cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:19-05-2016
Executado por wenia-wiara (administrador) em WENIA-WIARA-PC (20-05-2016 21:09:56)
Executando a partir de C:\Users\wenia-wiara\Desktop
Perfis Carregados: wenia-wiara (Perfis Disponíveis: wenia-wiara)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Hewlett-Packard Company) C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Akamai Technologies, Inc.) C:\Users\wenia-wiara\AppData\Local\Akamai\netsession_win.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Akamai Technologies, Inc.) C:\Users\wenia-wiara\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [505568 2015-08-21] (GAS Tecnologia LTDA)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [HPUsageTrackingLEDM] => C:\Program Files\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM\...\Run: [ADSKAppManager] => C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [716224 2016-03-23] (Autodesk, Inc.)
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-2937501158-1558646393-1888642186-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6628056 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-2937501158-1558646393-1888642186-1000\...\Run: [Akamai NetSession Interface] => C:\Users\wenia-wiara\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2937501158-1558646393-1888642186-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-2937501158-1558646393-1888642186-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2937501158-1558646393-1888642186-1000\...\MountPoints2: {0f7b4a48-83ca-11e4-94d2-002511e9d161} - G:\Setupx.exe
HKU\S-1-5-21-2937501158-1558646393-1888642186-1000\...\MountPoints2: {a521036c-ad6e-11e5-92b9-002511b97d39} - K:\LG_PC_Programs.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc.)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavShx.dll Nenhum Arquivo
Startup: C:\Users\wenia-wiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk [2015-11-20]
ShortcutTarget: Recorte de tela e Iniciador do OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{27E74B24-E6CE-4414-95A3-0AD72EAF830A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{31B7F851-C7DB-487E-9BB9-0BEC78E7ED7F}: [DhcpNameServer] 177.73.10.99 192.168.2.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1419538855&from=slbnew&uid=SAMSUNGXHD161HJ_S15LJ50QA79654&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1419538855&from=slbnew&uid=SAMSUNGXHD161HJ_S15LJ50QA79654&q={searchTerms}
HKU\S-1-5-21-2937501158-1558646393-1888642186-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=bav_pro_hp_01_hao123_br
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
Toolbar: HKU\S-1-5-21-2937501158-1558646393-1888642186-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24] (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1419538852&from=slbnew&uid=SAMSUNGXHD161HJ_S15LJ50QA79654

FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2937501158-1558646393-1888642186-1000: @citrixonline.com/appdetectorplugin -> C:\Users\wenia-wiara\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-03-03] (Citrix Online)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\wenia-wiara\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\wenia-wiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (AdBlock) - C:\Users\wenia-wiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-16]
CHR Extension: (Autodesk Homestyler) - C:\Users\wenia-wiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb [2016-04-21]
CHR Extension: (Planeador de ambientes) - C:\Users\wenia-wiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcafejemebbngbglfoinpoaannbihjna [2014-12-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\wenia-wiara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

"Warsaw Technology" => serviço foi desbloqueado. <===== ATENÇÃO

R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2016-05-14] (Flexera Software LLC)
R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [505568 2015-08-21] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [794952 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [435464 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-20] (AVAST Software)
R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.)
R1 crfilterdrv; C:\Windows\System32\drivers\crfilterdrv.sys [43848 2015-01-21] (Windows (R) Win 7 DDK provider)
R0 GbpKm; C:\Windows\System32\drivers\GbpKm.sys [49496 2015-12-08] (GAS Tecnologia)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [Arquivo não assinado]
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2016-01-14] (GAS Tecnologia)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [80728 2016-05-20] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-20 21:09 - 2016-05-20 21:10 - 00013144 _____ C:\Users\wenia-wiara\Desktop\FRST.txt
2016-05-20 21:09 - 2016-05-20 21:09 - 00000000 ____D C:\FRST
2016-05-20 21:09 - 2016-05-20 21:08 - 01732608 _____ (Farbar) C:\Users\wenia-wiara\Desktop\FRST.exe
2016-05-20 21:08 - 2016-05-20 21:08 - 01732608 _____ (Farbar) C:\Users\wenia-wiara\Downloads\FRST (1).exe
2016-05-20 21:07 - 2016-05-20 21:08 - 01732608 _____ (Farbar) C:\Users\wenia-wiara\Downloads\FRST.exe
2016-05-20 20:49 - 2016-05-20 20:58 - 00000000 ____D C:\Windows\system32\MRT
2016-05-20 20:49 - 2016-05-20 20:49 - 136686448 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-20 20:47 - 2016-05-20 20:47 - 00000000 ____D C:\Program Files\MSXML 4.0
2016-05-20 20:47 - 2009-10-09 23:57 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2016-05-20 20:46 - 2015-03-18 23:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-05-20 20:46 - 2015-03-18 23:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-20 20:46 - 2014-09-14 21:42 - 02377216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-20 20:46 - 2013-03-19 01:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-20 20:46 - 2013-03-18 23:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-20 20:46 - 2011-04-09 02:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-05-20 20:46 - 2010-12-18 02:29 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-20 20:46 - 2010-04-07 04:10 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-05-20 20:46 - 2010-03-08 18:33 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-20 20:46 - 2010-01-09 03:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2016-05-20 20:46 - 2009-12-29 03:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-05-20 20:46 - 2009-12-02 05:17 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-20 20:45 - 2010-10-16 01:36 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-20 20:45 - 2010-08-21 02:36 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-20 20:45 - 2010-06-21 23:47 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-05-20 20:45 - 2010-06-21 23:47 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-05-20 20:45 - 2010-06-21 23:47 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-05-20 20:45 - 2009-09-26 02:58 - 00194488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-05-20 20:44 - 2010-02-27 04:32 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-20 20:44 - 2010-02-27 04:32 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-20 20:44 - 2010-02-27 04:32 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-20 20:41 - 2016-05-20 20:41 - 13767776 _____ (Microsoft Corporation) C:\Users\wenia-wiara\Downloads\vc_redist.x86.exe
2016-05-20 20:36 - 2016-05-20 20:36 - 00629006 _____ C:\Users\wenia-wiara\Downloads\Windows6.1-KB2999226-x86 (1).msu
2016-05-20 20:35 - 2016-05-20 20:35 - 00629006 _____ C:\Users\wenia-wiara\Downloads\Windows6.1-KB2999226-x86.msu
2016-05-20 18:44 - 2016-05-20 18:49 - 18661360 _____ C:\Users\wenia-wiara\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup.exe
2016-05-17 18:41 - 2016-05-17 18:41 - 00002003 _____ C:\Users\Public\Desktop\A360 Desktop.lnk
2016-05-17 18:31 - 2016-05-17 18:31 - 00338320 _____ (Autodesk Inc.) C:\Users\wenia-wiara\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup_webinstall (2).exe
2016-05-16 14:36 - 2016-05-16 14:36 - 01012801 _____ C:\Users\wenia-wiara\Downloads\Apostila-AutoCAD-2010.pdf
2016-05-14 18:09 - 2016-05-20 18:51 - 00002249 _____ C:\Users\wenia-wiara\Desktop\Install Now Autodesk® AutoCAD® 2017.lnk
2016-05-14 18:09 - 2016-05-14 18:09 - 00001489 _____ C:\Users\Public\Desktop\Aplicativo da área de trabalho Autodesk.lnk
2016-05-14 18:09 - 2016-05-14 18:09 - 00000000 ____D C:\Users\wenia-wiara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-05-14 17:55 - 2016-05-14 18:09 - 00000000 ____D C:\Users\wenia-wiara\AppData\Local\Autodesk
2016-05-14 17:55 - 2016-05-14 17:55 - 00002098 _____ C:\Users\Public\Desktop\AutoCAD 2017 - English.lnk
2016-05-14 17:55 - 2016-05-14 17:55 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-05-14 17:53 - 2016-05-14 17:53 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-05-14 17:48 - 2016-05-20 18:50 - 00000000 ____D C:\Program Files\Autodesk
2016-05-14 17:27 - 2016-05-20 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-05-14 17:27 - 2016-05-17 18:25 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-05-14 17:19 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-05-14 17:19 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-05-14 17:19 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-05-14 17:19 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-05-14 17:19 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-05-14 17:19 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-05-14 17:19 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-05-14 17:19 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-05-14 17:19 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-05-14 17:19 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-05-14 17:19 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-05-14 17:18 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-05-14 17:16 - 2016-05-14 17:18 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-14 17:16 - 2016-05-14 17:18 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-14 16:52 - 2016-05-17 18:40 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-05-14 16:52 - 2016-05-17 18:40 - 00000000 ____D C:\ProgramData\Autodesk
2016-05-14 16:52 - 2016-05-14 18:09 - 00000000 ____D C:\Users\wenia-wiara\AppData\Roaming\Autodesk
2016-05-14 16:43 - 2016-05-14 16:48 - 00000000 ____D C:\Users\wenia-wiara\AppData\Local\Akamai
2016-05-14 16:42 - 2016-05-20 18:48 - 00000000 ____D C:\Autodesk
2016-05-10 18:12 - 2016-05-10 18:17 - 51598505 _____ C:\Users\wenia-wiara\Downloads\v de vingança -allan moore.pdf

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-20 21:08 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-20 21:08 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-20 21:06 - 2014-12-14 17:17 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-20 21:06 - 2014-12-14 16:52 - 01521924 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-20 21:06 - 2009-07-14 05:31 - 00663606 _____ C:\Windows\system32\prfh0416.dat
2016-05-20 21:06 - 2009-07-14 05:31 - 00127896 _____ C:\Windows\system32\prfc0416.dat
2016-05-20 21:06 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-05-20 21:01 - 2016-01-14 16:31 - 00080728 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-05-20 21:01 - 2014-12-14 17:17 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-20 21:00 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-20 21:00 - 2009-07-14 01:33 - 00482024 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-20 20:45 - 2015-06-05 13:32 - 00000000 ____D C:\Users\wenia-wiara\AppData\Roaming\vlc
2016-05-20 20:33 - 2014-12-14 16:57 - 00000000 ____D C:\Users\wenia-wiara\AppData\Roaming\Ahead
2016-05-20 20:20 - 2016-04-13 11:51 - 00000000 ____D C:\Users\wenia-wiara\Desktop\PARA RESPONDER
2016-05-20 15:46 - 2015-03-19 15:32 - 00000000 ____D C:\Windows\Minidump
2016-05-17 18:20 - 2015-11-17 10:57 - 00000000 ____D C:\Windows\system32\appmgmt
2016-05-14 17:54 - 2014-12-14 17:14 - 00141232 _____ C:\Users\wenia-wiara\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-14 17:53 - 2009-07-14 01:52 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-05-14 17:09 - 2014-12-14 17:19 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-14 17:09 - 2014-12-14 17:19 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-14 14:31 - 2014-12-14 17:25 - 00000000 ____D C:\Users\wenia-wiara\AppData\Roaming\PhotoScape
2016-05-14 14:29 - 2014-12-14 17:17 - 00000000 ____D C:\Users\wenia-wiara\AppData\Local\Google
2016-05-12 15:23 - 2014-12-14 17:28 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-05-12 15:23 - 2014-12-14 17:28 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-05-03 18:03 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\NDF
2016-04-27 11:21 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-21 15:05 - 2014-12-14 17:29 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Arquivos na raiz de alguns diretórios =======

2015-07-16 10:45 - 2015-07-16 10:45 - 0000000 _____ () C:\Users\wenia-wiara\AppData\Local\{7D6DC02F-9D86-4746-B684-DBEE3F1396D7}
2015-11-12 16:56 - 2015-11-12 16:56 - 0000020 _____ () C:\ProgramData\nbc.ini

Alguns arquivos em TEMP:
====================
C:\Users\wenia-wiara\AppData\Local\Temp\AcDeltree.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-05-12 16:08

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité