cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 28-09-2016
Executado por pjcpam (administrador) em PJCPAM-PC (30-09-2016 13:25:44)
Executando a partir de C:\Users\pjcpam\Downloads
Perfis Carregados: pjcpam (Perfis Disponíveis: pjcpam)
Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(PC Tools) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Shell Extensions\FoxitPrevhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3216544 2010-06-09] (Dell Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [384296 2010-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-26] (IDT, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106072 2015-03-17] (Symantec Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-07-05] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3977376625-3973230938-2316992330-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-09-05] (SUPERAntiSpyware)
HKU\S-1-5-21-3977376625-3973230938-2316992330-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29642368 2016-09-12] (Skype Technologies S.A.)
HKU\S-1-5-21-3977376625-3973230938-2316992330-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
BootExecute: autocheck autochk * sdnclean64.exeaswBoot.exe /M:b625b9b8 /wow /dir:"C:\Program Files\AVAST Software\Avast"
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{90540C8F-37F1-47BC-9AB2-2BF926949F10}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtA0A0E0Ezzzz0F0BzyyCtAtAtCtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyE0B0AzztC0ByC0BtGyB0DtD0EtGyB0EyCtCtGtAtBtAtCtGtByC0CtCtCyE0F0DzzyB0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDzyzz0AyCtCyCtGyBtCtB0DtGyEtBtB0FtGzy0C0DzztG0A0E0FyE0CyBzz0B0Fzy0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1378820139%26a%3Dwbf_bxinw_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtA0A0E0Ezzzz0F0BzyyCtAtAtCtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyE0B0AzztC0ByC0BtGyB0DtD0EtGyB0EyCtCtGtAtBtAtCtGtByC0CtCtCyE0F0DzzyB0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDzyzz0AyCtCyCtGyBtCtB0DtGyEtBtB0FtGzy0C0DzztG0A0E0FyE0CyBzz0B0Fzy0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1378820139%26a%3Dwbf_bxinw_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\S-1-5-21-3977376625-3973230938-2316992330-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtA0A0E0Ezzzz0F0BzyyCtAtAtCtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyE0B0AzztC0ByC0BtGyB0DtD0EtGyB0EyCtCtGtAtBtAtCtGtByC0CtCtCyE0F0DzzyB0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDzyzz0AyCtCyCtGyBtCtB0DtGyEtBtB0FtGzy0C0DzztG0A0E0FyE0CyBzz0B0Fzy0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1378820139%26a%3Dwbf_bxinw_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_40¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtA0A0E0Ezzzz0F0BzyyCtAtAtCtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyE0B0AzztC0ByC0BtGyB0DtD0EtGyB0EyCtCtGtAtBtAtCtGtByC0CtCtCyE0F0DzzyB0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDzyzz0AyCtCyCtGyBtCtB0DtGyEtBtB0FtGzy0C0DzztG0A0E0FyE0CyBzz0B0Fzy0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1378820139%26a%3Dwbf_bxinw_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_40¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtA0A0E0Ezzzz0F0BzyyCtAtAtCtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyE0B0AzztC0ByC0BtGyB0DtD0EtGyB0EyCtCtGtAtBtAtCtGtByC0CtCtCyE0F0DzzyB0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDzyzz0AyCtCyCtGyBtCtB0DtGyEtBtB0FtGzy0C0DzztG0A0E0FyE0CyBzz0B0Fzy0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1378820139%26a%3Dwbf_bxinw_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_40¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtA0A0E0Ezzzz0F0BzyyCtAtAtCtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyE0B0AzztC0ByC0BtGyB0DtD0EtGyB0EyCtCtGtAtBtAtCtGtByC0CtCtCyE0F0DzzyB0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDzyzz0AyCtCyCtGyBtCtB0DtGyEtBtB0FtGzy0C0DzztG0A0E0FyE0CyBzz0B0Fzy0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1378820139%26a%3Dwbf_bxinw_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_40¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtA0A0E0Ezzzz0F0BzyyCtAtAtCtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyE0B0AzztC0ByC0BtGyB0DtD0EtGyB0EyCtCtGtAtBtAtCtGtByC0CtCtCyE0F0DzzyB0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDzyzz0AyCtCyCtGyBtCtB0DtGyEtBtB0FtGzy0C0DzztG0A0E0FyE0CyBzz0B0Fzy0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1378820139%26a%3Dwbf_bxinw_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3977376625-3973230938-2316992330-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_40¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtA0A0E0Ezzzz0F0BzyyCtAtAtCtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyE0B0AzztC0ByC0BtGyB0DtD0EtGyB0EyCtCtGtAtBtAtCtGtByC0CtCtCyE0F0DzzyB0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDzyzz0AyCtCyCtGyBtCtB0DtGyEtBtB0FtGzy0C0DzztG0A0E0FyE0CyBzz0B0Fzy0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1378820139%26a%3Dwbf_bxinw_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3977376625-3973230938-2316992330-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_40¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtA0A0E0Ezzzz0F0BzyyCtAtAtCtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyE0B0AzztC0ByC0BtGyB0DtD0EtGyB0EyCtCtGtAtBtAtCtGtByC0CtCtCyE0F0DzzyB0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDzyzz0AyCtCyCtGyBtCtB0DtGyEtBtB0FtGzy0C0DzztG0A0E0FyE0CyBzz0B0Fzy0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1378820139%26a%3Dwbf_bxinw_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-29] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-09-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-29] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-09-29] (Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-29] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\pjcpam\AppData\Roaming\Mozilla\Firefox\Profiles\39q1fv1i.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo! Powered
FF SelectedSearchEngine: Yahoo! Powered
FF Homepage: hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_bxinw_16_40¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtA0A0E0Ezzzz0F0BzyyCtAtAtCtN0D0Tzu0StCyBtAyEtN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyE0B0AzztC0ByC0BtGyB0DtD0EtGyB0EyCtCtGtAtBtAtCtGtByC0CtCtCyE0F0DzzyB0CyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AtDzyzz0AyCtCyCtGyBtCtB0DtGyEtBtB0FtGzy0C0DzztG0A0E0FyE0CyBzz0B0Fzy0AyD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtCtC%26cr%3D1378820139%26a%3Dwbf_bxinw_16_40%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
FF Keyword.URL: user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-29] (Google Inc.)
FF SearchPlugin: C:\Users\pjcpam\AppData\Roaming\Mozilla\Firefox\Profiles\39q1fv1i.default\searchplugins\yahoo! powered.xml [2016-09-30]
FF Extension: (Firefox Hotfix) - C:\Users\pjcpam\AppData\Roaming\Mozilla\Firefox\Profiles\39q1fv1i.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-19]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Proteção Kaspersky) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-20]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [não assinado]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default [2016-09-30]
CHR Extension: (Google Apresentações) - C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-19]
CHR Extension: (Google Docs) - C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-19]
CHR Extension: (Google Drive) - C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-19]
CHR Extension: (YouTube) - C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-19]
CHR Extension: (Planilhas do Google) - C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-19]
CHR Extension: (Documentos Google off-line) - C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-21]
CHR Extension: (Kaspersky Protection) - C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2016-09-19]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-19]
CHR Extension: (Gmail) - C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-19]
CHR Extension: (Chrome Media Router) - C:\Users\pjcpam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3977376625-3973230938-2316992330-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2016-08-20] (SUPERAntiSpyware.com)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
S3 DiskDoctorService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150552 2015-03-17] (Symantec Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1648840 2016-08-05] (Foxit Software Inc.)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Arquivo não assinado]
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 NU16StartManagerSvc; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [795736 2015-03-17] (PC Tools)
R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [1926672 2016-09-29] (Scopus Soluções em TI Ltda)
S3 SpeedDiskService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163864 2015-03-17] (Symantec Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [244736 2010-02-26] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236888 2016-08-20] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-08-20] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-04-28] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-08-20] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U0 aswVmm; não ImagePath
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-09-30 13:25 - 2016-09-30 13:26 - 00025884 _____ C:\Users\pjcpam\Downloads\FRST.txt
2016-09-30 13:24 - 2016-09-30 13:25 - 00000000 ____D C:\FRST
2016-09-30 13:24 - 2016-09-30 13:24 - 02404352 _____ (Farbar) C:\Users\pjcpam\Downloads\FRST64.exe
2016-09-30 13:23 - 2016-09-30 13:23 - 01754624 _____ (Farbar) C:\Users\pjcpam\Downloads\FRST.exe
2016-09-30 13:00 - 2016-09-30 13:00 - 00000000 ____D C:\b52f48b22d17b848c41ae61dea5f
2016-09-30 10:49 - 2016-09-30 13:00 - 00000000 ___HT C:\Windows\wusa.lock
2016-09-30 10:49 - 2016-09-30 10:49 - 00000000 ____D C:\43a1fad2de8cd6ff25a95a26
2016-09-30 09:55 - 2016-09-30 09:55 - 00000000 ____D C:\Users\pjcpam\AppData\Local\CEF
2016-09-30 09:43 - 2016-09-30 09:43 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-09-30 09:43 - 2016-09-30 09:42 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-09-30 09:43 - 2016-09-30 09:42 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-09-30 09:36 - 2016-09-30 12:29 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-09-30 09:36 - 2016-09-30 12:29 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-30 09:35 - 2016-09-30 10:36 - 00000000 ____D C:\Users\pjcpam\AppData\Roaming\{3DC60B7D-1894-660B-73A2-41D9AF70BCE7}
2016-09-30 09:35 - 2016-09-30 09:35 - 00004344 _____ C:\Windows\System32\Tasks\Yahoo! Powered dosod
2016-09-30 09:35 - 2016-09-30 09:35 - 00002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-09-30 09:35 - 2016-09-30 09:35 - 00000000 ____D C:\Users\Todos os Usuários\{54D991BA-DE9B-1B7C-585D-853EC21F0EF0}
2016-09-30 09:35 - 2016-09-30 09:35 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-09-30 09:35 - 2016-09-30 09:35 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-09-30 09:35 - 2016-09-30 09:35 - 00000000 ____D C:\Users\pjcpam\AppData\Local\Setup8279113
2016-09-30 09:35 - 2016-09-30 09:35 - 00000000 ____D C:\ProgramData\{54D991BA-DE9B-1B7C-585D-853EC21F0EF0}
2016-09-29 17:55 - 2016-09-29 17:55 - 00000000 ____D C:\Users\Todos os Usuários\scpbrad
2016-09-29 17:55 - 2016-09-29 17:55 - 00000000 ____D C:\ProgramData\scpbrad
2016-09-29 17:55 - 2016-09-29 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Componente de Segurança Bradesco
2016-09-29 17:55 - 2016-09-29 17:55 - 00000000 ____D C:\Program Files (x86)\scpbrad
2016-09-29 16:05 - 2016-09-29 16:05 - 02416640 _____ C:\Users\pjcpam\s-1-5-21-3977376625-3973230938-2316992330-1000.rrr
2016-09-29 16:05 - 2016-09-29 16:05 - 00208896 _____ C:\Windows\system32\config\default.rrr
2016-09-29 16:03 - 2016-09-29 16:05 - 55275520 _____ C:\Windows\system32\config\software.rrr
2016-09-29 12:53 - 2016-09-29 12:53 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-29 12:53 - 2016-09-29 12:53 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-29 12:49 - 2016-09-30 12:54 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-29 12:49 - 2016-09-30 12:54 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-29 12:49 - 2016-09-29 12:49 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-29 12:49 - 2016-09-29 12:49 - 00003812 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-29 12:49 - 2016-09-29 12:49 - 00000000 ____D C:\Users\pjcpam\AppData\Local\Deployment
2016-09-29 12:49 - 2016-09-29 12:49 - 00000000 ____D C:\Users\pjcpam\AppData\Local\Apps\2.0
2016-09-19 12:05 - 2016-09-19 13:36 - 00000000 ____D C:\Users\pjcpam\AppData\Local\Google
2016-09-19 12:05 - 2016-09-19 12:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-14 08:03 - 2016-09-14 08:03 - 00000000 ____D C:\d82c0bfa7aa7bef34c
2016-09-12 09:03 - 2016-09-12 09:03 - 00000000 ____D C:\bde7c6829ea1b90e851c03763f53
2016-09-12 08:39 - 2016-09-12 08:39 - 00000000 ____D C:\Users\Todos os Usuários\Hewlett-Packard
2016-09-12 08:39 - 2016-09-12 08:39 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-09-12 08:36 - 2016-09-12 08:36 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-09-12 08:36 - 2012-08-31 15:10 - 00350720 _____ C:\Windows\system32\mvhlewsi.DLL
2016-09-12 08:36 - 2012-08-31 15:03 - 01696256 _____ C:\Windows\system32\HP1100SM.EXE
2016-09-12 08:36 - 2012-08-31 15:03 - 00288768 _____ C:\Windows\system32\HP1100LM.DLL
2016-09-12 08:35 - 2016-09-12 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-09-12 08:35 - 2016-09-12 08:35 - 00000000 ____D C:\Users\Todos os Usuários\HPSSUPPLY
2016-09-12 08:35 - 2016-09-12 08:35 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2016-09-12 08:35 - 2012-09-26 21:27 - 00126880 _____ (HP) C:\Windows\system32\HPSIsvc.exe
2016-09-12 08:34 - 2016-09-12 08:35 - 00000000 ____D C:\Program Files (x86)\HP
2016-09-12 08:34 - 2016-09-12 08:34 - 00000000 ____D C:\Program Files\HP
2016-09-12 08:33 - 2012-09-26 02:45 - 00052736 _____ C:\Windows\system32\HP1100SMs.dll
2016-09-12 08:32 - 2016-09-12 08:33 - 00000000 ____D C:\LJP1100_P1560_P1600_Full_Solution
2016-09-12 08:28 - 2016-09-12 08:29 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2016-09-12 08:28 - 2016-09-12 08:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-09-12 08:28 - 2016-09-12 08:28 - 00000000 ____D C:\Users\Todos os Usuários\Samsung
2016-09-12 08:28 - 2016-09-12 08:28 - 00000000 ____D C:\ProgramData\Samsung
2016-09-12 08:28 - 2016-09-12 08:28 - 00000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2016-09-12 08:27 - 2014-10-30 09:06 - 00029184 _____ () C:\Windows\system32\ssm4mlm.dll
2016-09-12 08:27 - 2014-10-30 09:05 - 03141120 _____ C:\Windows\system32\eed_ec.dll
2016-09-12 08:27 - 2014-10-30 09:05 - 00686384 _____ (Samsung Electronics) C:\Windows\system32\eed_sl.exe
2016-09-12 08:27 - 2013-11-15 07:48 - 00000273 _____ C:\Windows\system32\eed_sl.exe.config
2016-09-12 08:27 - 2013-11-13 23:56 - 00226424 _____ C:\Windows\system32\SBuySupplies.exe
2016-09-12 08:27 - 2013-05-29 09:01 - 00000359 _____ C:\Windows\system32\ssm4mlm.smt
2016-09-12 08:27 - 2013-05-29 09:00 - 00158040 _____ (SS) C:\Windows\system32\ssm4mci.exe
2016-09-12 08:27 - 2013-05-29 09:00 - 00089600 _____ (SS) C:\Windows\system32\ssm4mci.dll
2016-09-12 08:26 - 2016-09-12 08:28 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-09-12 08:26 - 2013-07-05 03:15 - 00094208 ____N C:\Windows\SysWOW64\ssdevm.dll
2016-09-12 08:26 - 2013-07-05 03:15 - 00091136 ____N C:\Windows\system32\ssdevm64.dll
2016-09-12 08:26 - 2013-04-29 23:52 - 00011576 ____N (Samsung Electronics) C:\Windows\system32\Drivers\SSPORT.SYS
2016-09-09 12:05 - 2016-09-09 12:05 - 00000000 ____D C:\7d70b3d832fba9104022b0ef563d
2016-09-09 10:36 - 2016-09-09 10:36 - 00000085 _____ C:\Windows\wininit.ini
2016-09-09 10:15 - 2016-09-30 09:43 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-09 10:10 - 2016-09-09 10:10 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-09-09 10:06 - 2016-09-09 10:36 - 00000000 ____D C:\Users\Todos os Usuários\Spybot - Search & Destroy
2016-09-09 10:06 - 2016-09-09 10:36 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-09 10:03 - 2016-09-09 10:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-09-09 07:38 - 2016-09-30 13:00 - 00000332 _____ C:\Windows\Tasks\SpeedDiskSchedule.job
2016-09-09 07:38 - 2016-09-09 07:38 - 00002870 _____ C:\Windows\System32\Tasks\SpeedDiskSchedule
2016-09-09 07:00 - 2016-09-09 07:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-09-30 13:15 - 2016-08-23 08:00 - 00000000 ____D C:\Users\pjcpam\AppData\Roaming\Skype
2016-09-30 13:04 - 2016-08-23 15:07 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-30 12:58 - 2016-08-19 12:20 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-30 12:52 - 2016-08-19 12:03 - 00000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab
2016-09-30 12:52 - 2016-08-19 12:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-09-30 12:44 - 2009-07-14 01:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-30 12:44 - 2009-07-14 01:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-30 12:37 - 2016-08-19 11:42 - 00000290 _____ C:\Windows\Tasks\NUAutoUpdate.job
2016-09-30 12:37 - 2016-08-19 11:41 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2016-09-30 12:37 - 2016-08-19 11:41 - 00000000 ____D C:\ProgramData\TEMP
2016-09-30 12:36 - 2016-08-19 11:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-30 12:36 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-30 10:17 - 2016-08-20 13:01 - 00000000 ____D C:\Users\pjcpam\Documents\Arquivos do Outlook
2016-09-30 09:36 - 2016-08-23 08:01 - 00000000 ____D C:\Users\pjcpam\AppData\Local\{3D9B0BC7-1933-677F-74AB-429750C3BE0F}
2016-09-30 09:36 - 2016-08-23 07:57 - 00000000 ____D C:\Users\pjcpam\AppData\Local\rosi
2016-09-30 09:35 - 2016-08-23 07:57 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-09-30 09:35 - 2016-08-23 07:57 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-09-30 07:18 - 2016-08-20 13:20 - 00000000 ____D C:\Users\Todos os Usuários\Foxit Software
2016-09-30 07:18 - 2016-08-20 13:20 - 00000000 ____D C:\ProgramData\Foxit Software
2016-09-29 16:25 - 2016-08-20 12:44 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-09-29 16:25 - 2016-08-20 12:44 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-29 16:15 - 2016-08-19 11:42 - 00000000 ____D C:\Users\pjcpam\AppData\Roaming\Norton Utilities 16
2016-09-29 16:05 - 2016-08-19 11:10 - 00000000 ____D C:\Users\pjcpam
2016-09-29 15:52 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\rescache
2016-09-29 12:51 - 2016-08-23 07:59 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-09-29 12:51 - 2016-08-23 07:59 - 00000000 ____D C:\ProgramData\Skype
2016-09-29 12:46 - 2016-08-19 11:44 - 00000000 ____D C:\Users\pjcpam\AppData\LocalLow\Temp
2016-09-29 09:31 - 2016-08-26 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-29 09:31 - 2016-08-26 10:09 - 00000000 ____D C:\Program Files\iTunes
2016-09-29 09:31 - 2016-08-26 10:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-09-29 09:31 - 2016-08-23 08:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-29 09:31 - 2016-08-19 11:45 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-29 09:31 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-09-29 09:30 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\registration
2016-09-29 09:29 - 2016-08-26 10:09 - 00000000 ____D C:\Program Files\iPod
2016-09-15 18:22 - 2016-08-19 11:45 - 00000000 ____D C:\Users\pjcpam\AppData\Local\Mozilla
2016-09-14 08:04 - 2016-08-23 15:07 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-14 08:04 - 2016-08-23 15:07 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-14 08:04 - 2016-08-23 15:07 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-14 08:04 - 2016-08-23 15:06 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-14 08:04 - 2016-08-23 15:06 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-12 15:36 - 2016-08-23 15:22 - 00000000 ____D C:\Users\pjcpam\AppData\Local\Foxit Reader
2016-09-12 08:03 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-09-12 07:55 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-09-06 07:42 - 2016-08-19 11:45 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-09-29 14:14

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité