cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:07-05-2016
Executado por ADM (administrador) em VENICIUS (09-05-2016 09:13:40)
Executando a partir de C:\Users\ADM\Desktop
Perfis Carregados: ADM (Perfis Disponíveis: ADM & ADM Suporte)
Platform: Windows 7 Home Basic (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

() C:\Program Files\Kims\Rebhotfi.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Seiko Epson Corporation) C:\Program Files (x86)\Epson\TMCOMUSB\Service\EpsonPE.exe
() C:\Program Files\Kims\Eyfahj.exe
() C:\Program Files\Kims\LaaGasxaj.exe
() C:\Users\ADM\AppData\Roaming\Teyezba\Teyezba.exe
() C:\Users\ADM\AppData\Roaming\YmokoRap\Fhizopc.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
() C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
() C:\Users\ADM\AppData\Roaming\Teyezba\Tufshl.exe
() C:\Users\ADM\AppData\Roaming\Teyezba\Zonaunef.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
() C:\Program Files\Kims\Iosegm.exe
() C:\Program Files\Kims\Iosegm64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(PPDyXXYLm) C:\Program Files\SpaceSoundPro\idscservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Essentials\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(A.E.T. Europe B.V.) C:\Windows\System32\aetcrss1.exe
() C:\Program Files\SpaceSoundPro\idsccom_QAP.exe
(Space Sound Pro) C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Program Files (x86)\No-IP\DUC40.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(JUASz) C:\Program Files\Caster\wizzcaster.exe
(Software Express) C:\tef_dial\tef_dial.exe
(Software Express Informática Ltda.) C:\tef_dial\redecard\Redecard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\ProgramData\msiql.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(eee) C:\ProgramData\apptj.exe
() C:\ProgramData\adb.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCAutoClean.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [MSSE] => c:\Program Files\Microsoft Security Essentials\msseces.exe [1446496 2010-02-21] (Microsoft Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-10-27] (Greenshot)
HKLM\...\Run: [CertificateRegistration] => C:\Windows\system32\aetcrss1.exe [25600 2013-03-04] (A.E.T. Europe B.V.)
HKLM\...\Run: [IDSCCOMQAP] => C:\Program Files\SpaceSoundPro\idsccom_QAP.exe [4325888 2016-05-09] ()
HKLM\...\Run: [SpaceSoundPro] => C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2870896 2010-12-22] (VIA)
HKLM-x32\...\Run: [Firebird] => C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2008-02-29] (Firebird Project)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [LANSchoolTeacher] => C:\Program Files (x86)\LanSchool\Teacher.exe [1224704 2015-06-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\RunOnce: [IDSCPRODUCT] => C:\Program Files\SpaceSoundPro\idscservice.exe [338944 2016-05-09] (PPDyXXYLm)
HKLM-x32\...\Winlogon: [Shell] Explorer.exe C:\Windows\system32\fservice.exe [ ] () <=== ATENÇÃO
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer\Run: [DirectX For Microsoft� Windows] => C:\Windows\system32\fservice.exe
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\...\Run: [dfopdjgja] => C:\Users\ADM\AppData\Roaming\modeskyns.exe [5434880 2015-05-06] (SAMSUNG GALAXY NOTE MOVIE)
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE [944008 2010-03-24] (Microsoft Corporation)
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\...\Run: [NoIPDUCv4] => C:\Program Files (x86)\No-IP\DUC40.exe [347648 2015-07-20] ()
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\...\Run: [YeaInstaller] => C:\Users\ADM\AppData\Local\Temp\UHOMO3JCK\UHOMO3JCK.exe [1970176 2016-05-09] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\...\Run: [Caster] => C:\Program Files\Caster\wizzcaster.exe [172032 2016-05-09] (JUASz)
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\...\Run: [Installer] => C:\Users\ADM\AppData\Local\Temp\NLCE4MTW5\NLCE4MTW5.exe [1965568 2016-05-09] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\...\Run: [msiql] => c:\programdata\msiql.exe [1920000 2016-05-09] ()
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\...\Run: [taskhost] => rundll32.exe C:\ProgramData\WindowsMsg\675D131108D4FD145B0BFBC68A3E018A.dll Start /AUTORUN
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\tef_dial.lnk [2015-10-16]
ShortcutTarget: tef_dial.lnk -> C:\tef_dial\tef_dial.exe (Software Express)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{C1984BF3-5BF9-41EA-BCA8-E79B232A4BC6}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{F5553B8A-C808-44F0-A1FF-2EACD019D96B}: [NameServer] 104.197.191.4

Internet Explorer:
==================
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nmd.msn.com
HKU\S-1-5-21-3831885885-4189395304-1752134966-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nmd.msn.com
SearchScopes: HKLM -> DefaultScope {1E68F776-D232-4C98-AB87-0FD181D7290F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM -> {1E68F776-D232-4C98-AB87-0FD181D7290F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {92D33868-4E3F-4FDA-AD66-D7EF14B31869} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {92D33868-4E3F-4FDA-AD66-D7EF14B31869} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3831885885-4189395304-1752134966-1000 -> DefaultScope {1E68F776-D232-4C98-AB87-0FD181D7290F} URL =
SearchScopes: HKU\S-1-5-21-3831885885-4189395304-1752134966-1000 -> {92D33868-4E3F-4FDA-AD66-D7EF14B31869} URL =
BHO: Kims -> {590AF924-B813-4198-b9B2-1893748FF022} -> C:\Program Files\Kims\Koqqejpu64.dll => Nenhum Arquivo
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-12-07] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-12-07] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Kims -> {590AF924-B813-4198-b9B2-1893748FF022} -> C:\Program Files\Kims\Koqqejpu.dll => Nenhum Arquivo
BHO-x32: Sem Nome -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Nenhum Arquivo
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-18] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-18] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3831885885-4189395304-1752134966-1000 -> Sem Nome - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Nenhum Arquivo
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-04-19] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-04-19] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-04-19] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-04-19] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-12-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-12-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-09]
CHR Extension: (Google Docs) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-09]
CHR Extension: (Google Drive) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-09]
CHR Extension: (YouTube) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-09]
CHR Extension: (Google Search) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-09]
CHR Extension: (Planilhas do Google) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-09]
CHR Extension: (AdBlock) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-12]
CHR Extension: (Facebook Fast Delete Messages) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\klmpnhheahecaojonebajllddfhpilan [2015-05-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Until AM for Chrome) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2015-05-11]
CHR Extension: (Google Wallet) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]
CHR Extension: (Quebrador de Links) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchaoppopfjnlficjlobfjhfceadbfla [2015-05-29]
CHR Extension: (Gmail) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09]
CHR Profile: C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-29]
CHR Extension: (Google Drive) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (FBDown Video Downloader) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2016-02-22]
CHR Extension: (Documentos Google off-line) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-19]
CHR Extension: (nCage) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hnbmfljfohghaepamnfokgggaejlmfol [2015-12-01]
CHR Extension: (Skype) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\ADM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
R2 EpsonPEService; C:\Program Files (x86)\Epson\TMCOMUSB\Service\EpsonPE.exe [914584 2012-01-30] (Seiko Epson Corporation)
S2 GoogleChromeUpService; C:\ProgramData\service.exe [1755136 2016-04-27] () [Arquivo não assinado]
S2 GoogleChromeUpSvc; C:\ProgramData\Windows Update\svrupg.exe [2783744 2016-05-09] (TODO: ) [Arquivo não assinado]
R2 Luobcukhuw; C:\Users\ADM\AppData\Roaming\Teyezba\Teyezba.exe [174960 2016-05-09] ()
R2 Mojhe; C:\Users\ADM\AppData\Roaming\YmokoRap\Fhizopc.exe [125808 2016-05-09] ()
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-05-09] (DotC United Inc)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Arquivo não assinado]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966336 2014-12-04] (@ByELDI) [Arquivo não assinado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7031056 2016-05-02] (TeamViewer GmbH)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation) [Arquivo não assinado]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2010-12-14] (VIA Technologies, Inc.)
R2 7ABB57D2-7AB8-482A-8621-9365A3357886; "C:\Program Files\Kims\Rebhotfi.exe" [X]
R2 Kims Updater; C:\Program Files\Kims\Eyfahj.exe [X]
R2 LaaGasxaj; "C:\Program Files\Kims\LaaGasxaj.exe" [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 bsdpf64; C:\Windows\system32\Drivers\bsdpf64.sys [27456 2016-05-09] ()
R1 bsdpr64; C:\Windows\system32\Drivers\bsdpr64.sys [26944 2016-05-09] ()
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [82240 2016-05-09] (Cherimoya Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 EpsCe; C:\Windows\system32\Drivers\EpsCe.sys [90480 2015-08-03] (Seiko Epson Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-05-09] (DotC United Inc)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [173984 2009-12-02] (Microsoft Corporation)
S3 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-08-03] (Seiko Epson Corporation)
S2 EpsCe2; \??\C:\Windows\system32\Drivers\EpsCe2.sys [X]
S3 HWiNFO32; \??\C:\Users\ADM\AppData\Local\Temp\HWiNFO64A.SYS [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
U4 srservice; não ImagePath

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-09 09:13 - 2016-05-09 09:14 - 00023733 _____ C:\Users\ADM\Desktop\FRST.txt
2016-05-09 09:13 - 2016-05-09 09:13 - 02379264 _____ (Farbar) C:\Users\ADM\Desktop\FRST64.exe
2016-05-09 09:13 - 2016-05-09 09:13 - 00000000 ____D C:\FRST
2016-05-09 09:11 - 2016-05-09 09:11 - 01730048 _____ (Farbar) C:\Users\ADM\Desktop\FRST.exe
2016-05-09 09:09 - 2016-05-09 09:09 - 00000000 ____D C:\Users\ADM\AppData\Roaming\MCorp
2016-05-09 09:08 - 2016-05-09 09:08 - 00413439 _____ C:\Users\Todos os Usuários\xdo.zip
2016-05-09 09:08 - 2016-05-09 09:08 - 00413439 _____ C:\ProgramData\xdo.zip
2016-05-09 09:08 - 2016-05-05 04:36 - 01612800 _____ C:\Users\Todos os Usuários\360dlr.exe
2016-05-09 09:08 - 2016-05-05 04:36 - 01612800 _____ C:\ProgramData\360dlr.exe
2016-05-09 09:07 - 2016-05-09 09:07 - 00003080 _____ C:\Windows\System32\Tasks\osTip
2016-05-09 09:07 - 2016-05-09 09:07 - 00000000 ____D C:\Users\Todos os Usuários\WindowsMsg
2016-05-09 09:07 - 2016-05-09 09:07 - 00000000 ____D C:\Users\Todos os Usuários\Windows Update
2016-05-09 09:07 - 2016-05-09 09:07 - 00000000 ____D C:\ProgramData\WindowsMsg
2016-05-09 09:07 - 2016-05-09 09:07 - 00000000 ____D C:\ProgramData\Windows Update
2016-05-09 09:07 - 2016-05-09 09:07 - 00000000 ____D C:\Program Files (x86)\osTip
2016-05-09 09:07 - 2016-04-26 12:07 - 01253376 _____ (eee) C:\Users\Todos os Usuários\apptj.exe
2016-05-09 09:07 - 2016-04-26 12:07 - 01253376 _____ (eee) C:\ProgramData\apptj.exe
2016-05-09 09:07 - 2016-04-19 12:41 - 01266176 _____ C:\Users\Todos os Usuários\conhost.exe
2016-05-09 09:07 - 2016-04-19 12:41 - 01266176 _____ C:\ProgramData\conhost.exe
2016-05-09 09:07 - 2016-04-19 07:39 - 00114176 _____ C:\Users\Todos os Usuários\hp.exe
2016-05-09 09:07 - 2016-04-19 07:39 - 00114176 _____ C:\ProgramData\hp.exe
2016-05-09 09:06 - 2016-05-09 09:07 - 02783744 _____ (TODO: ) C:\Users\ADM\AppData\Roaming\svrupg.exe
2016-05-09 09:06 - 2016-05-09 09:06 - 00002303 _____ C:\Users\Todos os Usuários\webad.xml
2016-05-09 09:06 - 2016-05-09 09:06 - 00002303 _____ C:\ProgramData\webad.xml
2016-05-09 09:06 - 2016-05-09 03:45 - 01920000 _____ C:\Users\Todos os Usuários\msiql.exe
2016-05-09 09:06 - 2016-05-09 03:45 - 01920000 _____ C:\ProgramData\msiql.exe
2016-05-09 09:06 - 2016-04-27 03:51 - 01755136 _____ C:\Users\Todos os Usuários\service.exe
2016-05-09 09:06 - 2016-04-27 03:51 - 01755136 _____ C:\Users\ADM\AppData\Roaming\service.exe
2016-05-09 09:06 - 2016-04-27 03:51 - 01755136 _____ C:\ProgramData\service.exe
2016-05-09 09:04 - 2016-05-09 09:04 - 00001733 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-05-09 09:04 - 2016-05-09 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-05-09 09:03 - 2016-05-09 09:03 - 00000000 ____D C:\Users\ADM\AppData\Roaming\SpringFiles
2016-05-09 09:02 - 2016-05-09 09:04 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-05-09 09:02 - 2016-05-09 09:02 - 00060136 _____ (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-05-09 09:02 - 2016-05-09 09:02 - 00003058 _____ C:\Windows\System32\Tasks\LuckyBrowse
2016-05-09 09:02 - 2016-05-09 09:02 - 00002950 _____ C:\Windows\System32\Tasks\svchost
2016-05-09 09:02 - 2016-05-09 09:02 - 00001911 _____ C:\Users\Public\Desktop\SrpnFiles.lnk
2016-05-09 09:02 - 2016-05-09 09:02 - 00000876 _____ C:\Users\ADM\Desktop\SpaceSoundPro.lnk
2016-05-09 09:02 - 2016-05-09 09:02 - 00000000 ____D C:\Users\Todos os Usuários\LuckyBrowse
2016-05-09 09:02 - 2016-05-09 09:02 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-05-09 09:02 - 2016-05-09 09:02 - 00000000 ____D C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
2016-05-09 09:02 - 2016-05-09 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\SrpnFiles
2016-05-09 09:02 - 2016-05-09 09:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\LuckyBrowse
2016-05-09 09:02 - 2016-05-09 09:02 - 00000000 ____D C:\ProgramData\LuckyBrowse
2016-05-09 09:02 - 2016-05-09 09:02 - 00000000 ____D C:\Program Files\Caster
2016-05-09 09:02 - 2016-05-09 09:02 - 00000000 ____D C:\Program Files (x86)\sunnyday
2016-05-09 09:02 - 2016-05-09 09:02 - 00000000 ____D C:\Program Files (x86)\SrpnFiles
2016-05-09 09:02 - 2016-05-09 09:02 - 00000000 ____D C:\Program Files (x86)\LuckyBrowse
2016-05-09 09:01 - 2016-05-09 09:02 - 00000000 ____D C:\Users\ADM\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-05-09 09:01 - 2016-05-09 09:01 - 00027456 _____ C:\Windows\system32\Drivers\bsdpf64.sys
2016-05-09 09:01 - 2016-05-09 09:01 - 00026944 _____ C:\Windows\system32\Drivers\bsdpr64.sys
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Users\ADM\AppData\Roaming\YmokoRap
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Users\ADM\AppData\Roaming\Teyezba
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Users\ADM\AppData\LocalLow\Company
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Users\ADM\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Users\ADM\AppData\Local\Tempfolder
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Users\ADM\AppData\Local\csdi_monetize_120160509
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\uninst
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Program Files\KimsUn
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Program Files\Kims
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Program Files (x86)\Lorckphsary
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\Program Files (x86)\hohobnd
2016-05-09 09:01 - 2016-05-09 09:01 - 00000000 ____D C:\extensions
2016-05-09 09:00 - 2016-05-09 09:02 - 00000000 ____D C:\Program Files\SpaceSoundPro
2016-05-09 08:59 - 2016-05-09 09:00 - 04044072 _____ (Superb corp) C:\Users\ADM\Downloads\vitamin-d-video-license-file-crack_downloader.exe
2016-05-09 08:58 - 2016-05-09 09:02 - 00000000 ____D C:\Users\ADM\AppData\Local\Vitamin D Video
2016-05-09 08:58 - 2016-05-09 08:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vitamin D Video
2016-05-09 08:58 - 2016-05-09 08:58 - 00000000 ____D C:\Program Files (x86)\Vitamin D Video
2016-05-09 08:53 - 2016-05-09 08:56 - 27090977 _____ (Vitamin D Video, LLC ) C:\Users\ADM\Downloads\vitamin-d-1-4-2-en-win.exe
2016-05-09 08:47 - 2016-05-09 09:01 - 00082240 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2016-05-06 10:10 - 2016-05-06 10:10 - 01026328 _____ C:\Users\ADM\Desktop\BOLETOS RIGOTTO.pdf
2016-05-06 10:10 - 2016-05-06 10:10 - 00008844 _____ C:\Users\ADM\Desktop\CB060516.REM
2016-05-06 09:43 - 2016-05-06 09:43 - 00003886 _____ C:\Users\ADM\Downloads\html.html
2016-05-06 09:42 - 2016-05-06 09:42 - 00003886 _____ C:\Users\ADM\Desktop\html.html
2016-05-06 09:07 - 2016-05-06 09:07 - 14453883 _____ C:\Users\ADM\Desktop\DADOS.rar
2016-05-05 17:55 - 2016-05-05 17:55 - 00491432 _____ C:\Users\ADM\Downloads\SGTA50003 (1)
2016-05-05 17:47 - 2016-05-05 17:47 - 00491432 _____ C:\Users\ADM\Downloads\SGTA50004
2016-05-05 17:45 - 2016-05-05 17:45 - 00491432 _____ C:\Users\ADM\Downloads\SGTA50003
2016-05-05 17:45 - 2016-05-05 17:45 - 00491432 _____ C:\Users\ADM\Downloads\SGTA50002
2016-05-05 14:23 - 2016-05-05 14:23 - 00997747 _____ C:\Users\ADM\Downloads\boletos rigotto .pdf
2016-05-05 14:23 - 2016-05-05 14:23 - 00008844 _____ C:\Users\ADM\Downloads\CB260416.REM
2016-05-03 16:59 - 2016-05-03 16:59 - 00094466 _____ C:\Users\ADM\Desktop\SQL VIMAQ.txt
2016-05-03 14:38 - 2016-05-03 14:39 - 09352392 _____ (Microsoft Corporation) C:\Users\ADM\Downloads\Install_MSN_Messenger.exe
2016-05-02 16:41 - 2016-05-02 16:41 - 00245321 _____ C:\Users\ADM\Downloads\gambi do furushima (1).rar
2016-05-02 16:38 - 2016-05-02 16:38 - 00009542 _____ C:\Users\ADM\Desktop\caralhao.pfx
2016-04-29 14:01 - 2015-10-08 15:16 - 00359488 _____ C:\Users\ADM\Desktop\Manutenção BD automatico.zip
2016-04-29 10:34 - 2016-04-29 10:36 - 63706188 _____ C:\Users\ADM\Downloads\MELHORES MOTOS PARA SE FAZER UMA CAFE RACER (1).mp4
2016-04-26 16:31 - 2016-04-26 17:41 - 00057344 ___SH C:\Users\ADM\Downloads\Thumbs.db
2016-04-26 15:28 - 2016-04-26 15:28 - 00000000 ____D C:\Users\ADM\Downloads\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll)
2016-04-26 15:28 - 2016-04-25 13:24 - 518758999 ____R C:\Users\ADM\Downloads\Corel Draw X5 PTB BR + Keygen + Instrucoes.rar
2016-04-26 09:24 - 2016-04-26 09:24 - 00000009 ____N C:\Users\Todos os Usuários\a.bat
2016-04-26 09:24 - 2016-04-26 09:24 - 00000009 ____N C:\ProgramData\a.bat
2016-04-25 14:00 - 2016-04-25 14:00 - 00000000 ____D C:\Users\ADM\Documents\Minhas paletas
2016-04-25 13:58 - 2016-04-25 13:58 - 00000000 ____D C:\Users\Todos os Usuários\Protexis
2016-04-25 13:58 - 2016-04-25 13:58 - 00000000 ____D C:\Users\ADM\AppData\Roaming\Corel
2016-04-25 13:58 - 2016-04-25 13:58 - 00000000 ____D C:\ProgramData\Protexis
2016-04-25 13:57 - 2016-04-25 14:07 - 00000000 ____D C:\Users\ADM\Documents\Corel
2016-04-25 13:57 - 2016-04-25 13:57 - 00000000 ____D C:\Users\ADM\Documents\Visual Studio 2008
2016-04-25 13:56 - 2016-04-26 14:05 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-04-25 13:56 - 2016-04-26 14:05 - 00000000 ____D C:\ProgramData\Corel
2016-04-25 13:56 - 2016-04-25 13:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 9.0
2016-04-25 13:56 - 2016-04-25 13:56 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-04-25 13:55 - 2016-04-25 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
2016-04-25 13:55 - 2016-04-25 13:55 - 00000000 ____D C:\Program Files (x86)\Corel
2016-04-22 16:51 - 2013-01-17 11:12 - 00000000 ____D C:\Users\ADM\Downloads\Spin Tires
2016-04-19 17:44 - 2016-04-19 17:44 - 00008844 _____ C:\Users\ADM\Downloads\59702804.RM2
2016-04-19 15:36 - 2016-04-19 15:36 - 00001024 _____ C:\.rnd
2016-04-19 15:33 - 2016-04-19 15:33 - 02823600 _____ (GAS Tecnologia ) C:\Users\ADM\Downloads\gbpbbwr.exe
2016-04-19 08:36 - 2016-04-19 08:36 - 00000022 _____ C:\Users\ADM\Downloads\DADOS.FDB 18-04-16 (2).zip
2016-04-18 17:31 - 2016-04-18 17:39 - 68559422 _____ C:\Users\ADM\Downloads\realtek_hd_audio_6_0_1_7368_64bit.zip
2016-04-18 17:31 - 2016-04-18 17:32 - 05345280 _____ C:\Users\ADM\Downloads\INF_allOS_9.4.0.1027.exe
2016-04-18 17:30 - 2016-04-18 18:06 - 305825790 _____ C:\Users\ADM\Downloads\nvidia_geforce_notebook_344_48_whql_win_64bit.zip
2016-04-18 17:30 - 2016-04-18 17:31 - 06156003 _____ C:\Users\ADM\Downloads\Realtek_Ethernet_Win7_7088_07242014.zip
2016-04-18 17:30 - 2016-04-18 17:30 - 02449376 _____ (Megaify Software ) C:\Users\ADM\Downloads\DriverToolkitInstaller.exe
2016-04-18 16:35 - 2016-04-18 16:35 - 00000022 _____ C:\Users\ADM\Downloads\DADOS.FDB 18-04-16 (1).zip
2016-04-18 16:28 - 2016-04-18 16:37 - 81475851 _____ C:\Users\ADM\Downloads\atheros_ar5xxx_ar9xxx_wireless_10_0_0_298_whql.zip
2016-04-18 16:12 - 2016-04-18 16:13 - 25239231 _____ C:\Users\ADM\Downloads\SWUpdate_2.2.7.22.ZIP
2016-04-18 16:09 - 2016-04-18 16:15 - 73753369 _____ C:\Users\ADM\Downloads\WLAN_Intel_32bit_15.3.1.2.ZIP
2016-04-18 16:09 - 2016-04-18 16:14 - 81981407 _____ C:\Users\ADM\Downloads\WLAN_Intel_64bit_15.3.1.2.ZIP
2016-04-18 15:48 - 2016-04-18 15:50 - 05616144 _____ (Innovative Solutions ) C:\Users\ADM\Downloads\drivermax.exe
2016-04-18 15:48 - 2016-04-18 15:49 - 03739680 _____ (Easeware ) C:\Users\ADM\Downloads\DriverEasy_Setup (1).exe
2016-04-18 15:41 - 2016-04-19 13:31 - 00000402 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2016-04-18 15:41 - 2016-04-18 15:41 - 00003804 _____ C:\Windows\System32\Tasks\Driver Easy Scheduled Scan
2016-04-18 15:41 - 2016-04-18 15:41 - 00000000 ____D C:\Users\ADM\AppData\Roaming\Easeware
2016-04-18 15:41 - 2016-04-18 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2016-04-18 15:41 - 2016-04-18 15:41 - 00000000 ____D C:\Program Files\Easeware
2016-04-18 15:37 - 2016-04-18 15:37 - 00000022 _____ C:\Users\ADM\Downloads\DADOS.FDB 18-04-16.zip
2016-04-18 15:36 - 2016-04-18 15:37 - 03739680 _____ (Easeware ) C:\Users\ADM\Downloads\DriverEasy_Setup.exe
2016-04-14 17:20 - 2016-04-14 17:32 - 150156452 _____ C:\Users\ADM\Downloads\Os Piores Acidentes de Moto.mp4
2016-04-14 08:39 - 2016-04-14 08:40 - 02061332 _____ C:\Users\ADM\Downloads\13017063_159047131156945_1771858060_n.mp4
2016-04-13 17:33 - 2016-04-13 17:33 - 02092263 _____ C:\Users\ADM\Downloads\ubuntu-font-family-0.83.zip
2016-04-13 14:09 - 2016-04-13 14:09 - 00854663 _____ C:\Users\ADM\Downloads\ProjetoGrandeOesteClassicados.zip
2016-04-11 15:32 - 2016-04-11 15:32 - 00011603 _____ C:\Users\ADM\Downloads\java-sdk.zip
2016-04-11 15:01 - 2016-04-11 15:01 - 00000324 _____ C:\Users\ADM\Downloads\TMNUBR4219507PTBR-a.rar
2016-04-11 14:40 - 2016-04-11 14:40 - 01832236 _____ C:\Users\ADM\Downloads\ez-vcard-master.zip
2016-04-11 14:35 - 2016-04-28 17:40 - 00000000 ____D C:\Users\ADM\Documents\Ficheiros do Outlook

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-05-09 09:11 - 2015-04-23 17:40 - 00000000 ____D C:\Users\ADM\AppData\Roaming\Skype
2016-05-09 09:10 - 2015-04-09 14:27 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-09 09:10 - 2009-07-14 14:55 - 00702882 _____ C:\Windows\system32\prfh0416.dat
2016-05-09 09:10 - 2009-07-14 14:55 - 00145668 _____ C:\Windows\system32\prfc0416.dat
2016-05-09 09:10 - 2009-07-14 02:13 - 01626900 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-09 09:10 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-05-09 09:09 - 2009-07-14 01:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-09 09:09 - 2009-07-14 01:45 - 00009696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-09 09:08 - 2015-04-09 11:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-09 09:04 - 2015-10-16 11:11 - 00000000 ____D C:\tef_dial
2016-05-09 09:04 - 2015-05-05 08:50 - 00000196 _____ C:\Windows\Tasks\AutoKMS.job
2016-05-09 09:04 - 2015-04-09 14:27 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-09 09:03 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-09 09:00 - 2015-04-08 14:40 - 00001629 _____ C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-09 09:00 - 2015-04-08 14:40 - 00001607 _____ C:\Users\ADM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-05-09 08:32 - 2015-04-23 17:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-09 08:31 - 2015-10-16 11:20 - 00000000 ____D C:\CliSiTef
2016-05-06 17:37 - 2015-07-31 16:31 - 00000000 ____D C:\ADMERP
2016-05-05 17:54 - 2015-04-08 14:42 - 00002042 ____H C:\Users\ADM\Documents\Default.rdp
2016-05-05 15:35 - 2016-03-10 14:55 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-05-05 15:35 - 2015-06-26 10:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-05-02 09:08 - 2015-10-13 16:35 - 00000000 ____D C:\Users\ADM\AppData\Roaming\uTorrent
2016-04-29 19:22 - 2016-04-08 12:12 - 00000000 ____D C:\Users\ADM\AppData\LocalLow\uTorrent
2016-04-29 15:09 - 2015-04-10 15:11 - 00000000 ____D C:\Publico
2016-04-29 14:07 - 2015-12-07 14:00 - 00000000 ____D C:\Users\ADM\AppData\Local\Eclipse
2016-04-29 14:07 - 2015-12-07 14:00 - 00000000 ____D C:\Users\ADM\.p2
2016-04-29 14:06 - 2015-12-07 13:58 - 00000000 ____D C:\eclipse
2016-04-28 14:12 - 2015-12-16 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-26 15:25 - 2016-01-08 16:59 - 00000000 ____D C:\Users\ADM\Downloads\Transformers 3 - O lado Escuro da Lua
2016-04-25 18:55 - 2015-04-20 11:56 - 00000000 ____D C:\Users\ADM\AppData\LocalLow\Temp
2016-04-25 14:06 - 2015-04-15 14:58 - 00119184 _____ C:\Users\ADM\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-25 14:06 - 2009-07-14 01:45 - 00430656 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-25 13:58 - 2015-05-05 08:45 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-04-22 16:53 - 2015-11-27 16:54 - 00000000 ____D C:\Users\ADM\Downloads\Total.Overdose.PC.Game(djDEVASTATE™)
2016-04-22 10:37 - 2015-04-23 17:40 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-04-22 10:37 - 2015-04-23 17:40 - 00000000 ____D C:\ProgramData\Skype
2016-04-19 16:45 - 2016-01-08 17:07 - 00000000 ____D C:\Users\ADM\Downloads\Sobrenatural 10ª Temporada 720p Legendado - by TorrentCineminha
2016-04-19 16:45 - 2016-01-08 17:06 - 00000000 ____D C:\Users\ADM\Downloads\Sobrenatural - 9ª Temporada (2013) 720p Dual Áudio - Douglasvip
2016-04-14 09:47 - 2015-07-08 09:59 - 00000000 ____D C:\Users\ADM\AppData\Local\Greenshot
2016-04-13 14:10 - 2015-06-10 10:28 - 00000000 ____D C:\Users\ADM\Documents\Aptana Studio 3 Workspace
2016-04-11 14:54 - 2015-12-07 13:58 - 00000000 ____D C:\workspace
2016-04-11 14:35 - 2015-05-29 14:51 - 00000000 ____D C:\Users\ADM\AppData\Roaming\TeamViewer

==================== Arquivos na raiz de alguns diretórios =======

2016-05-09 09:02 - 2016-05-09 09:02 - 0001225 _____ () C:\Users\ADM\AppData\Roaming\Bubble Dock.boostrap.log
2015-05-06 11:04 - 2015-05-06 11:05 - 5434880 __RSH (SAMSUNG GALAXY NOTE MOVIE) C:\Users\ADM\AppData\Roaming\modeskyns.exe
2016-05-09 09:06 - 2016-04-27 03:51 - 1755136 _____ () C:\Users\ADM\AppData\Roaming\service.exe
2016-05-09 09:06 - 2016-05-09 09:07 - 2783744 _____ (TODO: ) C:\Users\ADM\AppData\Roaming\svrupg.exe
2015-05-06 11:05 - 2015-05-06 11:05 - 1523200 __RSH () C:\Users\ADM\AppData\Roaming\topmodel.exe
2016-05-09 09:02 - 2016-05-09 09:02 - 0000097 _____ () C:\Users\ADM\AppData\Roaming\WindApp.boostrap.log
2015-05-06 11:05 - 2016-01-18 07:33 - 0000270 _____ () C:\Users\ADM\AppData\Roaming\with.dhn
2015-05-06 11:05 - 2015-05-06 11:05 - 0000000 _____ () C:\Users\ADM\AppData\Roaming\youlin.dhn
2016-05-09 09:08 - 2016-05-05 04:36 - 1612800 _____ () C:\ProgramData\360dlr.exe
2016-04-26 09:24 - 2016-04-26 09:24 - 0000009 ____N () C:\ProgramData\a.bat
2010-08-28 17:43 - 2010-08-28 17:43 - 0577335 ____N () C:\ProgramData\adb.exe
2010-08-28 17:43 - 2010-08-28 17:43 - 0096256 ____N (Google, inc) C:\ProgramData\AdbWinApi.dll
2010-08-28 17:43 - 2010-08-28 17:43 - 0060928 ____N (Google, inc) C:\ProgramData\AdbWinUsbApi.dll
2016-05-09 09:07 - 2016-04-26 12:07 - 1253376 _____ (eee) C:\ProgramData\apptj.exe
2016-05-09 09:07 - 2016-04-19 12:41 - 1266176 _____ () C:\ProgramData\conhost.exe
2010-08-28 17:43 - 2010-08-28 17:43 - 0356009 ____N () C:\ProgramData\fastboot.exe
2016-05-09 09:07 - 2016-04-19 07:39 - 0114176 _____ () C:\ProgramData\hp.exe
2016-05-09 09:06 - 2016-05-09 03:45 - 1920000 _____ () C:\ProgramData\msiql.exe
2016-05-09 09:06 - 2016-04-27 03:51 - 1755136 _____ () C:\ProgramData\service.exe
2016-05-09 09:06 - 2016-05-09 09:06 - 0002303 _____ () C:\ProgramData\webad.xml
2016-05-09 09:08 - 2016-05-09 09:08 - 0413439 _____ () C:\ProgramData\xdo.zip

Arquivos para serem movidos ou deletados:
====================
C:\Users\ADM\AppData\Local\Temp\UHOMO3JCK\UHOMO3JCK.exe
C:\Users\ADM\AppData\Local\Temp\NLCE4MTW5\NLCE4MTW5.exe
C:\ProgramData\360dlr.exe
C:\ProgramData\a.bat
C:\ProgramData\adb.exe
C:\ProgramData\AdbWinApi.dll
C:\ProgramData\AdbWinUsbApi.dll
C:\ProgramData\apptj.exe
C:\ProgramData\conhost.exe
C:\ProgramData\fastboot.exe
C:\ProgramData\hp.exe
C:\ProgramData\msiql.exe
C:\ProgramData\service.exe
C:\Users\Todos os Usuários\360dlr.exe
C:\Users\Todos os Usuários\a.bat
C:\Users\Todos os Usuários\adb.exe
C:\Users\Todos os Usuários\AdbWinApi.dll
C:\Users\Todos os Usuários\AdbWinUsbApi.dll
C:\Users\Todos os Usuários\apptj.exe
C:\Users\Todos os Usuários\conhost.exe
C:\Users\Todos os Usuários\fastboot.exe
C:\Users\Todos os Usuários\hp.exe
C:\Users\Todos os Usuários\msiql.exe
C:\Users\Todos os Usuários\service.exe


Alguns arquivos em TEMP:
====================
C:\Users\ADM\AppData\Local\Temp\2Qej1h34SO.exe
C:\Users\ADM\AppData\Local\Temp\drm_dialogs.dll
C:\Users\ADM\AppData\Local\Temp\drm_dyndata_7330017.dll
C:\Users\ADM\AppData\Local\Temp\fYKEy5htWO.exe
C:\Users\ADM\AppData\Local\Temp\GoogleSetup.exe
C:\Users\ADM\AppData\Local\Temp\hnY1Scc25F.exe
C:\Users\ADM\AppData\Local\Temp\i5zwT1uvLZ.exe
C:\Users\ADM\AppData\Local\Temp\jna1345664853013764624.dll
C:\Users\ADM\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\ADM\AppData\Local\Temp\nswA372.tmp.exe
C:\Users\ADM\AppData\Local\Temp\ProRatv19SetupKey2015__11652_il109762.exe
C:\Users\ADM\AppData\Local\Temp\qrPVcXMhSk.exe
C:\Users\ADM\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ADM\AppData\Local\Temp\Spin Tires.exe
C:\Users\ADM\AppData\Local\Temp\tequimumdo-the-game-32-bits.exe
C:\Users\ADM\AppData\Local\Temp\upx.exe
C:\Users\ADM\AppData\Local\Temp\VbwYTKokjC.exe
C:\Users\ADM\AppData\Local\Temp\VLX_Player.exe
C:\Users\ADM\AppData\Local\Temp\YOGHKJBU62.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-28 12:14

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité