cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 08-08-2016
Executado por David (administrador) em DAVID-PC (08-08-2016 17:59:00)
Executando a partir de C:\Users\David\Downloads
Perfis Carregados: David (Perfis Disponíveis: David)
Platform: Windows 7 Home Premium (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Windows\KMS-R@1n.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Windows\KMS-R@1nhook.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(BitTorrent Inc.) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\David\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\David\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2207848 2011-03-21] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392872 2010-10-14] (Synaptics Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3675621931-2183026430-1973535130-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
IFEO\OSPPSVC.EXE: [Debugger] KMS-R@1nhook.exe
IFEO\SppSvc.exe: [Debugger] KMS-R@1nhook.exe
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{81FFF519-3D25-452C-8B68-FB980C8FA9FF}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-07-13] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-08-08] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-08] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-07-13] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-08-08] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-08] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-08] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-08] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-08] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-08] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\nfmato3q.default
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-08] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-08-03]
FF HKU\S-1-5-21-3675621931-2183026430-1973535130-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-3675621931-2183026430-1973535130-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\David\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\David\AppData\Roaming\IDM\idmmzcc5 [2016-08-08] [não assinado]
FF HKU\S-1-5-21-3675621931-2183026430-1973535130-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-08-05]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-08-05]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2776664 2015-08-16] (Microsoft Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-08-08] () [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-08-08 17:59 - 2016-08-08 17:59 - 00009421 _____ C:\Users\David\Downloads\FRST.txt
2016-08-08 17:58 - 2016-08-08 17:59 - 00000000 ____D C:\FRST
2016-08-08 17:58 - 2016-08-08 17:58 - 02393600 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2016-08-08 17:57 - 2016-08-08 17:57 - 14749120 _____ (Microsoft Corporation) C:\Users\David\Downloads\vc_redist.x64.exe
2016-08-08 17:56 - 2016-08-08 17:56 - 13969576 _____ (Microsoft Corporation) C:\Users\David\Downloads\vc_redist.x86.exe
2016-08-08 17:53 - 2016-08-08 17:54 - 00000000 ____D C:\Users\David\AppData\Roaming\Adobe
2016-08-08 17:53 - 2016-08-08 17:53 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-08 17:53 - 2016-08-08 17:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-08 17:53 - 2016-08-08 17:53 - 00000000 ____D C:\Users\David\AppData\LocalLow\Adobe
2016-08-08 17:53 - 2016-08-08 17:53 - 00000000 ____D C:\ProgramData\Adobe
2016-08-08 17:53 - 2016-08-08 17:53 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-08 17:51 - 2016-08-08 17:54 - 00000000 ____D C:\Users\David\AppData\Local\Adobe
2016-08-08 17:51 - 2016-08-08 17:51 - 00000000 ____D C:\Users\David\AppData\Roaming\vlc
2016-08-08 17:50 - 2016-08-08 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-08 17:50 - 2016-08-08 17:50 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-08-08 17:49 - 2016-08-08 17:50 - 30533688 _____ C:\Users\David\Downloads\vlc-2.2.4-win32.exe
2016-08-08 04:08 - 2016-08-08 04:08 - 00008192 __RSH C:\BOOTSECT.BAK
2016-08-08 04:08 - 2016-08-07 23:16 - 00000000 ____D C:\Windows\Panther
2016-08-08 04:08 - 2009-07-13 22:38 - 00383562 __RSH C:\bootmgr
2016-08-08 00:56 - 2016-08-08 00:56 - 00000000 ____D C:\Windows\System32\Tasks\Nero
2016-08-08 00:55 - 2016-08-08 01:05 - 00000000 ____D C:\ProgramData\Nero
2016-08-08 00:55 - 2016-08-08 01:03 - 00000000 ____D C:\Program Files (x86)\Nero
2016-08-08 00:55 - 2016-08-08 00:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016
2016-08-08 00:55 - 2016-08-08 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-08-08 00:54 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-08-08 00:53 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-08-08 00:53 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-08-08 00:53 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-08-08 00:53 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-08-08 00:52 - 2016-08-08 17:57 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-08 00:52 - 2016-08-08 00:52 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-08-08 00:45 - 2016-08-08 00:45 - 00026112 _____ C:\Windows\KMS-R@1n.exe
2016-08-08 00:45 - 2016-08-08 00:45 - 00004608 _____ C:\Windows\KMS-R@1nhook.exe
2016-08-08 00:45 - 2016-08-08 00:45 - 00003584 _____ C:\Windows\KMS-QADhook.dll
2016-08-08 00:45 - 2016-08-08 00:45 - 00000000 ____D C:\Windows\System32\Tasks\R@1n-KMS
2016-08-08 00:45 - 2016-08-08 00:45 - 00000000 ____D C:\Users\David\AppData\Local\mpress
2016-08-08 00:44 - 2016-08-08 00:44 - 00002128 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-08 00:44 - 2016-08-08 00:44 - 00002110 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-08 00:44 - 2016-08-08 00:44 - 00002110 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-08-08 00:44 - 2016-08-08 00:44 - 00000000 ___RD C:\Users\David\OneDrive
2016-08-08 00:44 - 2016-08-08 00:44 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-08 00:44 - 2016-08-08 00:44 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-08-08 00:36 - 2016-08-08 00:36 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-08-08 00:36 - 2016-08-08 00:36 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-08-08 00:36 - 2016-08-08 00:36 - 00002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-08-08 00:36 - 2016-08-08 00:36 - 00002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-08-08 00:36 - 2016-08-08 00:36 - 00002397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-08-08 00:36 - 2016-08-08 00:36 - 00002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-08-08 00:36 - 2016-08-08 00:36 - 00002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-08-08 00:36 - 2016-08-08 00:36 - 00002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-08-08 00:36 - 2016-08-08 00:36 - 00002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-08-08 00:36 - 2016-08-08 00:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-08-08 00:35 - 2016-08-08 00:35 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-08-08 00:34 - 2016-08-08 00:44 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-08 00:32 - 2016-08-08 00:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-08-08 00:32 - 2016-08-08 00:32 - 01804512 _____ C:\WindowsGABRIOLA.tt2
2016-08-08 00:32 - 2016-08-08 00:32 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-08 00:28 - 2016-08-08 17:53 - 00000000 ____D C:\Users\David\AppData\Roaming\DMCache
2016-08-08 00:28 - 2016-08-08 17:49 - 00000000 ____D C:\Users\David\AppData\Roaming\IDM
2016-08-08 00:28 - 2016-08-08 17:39 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-08-08 00:28 - 2016-08-08 00:28 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-08-08 00:28 - 2016-08-08 00:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-08-08 00:28 - 2016-08-08 00:28 - 00000000 ____D C:\ProgramData\IDM
2016-08-08 00:24 - 2016-08-08 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader
2016-08-08 00:24 - 2016-08-08 00:24 - 00000000 ____D C:\Program Files\MegaDownloader
2016-08-08 00:23 - 2016-08-08 00:24 - 01595668 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-08-08 00:05 - 2009-11-25 16:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-08-08 00:05 - 2009-11-25 16:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-08-08 00:05 - 2009-11-25 16:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-08-08 00:05 - 2009-11-25 16:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2016-08-08 00:05 - 2009-11-25 16:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2016-08-08 00:05 - 2009-11-25 16:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2016-08-08 00:05 - 2009-11-25 16:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2016-08-08 00:05 - 2009-11-25 16:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2016-08-08 00:05 - 2009-11-25 16:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2016-08-08 00:05 - 2009-11-25 16:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-08-08 00:04 - 2016-08-08 17:47 - 00000000 ____D C:\Users\David\AppData\LocalLow\uTorrent
2016-08-08 00:04 - 2016-08-08 00:45 - 00110176 _____ C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-08 00:03 - 2016-08-08 17:57 - 00000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2016-08-08 00:03 - 2016-08-08 00:03 - 00002601 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-08-08 00:00 - 2016-08-08 00:00 - 00000000 ____D C:\Users\David\AppData\Roaming\WinRAR
2016-08-07 23:55 - 2016-08-08 17:44 - 00703080 _____ C:\Windows\system32\prfh0416.dat
2016-08-07 23:55 - 2016-08-08 17:44 - 00145866 _____ C:\Windows\system32\prfc0416.dat
2016-08-07 23:55 - 2016-08-07 23:53 - 00323154 _____ C:\Windows\system32\prfi0416.dat
2016-08-07 23:55 - 2016-08-07 23:53 - 00038536 _____ C:\Windows\system32\prfd0416.dat
2016-08-07 23:54 - 2016-08-07 23:54 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2016-08-07 23:51 - 2016-07-26 14:24 - 00504488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-08-07 23:46 - 2016-08-07 23:46 - 00000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-07 23:46 - 2016-08-07 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-07 23:46 - 2016-08-07 23:46 - 00000000 ____D C:\Program Files\WinRAR
2016-08-07 23:43 - 2016-08-07 23:49 - 00000000 ____D C:\Users\David\AppData\Local\Mozilla
2016-08-07 23:43 - 2016-08-07 23:43 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-07 23:43 - 2016-08-07 23:43 - 00000000 ____D C:\Users\David\AppData\Roaming\Mozilla
2016-08-07 23:43 - 2016-08-07 23:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-07 23:38 - 2016-06-28 15:09 - 66456442 _____ C:\lp.cab
2016-08-07 23:33 - 2016-08-07 23:33 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-08-07 23:32 - 2016-08-07 23:32 - 00000000 ____D C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
2016-08-07 23:32 - 2010-11-02 16:48 - 01103464 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8192ce.sys
2016-08-07 23:32 - 2009-02-05 02:49 - 00451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2016-08-07 23:31 - 2016-08-07 23:31 - 00018234 _____ C:\Windows\system32\results.xml
2016-08-07 23:30 - 2016-08-07 23:30 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-08-07 23:28 - 2016-08-07 23:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2016-08-07 23:28 - 2016-08-07 23:28 - 00000000 ____D C:\Program Files\Synaptics
2016-08-07 23:26 - 2016-08-07 23:30 - 00000000 ____D C:\Program Files (x86)\Intel
2016-08-07 23:26 - 2016-08-07 23:30 - 00000000 ____D C:\Intel
2016-08-07 23:26 - 2010-10-04 13:02 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-08-07 23:25 - 2009-09-02 09:58 - 00225280 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\Drivers\RtsUStor.sys
2016-08-07 23:25 - 2009-09-02 09:58 - 00225280 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2016-08-07 23:25 - 2009-08-19 10:22 - 00352256 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStor.dll
2016-08-07 23:25 - 2009-02-02 18:27 - 07360512 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll
2016-08-07 23:25 - 2009-02-02 18:27 - 07360512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSUSTORicon.dll
2016-08-07 23:23 - 2016-08-07 23:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-07 23:23 - 2016-08-07 23:25 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-08-07 23:23 - 2016-08-07 23:24 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-08-07 23:23 - 2016-08-07 23:23 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-08-07 23:23 - 2016-08-07 23:23 - 00000000 ____D C:\Program Files\Realtek
2016-08-07 23:23 - 2011-04-06 15:33 - 02826984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-08-07 23:23 - 2011-04-06 10:15 - 00952320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-08-07 23:23 - 2011-03-31 16:49 - 03048552 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2016-08-07 23:23 - 2011-03-31 16:49 - 02392168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-08-07 23:23 - 2011-03-24 16:03 - 00084584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2016-08-07 23:23 - 2011-03-15 15:32 - 00648808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-08-07 23:23 - 2011-03-02 17:25 - 01242216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-08-07 23:23 - 2011-02-25 19:37 - 01284712 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-08-07 23:23 - 2011-02-22 15:52 - 02075712 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-08-07 23:23 - 2010-11-29 18:47 - 02578576 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2016-08-07 23:23 - 2010-11-29 18:47 - 01868944 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2016-08-07 23:23 - 2010-11-18 11:49 - 00121744 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-08-07 23:23 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-08-07 23:23 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-08-07 23:23 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-08-07 23:23 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-08-07 23:23 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-08-07 23:23 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-08-07 23:23 - 2010-11-03 18:31 - 01146984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-08-07 23:23 - 2010-11-03 18:31 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-08-07 23:23 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-08-07 23:23 - 2010-10-03 13:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-08-07 23:23 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-08-07 23:23 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-08-07 23:23 - 2010-05-06 17:34 - 00334680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-08-07 23:23 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-08-07 23:23 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-08-07 23:23 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-08-07 23:23 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-08-07 23:23 - 2009-11-18 18:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2016-08-07 23:23 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-08-07 23:17 - 2016-08-07 23:17 - 00001447 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-08-07 23:17 - 2016-08-07 23:17 - 00001413 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-08-07 23:17 - 2016-08-07 23:17 - 00000000 ____D C:\Users\David\AppData\Local\VirtualStore
2016-08-07 23:16 - 2016-08-08 00:44 - 00000000 ____D C:\Users\David
2016-08-07 23:16 - 2016-08-07 23:16 - 00000020 ___SH C:\Users\David\ntuser.ini
2016-08-07 23:16 - 2016-08-07 23:16 - 00000000 _SHDL C:\Users\David\My Documents
2016-08-07 23:16 - 2016-08-07 23:16 - 00000000 _SHDL C:\Users\David\Documents\My Videos
2016-08-07 23:16 - 2016-08-07 23:16 - 00000000 _SHDL C:\Users\David\Documents\My Pictures
2016-08-07 23:16 - 2016-08-07 23:16 - 00000000 _SHDL C:\Users\David\Documents\My Music
2016-08-07 23:16 - 2010-01-25 22:07 - 00000048 __RSH C:\wedaolu
2016-08-07 23:16 - 2010-01-09 07:17 - 00206312 __RSH C:\grldr
2016-08-07 23:16 - 2009-07-14 04:44 - 00000000 ____D C:\Users\David\AppData\Roaming\Media Center Programs
2016-08-07 23:12 - 2016-08-07 23:12 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-08-07 23:12 - 2016-08-07 23:12 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-08-07 23:11 - 2016-08-07 23:11 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-08-07 20:46 - 2016-08-07 20:46 - 47733712 _____ C:\Users\David\Downloads\Builds for 3DS.7z
2016-08-05 12:50 - 2016-08-05 10:04 - 00217256 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2016-08-03 23:23 - 2016-08-03 23:23 - 04442078 _____ C:\Users\David\Documents\autocad2012basico.pdf
2016-08-02 18:23 - 2016-08-02 18:23 - 00000049 _____ C:\Users\David\Documents\idioma.txt
2016-08-01 22:47 - 2016-08-08 02:05 - 00000000 ____D C:\Users\David\Downloads\Android
2016-07-28 14:35 - 2016-07-28 15:48 - 00000127 _____ C:\Users\David\Documents\Contas GMAIL.txt
2016-07-25 17:24 - 2016-07-25 17:24 - 00090334 _____ C:\Users\David\Documents\edital.pdf
2016-07-23 14:19 - 2016-07-23 14:19 - 00039420 _____ C:\Users\David\Documents\ablsqstrespostas.PDF

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-08-08 17:47 - 2009-07-14 01:45 - 00018704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-08 17:47 - 2009-07-14 01:45 - 00018704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-08 17:44 - 2009-07-14 02:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-08 17:44 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-08-08 17:40 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-08 17:39 - 2009-07-14 01:45 - 00434152 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-08 02:23 - 2016-06-29 18:09 - 00000000 ____D C:\Users\David\Downloads\Games
2016-08-08 01:59 - 2016-03-21 23:15 - 00000000 ____D C:\Users\David\Downloads\Programas
2016-08-08 01:13 - 2016-05-27 01:02 - 00000000 ____D C:\Users\David\Documents\Univali
2016-08-08 01:11 - 2016-05-27 01:01 - 00000000 ____D C:\Users\David\Documents\TIC
2016-08-08 01:11 - 2016-05-27 01:01 - 00000000 ____D C:\Users\David\Documents\Certificados
2016-08-08 01:11 - 2016-05-27 01:01 - 00000000 ____D C:\Users\David\Documents\Aritgo 170
2016-08-08 01:11 - 2016-04-03 16:08 - 00000000 ____D C:\Users\David\Documents\Trabalhos de colegas da faculdade
2016-08-08 01:11 - 2016-03-06 15:44 - 00000000 ____D C:\Users\David\Documents\Pagamentos
2016-08-08 01:11 - 2016-03-06 15:44 - 00000000 ____D C:\Users\David\Documents\DR
2016-08-08 00:34 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-08-07 23:56 - 2009-07-14 02:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-08-07 23:54 - 2009-07-14 04:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-07 23:54 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\SysWOW64\winrm
2016-08-07 23:54 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\SysWOW64\WCN
2016-08-07 23:54 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2016-08-07 23:54 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2016-08-07 23:54 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\winrm
2016-08-07 23:54 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\WCN
2016-08-07 23:54 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\slmgr
2016-08-07 23:54 - 2009-07-14 02:37 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-08-07 23:54 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-08-07 23:54 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-07 23:54 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-07 23:54 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-08-07 23:54 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-08-07 23:54 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-07 23:54 - 2009-07-14 02:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\com
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\oobe
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\MUI
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\migwiz
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\Dism
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\com
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\servicing
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\IME
2016-08-07 23:54 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-07 23:21 - 2009-07-14 04:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-08-07 23:12 - 2009-07-14 02:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

Alguns arquivos em TEMP:
====================
C:\Users\David\AppData\Local\Temp\bassmod.dll


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-08-07 23:08

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité