cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:16-06-2016 01
Executado por Crivandir (administrador) em CRIVANDIR-PC (17-06-2016 11:25:23)
Executando a partir de C:\Users\Crivandir\Downloads
Perfis Carregados: Crivandir & UpdatusUser (Perfis Disponíveis: Crivandir & UpdatusUser)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
( ) C:\Users\Crivandir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system.pif
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(AppWork GmbH) D:\JDownloader 2.0\JDownloader2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKU\S-1-5-21-1606297357-759354553-1274645622-1000\...\Run: [CCP Start] => C:\ProgramData\CCP\CCP.exe [2749952 2016-03-02] ()
HKU\S-1-5-21-1606297357-759354553-1274645622-1000\...\Run: [RuntimeProcess] => C:\Users\Crivandir\AppData\Local\Temp\Runtime\csrss.exe [339968 2015-04-16] ( ) <===== ATENÇÃO
HKU\S-1-5-21-1606297357-759354553-1274645622-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-1606297357-759354553-1274645622-1000\...\MountPoints2: {08ade048-dbc1-11e5-98a3-00acaf6198c0} - J:\iLinker.exe
AppInit_DLLs: ,C:\NpAPI\NpLoadApi64.dll => C:\NpAPI\NpLoadApi64.dll [228352 2016-02-19] ()
AppInit_DLLs-x32: ,C:\NpAPI\NpLoadApi32.dll => C:\NpAPI\NpLoadApi32.dll [305664 2016-02-19] ()
Startup: C:\Users\Crivandir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system.pif [2015-04-16] ( )
Startup: C:\Users\Crivandir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows.lnk [2016-02-19]
ShortcutTarget: Windows.lnk -> C:\Users\Crivandir\AppData\Roaming\888fk1\888fk1.exe (Nenhum Arquivo)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [S-1-5-21-1606297357-759354553-1274645622-1000] => Proxy está habilitado.
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{09F261C1-6C4A-4692-BC84-F24B9957DCB5}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6584DFE9-2C0F-448C-80CF-75445EA72F84}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-31] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-31] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-08-30] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-08-30] (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Crivandir\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-12-23] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\ppGoogleNaClPluginChrome.dll => Nenhum Arquivo
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\pdf.dll => Nenhum Arquivo
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll => Nenhum Arquivo
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\Crivandir\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Crivandir\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-16]
CHR Extension: (Google Search) - C:\Users\Crivandir\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-16]
CHR Extension: (Slither.io Mod Play with friends Without LAGS) - C:\Users\Crivandir\AppData\Local\Google\Chrome\User Data\Default\Extensions\foocpcikeakahdlplgpgfoilanoajijf [2016-05-17]
CHR Extension: (AdBlock) - C:\Users\Crivandir\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-02]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Crivandir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\Crivandir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-16]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [241936 2016-05-12] (EasyAntiCheat Ltd)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2442368 2016-02-17] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [103176 2016-02-17] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-12-23] (AnchorFree Inc.)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0031.sys [38432 2016-02-20] (SoftEther Corporation)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-11-10] (The OpenVPN Project)
S3 SEE; C:\Windows\System32\drivers\see.sys [50208 2016-02-20] (SoftEther Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-12-23] (Anchorfree Inc.)
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-17 11:25 - 2016-06-17 11:25 - 00011082 _____ C:\Users\Crivandir\Downloads\FRST.txt
2016-06-17 11:24 - 2016-06-17 11:25 - 00000000 ____D C:\FRST
2016-06-17 11:22 - 2016-06-17 11:24 - 02386944 _____ (Farbar) C:\Users\Crivandir\Downloads\FRST64.exe
2016-06-17 11:13 - 2016-06-17 11:13 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-06-17 11:12 - 2016-06-17 11:13 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-06-17 11:12 - 2016-06-17 11:12 - 00001939 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk
2016-06-17 11:12 - 2016-06-17 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-06-17 01:42 - 2016-06-17 01:42 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-16 19:01 - 2016-06-16 19:01 - 00000000 ____D C:\Users\Crivandir\Downloads\Mortal Kombat Trilogy [U] [SLUS-00330]
2016-06-16 11:39 - 2016-06-16 12:26 - 00000000 ____D C:\Users\Crivandir\Downloads\Kingdom Hearts II (USA)
2016-06-16 03:18 - 2016-06-16 03:35 - 00000000 ____D C:\Users\Crivandir\Desktop\Final Fantasy IX All Stellazzio Locations With Rewards
2016-06-15 01:15 - 2016-06-15 01:15 - 00000706 _____ C:\Users\Crivandir\Downloads\readme.html
2016-06-14 14:27 - 2016-06-15 14:44 - 00019728 _____ C:\Users\Crivandir\Desktop\card ff9.txt
2016-06-13 17:25 - 2016-06-13 17:25 - 00003538 _____ C:\Users\Crivandir\Desktop\Legend Of Legaia arts.txt
2016-06-13 13:53 - 2016-06-13 13:53 - 00138968 _____ C:\Users\Crivandir\Desktop\detonado valkirye profile.txt
2016-06-12 17:11 - 2016-06-12 18:29 - 00003755 _____ C:\Users\Crivandir\Desktop\flame jewel valkirye profile.txt
2016-06-12 12:24 - 2016-06-12 12:24 - 00000000 ____D C:\Users\Crivandir\AppData\Roaming\fltk.org
2016-06-11 20:07 - 2016-06-11 20:07 - 00000000 ____D C:\Users\Crivandir\AppData\Local\Geckofx
2016-06-11 19:52 - 2016-06-11 20:31 - 00000000 ____D C:\Program Files\CyberGhost 5
2016-06-11 19:48 - 2016-06-11 19:51 - 09757920 _____ (CyberGhost S.R.L. ) C:\Users\Crivandir\Downloads\CG_5.5.1.3.exe
2016-06-11 19:41 - 2016-06-11 19:41 - 00000000 ____D C:\Users\Crivandir\AppData\Local\VPNClient
2016-06-11 19:39 - 2016-06-11 19:40 - 05293518 _____ (VPN4Games ) C:\Users\Crivandir\Downloads\VPN4GamesClient_setup_3.0.4.exe
2016-06-10 20:03 - 2016-06-10 20:03 - 00001538 _____ C:\Users\Crivandir\Desktop\SetupNoPing_v11 - Atalho.lnk
2016-06-10 19:14 - 2016-06-10 19:14 - 00000000 ____D C:\Users\Crivandir\AppData\Roaming\NetworkTunnel
2016-06-10 15:40 - 2016-06-10 15:40 - 00000013 _____ C:\Users\Crivandir\Desktop\nexon dungeon names.txt
2016-06-05 18:19 - 2016-06-09 10:45 - 00000000 ____D C:\Users\Crivandir\Desktop\youtube
2016-05-30 02:20 - 2016-05-30 02:20 - 00001205 _____ C:\Users\Crivandir\Desktop\AutoClique - Atalho.lnk
2016-05-24 20:07 - 2016-05-24 19:55 - 29729332 _____ C:\Users\Crivandir\Desktop\Rec.avi
2016-05-19 16:21 - 2016-05-19 16:21 - 00000000 ____D C:\CFLog
2016-05-18 23:38 - 2016-05-18 23:43 - 00000000 ____D C:\Users\Crivandir\Documents\Cross Fire
2016-05-18 23:27 - 2016-06-09 15:37 - 00000000 ____D C:\Users\Crivandir\Desktop\CrossFire BR
2016-05-18 21:30 - 2016-05-18 21:31 - 00000000 ____D C:\Program Files (x86)\RaidCall.BR
2016-05-18 21:30 - 2016-05-18 21:30 - 00000000 ____D C:\Users\Crivandir\AppData\Roaming\raidcall
2016-05-18 21:30 - 2016-05-18 21:30 - 00000000 ____D C:\Users\Crivandir\AppData\LocalLow\raidcall

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-17 11:12 - 2016-02-16 18:58 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-06-17 11:12 - 2016-02-16 18:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-17 11:07 - 2016-02-16 17:49 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 10:39 - 2016-02-16 18:07 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-17 06:06 - 2016-02-19 21:09 - 00000000 __SHD C:\Users\Crivandir\wc
2016-06-17 03:13 - 2016-03-31 21:54 - 00000000 ____D C:\Users\Crivandir\AppData\Roaming\dclogs
2016-06-17 01:43 - 2016-02-16 18:07 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-17 01:42 - 2016-02-16 18:07 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-17 01:42 - 2016-02-16 18:07 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-16 22:07 - 2016-02-16 17:49 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-16 09:42 - 2009-07-14 01:45 - 00018000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-16 09:42 - 2009-07-14 01:45 - 00018000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-16 09:40 - 2009-07-14 14:55 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2016-06-16 09:40 - 2009-07-14 14:55 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2016-06-16 09:40 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-16 09:40 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-06-16 09:35 - 2016-02-16 17:53 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-06-16 09:35 - 2016-02-16 17:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-16 09:35 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-11 20:17 - 2016-02-16 17:33 - 00000000 ____D C:\Users\Crivandir\AppData\Local\VirtualStore
2016-06-11 19:15 - 2016-03-22 22:11 - 00000105 _____ C:\Users\Crivandir\Desktop\assistir ep 1 7 temp TWD.txt
2016-06-10 20:06 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-08 18:09 - 2016-02-16 17:49 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-08 18:09 - 2016-02-16 17:49 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-05 23:52 - 2016-05-11 09:04 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-22 08:02 - 2016-03-02 11:52 - 00000000 ____D C:\Users\Todos os Usuários\CCP
2016-05-22 08:02 - 2016-03-02 11:52 - 00000000 ____D C:\ProgramData\CCP
2016-05-22 07:52 - 2009-07-14 02:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Arquivos na raiz de alguns diretórios =======

2016-02-19 21:09 - 2016-02-19 21:09 - 0000038 ___SH () C:\Users\Crivandir\AppData\Local\1754111884ee9ab5277ca00.95260103
2016-03-31 21:54 - 2016-03-30 18:21 - 0718850 ___SH () C:\Users\Crivandir\AppData\Local\CSIDL_
2016-02-20 02:43 - 2016-04-10 14:56 - 0000600 _____ () C:\Users\Crivandir\AppData\Local\PUTTY.RND
2016-02-19 20:28 - 2016-02-19 20:28 - 0000006 ____S () C:\ProgramData\89a01672ce6d2d65e635f57e76ce75800c796080
2016-02-16 17:38 - 2016-02-16 17:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Arquivos para serem movidos ou deletados:
====================
C:\Users\Crivandir\AppData\Local\Temp\Runtime\csrss.exe


Alguns arquivos em TEMP:
====================
C:\Users\Crivandir\AppData\Local\Temp\AIUninstall.exe
C:\Users\Crivandir\AppData\Local\Temp\dateinj01.dll
C:\Users\Crivandir\AppData\Local\Temp\jansi-32-git-Spigot-7d15d07-c194444-4030020769706195149.dll
C:\Users\Crivandir\AppData\Local\Temp\jansi-32-git-Spigot-7d15d07-c194444-4318328965942011537.dll
C:\Users\Crivandir\AppData\Local\Temp\jansi-32-git-Spigot-7d15d07-c194444-4841861041779537201.dll
C:\Users\Crivandir\AppData\Local\Temp\jansi-32-git-Spigot-7d15d07-c194444-6728581523317929970.dll
C:\Users\Crivandir\AppData\Local\Temp\jansi-32-git-Spigot-7d15d07-c194444-7086459101402790417.dll
C:\Users\Crivandir\AppData\Local\Temp\jansi-32-git-Spigot-7d15d07-c194444-7875401245917823488.dll
C:\Users\Crivandir\AppData\Local\Temp\jansi-32-git-Spigot-7d15d07-c194444-971015908831958410.dll
C:\Users\Crivandir\AppData\Local\Temp\MINECRAFT.EXE
C:\Users\Crivandir\AppData\Local\Temp\net.exe
C:\Users\Crivandir\AppData\Local\Temp\proxy_vole1094922094251375270.dll
C:\Users\Crivandir\AppData\Local\Temp\proxy_vole2547070382089282662.dll
C:\Users\Crivandir\AppData\Local\Temp\proxy_vole3801199544088844404.dll
C:\Users\Crivandir\AppData\Local\Temp\proxy_vole3910046382508269787.dll
C:\Users\Crivandir\AppData\Local\Temp\proxy_vole604115365666147820.dll
C:\Users\Crivandir\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Crivandir\AppData\Local\Temp\VERSION_1.9.1.EXE
C:\Users\Crivandir\AppData\Local\Temp\{A5D0E75E-273E-4F41-B01E-1F48B31AC6D0}-50.0.2661.102_50.0.2661.94_chrome_updater.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-14 16:05

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité