cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 14.03.2018
Executado por Cleusaa (administrador) em CLEUSA (19-03-2018 20:23:53)
Executando a partir de C:\Users\Cleusaa\Desktop
Perfis Carregados: Cleusaa (Perfis Disponíveis: Cleusaa)
Platform: Windows 8.1 Connected (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13664984 2014-01-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2017-04-11] (Caixa Economica Federal)
HKU\S-1-5-21-3540807035-872188609-48565466-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1903328 2017-04-11] (Caixa Economica Federal)
GroupPolicy: Restrição - Chrome <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
CHR HKU\.DEFAULT\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
CHR HKU\S-1-5-21-3540807035-872188609-48565466-1001\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\Parameters: [NameServer] 82.163.142.3 95.211.158.130
Tcpip\..\Interfaces\{1E26AB99-C7FA-4B6A-B279-104F5191FBF7}: [DhcpNameServer] 82.163.142.3
Tcpip\..\Interfaces\{F787868C-89D1-452F-81A8-F47397131510}: [NameServer] 199.203.131.145,82.163.143.167
Tcpip\..\Interfaces\{F787868C-89D1-452F-81A8-F47397131510}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3540807035-872188609-48565466-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3540807035-872188609-48565466-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3540807035-872188609-48565466-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
URLSearchHook: HKLM-x32 -> Padrão = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {029A3696-EB3F-41CC-A264-D3DF538F4CBB} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {029A3696-EB3F-41CC-A264-D3DF538F4CBB} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2017-04-11] (Caixa Economica Federal)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-3540807035-872188609-48565466-1001: gastecnologia.com.br/sf/abn64 -> C:\Users\Cleusaa\AppData\Local\GAS Tecnologia\GBBD\npsf_abn_64.dll [Nenhum Arquivo]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR DefaultSearchURL: Profile 1 -> hxxps://search.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> Avira
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.avira.com/suggestions?q={searchTerms}&li=ff&hl=pt
CHR Profile: C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-03-16]
CHR Extension: (Apresentações) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-27]
CHR Extension: (Documentos) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-27]
CHR Extension: (Google Drive) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-27]
CHR Extension: (YouTube) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-27]
CHR Extension: (Planilhas) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-27]
CHR Extension: (Segurança do navegador Avira) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-02-27]
CHR Extension: (Documentos Google off-line) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-27]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2018-02-27]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-27]
CHR Extension: (Gmail) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-27]
CHR Extension: (Chrome Media Router) - C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-28]
CHR Profile: C:\Users\Cleusaa\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2017-04-11] (GAS Tecnologia)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Arquivo não assinado]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 fspad_win764; C:\Windows\system32\DRIVERS\fspad_win764.sys [173408 2014-01-16] (Sentelic Corporation)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-09] (Intel Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [461528 2013-12-20] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2987224 2013-11-22] (Realtek Semiconductor Corporation )
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-03-15] ()
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [87568 2013-07-01] (Intel Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Arquivo não assinado]
S3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-03] (GAS Tecnologia LTDA)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44024 2015-02-03] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [264000 2015-02-03] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil64.sys [X]
S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X]
S3 SmbDrvI; \SystemRoot\System32\drivers\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-03-19 19:51 - 2018-03-19 19:51 - 000027534 _____ C:\Users\Cleusaa\Desktop\Addition.txt
2018-03-19 19:49 - 2018-03-19 20:24 - 000013161 _____ C:\Users\Cleusaa\Desktop\FRST.txt
2018-03-19 19:49 - 2018-03-19 20:23 - 000000000 ____D C:\FRST
2018-03-16 21:42 - 2018-03-16 21:42 - 001763840 _____ C:\Users\Cleusaa\Downloads\Não confirmado 881724.crdownload
2018-03-16 21:42 - 2018-03-16 21:42 - 001763840 _____ C:\Users\Cleusaa\Downloads\Não confirmado 701695.crdownload
2018-03-16 21:42 - 2018-03-16 21:42 - 001763840 _____ C:\Users\Cleusaa\Downloads\Não confirmado 529501.crdownload
2018-03-16 21:40 - 2018-03-16 21:40 - 000000000 ____D C:\Users\Cleusaa\AppData\Local\CrashDumps
2018-03-16 21:35 - 2018-03-16 21:35 - 000000000 ____D C:\Windows\%LOCALAPPDATA%
2018-03-16 21:22 - 2018-03-16 21:18 - 002403328 _____ (Farbar) C:\Users\Cleusaa\Desktop\FRST64.exe
2018-03-16 21:15 - 2018-03-16 21:15 - 001163988 _____ C:\Users\Cleusaa\Downloads\J78MBSV9HD73 (3).zip
2018-03-16 21:08 - 2018-03-16 21:08 - 001163988 _____ C:\Users\Cleusaa\Downloads\J78MBSV9HD73 (2).zip
2018-03-16 21:07 - 2018-03-16 21:07 - 001163988 _____ C:\Users\Cleusaa\Downloads\J78MBSV9HD73 (1).zip
2018-03-16 21:05 - 2018-03-16 21:05 - 001163988 _____ C:\Users\Cleusaa\Downloads\J78MBSV9HD73.zip
2018-03-15 21:22 - 2018-03-15 21:22 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-03-15 21:21 - 2018-03-15 21:21 - 000000000 ____D C:\Users\Todos os Usuários\RogueKiller
2018-03-15 21:21 - 2018-03-15 21:21 - 000000000 ____D C:\ProgramData\RogueKiller
2018-03-15 21:06 - 2018-03-15 21:06 - 000170176 _____ C:\Users\Cleusaa\Documents\cc_20180315_210617.reg
2018-03-15 20:41 - 2018-03-15 20:41 - 000003872 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-03-15 20:41 - 2018-03-15 20:41 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-03-15 20:41 - 2018-03-15 20:41 - 000000841 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-03-15 20:41 - 2018-03-15 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-03-15 20:41 - 2018-03-15 20:41 - 000000000 ____D C:\Program Files\CCleaner
2018-03-15 20:38 - 2018-03-15 20:38 - 008341624 _____ (Piriform Ltd) C:\Users\Cleusaa\Downloads\ccsetup539_slim.exe
2018-03-15 11:48 - 2018-03-15 11:48 - 000000000 ____D C:\Users\Cleusaa\Documents\Nova pasta
2018-03-15 11:20 - 2018-03-15 11:20 - 000000000 ____D C:\Users\Todos os Usuários\AVAST Software
2018-03-15 11:20 - 2018-03-15 11:20 - 000000000 ____D C:\ProgramData\AVAST Software
2018-03-14 13:42 - 2018-03-14 13:43 - 008222496 _____ (Malwarebytes) C:\Users\Cleusaa\Downloads\AdwCleaner.exe
2018-03-10 17:37 - 2018-03-10 17:37 - 000674163 _____ C:\Users\Cleusaa\Downloads\download (28).htm
2018-03-10 17:37 - 2018-03-10 17:37 - 000674160 _____ C:\Users\Cleusaa\Downloads\download (27).htm
2018-03-10 17:37 - 2018-03-10 17:37 - 000668785 _____ C:\Users\Cleusaa\Downloads\download (25).htm
2018-03-10 17:37 - 2018-03-10 17:37 - 000667936 _____ C:\Users\Cleusaa\Downloads\download (26).htm
2018-03-10 17:30 - 2018-03-10 17:30 - 000673387 _____ C:\Users\Cleusaa\Downloads\download (24).htm
2018-03-10 17:29 - 2018-03-10 17:29 - 000674775 _____ C:\Users\Cleusaa\Downloads\download (23).htm
2018-03-10 17:29 - 2018-03-10 17:29 - 000638930 _____ C:\Users\Cleusaa\Downloads\download (22).htm
2018-03-10 16:57 - 2018-03-10 16:57 - 000673171 _____ C:\Users\Cleusaa\Downloads\download (21).htm
2018-03-10 16:57 - 2018-03-10 16:57 - 000667347 _____ C:\Users\Cleusaa\Downloads\download (20).htm
2018-03-10 16:57 - 2018-03-10 16:57 - 000646754 _____ C:\Users\Cleusaa\Downloads\download (19).htm
2018-03-10 16:56 - 2018-03-10 16:56 - 000677557 _____ C:\Users\Cleusaa\Downloads\download (16).htm
2018-03-10 16:56 - 2018-03-10 16:56 - 000674273 _____ C:\Users\Cleusaa\Downloads\download (18).htm
2018-03-10 16:56 - 2018-03-10 16:56 - 000668142 _____ C:\Users\Cleusaa\Downloads\download (17).htm
2018-03-10 16:56 - 2018-03-10 16:56 - 000663087 _____ C:\Users\Cleusaa\Downloads\download (15).htm
2018-03-10 16:36 - 2018-03-10 16:36 - 000717376 _____ C:\Users\Cleusaa\Downloads\cleusa.zampiron
2018-03-10 16:36 - 2018-03-10 16:36 - 000717286 _____ C:\Users\Cleusaa\Downloads\cleusa (1).zampiron
2018-03-10 16:36 - 2018-03-10 16:36 - 000651207 _____ C:\Users\Cleusaa\Downloads\download (14).htm
2018-03-10 16:36 - 2018-03-10 16:36 - 000644051 _____ C:\Users\Cleusaa\Downloads\download (13).htm
2018-03-10 16:36 - 2018-03-10 16:36 - 000643375 _____ C:\Users\Cleusaa\Downloads\download (12).htm
2018-03-10 16:35 - 2018-03-10 16:35 - 000472186 _____ C:\Users\Cleusaa\Downloads\1635015393257287 (1).htm
2018-03-10 16:35 - 2018-03-10 16:35 - 000472128 _____ C:\Users\Cleusaa\Downloads\1635015393257287.htm
2018-03-09 18:39 - 2018-03-09 18:39 - 001271064 _____ C:\Users\Cleusaa\Downloads\download (10).htm
2018-03-09 18:39 - 2018-03-09 18:39 - 001270693 _____ C:\Users\Cleusaa\Downloads\download (11).htm
2018-03-09 12:05 - 2018-03-09 12:05 - 000001051 _____ C:\Users\Cleusaa\Desktop\OC7A5470 - Atalho (2).lnk
2018-03-09 12:04 - 2018-03-09 12:04 - 000001051 _____ C:\Users\Cleusaa\Desktop\OC7A5470 - Atalho.lnk
2018-03-09 09:31 - 2018-03-09 09:31 - 000678986 _____ C:\Users\Cleusaa\Downloads\download (7).htm
2018-03-09 09:31 - 2018-03-09 09:31 - 000672048 _____ C:\Users\Cleusaa\Downloads\download (9).htm
2018-03-09 09:31 - 2018-03-09 09:31 - 000669146 _____ C:\Users\Cleusaa\Downloads\download (8).htm
2018-03-09 09:31 - 2018-03-09 09:31 - 000665634 _____ C:\Users\Cleusaa\Downloads\download (6).htm
2018-03-09 09:28 - 2018-03-09 09:28 - 000704191 _____ C:\Users\Cleusaa\Downloads\download (5).htm
2018-03-09 09:28 - 2018-03-09 09:28 - 000696716 _____ C:\Users\Cleusaa\Downloads\download (2).htm
2018-03-09 09:28 - 2018-03-09 09:28 - 000696456 _____ C:\Users\Cleusaa\Downloads\download (4).htm
2018-03-09 09:28 - 2018-03-09 09:28 - 000683199 _____ C:\Users\Cleusaa\Downloads\download (3).htm
2018-03-08 09:47 - 2018-03-08 09:47 - 000001051 _____ C:\Users\Cleusaa\Desktop\OC7A5482 - Atalho (3).lnk
2018-03-08 09:47 - 2018-03-08 09:47 - 000001051 _____ C:\Users\Cleusaa\Desktop\OC7A5446 - Atalho.lnk
2018-03-08 09:33 - 2018-03-08 09:33 - 000001051 _____ C:\Users\Cleusaa\Desktop\OC7A5482 - Atalho (2).lnk
2018-03-08 09:26 - 2018-03-08 09:26 - 000598984 _____ C:\Users\Cleusaa\Downloads\download (1).htm
2018-03-08 09:26 - 2018-03-08 09:26 - 000595356 _____ C:\Users\Cleusaa\Downloads\download.htm
2018-02-19 12:04 - 2018-02-19 12:04 - 000605424 _____ (Reimage) C:\Users\Cleusaa\Downloads\ReimageRepair.exe
2018-01-31 15:08 - 2018-01-31 15:08 - 000442175 _____ C:\Users\Cleusaa\Downloads\watch (16).htm
2018-01-31 15:08 - 2018-01-31 15:08 - 000417330 _____ C:\Users\Cleusaa\Downloads\watch (15).htm
2018-01-31 15:07 - 2018-01-31 15:07 - 000349094 _____ C:\Users\Cleusaa\Downloads\watch (13).htm
2018-01-31 15:07 - 2018-01-31 15:07 - 000349040 _____ C:\Users\Cleusaa\Downloads\watch (14).htm
2018-01-31 15:06 - 2018-01-31 15:06 - 000348455 _____ C:\Users\Cleusaa\Downloads\watch (12).htm
2018-01-31 15:05 - 2018-01-31 15:05 - 000352788 _____ C:\Users\Cleusaa\Downloads\watch (9).htm
2018-01-31 15:05 - 2018-01-31 15:05 - 000349148 _____ C:\Users\Cleusaa\Downloads\watch (10).htm
2018-01-31 15:05 - 2018-01-31 15:05 - 000348943 _____ C:\Users\Cleusaa\Downloads\watch (8).htm
2018-01-31 15:05 - 2018-01-31 15:05 - 000347893 _____ C:\Users\Cleusaa\Downloads\watch (7).htm
2018-01-31 15:05 - 2018-01-31 15:05 - 000340830 _____ C:\Users\Cleusaa\Downloads\watch (11).htm
2018-01-31 15:04 - 2018-01-31 15:04 - 000362341 _____ C:\Users\Cleusaa\Downloads\watch (6).htm
2018-01-31 14:49 - 2018-01-31 14:49 - 000376171 _____ C:\Users\Cleusaa\Downloads\watch (5).htm
2018-01-31 14:48 - 2018-01-31 14:48 - 000367877 _____ C:\Users\Cleusaa\Downloads\watch (4).htm
2018-01-31 14:48 - 2018-01-31 14:48 - 000361356 _____ C:\Users\Cleusaa\Downloads\watch (1).htm
2018-01-31 14:48 - 2018-01-31 14:48 - 000359865 _____ C:\Users\Cleusaa\Downloads\watch (2).htm
2018-01-31 14:48 - 2018-01-31 14:48 - 000357445 _____ C:\Users\Cleusaa\Downloads\watch (3).htm
2018-01-31 14:47 - 2018-01-31 14:47 - 000357712 _____ C:\Users\Cleusaa\Downloads\watch.htm
2018-01-17 15:07 - 2018-01-17 15:07 - 001132296 _____ C:\Users\Cleusaa\Downloads\JU34339847987489738EERR9334LBR.zip
2018-01-10 18:55 - 2018-01-29 12:14 - 000001369 _____ C:\Users\Cleusaa\Desktop\Roblox jogos.lnk
2018-01-10 18:53 - 2018-01-29 12:14 - 000001184 _____ C:\Users\Cleusaa\Desktop\Roblox Studio.lnk
2018-01-10 18:53 - 2018-01-29 12:14 - 000000000 ____D C:\Users\Cleusaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2018-01-10 18:53 - 2018-01-10 19:01 - 000000252 _____ C:\Users\Cleusaa\AppData\LocalLow\rbxcsettings.rbx
2018-01-10 18:53 - 2018-01-10 19:01 - 000000000 ____D C:\Users\Cleusaa\AppData\Local\Roblox
2018-01-10 18:51 - 2018-01-10 18:52 - 000822328 _____ (Roblox Corporation) C:\Users\Cleusaa\Downloads\RobloxPlayerLauncher.exe

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2018-03-19 19:52 - 2017-04-12 19:20 - 000000000 ___DO C:\Users\Cleusaa\OneDrive
2018-03-19 16:11 - 2013-08-22 10:36 - 000000000 ____D C:\Windows\Inf
2018-03-16 21:56 - 2015-02-02 10:42 - 000003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3540807035-872188609-48565466-1001
2018-03-16 21:41 - 2015-02-02 10:52 - 000003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5049D1A6-CB06-455E-8F59-6EB700AE7CF4}
2018-03-16 21:39 - 2016-01-24 17:03 - 000000000 ____D C:\Users\Todos os Usuários\Avira
2018-03-16 21:39 - 2016-01-24 17:03 - 000000000 ____D C:\ProgramData\Avira
2018-03-16 21:34 - 2013-08-22 11:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-16 21:33 - 2013-08-22 10:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-03-16 20:58 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\AppReadiness
2018-03-16 10:37 - 2013-08-22 12:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-03-15 20:57 - 2014-05-19 10:04 - 000000000 ____D C:\Windows\Panther
2018-03-15 20:26 - 2015-10-09 20:33 - 000000000 ____D C:\Program Files (x86)\GbPlugin
2018-03-15 11:24 - 2014-03-18 06:54 - 001797166 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-15 11:24 - 2014-03-18 06:30 - 000774900 _____ C:\Windows\system32\prfh0416.dat
2018-03-15 11:24 - 2014-03-18 06:30 - 000158494 _____ C:\Windows\system32\prfc0416.dat
2018-03-14 13:57 - 2016-04-27 14:16 - 000000000 ____D C:\AdwCleaner
2018-03-04 12:04 - 2015-02-02 10:36 - 000000000 ____D C:\Users\Cleusaa\AppData\Local\Packages
2018-03-04 12:03 - 2013-08-22 12:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-28 19:33 - 2015-02-02 10:36 - 000000000 ____D C:\Users\Cleusaa
2018-02-27 09:26 - 2015-08-01 23:12 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-27 09:26 - 2015-08-01 23:12 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-21 13:20 - 2013-08-22 12:36 - 000000000 ____D C:\Windows\LiveKernelReports

==================== Arquivos na raiz de alguns diretórios =======

2015-08-10 20:44 - 2015-08-10 20:44 - 000000020 _____ () C:\Users\Cleusaa\AppData\Roaming\appdataFr2.bin
2015-05-31 22:05 - 2016-01-23 21:22 - 000000024 _____ () C:\Users\Cleusaa\AppData\Roaming\appdataFr25.bin
2015-10-09 19:58 - 2015-10-09 19:58 - 000000000 _____ () C:\Users\Cleusaa\AppData\Local\Temp.dat

Alguns arquivos em TEMP:
====================
2018-03-15 21:21 - 2015-03-23 18:59 - 001733952 _____ (Microsoft Corporation) C:\Users\Cleusaa\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2018-03-15 12:11

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité