cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:07-02-2016
Executado por Família (administrador) em DESKTOP-TOTL86R (09-02-2016 18:47:01)
Executando a partir de C:\Users\PC\Downloads
Perfis Carregados: Família (Perfis Disponíveis: Família)
Platform: Microsoft Windows 10 Pro (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(F-Secure Corporation) C:\Program Files\F-Secure\Internet Security\fshoster32.exe
(F-Secure Corporation) C:\Program Files\F-Secure\Internet Security\apps\CCF_Reputation\fsorsp.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
() C:\Program Files\WaNetworkEnhancer\WaNetworkEnhancer Internet Enhancer\10c69b1ea34ba960b60f1520598fb13a.exe
(F-Secure Corporation) C:\Program Files\F-Secure\Internet Security\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files\F-Secure\Internet Security\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(F-Secure Corporation) C:\Program Files\F-Secure\Internet Security\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe
(F-Secure Corporation) C:\Program Files\F-Secure\Internet Security\fshoster32.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(BitTorrent Inc.) C:\Users\PC\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\Viva\viva.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
(Trend Micro Inc.) C:\Users\PC\Downloads\HijackThis.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3359920 2014-05-27] (VIA)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Run: [EaseUS EPM tray] => C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe [2081792 2013-03-29] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM\...\Run: [F-Secure GUI (666)] => C:\Program Files\F-Secure\Internet Security\FsGuiStarter.exe [101928 2015-11-10] (F-Secure Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
HKU\S-1-5-21-2032392148-2610944917-446654308-1001\...\Run: [uTorrent] => C:\Users\PC\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-22] (BitTorrent Inc.)
HKU\S-1-5-21-2032392148-2610944917-446654308-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2032392148-2610944917-446654308-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-2032392148-2610944917-446654308-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [24100520 2015-06-25] (Microsoft Corporation)
HKU\S-1-5-21-2032392148-2610944917-446654308-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-2032392148-2610944917-446654308-1001\...\Run: [BingSvc] => C:\Users\PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-01-31] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2032392148-2610944917-446654308-1001\...\MountPoints2: {7a768f3d-376b-11e5-93d8-002511de31af} - "I:\SETUP.EXE"
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll [1867432 2015-09-01] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Nenhum Arquivo

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [S-1-5-21-2032392148-2610944917-446654308-1001] => Proxy está habilitado.
ProxyServer: [S-1-5-21-2032392148-2610944917-446654308-1001] => http=127.0.0.1:63245;https=127.0.0.1:63245
AutoConfigURL: [S-1-5-21-2032392148-2610944917-446654308-1001] => http=127.0.0.1:63245;https=127.0.0.1:63245
Hosts: 127.0.0.1 localhost
Tcpip\..\Interfaces\{0792fc81-4b8a-4b10-9f0a-09b106fe8672}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{12F689D9-0C7A-4398-86C6-12103578D1B9}: [NameServer] 200.204.0.10 200.204.0.138
Tcpip\..\Interfaces\{26781c5d-7efb-4dcc-bf2c-eb2bb9764ed0}: [DhcpNameServer] 10.3.156.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2032392148-2610944917-446654308-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2032392148-2610944917-446654308-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2015-08-26] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-06-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-24] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files\GbPlugin\gbiehcef.dll [2015-09-01] (Caixa Economica Federal)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-24] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fekk4ajk.default
FF Homepage: google.com
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-24] (Oracle Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-06-25] (Microsoft Corporation)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\fekk4ajk.default\searchplugins\bing-.xml [2016-01-31]
FF HKU\S-1-5-21-2032392148-2610944917-446654308-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\PC\AppData\Local\GAS Tecnologia\GBBD\cef\xpi => não encontrado (a)

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 COMLiveService; C:\Program Files\Viva\viva.exe [356640 2015-09-08] ()
R2 fshoster; C:\Program Files\F-Secure\Internet Security\fshoster32.exe [184360 2015-11-10] (F-Secure Corporation)
R3 FSMA; C:\Program Files\F-Secure\Internet Security\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-11-24] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files\F-Secure\Internet Security\apps\CCF_Reputation\fsorsp.exe [60456 2015-08-15] (F-Secure Corporation)
R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [587576 2015-08-13] (GAS Tecnologia)
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-15] (IObit)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [771968 2015-08-24] (Enigma Software Group USA, LLC.)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-08-06] (VIA Technologies, Inc.)
