cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20-07-2016
Executado por mario (administrador) em MARIO-PC (22-07-2016 18:34:41)
Executando a partir de C:\Users\mario\Desktop
Perfis Carregados: mario (Perfis Disponíveis: mario)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe
() C:\Program Files\Andy\HandyAndy.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
() C:\Program Files\Andy\AndyADB.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PowerDVD12DMREngine] => C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544 2012-01-01] (CyberLink)
HKLM-x32\...\Run: [PowerDVD12Agent] => C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256 2012-01-12] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\Run: [GoogleChromeAutoLaunch_343913A6FBAF31C633733A41F1A3AF52] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1122456 2016-06-15] (Google Inc.)
HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [3122152 2016-06-21] (Blizzard Entertainment)
HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\Run: [Advanced SystemCare 5] => C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe [1647448 2011-11-12] (IObit)
HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\Run: [uTorrent] => C:\Users\mario\AppData\Roaming\uTorrent\uTorrent.exe [1130576 2015-09-13] (BitTorrent Inc.)
HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-206710319-2657337602-3132182100-1000\...\MountPoints2: {78ec6e4f-ae30-11e5-9b71-0030675b488b} - G:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HandyAndy.lnk [2016-02-04]
ShortcutTarget: HandyAndy.lnk -> C:\Program Files\Andy\HandyAndy.exe ()

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\..\Interfaces\{CE14810C-C744-4DC3-94AE-18C8E32D5C2A}: [NameServer] 192.168.1.1,8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-206710319-2657337602-3132182100-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\qq368zhr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-206710319-2657337602-3132182100-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\mario\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-25] (Unity Technologies ApS)
FF Extension: leethax.net extension - C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\qq368zhr.default\extensions\leethax@leethax.net.xpi [2016-01-24]
FF Extension: MEGA - C:\Users\mario\AppData\Roaming\Mozilla\Firefox\Profiles\qq368zhr.default\Extensions\firefox@mega.co.nz.xpi [2016-07-14]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-11]
CHR Extension: (Google Docs) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-11]
CHR Extension: (Google Drive) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-30]
CHR Extension: (Google Search) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Planilhas do Google) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-11]
CHR Extension: (Documentos Google off-line) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Avast Online Security) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-13]
CHR Extension: (Google Play) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-09-11]
CHR Extension: (Google Maps) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-18]
CHR Extension: (Verificador de mensagens do Google) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-09-11]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Meu tema do Chrome) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-09-11]
CHR Extension: (Gmail) - C:\Users\mario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-11]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdvancedSystemCareService5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [490840 2011-11-10] (IObit)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
R2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-01-12] (CyberLink Corp.)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-01-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-01-12] (CyberLink)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [293128 2016-03-11] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [Arquivo não assinado]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-18] (Enigma Software Group USA, LLC.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [5248 2010-01-27] () [Arquivo não assinado]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 ntk_PowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [82928 2011-10-27] (Cyberlink Corp.)
S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2015-11-10] (The OpenVPN Project)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2012-01-18] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2012-01-18] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2015-12-29] () [Arquivo não assinado]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
R3 vmkbd2; C:\Windows\system32\drivers\VMkbd.sys [33472 2015-11-25] (VMware, Inc.)
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31936 2015-11-25] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [146928 2012-01-11] (CyberLink Corp.)
U3 a9azm4wx; C:\Windows\System32\Drivers\a9azm4wx.sys [0 ] (Microsoft Corporation) <==== ATENÇÃO (zero byte Arquivo/Pasta)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-22 18:34 - 2016-07-22 18:35 - 00014503 _____ C:\Users\mario\Desktop\FRST.txt
2016-07-22 18:32 - 2016-07-22 18:34 - 00000000 ____D C:\FRST
2016-07-22 18:31 - 2016-07-22 18:31 - 02393600 _____ (Farbar) C:\Users\mario\Desktop\FRST64.exe
2016-07-14 23:55 - 2016-07-14 23:55 - 00000000 ____D C:\Users\mario\Desktop\Nova pasta (3)
2016-07-13 16:03 - 2016-07-13 16:03 - 00063681 _____ C:\Users\mario\Downloads\20150409013307_Mario_Natalio_Rodrigues8218260119_9283.pdf
2016-07-12 17:35 - 2016-07-12 17:35 - 00000377 _____ C:\Users\mario\Desktop\Novo Documento de Texto (2).txt
2016-07-04 13:37 - 2016-07-04 13:37 - 00099373 _____ C:\Users\mario\Downloads\fatura_atual (1).pdf
2016-06-30 11:32 - 2016-06-30 11:32 - 00000000 ____D C:\Program Files\SAMSUNG
2016-06-30 11:31 - 2016-06-30 11:31 - 00000000 ____D C:\Users\Todos os Usuários\Samsung
2016-06-30 11:31 - 2016-06-30 11:31 - 00000000 ____D C:\ProgramData\Samsung
2016-06-30 11:29 - 2016-06-30 11:29 - 00001031 _____ C:\Users\Public\Desktop\Kingo ROOT.lnk
2016-06-30 11:29 - 2016-06-30 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT
2016-06-30 10:56 - 2016-06-30 11:29 - 00000000 ____D C:\Program Files (x86)\Kingo ROOT
2016-06-30 10:56 - 2016-06-30 10:56 - 00000000 ____D C:\Users\mario\AppData\Roaming\Kingosoft
2016-06-30 10:56 - 2016-06-30 10:56 - 00000000 ____D C:\Users\mario\AppData\Local\Kingosoft
2016-06-30 10:54 - 2016-06-30 10:55 - 18478184 _____ (Kingosoft Technology Ltd. ) C:\Users\mario\Desktop\android_root.exe
2016-06-30 08:30 - 2016-06-30 08:30 - 00929956 _____ C:\Users\mario\Downloads\Framaroot-1.6.1.apk
2016-06-30 08:12 - 2016-06-30 08:12 - 02499035 _____ C:\Users\mario\Downloads\Root Explorer v3.3.6.apk
2016-06-30 08:08 - 2016-06-30 08:08 - 00000000 _____ C:\Users\mario\Desktop\Novo Documento de Texto.txt
2016-06-20 22:18 - 2016-07-05 08:40 - 00000000 ____D C:\Users\mario\AppData\Local\SquirrelTemp
2016-06-20 22:18 - 2016-07-05 08:39 - 00000000 ____D C:\Users\mario\AppData\Roaming\WhatsApp
2016-06-20 22:18 - 2016-06-20 22:19 - 00000000 ____D C:\Users\mario\AppData\Local\WhatsApp
2016-06-20 22:18 - 2016-06-20 22:18 - 00002161 _____ C:\Users\mario\Desktop\WhatsApp.lnk
2016-06-20 22:18 - 2016-06-20 22:18 - 00000000 ____D C:\Users\mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2016-06-20 16:51 - 2009-11-25 11:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-06-20 16:51 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-06-20 16:51 - 2009-11-25 11:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-06-20 16:51 - 2009-11-25 11:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2016-06-20 16:51 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2016-06-20 16:51 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2016-06-20 16:51 - 2009-11-25 11:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2016-06-20 16:51 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2016-06-20 16:51 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2016-06-20 16:51 - 2009-11-25 11:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-06-20 15:58 - 2016-06-20 16:01 - 55311632 _____ (WhatsApp) C:\Users\mario\Downloads\WhatsAppSetup.exe
2016-06-17 22:25 - 2016-06-17 22:25 - 00099231 _____ C:\Users\mario\Downloads\fatura_anterior.pdf
2016-06-12 13:48 - 2016-06-13 17:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-09 12:32 - 2016-06-09 12:32 - 00000000 ____D C:\Users\mario\AppData\Roaming\Unity
2016-06-09 12:24 - 2016-06-09 12:24 - 00000000 ____D C:\Users\mario\AppData\LocalLow\Unity
2016-06-09 12:24 - 2016-06-09 12:24 - 00000000 ____D C:\Users\mario\AppData\Local\Unity
2016-06-09 12:23 - 2016-06-09 12:23 - 01090304 _____ (Unity Technologies ApS) C:\Users\mario\Downloads\UnityWebPlayer.exe
2016-06-09 12:13 - 2016-06-09 12:13 - 00000626 _____ C:\Users\mario\Desktop\DT2 hack By Boulou v3.1 - Atalho.lnk
2016-06-04 21:45 - 2016-06-04 21:46 - 00099604 _____ C:\Users\mario\Downloads\fatura_atual.pdf
2016-06-04 20:45 - 2016-06-04 20:46 - 00037996 _____ C:\Users\mario\Downloads\boleto.pdf
2016-06-03 09:17 - 2016-06-03 09:17 - 00000612 _____ C:\Users\mario\Desktop\Marketland V.25_64Bit - Atalho.lnk
2016-06-02 21:36 - 2016-06-02 21:36 - 00100160 _____ () C:\Users\mario\Downloads\FacebookGamesArcadeSetup.exe
2016-06-02 13:20 - 2016-06-02 13:21 - 00014606 _____ C:\Users\mario\Downloads\TAIN3ARGEM.rar
2016-06-02 13:19 - 2016-06-02 13:19 - 00014641 _____ C:\Users\mario\Downloads\Taina.-.Uma.Aventura.na.Amazonia.avi.torrent
2016-06-02 13:19 - 2016-06-02 13:19 - 00012878 _____ C:\Users\mario\Downloads\Taina.2.-.A.Aventura.Continua.-.Infantil.Br.-.avi.torrent
2016-06-02 09:13 - 2016-06-02 09:14 - 04211200 _____ C:\Users\mario\Downloads\Criminal case trainer v2.0 by boulou.EXE
2016-06-02 09:04 - 2016-06-02 09:04 - 04362240 _____ C:\Users\mario\Downloads\Marketland trainer hack v4.2 by boulou.EXE
2016-06-01 21:55 - 2016-07-06 20:00 - 00000000 ____D C:\Users\mario\Desktop\Nova pasta (2)
2016-05-29 08:59 - 2016-05-29 08:59 - 00000668 _____ C:\Users\mario\Desktop\FV2 trainer v4.9.1 by boulou - Atalho.lnk
2016-05-26 18:07 - 2016-05-26 18:00 - 62780228 _____ C:\Users\mario\Desktop\VID_20160526_180041.3gp
2016-05-26 15:04 - 2016-05-26 15:04 - 00000000 ____D C:\Users\mario\AppData\Roaming\VSRevoGroup
2016-05-26 12:04 - 2016-05-26 12:04 - 00000000 ____D C:\Users\mario\Documents\StarCraft II
2016-05-26 11:59 - 2016-05-26 11:59 - 00000676 _____ C:\Users\mario\Desktop\Bubble witch 2 v1.2 by Boulou - Atalho.lnk
2016-05-26 11:48 - 2016-05-26 11:48 - 00000732 _____ C:\Users\mario\Desktop\Cafeland trainer v1.6 Free by Boulou - Atalho.lnk
2016-05-26 11:36 - 2016-05-26 11:36 - 00000000 ____D C:\Users\mario\Documents\Heroes of the Storm
2016-05-24 17:30 - 2016-05-24 17:30 - 00003408 ____N C:\bootsqm.dat
2016-05-17 22:37 - 2016-05-17 22:40 - 36571559 _____ C:\Users\mario\Downloads\General_CMS_V3.1.0.3.T.20150512 (3).rar
2016-05-13 22:38 - 2016-05-13 22:38 - 00000000 ____D C:\Users\mario\Desktop\Nova pasta
2016-05-13 19:53 - 2016-05-13 23:42 - 520287664 _____ C:\Users\mario\Downloads\D34.rar.part
2016-05-12 12:43 - 2016-05-12 12:48 - 16026766 _____ C:\Users\mario\Downloads\google-play-6-5-08-d-all-0-2792142.apk
2016-05-12 11:38 - 2016-05-12 11:42 - 11704134 _____ C:\Users\mario\Downloads\Lan_Broadcom_15.0.1.0_W7x86W7x64_A.zip
2016-05-02 22:35 - 2016-05-02 22:35 - 00000000 ____D C:\Program Files\Unity
2016-04-28 12:11 - 2016-04-28 12:11 - 00001069 _____ C:\Users\mario\Desktop\VirtuaNES - Atalho.lnk
2016-04-25 00:35 - 2016-04-25 00:35 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2016-04-25 00:35 - 2016-04-25 00:35 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-22 18:27 - 2015-09-10 14:16 - 00003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0D0E2CCA-0F4F-4EAA-86C7-5358E4ECF6B0}
2016-07-22 18:14 - 2015-09-11 13:26 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-22 17:58 - 2009-07-14 01:45 - 00014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-22 17:58 - 2009-07-14 01:45 - 00014032 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-22 17:54 - 2015-09-11 17:25 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-22 17:51 - 2016-02-04 06:34 - 00000000 ____D C:\Users\Todos os Usuários\VMware
2016-07-22 17:51 - 2016-02-04 06:34 - 00000000 ____D C:\ProgramData\VMware
2016-07-22 17:51 - 2015-09-13 20:10 - 00000000 ____D C:\Users\mario\AppData\Roaming\uTorrent
2016-07-22 17:50 - 2015-09-11 17:25 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-22 17:50 - 2015-09-10 14:24 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-07-22 17:50 - 2015-09-10 14:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-22 17:50 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-21 19:53 - 2015-09-11 10:43 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-07-21 19:51 - 2015-09-11 10:47 - 00000000 ____D C:\Users\mario\AppData\Local\Battle.net
2016-07-21 18:11 - 2009-07-14 14:55 - 00707754 _____ C:\Windows\system32\prfh0416.dat
2016-07-21 18:11 - 2009-07-14 14:55 - 00148120 _____ C:\Windows\system32\prfc0416.dat
2016-07-21 18:11 - 2009-07-14 02:13 - 01641652 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-21 18:11 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-14 09:15 - 2015-09-11 13:26 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 09:15 - 2015-09-10 14:18 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 09:15 - 2015-09-10 14:18 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-13 08:15 - 2015-09-10 14:18 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-13 08:14 - 2015-09-10 14:18 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 11:39 - 2015-09-11 13:28 - 00000000 ____D C:\Users\mario\.smplayer
2016-07-11 13:28 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-11 12:57 - 2015-09-10 13:54 - 00000000 ____D C:\Users\mario
2016-07-06 21:39 - 2015-09-10 14:28 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-30 11:54 - 2015-09-11 19:07 - 00000000 ____D C:\Users\mario\AppData\Local\Genymobile
2016-06-30 11:29 - 2015-09-12 09:23 - 00000000 ____D C:\Users\mario\.android
2016-06-30 08:03 - 2016-01-27 10:06 - 00000000 ____D C:\Users\mario\AppData\Roaming\VMware
2016-06-30 07:51 - 2015-09-11 19:07 - 00000000 ____D C:\Users\mario\.VirtualBox
2016-06-26 16:56 - 2015-09-19 19:30 - 00000000 ____D C:\Users\mario\Documents\Euro Truck Simulator 2
2016-06-23 18:29 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Arquivos na raiz de alguns diretórios =======

2016-03-28 23:47 - 2016-03-28 23:47 - 0000000 _____ () C:\Users\mario\AppData\Local\{EBFC7ED4-E3F1-4281-8107-72AECDE7ADEF}

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-05-20 16:32

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité