cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 10-07-2016 01
Executado por Jefferson (administrador) em JEFFERSON-PC (11-07-2016 01:49:01)
Executando a partir de C:\Users\Jefferson\Desktop
Perfis Carregados: Jefferson (Perfis Disponíveis: Jefferson)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Atheros Communications) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [134784 2014-11-30] (Atheros Communications)
HKU\S-1-5-21-4233972201-2281020097-4024106041-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3C453902-0FAE-4718-B05C-ECCB0106B2A5}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [322176 2014-11-30] (Windows (R) Win 7 DDK provider) [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2014-05-13] (Atheros) [Arquivo não assinado]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2014-11-30] (Qualcomm Atheros)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-11 05:24 - 2016-07-11 00:34 - 00000000 ____D C:\Windows\Panther
2016-07-11 05:07 - 2016-07-11 05:07 - 00000000 ____D C:\Windows.old.001
2016-07-11 01:49 - 2016-07-11 01:49 - 00003781 _____ C:\Users\Jefferson\Desktop\FRST.txt
2016-07-11 01:48 - 2016-07-11 01:49 - 00000000 ____D C:\FRST
2016-07-11 01:48 - 2016-07-11 01:48 - 02390528 _____ (Farbar) C:\Users\Jefferson\Desktop\FRST64.exe
2016-07-11 01:41 - 2016-07-11 01:34 - 00013188 _____ C:\api-ms-win-crt-runtime-l1-1-0.zip
2016-07-11 01:34 - 2016-07-11 01:34 - 00013188 _____ C:\Users\Jefferson\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2016-07-11 01:25 - 2016-07-11 01:25 - 00000000 ____D C:\Windows\nvmup
2016-07-11 01:25 - 2013-10-23 20:30 - 00012064 _____ (NVIDIA Corporation) C:\Windows\system32\NVMUPEventMsg.dll
2016-07-11 01:19 - 2016-07-11 01:20 - 01598992 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-11 01:16 - 2016-06-21 12:13 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-07-11 00:53 - 2016-07-11 00:53 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-11 00:53 - 2016-07-11 00:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-11 00:52 - 2016-07-11 00:52 - 00001174 _____ C:\Users\Public\Desktop\SiSoftware Sandra Lite 2016.SP1.lnk
2016-07-11 00:52 - 2016-07-11 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2016-07-11 00:52 - 2016-07-11 00:52 - 00000000 ____D C:\Program Files\SiSoftware
2016-07-11 00:46 - 2016-07-11 00:46 - 00000000 ___RD C:\Users\Jefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-07-11 00:46 - 2016-07-11 00:46 - 00000000 ____D C:\Users\Todos os Usuários\Atheros
2016-07-11 00:46 - 2016-07-11 00:46 - 00000000 ____D C:\Users\Jefferson\AppData\Roaming\Atheros
2016-07-11 00:46 - 2016-07-11 00:46 - 00000000 ____D C:\Users\Jefferson\AppData\Local\BMExplorer
2016-07-11 00:46 - 2016-07-11 00:46 - 00000000 ____D C:\ProgramData\Atheros
2016-07-11 00:44 - 2016-07-11 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot
2016-07-11 00:44 - 2016-07-11 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net
2016-07-11 00:43 - 2016-07-11 00:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2016-07-11 00:42 - 2016-07-11 00:46 - 00000000 ____D C:\Users\Jefferson\Documents\Bluetooth Folder
2016-07-11 00:42 - 2016-07-11 00:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2016-07-11 00:41 - 2016-07-11 00:44 - 00000000 ____D C:\Program Files (x86)\Dell Wireless
2016-07-11 00:41 - 2016-07-11 00:43 - 00000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2016-07-11 00:41 - 2016-07-11 00:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-11 00:41 - 2016-07-11 00:41 - 00000000 ____D C:\Windows\system32\nn-NO
2016-07-11 00:41 - 2016-07-11 00:41 - 00000000 ____D C:\Windows\Options
2016-07-11 00:41 - 2016-07-11 00:41 - 00000000 ____D C:\Users\Todos os Usuários\{1523B350-69E4-43FE-831A-1F99E761E80E}
2016-07-11 00:41 - 2016-07-11 00:41 - 00000000 ____D C:\ProgramData\{1523B350-69E4-43FE-831A-1F99E761E80E}
2016-07-11 00:41 - 2016-07-11 00:41 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-07-11 00:41 - 2014-12-01 20:48 - 00011287 ____N C:\Windows\system32\athwbx.cat
2016-07-11 00:41 - 2014-12-01 20:48 - 00009546 ____N C:\Windows\system32\athrextx.cat
2016-07-11 00:41 - 2014-11-09 19:19 - 04108288 ____N (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\athrx.sys
2016-07-11 00:41 - 2014-11-09 19:19 - 04108288 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2016-07-11 00:41 - 2014-11-09 19:06 - 04226560 ____N (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\athwbx.sys
2016-07-11 00:41 - 2014-05-13 20:07 - 00060416 ____N (Atheros) C:\Windows\system32\athihvui.dll
2016-07-11 00:41 - 2014-05-13 20:06 - 00440320 ____N (Atheros) C:\Windows\system32\athihvs.dll
2016-07-11 00:40 - 2016-07-11 00:40 - 00000000 ____D C:\Users\Todos os Usuários\Dell
2016-07-11 00:40 - 2016-07-11 00:40 - 00000000 ____D C:\ProgramData\Dell
2016-07-11 00:35 - 2016-07-11 00:35 - 00001423 _____ C:\Users\Jefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-11 00:35 - 2016-07-11 00:35 - 00001389 _____ C:\Users\Jefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-07-11 00:35 - 2016-07-11 00:35 - 00000000 ____D C:\Users\Jefferson\AppData\Local\VirtualStore
2016-07-11 00:34 - 2016-07-11 00:35 - 00000000 ____D C:\Users\Jefferson
2016-07-11 00:34 - 2016-07-11 00:34 - 00000020 ___SH C:\Users\Jefferson\ntuser.ini
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas músicas
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Minhas imagens
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Usuário Padrão\Documents\Meus vídeos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Histórico
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Usuário Padrão\AppData\Local\Dados de aplicativos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Usuário Padrão
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Todos os Usuários\Modelos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Todos os Usuários\Menu Iniciar
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Todos os Usuários\Favoritos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Todos os Usuários\Documentos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Todos os Usuários\Dados de aplicativos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Todos os Usuários
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Public\Documents\Minhas músicas
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Public\Documents\Minhas imagens
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Public\Documents\Meus vídeos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\Modelos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\Meus documentos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\Menu Iniciar
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\Documents\Minhas músicas
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\Documents\Minhas imagens
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\Documents\Meus vídeos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\Dados de aplicativos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\Configurações locais
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\AppData\Local\Histórico
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\AppData\Local\Dados de aplicativos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\Ambiente de rede
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Jefferson\Ambiente de impressão
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\Modelos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\Meus documentos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\Menu Iniciar
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\Documents\Minhas músicas
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\Documents\Minhas imagens
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\Documents\Meus vídeos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\Dados de aplicativos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\Configurações locais
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Histórico
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dados de aplicativos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\Ambiente de rede
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default\Ambiente de impressão
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas músicas
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default User\Documents\Minhas imagens
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default User\Documents\Meus vídeos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Histórico
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dados de aplicativos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\ProgramData\Modelos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\ProgramData\Menu Iniciar
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\ProgramData\Favoritos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\ProgramData\Documentos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\ProgramData\Dados de aplicativos
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Program Files\Common Files\Sistema
2016-07-11 00:34 - 2016-07-11 00:34 - 00000000 _SHDL C:\Program Files\Arquivos Comuns
2016-07-11 00:34 - 2009-07-14 04:45 - 00000000 ____D C:\Users\Jefferson\AppData\Roaming\Media Center Programs
2016-07-11 00:29 - 2016-07-11 00:29 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-07-11 00:29 - 2016-07-11 00:29 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-07-11 00:27 - 2016-07-11 00:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-07-10 23:02 - 2016-07-10 23:02 - 00000000 ____D C:\Windows.old.000
2016-07-10 22:50 - 2016-07-10 22:50 - 00000000 ____D C:\NVIDIA
2016-07-10 03:13 - 2016-07-10 03:13 - 00000000 ____D C:\Windows.old

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-11 05:23 - 2009-07-14 02:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-07-11 01:20 - 2009-07-29 12:58 - 00705268 _____ C:\Windows\system32\prfh0416.dat
2016-07-11 01:20 - 2009-07-29 12:58 - 00147108 _____ C:\Windows\system32\prfc0416.dat
2016-07-11 01:20 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-11 01:19 - 2009-07-14 02:13 - 01598992 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-11 00:48 - 2009-07-14 01:45 - 00009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-11 00:48 - 2009-07-14 01:45 - 00009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-11 00:46 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-11 00:36 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2016-07-11 00:34 - 2009-07-14 02:08 - 00000000 ____D C:\Users\Administrator
2016-07-11 00:34 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Windows NT
2016-07-11 00:33 - 2009-07-14 01:45 - 00274824 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-11 00:29 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-07-11 00:25 - 2009-07-14 04:46 - 00000000 ____D C:\Windows\CSC
2016-07-09 23:10 - 2015-06-26 14:16 - 00000000 ____D C:\Dell
2016-06-20 10:03 - 2015-03-01 13:07 - 00000000 ____D C:\SystemColorFree
2016-06-20 10:02 - 2015-08-22 10:30 - 00000000 ____D C:\temp

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-11 00:24

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité