Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:27-04-2016 Executado por sitio (administrador) em SITIO-PC (29-04-2016 12:31:39) Executando a partir de D:\DOWNLOAD Perfis Carregados: sitio (Perfis Disponíveis: sitio) Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe (Disc Soft Ltd) D:\daemon\DAEMON Tools Lite\DiscSoftBusService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (TeamSpeak Systems GmbH) D:\DOWNLOAD\ts3\ts3client_win32.exe (NCSOFT Corporation) C:\Program Files (x86)\NCWest\NCLauncher\NCLauncherR.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NCsoft) C:\Program Files (x86)\NCSOFT\BnS\bin\Client.exe (INCA Internet Co., Ltd.) C:\Program Files (x86)\NCSOFT\BnS\bin\GameGuard\GameMon.des (Khrona LLC) C:\Program Files (x86)\NCSOFT\BnS\bin\AwesomiumProcess.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Solvusoft Corporation) C:\Program Files (x86)\WinThruster\WinThruster.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] () HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKU\S-1-5-21-2305452102-3013761422-3041711524-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-07-08] (Google Inc.) HKU\S-1-5-21-2305452102-3013761422-3041711524-1000\...\Run: [SideSync] => C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe [10952880 2016-03-18] () HKU\S-1-5-21-2305452102-3013761422-3041711524-1000\...\Run: [DAEMON Tools Lite] => D:\daemon\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd) HKU\S-1-5-21-2305452102-3013761422-3041711524-1000\...\MountPoints2: {4adec8c8-0b9d-11e6-95a2-902b34ff811a} - G:\setup.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-07-08] ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{A0B02F16-8A45-428C-B385-3A9E6C162167}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B869E868-4D22-4821-883A-64A21BB1A515}: [NameServer] 8.8.8.8,1.1.1.1 Tcpip\..\Interfaces\{B869E868-4D22-4821-883A-64A21BB1A515}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-2305452102-3013761422-3041711524-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/?type=903578&fr=spigot-yhp-ie SearchScopes: HKU\S-1-5-21-2305452102-3013761422-3041711524-1000 -> {E2EB1152-EC63-414E-82A1-9BA1AECF6D89} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms} BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.) Toolbar: HKU\S-1-5-21-2305452102-3013761422-3041711524-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\sitio\AppData\Roaming\Mozilla\Firefox\Profiles\x4fuzwh9.default FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation) FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\sitio\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-12-23] (Raidcall) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.) Chrome: ======= CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => Nenhum Arquivo CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\pdf.dll => Nenhum Arquivo CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => Nenhum Arquivo CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => Nenhum Arquivo CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Profile: C:\Users\sitio\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\sitio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27] CHR Extension: (OGame Galaxy Extension) - C:\Users\sitio\AppData\Local\Google\Chrome\User Data\Default\Extensions\clknnoodfglafkilgjcgeikipgjkkaai [2015-07-09] CHR Extension: (Google Search) - C:\Users\sitio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (JDownloader Integration for Google Chrome™) - C:\Users\sitio\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm [2015-07-11] CHR Extension: (AntiGameOrigin) - C:\Users\sitio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm [2015-07-09] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\sitio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02] CHR Extension: (Gmail) - C:\Users\sitio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R3 Disc Soft Lite Bus Service; D:\daemon\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd) S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Arquivo não assinado] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Arquivo não assinado] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-05] (Intel Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] () R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2016-04-28] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-09-26] () S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [33376 2016-01-08] (DEVGURU Co., LTD.) S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-04-29 12:12 - 2016-04-29 12:31 - 00000000 ____D C:\FRST 2016-04-29 10:32 - 2016-04-29 10:35 - 00003106 _____ C:\Windows\System32\Tasks\WinThruster 2016-04-29 10:32 - 2016-04-29 10:32 - 00003024 _____ C:\Windows\System32\Tasks\WinThruster_UPDATES 2016-04-29 10:32 - 2016-04-29 10:32 - 00002868 _____ C:\Windows\System32\Tasks\WinThruster_DEFAULT 2016-04-29 10:32 - 2016-04-29 10:32 - 00000282 _____ C:\Windows\Tasks\WinThruster_UPDATES.job 2016-04-29 10:32 - 2016-04-29 10:32 - 00000274 _____ C:\Windows\Tasks\WinThruster_DEFAULT.job 2016-04-29 10:32 - 2016-04-29 10:32 - 00000000 ____D C:\Users\sitio\AppData\Roaming\Solvusoft 2016-04-29 10:32 - 2016-04-29 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster 2016-04-29 10:32 - 2016-04-29 10:32 - 00000000 ____D C:\Program Files (x86)\WinThruster 2016-04-29 10:32 - 2015-11-25 13:01 - 00021624 _____ (solvusoft) C:\Windows\system32\roboot64.exe 2016-04-29 10:18 - 2016-04-29 10:26 - 00000000 ____D C:\Program Files\Age of Mythology 2016-04-29 10:18 - 2016-04-29 10:18 - 00000643 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Mythology.lnk 2016-04-29 10:18 - 2016-04-29 10:18 - 00000631 _____ C:\Users\Public\Desktop\Age of Mythology.lnk 2016-04-29 10:02 - 2016-04-29 10:02 - 00000000 ____D C:\Users\Todos os Usuários\TEMP 2016-04-29 10:02 - 2016-04-29 10:02 - 00000000 ____D C:\ProgramData\TEMP 2016-04-29 07:48 - 2016-04-29 07:48 - 00000000 ___HD C:\$Windows.~WS 2016-04-29 07:48 - 2016-04-29 07:48 - 00000000 ____D C:\$WINDOWS.~BT 2016-04-28 23:54 - 2016-04-28 23:54 - 00000000 ____D C:\Users\Todos os Usuários\Steam 2016-04-28 23:54 - 2016-04-28 23:54 - 00000000 ____D C:\ProgramData\Steam 2016-04-28 20:38 - 2016-04-28 20:40 - 00000000 ____D C:\Users\sitio\AppData\Roaming\DAEMON Tools Lite 2016-04-28 20:38 - 2016-04-28 20:39 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2016-04-28 20:38 - 2016-04-28 20:38 - 00003326 _____ C:\Windows\System32\Tasks\SidebarExecute 2016-04-28 20:38 - 2016-04-28 20:38 - 00000771 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2016-04-28 20:38 - 2016-04-28 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2016-04-28 20:37 - 2016-04-28 20:38 - 00000000 ____D C:\Users\Todos os Usuários\DAEMON Tools Lite 2016-04-28 20:37 - 2016-04-28 20:38 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2016-04-24 17:20 - 2016-04-24 17:20 - 00001280 _____ C:\Users\sitio\Desktop\Command Prompt.lnk 2016-04-04 21:34 - 2016-02-24 04:15 - 04362656 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des 2016-03-30 08:07 - 2016-03-30 08:07 - 00001140 _____ C:\Users\Public\Desktop\SideSync.lnk 2016-03-30 08:07 - 2016-03-30 08:07 - 00000000 ____D C:\Users\sitio\Documents\SideSync 2016-03-30 08:07 - 2016-03-30 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-03-30 08:07 - 2016-01-08 05:51 - 00213088 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2016-03-30 08:07 - 2016-01-08 05:51 - 00120416 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2016-03-30 08:07 - 2016-01-08 05:51 - 00033376 _____ (DEVGURU Co., LTD.) C:\Windows\system32\Drivers\ss_conn_usb_driver.sys 2016-03-12 08:41 - 2005-01-03 03:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys 2016-03-12 08:41 - 2003-07-18 18:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd 2016-03-12 08:40 - 2016-03-12 08:40 - 00000000 ____D C:\Program Files\Common Files\INCA Shared 2016-02-08 20:44 - 2016-04-28 10:34 - 00000000 ___SD C:\Users\sitio\AppData\LocalLow\Temp ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-04-29 12:04 - 2015-07-08 08:48 - 00000000 ____D C:\Windows\SysWOW64\directx 2016-04-29 11:56 - 2015-07-08 08:29 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-04-29 11:47 - 2015-12-22 22:39 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-04-29 11:04 - 2015-07-24 21:44 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-04-29 11:04 - 2015-07-24 21:44 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-29 10:34 - 2015-07-08 08:29 - 00000000 ____D C:\Users\sitio\AppData\Local\Google 2016-04-29 10:32 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-04-29 10:32 - 2009-07-14 01:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-04-29 10:31 - 2009-07-29 13:08 - 00702882 _____ C:\Windows\system32\prfh0416.dat 2016-04-29 10:31 - 2009-07-29 13:08 - 00145668 _____ C:\Windows\system32\prfc0416.dat 2016-04-29 10:31 - 2009-07-14 02:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-29 10:31 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf 2016-04-29 10:25 - 2015-07-08 08:29 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-29 10:25 - 2015-07-08 08:26 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA 2016-04-29 10:25 - 2015-07-08 08:26 - 00000000 ____D C:\ProgramData\NVIDIA 2016-04-29 10:25 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-04-29 09:18 - 2015-07-14 12:06 - 00000388 _____ C:\Windows\Tasks\update-sys.job 2016-04-29 08:42 - 2015-07-14 12:06 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-2305452102-3013761422-3041711524-1000.job 2016-04-29 07:53 - 2015-07-08 13:18 - 00000000 ____D C:\Windows\Panther 2016-04-28 20:46 - 2015-07-08 09:49 - 00000000 ____D C:\Users\sitio\AppData\Roaming\uTorrent 2016-04-24 22:24 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-04-24 07:15 - 2015-07-08 10:34 - 00000000 ____D C:\Users\sitio\AppData\Local\ElevatedDiagnostics 2016-04-17 01:21 - 2015-12-23 17:58 - 00000695 _____ C:\Users\sitio\Desktop\atributos.txt 2016-04-11 18:57 - 2015-07-08 08:29 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-11 18:57 - 2015-07-08 08:29 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-03-30 08:06 - 2015-08-15 19:01 - 00000000 ____D C:\Program Files (x86)\Samsung ==================== Arquivos na raiz de alguns diretórios ======= 2015-07-14 12:06 - 2015-07-14 12:06 - 0000003 _____ () C:\Users\sitio\AppData\Local\updater.log 2015-07-14 12:06 - 2015-10-01 20:19 - 0000424 _____ () C:\Users\sitio\AppData\Local\UserProducts.xml Alguns arquivos em TEMP: ==================== C:\Users\sitio\AppData\Local\Temp\31d6e07d87ca5eaf6b2447c07a6c1365.dll C:\Users\sitio\AppData\Local\Temp\7eb409fc5359c492c58824d9e93ee961.dll C:\Users\sitio\AppData\Local\Temp\BingBarSetup-Partner.exe C:\Users\sitio\AppData\Local\Temp\cc4c339fab988db768c0d52ef10635ac.dll C:\Users\sitio\AppData\Local\Temp\d3d75f55f6b9650251e725a6ad918aea.dll C:\Users\sitio\AppData\Local\Temp\DAEMON Tools Ultra.exe C:\Users\sitio\AppData\Local\Temp\Gw2.exe C:\Users\sitio\AppData\Local\Temp\namebench.exe C:\Users\sitio\AppData\Local\Temp\Protect4a647d98.dll C:\Users\sitio\AppData\Local\Temp\python27.dll C:\Users\sitio\AppData\Local\Temp\tcl85.dll C:\Users\sitio\AppData\Local\Temp\tk85.dll C:\Users\sitio\AppData\Local\Temp\utt1EDA.tmp.exe C:\Users\sitio\AppData\Local\Temp\_isAD4E.exe C:\Users\sitio\AppData\Local\Temp\{BF9FDD4D-6140-4A4C-B2E8-5320AA33B894}-48.0.2564.109_48.0.2564.103_chrome_updater.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-04-28 01:04 ==================== Fim de FRST.txt ============================