S2 VyprVPN; C:\Program Files\VyprVPN\VyprVPNService.exe [212992 2015-09-28] (Golden Frog, GmbH.) [Arquivo não assinado]
R2 WaNetworkEnhancer Service; C:\Program Files\WaNetworkEnhancer\WaNetworkEnhancer Internet Enhancer\10c69b1ea34ba960b60f1520598fb13a.exe [1591296 2016-01-19] () [Arquivo não assinado]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 Atc002; C:\WINDOWS\System32\drivers\l260x86.sys [29184 2015-07-10] (Atheros Communications, Inc.)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV.sys [174680 2015-07-29] (Qihu 360 Software Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-07-31] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [14920 2013-03-07] () [Arquivo não assinado]
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2015-08-24] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9160 2013-03-07] () [Arquivo não assinado]
R3 F-Secure Gatekeeper; C:\Program Files\F-Secure\Internet Security\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [162808 2015-12-11] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files\F-Secure\Internet Security\apps\ComputerSecurity\HIPS\drivers\fshs.sys [95296 2016-02-03] (F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\Drivers\fsbts.sys [63680 2016-01-12] ()
R3 fsni; C:\Program Files\F-Secure\Internet Security\apps\CCF_Scanning\bin\fsni32.sys [80000 2016-01-11] (F-Secure Corporation)
R0 GbpKm; C:\WINDOWS\System32\drivers\GbpKm.sys [49496 2015-09-03] (GAS Tecnologia)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO32.SYS [23840 2015-08-02] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-02-09] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S1 MpKsl8d036471; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl8d036471.sys [39464 2015-07-23] () [Arquivo não assinado]
R1 ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [31848 2015-07-26] (Avira Operations GmbH & Co. KG)
S3 ssudobex; C:\WINDOWS\system32\DRIVERS\ssudobex.sys [184192 2015-07-24] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tapvyprvpn; C:\WINDOWS\System32\drivers\tapvyprvpn.sys [39520 2015-09-28] (The OpenVPN Project)
S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [31744 2015-07-10] ()
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [575184 2015-08-06] (VIA Technologies, Inc.)
R1 vivadrv; C:\WINDOWS\System32\drivers\vivadrv.sys [49952 2015-08-25] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [161792 2015-07-10] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-02-09 18:43 - 2016-02-09 18:46 - 00030235 _____ C:\Users\PC\Downloads\Addition.txt
2016-02-09 18:42 - 2016-02-09 18:47 - 00015536 _____ C:\Users\PC\Downloads\FRST.txt
2016-02-09 18:41 - 2016-02-09 18:47 - 00000000 ____D C:\FRST
2016-02-09 18:40 - 2016-02-09 18:41 - 01721344 _____ (Farbar) C:\Users\PC\Downloads\FRST.exe
2016-02-09 18:29 - 2016-02-09 18:29 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-TOTL86R_Família_HistoryPrediction.bin
2016-02-09 04:18 - 2016-02-09 04:18 - 54198272 _____ C:\WINDOWS\system32\config\SOFTWARE.iobit
2016-02-09 04:18 - 2016-02-09 04:18 - 00303104 _____ C:\WINDOWS\system32\config\DEFAULT.iobit
2016-02-09 04:18 - 2016-02-09 04:18 - 00073728 _____ C:\WINDOWS\system32\config\SAM.iobit
2016-02-09 04:18 - 2016-02-09 04:18 - 00032768 _____ C:\WINDOWS\system32\config\SECURITY.iobit
2016-02-09 02:35 - 2016-02-09 02:35 - 00000000 ____D C:\Users\PC\AppData\Local\TomTom
2016-02-09 02:34 - 2016-02-09 18:24 - 00000000 ____D C:\Program Files\MyDrive Connect
2016-02-09 02:34 - 2016-02-09 02:34 - 02138111 _____ (TomTom International B.V.) C:\Users\PC\Downloads\InstallMyDriveConnect (1).exe.24w5lt1.partial
2016-02-06 17:22 - 2016-02-06 17:22 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-02-03 10:41 - 2016-02-09 18:30 - 00000000 ____D C:\Users\PC\AppData\LocalLow\uTorrent
2016-02-02 00:43 - 2016-02-02 00:43 - 00149160 _____ C:\WINDOWS\Minidump\020216-31140-01.dmp
2016-02-01 23:00 - 2016-02-02 00:43 - 285544774 _____ C:\WINDOWS\MEMORY.DMP
2016-02-01 23:00 - 2016-02-01 23:01 - 00149160 _____ C:\WINDOWS\Minidump\020116-28781-01.dmp
2016-02-01 22:52 - 2016-02-01 22:53 - 00149160 _____ C:\WINDOWS\Minidump\020116-38437-01.dmp
2016-01-31 23:44 - 2016-01-31 23:44 - 00000000 ____D C:\Users\PC\Tracing
2016-01-31 23:15 - 2016-02-09 18:18 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2016-01-31 23:15 - 2016-01-31 23:16 - 00000000 ___RD C:\Program Files\Skype
2016-01-31 23:15 - 2016-01-31 23:15 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-01-31 23:15 - 2016-01-31 23:15 - 00000000 ____D C:\ProgramData\Skype
2016-01-31 23:15 - 2016-01-31 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-31 23:15 - 2016-01-31 23:15 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-01-31 23:11 - 2016-01-31 23:12 - 00000000 ____D C:\Users\PC\AppData\Roaming\Prodiance
2016-01-31 23:08 - 2016-01-31 23:09 - 01504384 _____ (Skype Technologies S.A.) C:\Users\PC\Downloads\SkypeSetup (1).exe
2016-01-31 23:08 - 2016-01-31 23:08 - 01504384 _____ (Skype Technologies S.A.) C:\Users\PC\Downloads\SkypeSetup.exe
2016-01-27 21:47 - 2016-01-27 21:47 - 00002791 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Device Recovery Tool.lnk
2016-01-27 21:47 - 2016-01-27 21:47 - 00000000 ____D C:\Users\Todos os Usuários\LGE
2016-01-27 21:47 - 2016-01-27 21:47 - 00000000 ____D C:\Users\Todos os Usuários\HTC
2016-01-27 21:47 - 2016-01-27 21:47 - 00000000 ____D C:\ProgramData\LGE
2016-01-27 21:47 - 2016-01-27 21:47 - 00000000 ____D C:\ProgramData\HTC
2016-01-27 21:47 - 2016-01-27 21:47 - 00000000 ____D C:\Program Files\Microsoft Care Suite
2016-01-27 21:39 - 2016-02-09 18:24 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-01-27 21:39 - 2016-02-09 18:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-27 21:36 - 2016-01-27 21:38 - 02297184 _____ (Microsoft) C:\Users\PC\Downloads\WindowsPhoneRecoveryToolInstaller.exe
2016-01-27 21:28 - 2016-01-27 21:28 - 00004096 _____ C:\WINDOWS\SECOH-QAD.exe
2016-01-27 21:28 - 2016-01-27 21:28 - 00003072 _____ C:\WINDOWS\SECOH-QAD.dll
2016-01-27 21:22 - 2016-02-09 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaNetworkEnhancer
2016-01-27 21:22 - 2016-02-09 18:26 - 00000000 ____D C:\Program Files\WaNetworkEnhancer
2016-01-27 21:22 - 2016-02-09 18:26 - 00000000 ____D C:\Program Files\Wajam
2016-01-27 20:55 - 2016-01-27 20:55 - 00000000 _____ C:\Users\PC\Downloads\WindowsPhoneRecoveryToolInstaller_2.exe
2016-01-27 11:53 - 2016-01-27 11:57 - 00027390 _____ C:\Users\PC\Downloads\47276 (6).pdf
2016-01-27 11:49 - 2016-01-27 11:49 - 00027390 _____ C:\Users\PC\Downloads\47276 (5).pdf
2016-01-26 13:52 - 2016-01-26 13:52 - 00149160 _____ C:\WINDOWS\Minidump\012616-27656-01.dmp
2016-01-26 13:32 - 2016-01-26 13:32 - 00149160 _____ C:\WINDOWS\Minidump\012616-28406-01.dmp
2016-01-26 11:51 - 2016-01-26 11:51 - 00149160 _____ C:\WINDOWS\Minidump\012616-26968-01.dmp
2016-01-26 11:45 - 2016-01-26 11:45 - 00149160 _____ C:\WINDOWS\Minidump\012616-24234-01.dmp
2016-01-21 16:37 - 2016-01-23 03:26 - 00000000 ____D C:\Users\PC\Downloads\Gomorrah S01 E01 - Hardcoded Eng Subs - Sno
2016-01-21 16:05 - 2016-01-26 22:40 - 00000695 _____ C:\Users\PC\Downloads\sync
2016-01-17 14:39 - 2016-01-17 14:39 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2016-01-17 14:39 - 2016-01-17 14:39 - 00000000 ____D C:\Program Files\NirSoft
2016-01-17 14:20 - 2016-01-17 14:21 - 00149160 _____ C:\WINDOWS\Minidump\011716-28890-01.dmp
2016-01-17 00:05 - 2016-01-17 00:05 - 00149160 _____ C:\WINDOWS\Minidump\011716-25093-01.dmp
2016-01-16 23:46 - 2016-01-16 23:46 - 00149160 _____ C:\WINDOWS\Minidump\011616-24703-01.dmp
2016-01-16 22:43 - 2016-01-16 22:43 - 00149160 _____ C:\WINDOWS\Minidump\011616-25265-01.dmp
2016-01-12 18:51 - 2016-01-05 00:30 - 06266208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 18:51 - 2016-01-05 00:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 18:51 - 2016-01-05 00:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 18:51 - 2016-01-05 00:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 18:51 - 2016-01-05 00:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 18:51 - 2016-01-05 00:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 18:51 - 2016-01-05 00:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 18:51 - 2016-01-05 00:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 18:51 - 2016-01-05 00:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 18:51 - 2016-01-05 00:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 01395560 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 18:51 - 2016-01-05 00:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 18:51 - 2016-01-05 00:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 00637272 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 18:51 - 2016-01-05 00:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 18:51 - 2016-01-05 00:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 18:51 - 2016-01-05 00:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 18:51 - 2016-01-05 00:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-12 18:51 - 2016-01-05 00:14 - 00350560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 18:51 - 2016-01-05 00:12 - 00586432 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 18:51 - 2016-01-05 00:10 - 00923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 18:51 - 2016-01-05 00:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 18:51 - 2016-01-05 00:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 18:51 - 2016-01-05 00:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 18:51 - 2016-01-04 23:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 18:51 - 2016-01-04 23:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 18:51 - 2016-01-04 23:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-12 18:51 - 2016-01-04 23:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-12 18:51 - 2016-01-04 23:39 - 01161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 18:51 - 2016-01-04 23:39 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 18:51 - 2016-01-04 23:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-12 18:51 - 2016-01-04 23:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 18:51 - 2016-01-04 23:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 18:51 - 2016-01-04 23:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 18:51 - 2016-01-04 23:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 18:51 - 2016-01-04 23:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 18:51 - 2016-01-04 23:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-12 18:51 - 2016-01-04 23:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 18:51 - 2016-01-04 23:26 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 18:51 - 2016-01-04 23:26 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 18:51 - 2016-01-04 23:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 18:51 - 2016-01-04 23:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 18:51 - 2016-01-04 23:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 18:51 - 2016-01-04 23:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 18:51 - 2016-01-04 23:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 18:51 - 2016-01-04 23:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 18:51 - 2016-01-04 23:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-11 00:20 - 2016-01-17 14:20 - 00000000 ____D C:\Program Files\QualityChecker
2016-01-11 00:17 - 2016-02-09 18:26 - 00000000 ____D C:\Program Files\KMSPico

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-02-09 18:45 - 2015-07-24 00:13 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2016-02-09 18:44 - 2015-09-25 16:57 - 00000000 ____D C:\viva
2016-02-09 18:36 - 2015-07-24 03:29 - 00000000 ____D C:\Users\PC\Desktop\PROGRAMAS
2016-02-09 18:31 - 2015-09-25 16:56 - 00000000 ____D C:\Program Files\Viva
2016-02-09 18:31 - 2015-07-23 23:49 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-09 18:28 - 2015-07-23 18:54 - 00000000 ____D C:\Users\PC
2016-02-09 18:28 - 2015-07-10 07:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-09 18:26 - 2015-09-01 09:30 - 00000000 ____D C:\Users\PC\AppData\Local\Aplicativo Itau
2016-02-09 18:26 - 2015-08-16 16:30 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-02-09 18:26 - 2015-08-16 16:30 - 00000000 ____D C:\ProgramData\ProductData
2016-02-09 18:26 - 2015-07-24 13:58 - 00000000 ____D C:\Users\PC\AppData\Roaming\ProductData
2016-02-09 18:26 - 2015-07-24 13:57 - 00000000 ____D C:\Users\PC\AppData\LocalLow\IObit
2016-02-09 18:26 - 2015-07-24 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2016-02-09 18:26 - 2015-07-24 13:47 - 00000000 ____D C:\Users\PC\AppData\Roaming\IObit
2016-02-09 18:26 - 2015-07-23 23:28 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-09 18:26 - 2015-07-10 06:27 - 00000000 ____D C:\WINDOWS\INF
2016-02-09 18:24 - 2015-07-23 21:49 - 00000000 ____D C:\Program Files\VIA
2016-02-09 18:23 - 2015-07-10 06:28 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-09 18:18 - 2015-08-01 17:10 - 00000000 ____D C:\zoek_backup
2016-02-09 18:18 - 2015-07-10 06:28 - 00000000 ____D C:\WINDOWS\registration
2016-02-09 18:01 - 2015-07-23 19:32 - 00000000 ____D C:\Users\PC\AppData\Local\Mozilla
2016-02-06 15:07 - 2015-07-10 06:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-06 12:15 - 2015-07-24 00:37 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-31 00:18 - 2015-07-23 18:53 - 01810446 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-31 00:18 - 2015-07-10 11:21 - 00781824 _____ C:\WINDOWS\system32\prfh0416.dat
2016-01-31 00:18 - 2015-07-10 11:21 - 00152812 _____ C:\WINDOWS\system32\prfc0416.dat
2016-01-30 03:17 - 2015-10-09 17:08 - 00000266 _____ C:\WINDOWS\Tasks\ASC8_SkipUac_Família.job
2016-01-27 21:21 - 2015-07-31 23:34 - 00000000 ____D C:\Users\PC\AppData\Local\Microsoft Help
2016-01-27 09:23 - 2015-08-20 02:24 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-27 09:23 - 2015-07-23 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-25 11:29 - 2015-07-10 06:28 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-01-18 21:56 - 2015-07-24 02:42 - 00000000 ____D C:\Users\PC\AppData\Roaming\PhotoScape
2016-01-17 15:33 - 2015-07-23 18:54 - 00000000 ____D C:\Users\PC\AppData\Local\Packages
2016-01-17 14:20 - 2015-07-10 06:28 - 00000000 ____D C:\WINDOWS\tracing
2016-01-16 21:34 - 2015-07-10 04:59 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-01-13 10:13 - 2015-08-19 17:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 10:13 - 2015-07-10 06:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-13 10:10 - 2015-08-19 17:34 - 141317472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-12 12:09 - 2015-08-15 03:23 - 00063680 _____ C:\WINDOWS\system32\Drivers\fsbts.sys

Alguns arquivos em TEMP:
====================
C:\Users\PC\AppData\Local\Temp\BingSvc.exe
C:\Users\PC\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\PC\AppData\Local\Temp\BSvcUpdater.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-02-05 08:51

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité