C:\Users\Todos os Usuários\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-03-15 07:31 - 2016-03-15 07:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-03-15 07:31 - 2016-03-15 07:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2016-03-15 07:31 - 2016-03-15 07:31 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2016-03-13 14:36 - 2016-03-13 14:36 - 00000000 ____D C:\Users\Todos os Usuários\RELOADED
2016-03-13 14:36 - 2016-03-13 14:36 - 00000000 ____D C:\ProgramData\RELOADED
2016-03-05 12:54 - 2016-03-05 12:54 - 00000000 ____D C:\Users\Todos os Usuários\Nexon
2016-03-05 12:54 - 2016-03-05 12:54 - 00000000 ____D C:\ProgramData\Nexon
2016-03-05 12:41 - 2016-03-05 12:41 - 00000000 ____D C:\Users\Todos os Usuários\Level Up! Games
2016-03-05 12:41 - 2016-03-05 12:41 - 00000000 ____D C:\ProgramData\Level Up! Games
2016-02-23 10:36 - 2016-02-23 10:45 - 00000000 ____D C:\Users\samuek\AppData\Local\Risen

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-16 21:57 - 2016-01-09 00:22 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-16 12:27 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-16 12:27 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-16 09:36 - 2016-01-09 14:20 - 00000000 ____D C:\Users\samuek\AppData\Roaming\uTorrent
2016-05-16 09:35 - 2016-02-06 11:18 - 00000000 ____D C:\Users\samuek\AppData\Roaming\DMCache
2016-05-16 09:34 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-15 23:03 - 2016-01-17 23:10 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Samsung
2016-05-15 23:03 - 2016-01-17 23:10 - 00000000 ____D C:\Users\samuek\AppData\Local\Samsung
2016-05-15 23:03 - 2016-01-17 22:55 - 00000000 ____D C:\Users\Todos os Usuários\Samsung
2016-05-15 23:03 - 2016-01-17 22:55 - 00000000 ____D C:\ProgramData\Samsung
2016-05-15 23:03 - 2016-01-17 22:55 - 00000000 ____D C:\Program Files\Samsung
2016-05-14 20:58 - 2016-02-06 11:18 - 00000000 ____D C:\Users\samuek\Downloads\Compressed
2016-05-14 14:50 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-05-14 14:42 - 2016-01-08 21:39 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-14 14:42 - 2009-07-29 15:46 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-05-14 14:42 - 2009-07-29 15:46 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-05-14 14:17 - 2016-02-06 11:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-05-12 20:58 - 2016-01-09 00:21 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-05-12 20:58 - 2016-01-09 00:21 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-05-12 11:12 - 2016-02-06 22:40 - 00000000 ___SD C:\Users\samuek\AppData\LocalLow\Temp
2016-05-12 11:12 - 2010-01-31 23:00 - 00000000 ____D C:\Windows\Minidump
2016-05-11 08:39 - 2016-01-24 21:38 - 30441472 _____ C:\Windows\system32\config\SOFTWARE.iobit
2016-05-11 08:39 - 2016-01-24 21:38 - 00229376 _____ C:\Windows\system32\config\DEFAULT.iobit
2016-05-11 08:39 - 2016-01-24 21:38 - 00032768 _____ C:\Windows\system32\config\SECURITY.iobit
2016-05-11 08:39 - 2016-01-24 21:38 - 00032768 _____ C:\Windows\system32\config\SAM.iobit
2016-05-09 23:28 - 2016-01-08 23:55 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-05-09 23:28 - 2016-01-08 23:55 - 00000000 ____D C:\ProgramData\ProductData
2016-05-09 09:09 - 2016-04-12 22:18 - 00000000 ____D C:\Program Files\Google
2016-05-09 09:08 - 2016-02-03 11:19 - 00000000 ____D C:\Users\samuek\AppData\Local\Google
2016-05-07 00:19 - 2016-01-08 21:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-04 01:00 - 2016-01-26 00:20 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
2016-05-03 19:40 - 2016-01-11 09:45 - 00000000 ____D C:\Users\samuek\AppData\Local\ElevatedDiagnostics
2016-05-03 09:42 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-29 20:10 - 2016-01-09 10:43 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Adobe
2016-04-29 19:51 - 2016-02-07 17:26 - 00000000 ____D C:\Users\samuek\AppData\Local\Adobe
2016-04-28 12:55 - 2016-02-06 11:15 - 00000000 ____D C:\Program Files\Easeware
2016-04-28 12:44 - 2016-01-12 14:25 - 00000000 ____D C:\Users\samuek\.android
2016-04-28 12:43 - 2016-01-08 21:35 - 00000000 ____D C:\Users\samuek
2016-04-28 12:42 - 2016-01-08 23:55 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-04-28 12:42 - 2016-01-08 23:55 - 00000000 ____D C:\ProgramData\IObit
2016-04-28 12:42 - 2016-01-08 23:55 - 00000000 ____D C:\Program Files\IObit
2016-04-28 12:39 - 2016-01-20 15:09 - 00000000 ____D C:\Program Files\Common Files\IObit
2016-04-28 12:39 - 2016-01-08 23:55 - 00000000 ____D C:\Users\samuek\AppData\LocalLow\IObit
2016-04-27 10:43 - 2016-02-07 12:53 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-04-24 21:34 - 2016-02-07 12:31 - 00000000 ____D C:\Users\samuek\AppData\Roaming\DAEMON Tools Lite
2016-04-22 01:06 - 2016-02-08 12:27 - 00000000 ____D C:\Users\samuek\AppData\Roaming\Riot Games
2016-04-21 12:50 - 2016-02-06 11:18 - 00000000 ____D C:\Users\samuek\AppData\Roaming\IDM
2016-04-20 23:16 - 2009-07-13 23:37 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-20 22:43 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\NDF
2016-04-20 14:07 - 2016-02-06 11:18 - 00000000 ____D C:\Users\samuek\Downloads\Video
2016-04-18 22:40 - 2016-03-26 01:47 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\DreamScene.dll
2016-04-18 22:38 - 2016-01-08 23:49 - 00000020 __RSH C:\win7.ld

==================== Arquivos na raiz de alguns diretórios =======

2016-03-26 10:53 - 2016-03-26 10:57 - 0087608 _____ () C:\Users\samuek\AppData\Roaming\inst.exe
2016-03-26 10:53 - 2016-03-26 10:57 - 0007887 _____ () C:\Users\samuek\AppData\Roaming\pcouffin.cat
2016-03-26 10:53 - 2016-03-26 10:57 - 0001144 _____ () C:\Users\samuek\AppData\Roaming\pcouffin.inf
2016-03-26 10:53 - 2016-03-26 10:57 - 0000055 _____ () C:\Users\samuek\AppData\Roaming\pcouffin.log
2016-03-26 10:53 - 2016-03-26 10:57 - 0047360 _____ (VSO Software) C:\Users\samuek\AppData\Roaming\pcouffin.sys
2016-01-09 00:21 - 2016-01-09 00:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-01-08 21:42 - 2016-01-08 23:51 - 0000016 _____ () C:\ProgramData\mntemp
2016-02-03 06:03 - 2016-02-03 06:03 - 0005067 _____ () C:\ProgramData\mtbjfghn.xbe

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-05-08 14:13

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité