cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:16-06-2016 01
Executado por Gabriel (administrador) em GABRIEL-PC (17-06-2016 20:40:47)
Executando a partir de C:\Users\Gabriel\Downloads
Perfis Carregados: Gabriel (Perfis Disponíveis: Gabriel)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(BitTorrent Inc.) C:\Users\Gabriel\AppData\Roaming\uTorrent\uTorrent.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(BitTorrent Inc.) C:\Users\Gabriel\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\Gabriel\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CPUID) C:\Program Files\CPUID\CPU-Z\cpuz.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-06-08] (LogMeIn Inc.)
HKU\S-1-5-21-3684427140-4291704869-1689389037-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2917456 2016-06-14] (Valve Corporation)
HKU\S-1-5-21-3684427140-4291704869-1689389037-1001\...\Run: [uTorrent] => C:\Users\Gabriel\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-16] (BitTorrent Inc.)
HKU\S-1-5-21-3684427140-4291704869-1689389037-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3684427140-4291704869-1689389037-1001\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2424320 2016-06-15] (RemoteMouse.net)
HKU\S-1-5-21-3684427140-4291704869-1689389037-1001\...\MountPoints2: {83f4d6d7-c28f-11e5-aa41-002511bdc6fd} - H:\iLinker.exe

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4086B1EA-9E23-4E3C-939F-BD15B996EBDF}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
URLSearchHook: HKU\S-1-5-21-3684427140-4291704869-1689389037-1001 - Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3684427140-4291704869-1689389037-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-05-15] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-05-15] (Oracle Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc)
Toolbar: HKLM-x32 - Barra de Ferramentas do Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\b2gd42of.default
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-05-15] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-05-15] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\b2gd42of.default\extensions\artur.dubovoy@gmail.com [2016-01-17]
FF Extension: Dashlane - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\b2gd42of.default\Extensions\jetpack-extension@dashlane.com.xpi [2016-06-15]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-05-30]
CHR Extension: (Google Drive) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Adblock Plus) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-01]
CHR Extension: (Filmes via Torrent) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnbfpipcgcpmmbmglaccehlgbnbeeakc [2016-02-08]
CHR Extension: (Google Search) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Removedor de banner) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejfjidbnapihdagfapkgnfpfelkcfcbj [2016-04-30]
CHR Extension: (MyFitnessPal Pie Chart by FOODFASTFIT) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fomhleglpcohdnniiafhekkaakdgdkdh [2016-05-23]
CHR Extension: (Bloqueador de Publicidade) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamjhneajngafdnhhnnchahnpjkbolph [2016-05-15]
CHR Extension: (Documentos Google off-line) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (MyFitnessPal Macro Settings by FOODFASTFIT) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\glpkdgpldbbdpjbpimehpkpgdicibgpi [2016-05-20]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Click&Clean App) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-06-04]
CHR Extension: (Gmail) - C:\Users\Gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1293856 2016-01-11] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-06-07] (LogMeIn, Inc.)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-15] () [Arquivo não assinado]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 Atc002; C:\Windows\System32\DRIVERS\l260x64.sys [34304 2009-06-10] (Atheros Communications, Inc.)
R3 cpuz139; C:\Users\Gabriel\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [43328 2016-06-17] (CPUID)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 gkernel; \??\C:\Users\Gabriel\AppData\Local\Temp\gkernel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-17 20:40 - 2016-06-17 20:41 - 00015063 _____ C:\Users\Gabriel\Downloads\FRST.txt
2016-06-17 20:39 - 2016-06-17 20:40 - 00000000 ____D C:\FRST
2016-06-17 20:39 - 2016-06-17 20:39 - 02386944 _____ (Farbar) C:\Users\Gabriel\Downloads\FRST64.exe
2016-06-17 20:38 - 2016-06-17 20:38 - 00629006 _____ C:\Users\Gabriel\Downloads\Windows6.1-KB2999226-x86.msu
2016-06-17 20:36 - 2016-06-17 20:37 - 01034556 _____ C:\Users\Gabriel\Downloads\Windows6.1-KB2999226-x64.msu
2016-06-17 20:34 - 2016-06-17 20:34 - 58194678 _____ C:\Users\Gabriel\Downloads\bios.rar
2016-06-17 20:32 - 2016-06-17 20:32 - 00000869 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2016-06-17 20:32 - 2016-06-17 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-06-17 20:32 - 2016-06-17 20:32 - 00000000 ____D C:\Program Files\CPUID
2016-06-17 20:31 - 2016-06-17 20:32 - 01664456 _____ ( ) C:\Users\Gabriel\Downloads\cpu-z_1.76-en.exe
2016-06-15 19:10 - 2016-06-15 19:10 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-06-15 19:10 - 2012-02-14 18:12 - 00000000 ____D C:\Users\Gabriel\Desktop\bios
2016-06-15 19:09 - 2016-06-15 19:12 - 00000000 ____D C:\Program Files (x86)\PCSX2 1.4.0
2016-06-15 19:09 - 2016-06-15 19:09 - 00001943 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk
2016-06-15 19:09 - 2016-06-15 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-06-15 19:07 - 2016-06-15 19:08 - 17837152 _____ C:\Users\Gabriel\Downloads\pcsx2-1.4.0-setup.exe
2016-06-15 19:06 - 2016-06-15 19:06 - 04789020 _____ C:\Users\Gabriel\Desktop\pcsx2-1.4.0-binaries.7z
2016-06-15 19:04 - 2016-06-15 19:04 - 21408973 _____ C:\Users\Gabriel\Desktop\bios de ps2 by Wesley1Up.rar
2016-06-15 11:41 - 2016-06-15 11:41 - 00020232 _____ C:\Users\Gabriel\Downloads\God of War Legendado PT-BR PS2 (NTSC).torrent
2016-06-15 11:13 - 2016-06-17 19:15 - 00000000 ____D C:\Users\Gabriel\AppData\LocalLow\uTorrent
2016-06-10 12:07 - 2016-06-10 12:15 - 00000000 ____D C:\Users\Gabriel\Desktop\Nova pasta (2)
2016-06-09 13:53 - 2016-06-09 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-06-09 13:53 - 2016-06-09 13:53 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-06-08 10:56 - 2016-06-08 10:56 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2016-05-29 14:00 - 2016-05-29 14:01 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\PortForward.com
2016-05-29 14:00 - 2016-05-29 14:00 - 00002348 _____ C:\Users\Public\Desktop\Port Forward Network Utilities.lnk
2016-05-29 14:00 - 2016-05-29 14:00 - 00000000 ____D C:\Users\Gabriel\AppData\Local\Downloaded Installations
2016-05-29 14:00 - 2016-05-29 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PortForward.com
2016-05-29 14:00 - 2016-05-29 14:00 - 00000000 ____D C:\Program Files (x86)\Portforward
2016-05-15 13:54 - 2016-05-15 14:01 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Notepad++
2016-05-15 13:54 - 2016-05-15 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-05-15 13:54 - 2016-05-15 13:54 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-05-15 13:33 - 2016-05-15 15:48 - 00000000 ____D C:\Users\Gabriel\Desktop\Plugins
2016-05-15 11:41 - 2016-05-15 11:41 - 00320424 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2016-05-15 11:41 - 2016-05-15 11:41 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2016-05-15 11:41 - 2016-05-15 11:41 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2016-05-15 11:41 - 2016-05-15 11:41 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-05-15 11:41 - 2016-05-15 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-15 11:41 - 2016-05-15 11:41 - 00000000 ____D C:\Program Files\Java
2016-05-15 10:55 - 2016-05-16 20:28 - 00000000 ____D C:\Users\Gabriel\Desktop\CraftBukkit
2016-05-15 02:22 - 2016-05-15 02:22 - 00000000 ____D C:\Users\Todos os Usuários\Git
2016-05-15 02:22 - 2016-05-15 02:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2016-05-15 02:22 - 2016-05-15 02:22 - 00000000 ____D C:\ProgramData\Git
2016-05-15 02:21 - 2016-05-15 02:22 - 00000000 ____D C:\Program Files\Git
2016-05-14 23:22 - 2016-05-14 23:22 - 00001525 _____ C:\Users\Gabriel\Desktop\Shiginima Launcher SE v3.100 - Atalho.lnk
2016-05-14 22:21 - 2016-05-15 11:16 - 00000000 ____D C:\Users\Gabriel\.oracle_jre_usage
2016-05-14 22:21 - 2016-05-14 22:21 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Sun
2016-05-14 22:21 - 2016-05-14 22:21 - 00000000 ____D C:\Users\Gabriel\AppData\LocalLow\Sun
2016-05-14 22:20 - 2016-05-15 11:21 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-05-14 22:20 - 2016-05-15 11:21 - 00000000 ____D C:\ProgramData\Oracle
2016-05-14 22:19 - 2016-05-14 22:19 - 09471556 _____ C:\Users\Gabriel\Desktop\ShiginimaSE_v3100.zip
2016-05-14 22:15 - 2016-05-14 22:15 - 00000000 ____D C:\Users\Gabriel\AppData\LocalLow\Oracle
2016-05-14 22:07 - 2016-05-14 22:07 - 00000000 ____D C:\Windows\system32\appmgmt
2016-05-14 22:05 - 2016-05-15 13:22 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\.minecraft
2016-05-14 22:05 - 2016-05-14 22:05 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\java
2016-05-14 22:00 - 2016-06-17 19:15 - 00000000 ____D C:\Users\Gabriel\AppData\Local\LogMeIn Hamachi
2016-05-07 19:15 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2016-05-04 21:58 - 2016-06-15 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Mouse
2016-05-04 21:58 - 2016-06-15 11:22 - 00000000 ____D C:\Program Files (x86)\Remote Mouse
2016-05-01 21:25 - 2016-05-01 17:25 - 00521305 ____N C:\Users\Gabriel\Desktop\DAIANE DE MORAES SIQUEIRA - Aprovada em 12 de junho.pdf
2016-05-01 14:12 - 2016-05-01 14:12 - 00068590 _____ C:\Users\Gabriel\Downloads\Tabela-nutricional.pdf
2016-04-30 21:26 - 2016-04-30 21:27 - 00000000 ____D C:\Users\Gabriel\Desktop\Interactive Physiology
2016-04-30 20:49 - 2016-04-30 21:08 - 530786587 _____ C:\Users\Gabriel\Desktop\Interactive Physiology.rar
2016-04-30 20:40 - 2016-04-30 20:40 - 00000000 ____D C:\Users\Gabriel\AppData\LocalLow\Dashlane
2016-04-18 21:08 - 2016-04-26 13:05 - 00000000 ____D C:\Users\Gabriel\Desktop\Backupcel
2016-04-09 20:59 - 2016-04-09 20:59 - 00083456 _____ C:\Users\Gabriel\Downloads\MW2 MP FoV Changer.exe
2016-04-09 20:56 - 2016-04-09 20:56 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\MW2 FoV Changer
2016-04-02 19:23 - 2016-04-02 19:23 - 00003490 _____ C:\Windows\System32\Tasks\Motorola Device Manager Update
2016-04-02 19:23 - 2016-04-02 19:23 - 00003298 _____ C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2016-03-19 21:48 - 2015-12-18 03:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-03-19 21:48 - 2015-12-18 03:10 - 00099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-03-19 21:48 - 2015-12-18 03:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-03-19 21:47 - 2016-03-19 21:47 - 00001889 _____ C:\Users\Gabriel\Desktop\CCleaner.lnk
2016-03-19 21:47 - 2016-03-19 21:47 - 00000000 ____D C:\Users\Todos os Usuários\Yahoo! Companion
2016-03-19 21:47 - 2016-03-19 21:47 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Yahoo!
2016-03-19 21:47 - 2016-03-19 21:47 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-19 21:47 - 2016-03-19 21:47 - 00000000 ____D C:\ProgramData\Yahoo! Companion
2016-03-19 21:47 - 2016-03-19 21:47 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-03-19 21:47 - 2016-03-19 21:47 - 00000000 ____D C:\Program Files (x86)\CCleaner

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-17 20:36 - 2016-01-11 20:58 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\uTorrent
2016-06-17 20:18 - 2016-01-11 14:50 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 20:18 - 2016-01-11 14:50 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-17 20:18 - 2016-01-11 14:48 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 19:22 - 2009-07-14 01:45 - 00014352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-17 19:22 - 2009-07-14 01:45 - 00014352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-17 19:15 - 2016-02-29 20:47 - 00000000 ____D C:\Temp
2016-06-17 19:15 - 2016-01-11 15:20 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-06-17 19:15 - 2016-01-11 15:20 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-17 19:15 - 2016-01-11 14:57 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-17 19:15 - 2016-01-11 14:48 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-17 19:15 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-16 20:03 - 2016-02-08 20:24 - 00000000 ___SD C:\Users\Gabriel\AppData\LocalLow\Temp
2016-06-15 19:09 - 2016-01-12 15:46 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-06-15 19:09 - 2016-01-12 15:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-15 11:22 - 2016-01-14 01:13 - 00000000 ____D C:\Users\Gabriel\AppData\Local\CrashDumps
2016-06-13 21:48 - 2016-01-12 16:43 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\Skype
2016-06-10 12:38 - 2016-01-12 00:07 - 00000000 ____D C:\Users\Gabriel\AppData\Roaming\vlc
2016-06-08 10:56 - 2016-01-11 22:10 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-06-07 21:09 - 2009-07-29 12:58 - 00702882 _____ C:\Windows\system32\prfh0416.dat
2016-06-07 21:09 - 2009-07-29 12:58 - 00145668 _____ C:\Windows\system32\prfc0416.dat
2016-06-07 21:09 - 2009-07-14 02:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-07 21:09 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-06-02 20:10 - 2016-01-26 17:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-26 15:25 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-22 17:15 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\LiveKernelReports

==================== Arquivos na raiz de alguns diretórios =======

2016-01-12 01:28 - 2016-01-12 01:28 - 0045270 _____ () C:\Users\Gabriel\AppData\Roaming\room_v3.dat
2016-01-12 13:06 - 2016-01-12 13:06 - 0000057 _____ () C:\ProgramData\Ament.ini

Alguns arquivos em TEMP:
====================
C:\Users\Gabriel\AppData\Local\Temp\atcMedia7161462648253.exe
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-1065453643386668467.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-1183052296613191110.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-1450014311518028874.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-1543787260048112383.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-1582889834709798527.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-1585646021604267459.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-1683669107731568177.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-1688005952120088775.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-2205375964578649059.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-2591690014185803796.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-2998428908094859510.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-3204800552210326136.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-3774103000803136921.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-3958330920925314997.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-396455334582202769.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-4302765942525865619.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-4312314250566675730.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-4405898222692419870.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-473257664226623859.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-4858185116516851633.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-5139814548619960462.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-5513272603905549347.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-5618793129989504745.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-5844965225428815117.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-6062799687008726387.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-620181381594236883.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-6789871709079695663.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-7214914768592501960.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-7225828945108999323.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-7404999420670822123.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-7654239331574644241.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-7677543305704080307.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-8001490877155275701.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-846149020376339862.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-8621441781577188761.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-9103893740935693953.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-9130347782695013045.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-938186076845041119.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-951545377614812259.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-32-git-Spigot-4af49dc-c5e9a16-6535219645651279405.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-4278623241159811983.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-1260003210563431724.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-1339895758923017372.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-1507179989717452.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-1601834918176014769.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-1735703316451397341.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-1992024316161951712.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-1993007295535760455.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-2291102939083433397.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-2383453933724969592.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-2502593813428142702.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-2679559383977769379.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-2764560464867562661.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-3137029954442866215.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-3696731234054273480.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-3723394924618158159.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-3972851562423376679.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-4157811602660713004.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-4243087875098263296.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-4365403989770002729.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-4572946903025410654.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-5164458366695559324.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-5282880765180756784.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-5439205290529472237.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-568534645845215051.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-581373411583536486.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-5886905257534543084.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-5910265770568227873.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-6013324677249221820.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-6049660898041722955.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-6147702347726304415.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-633862582987079073.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-6662165048094211498.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-6692983722321146665.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-6722857773596239897.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-6790018571035801629.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-6856937161159417717.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-704026616447384008.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-7082620550747030921.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-7494123916112594667.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-7781169793298949221.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-7805720668155528111.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-7863739365803218731.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-7993544470609919506.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-8355561154449549824.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-8595233767736181847.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-8863567179671017302.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64-git-Bukkit-6d133d5-9137663748695585249.dll
C:\Users\Gabriel\AppData\Local\Temp\jansi-64.dll
C:\Users\Gabriel\AppData\Local\Temp\RemoteMouse.exe
C:\Users\Gabriel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Gabriel\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-17 12:37

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité