cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:18-05-2016
Executado por José Augusto (administrador) em NOTEZÉ (18-05-2016 14:49:07)
Executando a partir de C:\Users\José Augusto\Downloads
Perfis Carregados: José Augusto (Perfis Disponíveis: José Augusto)
Platform: Windows 8.1 Single Language (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-01-27] (Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3282248 2014-08-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [4060376 2014-10-23] (Realtek semiconductor)
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-05-19] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-05-19] (Lenovo)
HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [559896 2014-11-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [904928 2015-11-04] (GAS Tecnologia LTDA)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-09-11] (Atheros Communications)
HKU\S-1-5-21-1180790967-12711911-3030461915-1001\...\Run: [AdobeBridge] => [X]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk [2016-02-17]
ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.189.80.128 200.189.80.123
Tcpip\..\Interfaces\{4B8331BE-C5BD-4768-AA66-F527A595BF8C}: [DhcpNameServer] 9.9.9.100 9.9.9.100
Tcpip\..\Interfaces\{81412308-EB4D-46D2-932B-E9F02895B0A9}: [DhcpNameServer] 200.189.80.128 200.189.80.123

Internet Explorer:
==================
HKU\S-1-5-21-1180790967-12711911-3030461915-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?scope=web&mkt=pt-BR&FORM=PRLNCS&pc=MALNJS
HKU\S-1-5-21-1180790967-12711911-3030461915-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1180790967-12711911-3030461915-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1180790967-12711911-3030461915-1001 -> DefaultScope {EB0931C1-D7CF-40EF-B70B-FA095B5FF7B6} URL =
SearchScopes: HKU\S-1-5-21-1180790967-12711911-3030461915-1001 -> {EB0931C1-D7CF-40EF-B70B-FA095B5FF7B6} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com.br/webhp?source=search_app&gfe_rd=cr&ei=4OyuVYusE8rygAT84KPwAw&gws_rd=ssl
CHR StartupUrls: Default -> "hxxps://www.google.com.br/webhp?source=search_app&gfe_rd=cr&ei=4OyuVYusE8rygAT84KPwAw&gws_rd=ssl"
CHR Profile: C:\Users\José Augusto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\José Augusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-21]
CHR Extension: (Google Docs) - C:\Users\José Augusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-21]
CHR Extension: (Google Drive) - C:\Users\José Augusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\José Augusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\José Augusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Planilhas do Google) - C:\Users\José Augusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-21]
CHR Extension: (Documentos Google off-line) - C:\Users\José Augusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\José Augusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\José Augusto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-21]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [322176 2014-09-11] (Windows (R) Win 7 DDK provider) [Arquivo não assinado]
S4 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [599024 2014-08-05] (Lenovo Corporation)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [644080 2014-10-22] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [191512 2014-11-20] (Lenovo) [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184 2015-01-27] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2014-12-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
S4 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2544408 2014-11-18] (Lenovo(beijing) Limited)
S4 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2005320 2014-10-13] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
S4 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [727536 2014-08-05] (Lenovo Corporation)
R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-05-19] ()
S4 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited)
S4 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-25] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-10-16] ()
S4 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944 2014-11-17] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-05-19] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-05-19] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72512 2013-12-09] (IObit)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2015-05-19] ()
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [904928 2015-11-04] (GAS Tecnologia LTDA)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-09-11] (Atheros) [Arquivo não assinado]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3880448 2013-11-13] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-09-11] (Qualcomm Atheros)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70168 2014-11-20] (Windows (R) Win 7 DDK provider) [Arquivo não assinado]
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-05-18] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-04] (GAS Tecnologia)
R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] ()
R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [2584280 2014-10-23] (Realtek Semiconductor Corp.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-04] (GAS Tecnologia LTDA)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35320 2014-09-21] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [258368 2014-09-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-05-18] (GAS Tecnologia)
R1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [103640 2015-09-04] (GAS Tecnologia)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-18 14:49 - 2016-05-18 14:49 - 00018781 _____ C:\Users\José Augusto\Downloads\FRST.txt
2016-05-18 14:48 - 2016-05-18 14:49 - 00000000 ____D C:\FRST
2016-05-18 14:48 - 2016-05-18 14:48 - 02382336 _____ (Farbar) C:\Users\José Augusto\Downloads\FRST64.exe
2016-05-18 14:47 - 2016-05-18 14:48 - 14572000 _____ (Microsoft Corporation) C:\Users\José Augusto\Downloads\vc_redist.x64 (1).exe
2016-05-18 14:45 - 2016-05-18 14:45 - 14572000 _____ (Microsoft Corporation) C:\Users\José Augusto\Downloads\vc_redist.x64.exe
2016-05-18 14:43 - 2016-05-18 14:43 - 05444000 _____ (Dll-Files.com ) C:\Users\José Augusto\Downloads\dffsetup-api-ms-win-crt-runtime-l1-1-0.exe
2016-05-18 14:43 - 2016-05-18 14:43 - 00003112 _____ C:\WINDOWS\System32\Tasks\RDReminder
2016-05-18 14:43 - 2016-05-18 14:43 - 00003050 _____ C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_Updates
2016-05-18 14:43 - 2016-05-18 14:43 - 00003036 _____ C:\WINDOWS\System32\Tasks\DLL-Files.Com Fixer_MONTHLY
2016-05-18 14:43 - 2016-05-18 14:43 - 00001111 _____ C:\Users\Public\Desktop\Dll-Files Fixer.lnk
2016-05-18 14:43 - 2016-05-18 14:43 - 00000320 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job
2016-05-18 14:43 - 2016-05-18 14:43 - 00000304 _____ C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2016-05-18 14:43 - 2016-05-18 14:43 - 00000000 ____D C:\Users\José Augusto\AppData\Roaming\dll-files.com
2016-05-18 14:43 - 2016-05-18 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2016-05-18 14:43 - 2016-05-18 14:43 - 00000000 ____D C:\Program Files (x86)\Dll-Files.com Fixer
2016-05-18 14:35 - 2016-05-18 14:38 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-05-18 14:35 - 2016-05-18 14:38 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-05-18 14:34 - 2016-05-18 14:34 - 05444000 _____ (Dll-Files.com ) C:\Users\José Augusto\Downloads\dffsetup-api-ms-win-crt-heap-l1-1-0.exe
2016-05-18 14:21 - 2016-05-18 14:22 - 00003326 _____ C:\WINDOWS\System32\Tasks\CorelUpdateHelperTaskCore
2016-05-18 14:21 - 2016-05-18 14:21 - 00000000 ____D C:\Program Files (x86)\Corel
2016-05-18 14:21 - 2016-05-18 14:19 - 00003072 _____ C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk
2016-05-18 14:21 - 2016-05-18 14:19 - 00002374 _____ C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk
2016-05-18 14:21 - 2016-05-18 14:18 - 00003079 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk
2016-05-18 14:21 - 2016-05-18 14:18 - 00003031 _____ C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk
2016-05-18 14:21 - 2016-05-18 14:18 - 00002287 _____ C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk
2016-05-18 14:20 - 2016-05-18 14:20 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-05-18 14:19 - 2016-05-18 14:19 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-05-18 14:18 - 2016-05-18 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-05-18 14:17 - 2016-05-18 14:21 - 00000000 ____D C:\Program Files\Corel
2016-05-18 14:05 - 2016-05-18 14:16 - 535242772 _____ C:\Users\José Augusto\Downloads\CorelDRAWGraphicsSuiteX8Installer_pt64Bit.zip
2016-05-18 14:03 - 2016-05-18 14:04 - 12504248 _____ (Corel Corporation) C:\Users\José Augusto\Downloads\cdgsx8seo.exe
2016-05-18 12:44 - 2016-05-18 12:44 - 00000000 ____D C:\Program Files (x86)\gs
2016-05-18 12:43 - 2016-05-18 12:43 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
2016-05-18 12:43 - 2016-05-18 12:43 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-05-18 12:10 - 2016-05-18 12:10 - 00003386 _____ C:\WINDOWS\System32\Tasks\{00F29E2A-0463-428C-8614-4F7C18A50B18}
2016-05-18 12:00 - 2015-06-22 03:31 - 00027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-05-18 11:59 - 2015-06-22 03:30 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2016-05-18 11:49 - 2016-05-18 11:49 - 00000000 ____D C:\Users\Todos os Usuários\UniqueId
2016-05-18 11:49 - 2016-05-18 11:49 - 00000000 ____D C:\ProgramData\UniqueId
2016-05-17 17:29 - 2016-05-18 11:23 - 00000000 ____D C:\Users\José Augusto\Desktop\peças novas
2016-05-17 08:02 - 2016-05-17 12:02 - 01067803 _____ C:\Users\José Augusto\Desktop\doc reconhecido.pdf
2016-05-05 11:22 - 2016-05-18 12:33 - 00000000 ____D C:\Users\José Augusto\Desktop\novo
2016-04-19 12:09 - 2016-04-19 12:09 - 00000000 ____D C:\Users\José Augusto\Desktop\inpi

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-18 14:48 - 2015-07-21 15:25 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1180790967-12711911-3030461915-1001
2016-05-18 14:42 - 2015-07-21 20:28 - 00000000 ____D C:\Users\José Augusto\AppData\Local\CrashDumps
2016-05-18 14:37 - 2015-07-21 21:57 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-18 14:35 - 2015-05-19 17:07 - 00000000 ____D C:\Users\Todos os Usuários\Temp
2016-05-18 14:35 - 2015-05-19 17:07 - 00000000 ____D C:\ProgramData\Temp
2016-05-18 14:32 - 2015-05-19 21:04 - 00775938 _____ C:\WINDOWS\system32\prfh0416.dat
2016-05-18 14:32 - 2015-05-19 21:04 - 00159030 _____ C:\WINDOWS\system32\prfc0416.dat
2016-05-18 14:32 - 2014-11-21 01:44 - 01800588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-18 14:32 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-18 14:28 - 2015-10-01 14:52 - 00028888 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\gbpddfac64.sys
2016-05-18 14:28 - 2015-07-21 21:57 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-18 14:28 - 2015-07-21 19:31 - 00002898 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2016-05-18 14:28 - 2015-07-21 19:31 - 00000288 _____ C:\WINDOWS\Tasks\AutoKMS.job
2016-05-18 14:28 - 2015-07-21 16:37 - 00000000 _____ C:\Users\José Augusto\AppData\LocalLow\ChangeTaskbarRect
2016-05-18 14:28 - 2015-07-21 16:36 - 00165659 _____ C:\MyXML.xml
2016-05-18 14:27 - 2015-10-18 11:42 - 00101080 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2016-05-18 14:27 - 2015-10-01 14:52 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-05-18 14:27 - 2015-10-01 14:52 - 00000000 ____D C:\ProgramData\GbPlugin
2016-05-18 14:27 - 2015-10-01 14:52 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-05-18 14:27 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-18 14:26 - 2015-05-19 17:08 - 00012800 _____ C:\WINDOWS\system32\VfService.trf
2016-05-18 14:20 - 2015-07-22 20:55 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-05-18 14:20 - 2015-07-22 20:55 - 00000000 ____D C:\ProgramData\Corel
2016-05-18 14:17 - 2015-07-26 15:56 - 00000000 ____D C:\Users\José Augusto\Desktop\ARQUIVOS COREL
2016-05-18 13:31 - 2016-01-06 10:15 - 00208468 _____ C:\Users\José Augusto\Desktop\VENDAS NET+ CORREIOS.xlsx
2016-05-18 12:43 - 2015-05-19 16:22 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-18 12:43 - 2015-05-19 16:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-18 12:31 - 2015-10-05 12:57 - 00000000 ____D C:\Users\José Augusto\Desktop\planilhas
2016-05-18 12:17 - 2015-05-19 17:12 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-05-18 12:17 - 2015-05-19 17:12 - 00000000 ____D C:\ProgramData\Adobe
2016-05-18 12:12 - 2015-05-19 17:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-18 12:06 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-18 12:03 - 2013-08-22 12:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-18 11:48 - 2015-07-22 20:59 - 00000000 ____D C:\Users\José Augusto\AppData\Roaming\Corel
2016-05-18 09:59 - 2016-01-06 10:15 - 00059785 _____ C:\Users\José Augusto\Desktop\gastos DOM.xlsx
2016-05-18 09:52 - 2016-01-06 10:14 - 00057635 _____ C:\Users\José Augusto\Desktop\VENDAS FÍSICAS.xlsx
2016-05-18 09:16 - 2015-07-21 15:23 - 00000000 ____D C:\Users\José Augusto\AppData\Local\Adobe
2016-05-13 09:39 - 2015-07-21 22:03 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 09:39 - 2015-07-21 22:03 - 00002212 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-12 15:44 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-11 09:32 - 2015-07-21 21:57 - 00004062 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 09:32 - 2015-07-21 21:57 - 00003826 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-09 12:33 - 2015-07-21 15:20 - 00000000 ____D C:\Users\José Augusto\Documents\Bluetooth Folder
2016-05-07 12:51 - 2015-10-21 13:23 - 00000000 ____D C:\Users\José Augusto\Desktop\polos
2016-05-07 12:51 - 2015-09-28 22:32 - 00000000 ____D C:\Users\José Augusto\Desktop\arquivos Jpeg
2016-05-06 11:38 - 2015-10-14 15:27 - 00000000 ____D C:\Users\José Augusto\Desktop\camisetas masculinas
2016-05-06 08:59 - 2015-07-26 14:01 - 00000000 ____D C:\Users\Todos os Usuários\Protexis64
2016-05-06 08:59 - 2015-07-26 14:01 - 00000000 ____D C:\ProgramData\Protexis64
2016-05-04 15:02 - 2016-01-14 16:24 - 00000000 ____D C:\Users\José Augusto\Desktop\logos
2016-05-04 15:02 - 2015-11-04 16:25 - 00007168 ____H C:\Users\José Augusto\Desktop\photothumb.db
2016-04-29 19:31 - 2015-05-19 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2016-04-26 15:29 - 2016-04-08 16:15 - 00000000 ____D C:\Users\José Augusto\Desktop\camisas sk

==================== Arquivos na raiz de alguns diretórios =======

2015-05-19 16:34 - 2015-05-19 16:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-17 15:02 - 2016-02-17 15:04 - 0000228 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-05-17 10:30

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité