Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 29 usuários online :: 0 registrados, 0 invisíveis e 29 visitantes :: 1 motor de buscaNenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Imagens bloqueadas
2 participantes
Página 1 de 1
Imagens bloqueadas
por Jose Wilson Sáb 16 Jan 2016, 09:16
Olá, bom dia.
Estou com problemas de visualização de algumas imagens em um site de compras de produtos de pescaria.
Ocorre que comprei um HD novo, com maior capacidade, um amigo fez a troca para mim, acontece que agora não consigo visualizar algumas imagens que antes estavam normais.
Aparece uma mensagem no cabeçalho do site:
Warning: fopen() has been disabled for security reasons in /home/storage/9/b5/dd/caterva/public_html/forum/includes/bbcode.php on line 47
Warning: fread(): supplied argument is not a valid stream resource in /home/storage/9/b5/dd/caterva/public_html/forum/includes/bbcode.php on line 47
Alguém poderia me ajudar, por favor?
Estou com problemas de visualização de algumas imagens em um site de compras de produtos de pescaria.
Ocorre que comprei um HD novo, com maior capacidade, um amigo fez a troca para mim, acontece que agora não consigo visualizar algumas imagens que antes estavam normais.
Aparece uma mensagem no cabeçalho do site:
Warning: fopen() has been disabled for security reasons in /home/storage/9/b5/dd/caterva/public_html/forum/includes/bbcode.php on line 47
Warning: fread(): supplied argument is not a valid stream resource in /home/storage/9/b5/dd/caterva/public_html/forum/includes/bbcode.php on line 47
Alguém poderia me ajudar, por favor?
Jose Wilson- Iniciante
- Mensagens : 47
Reputação : 1
Data de inscrição : 07/10/2013
Idade : 64
Localização : Centro - Rio de Janeiro
Re: Imagens bloqueadas
por joram Sáb 16 Jan 2016, 10:32
/!\ Bom Dia! Jose Wilson /!\
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Farbar )
> No banner àcima,é para sistemas 32bits!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Sim" >> "Examinar".
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Antes de clicar "Examinar",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Exame Opcional",deixe marcada as checkbox "Addition.txt" e "Arquivos 90 Dias".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)
> Como os logs serão extensos,envie-os à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Clique no botão Parcourir...
> Busque o relatório e clique no botão Abrir.
> Clique no botão "Créer le lien Cjoint".
> Copie o link que está ao lado de "Le lien a été créé" e poste-o em sua resposta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ou clique "Copier le lien (*)" e cole o link ao seu Post.
> Fique atento,pois serão 2 links a serem postados!
A+
> Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > ( ... by Farbar )
> No banner àcima,é para sistemas 32bits!
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> No link àcima,é para sistemas 64bits!
> Salve-o no desktop! (Área de trabalho ...)
> Execute a ferramenta! Clique "Sim" >> "Examinar".
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Antes de clicar "Examinar",verifique se as caixinhas em "Whitelist" estão assinaladas.
> Em "Exame Opcional",deixe marcada as checkbox "Addition.txt" e "Arquivos 90 Dias".
> Ps: Será gerado,também,o relatório "Addition.txt" que estará disponibilizado na 1ª execução da ferramenta.
> Poste os relatórios! (FRST.txt + Addition.txt)
> Como os logs serão extensos,envie-os à [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Clique no botão Parcourir...
> Busque o relatório e clique no botão Abrir.
> Clique no botão "Créer le lien Cjoint".
> Copie o link que está ao lado de "Le lien a été créé" e poste-o em sua resposta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> O link ao relatório,que é este assinalado,deverá ser colado em sua resposta.
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
> Ou clique "Copier le lien (*)" e cole o link ao seu Post.
> Fique atento,pois serão 2 links a serem postados!
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Imagens bloqueadas
por Jose Wilson Sáb 16 Jan 2016, 12:01
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:10-01-2015 01
Executado por note (administrador) em NOTE-PC (16-01-2016 10:52:43)
Executando a partir de C:\Users\note\Downloads
Perfis Carregados: note (Perfis Disponíveis: note)
Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\note\Downloads\FRST64 (1).exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7144960 2015-09-28] (Broadcom Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2814864 2015-12-17] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1139112 2015-12-08] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ACSW15EN] => C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [1135304 2012-12-17] (ACD Systems)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco)
HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\Run: [GoogleChromeAutoLaunch_A7DC97DA8E421CE530DA6D7F07DA8440] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-11-12] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 200.152.98.2 200.152.98.5 192.168.0.1
Tcpip\..\Interfaces\{777B7622-0D1D-4A31-89F8-EB03DE6AFD97}: [DhcpNameServer] 200.152.98.2 200.152.98.5 192.168.0.1
Internet Explorer:
==================
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll [2015-12-17] (AVG)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco)
FireFox:
========
FF ProfilePath: C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.4\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default\Extensions\abs@avira.com [2015-12-27]
FF Extension: Avira SafeSearch Plus - C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default\Extensions\safesearchplus2@avira.com [2015-12-27]
Chrome:
=======
CHR DefaultSearchURL: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR Profile: C:\Users\note\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\note\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1049000 2015-12-08] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [587576 2015-08-12] (GAS Tecnologia)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 vToolbarUpdater40.2.4; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2015-12-17] (AVG Secure Search)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5836800 2015-09-28] (Broadcom Corporation) [Arquivo não assinado]
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-17] ()
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-01-16] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-04] (GAS Tecnologia)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-04] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-16 10:51 - 2016-01-16 10:51 - 02370560 _____ (Farbar) C:\Users\note\Downloads\FRST64 (1).exe
2016-01-16 08:44 - 2016-01-16 10:52 - 00011200 _____ C:\Users\note\Downloads\FRST.txt
2016-01-16 08:44 - 2016-01-16 08:46 - 00020885 _____ C:\Users\note\Downloads\Addition.txt
2016-01-16 08:43 - 2016-01-16 10:52 - 00000000 ____D C:\FRST
2016-01-16 08:43 - 2016-01-16 08:43 - 02370560 _____ (Farbar) C:\Users\note\Downloads\FRST64.exe
2016-01-16 08:42 - 2016-01-16 08:42 - 01721856 _____ (Farbar) C:\Users\note\Downloads\FRST.exe
2016-01-10 08:33 - 2016-01-10 08:33 - 00002845 _____ C:\Users\Public\Desktop\ACDSee 15.lnk
2016-01-10 08:33 - 2016-01-10 08:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2016-01-10 08:32 - 2016-01-10 08:32 - 00000000 ____D C:\Program Files (x86)\ACD Systems
2016-01-10 08:22 - 2016-01-10 08:22 - 00000000 ____D C:\Spacekace
2016-01-10 08:11 - 2016-01-10 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-01-10 08:07 - 2016-01-10 08:07 - 17223680 _____ C:\Users\note\Downloads\MicrosoftCameraCodecPack-x64.msi
2016-01-10 08:02 - 2016-01-10 08:06 - 243833520 _____ C:\Users\note\Downloads\DNGConverter_9_3.exe
2016-01-07 20:21 - 2016-01-07 20:21 - 14283821 _____ C:\Users\note\Downloads\Nikon-PT-Camera-D90.zip
2016-01-03 07:43 - 2015-10-08 21:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-01-03 07:43 - 2015-10-08 21:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-01-03 07:43 - 2015-10-08 17:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-01-03 07:43 - 2015-10-08 16:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-30 22:50 - 2016-01-02 17:48 - 00000000 ____D C:\Users\note\Desktop\fRIBURGO
2015-12-29 22:32 - 2015-12-29 22:32 - 00521340 _____ C:\Users\note\Downloads\Fatura_012016_MICHELLE_5829_MASTER_00068718710595.PDF
2015-12-29 20:11 - 2015-12-29 20:11 - 00000000 ____D C:\Users\note\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2015-12-27 14:19 - 2015-12-27 14:19 - 00000000 ____D C:\Users\note\AppData\Roaming\Mozilla
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\Users\Todos os Usuários\Avira
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\ProgramData\Avira
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-27 14:07 - 2015-12-27 14:07 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\note\Downloads\avira_pt-br_av_56800c8996406__ws.exe
2015-12-24 19:02 - 2015-12-24 19:02 - 00000000 _____ C:\Users\note\AppData\Local\{7050444F-B692-45C6-86C3-4F016703572D}
2015-12-17 22:19 - 2015-12-17 22:19 - 00001126 _____ C:\Users\note\Desktop\EVEREST Ultimate Edition.lnk
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-16 10:48 - 2015-09-28 22:23 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-16 09:48 - 2009-07-14 02:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-16 09:48 - 2009-07-14 02:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-16 09:46 - 2015-10-10 16:48 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-16 09:45 - 2015-10-10 16:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-16 09:06 - 2015-11-15 04:47 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{071E9C56-2647-4C90-944C-09030F262E6E}
2016-01-16 09:01 - 2015-10-08 23:03 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-01-16 09:00 - 2015-10-08 23:03 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-01-16 09:00 - 2015-09-28 22:23 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-16 09:00 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-01-16 08:59 - 2015-10-08 23:03 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-01-16 08:59 - 2015-10-08 23:03 - 00000000 ____D C:\ProgramData\GbPlugin
2016-01-16 08:59 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-16 08:59 - 2009-07-14 01:20 - 00000000 ____D C:\Windows
2016-01-16 08:39 - 2015-10-08 21:43 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2016-01-16 08:39 - 2015-10-08 21:43 - 00000000 ____D C:\ProgramData\MFAData
2016-01-14 21:34 - 2015-10-08 21:33 - 00000000 ____D C:\Users\note\AppData\Local\ElevatedDiagnostics
2016-01-14 21:14 - 2015-10-08 22:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-14 05:44 - 2014-08-04 08:49 - 00000000 ____D C:\Users\note\Documents\SENHAS
2016-01-13 21:15 - 2015-09-28 22:24 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-10 08:11 - 2015-10-10 16:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-05 07:42 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2016-01-04 09:40 - 2009-07-14 02:45 - 00404416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-02 20:49 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-02 17:34 - 2009-07-14 15:55 - 00708586 _____ C:\Windows\system32\prfh0416.dat
2016-01-02 17:34 - 2009-07-14 15:55 - 00148366 _____ C:\Windows\system32\prfc0416.dat
2016-01-02 17:34 - 2009-07-14 03:13 - 01642378 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-02 12:05 - 2009-07-14 03:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-29 20:11 - 2015-11-25 03:52 - 00002165 _____ C:\Users\note\Desktop\Itaú.lnk
2015-12-29 20:11 - 2015-11-25 03:52 - 00000000 ____D C:\Users\note\AppData\Local\Aplicativo Itau
2015-12-27 15:37 - 2015-10-08 21:44 - 00000000 ____D C:\Users\note\AppData\Local\AvgSetupLog
2015-12-27 15:37 - 2015-09-28 21:55 - 00000000 ____D C:\Windows\Panther
2015-12-27 15:37 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\tracing
2015-12-27 15:37 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-12-27 15:07 - 2015-09-28 22:20 - 00102184 _____ C:\Users\note\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-27 14:49 - 2015-11-20 19:19 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-27 14:49 - 2015-11-20 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-12-26 14:04 - 2015-11-15 05:05 - 01606924 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-18 23:42 - 2015-11-28 02:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 23:42 - 2015-11-28 02:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 20:25 - 2015-10-08 22:06 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
==================== Arquivos na raiz de alguns diretórios =======
2015-12-24 19:02 - 2015-12-24 19:02 - 0000000 _____ () C:\Users\note\AppData\Local\{7050444F-B692-45C6-86C3-4F016703572D}
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2015-12-31 08:03
==================== Fim de FRST.txt ============================
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:10-01-2015 01
Executado por note (2016-01-16 11:56:49)
Executando a partir de C:\Users\note\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-09-29 00:13:27)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2613640555-1934774403-2107965588-500 - Administrator - Disabled)
Convidado (S-1-5-21-2613640555-1934774403-2107965588-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2613640555-1934774403-2107965588-1002 - Limited - Enabled)
note (S-1-5-21-2613640555-1934774403-2107965588-1000 - Administrator - Enabled) => C:\Users\note
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: AVG AntiVirus Free Edition (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
ACDSee 15 (HKLM-x32\...\{B580C89C-F7F8-4A78-BAF0-5560C6E9E76D}) (Version: 15.2.212 - ACD Systems International Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Aplicativo Itaú (HKLM-x32\...\{DB13E590-A006-4556-8DF4-67EB5F1B2EB5}) (Version: 1.0.57 - Banco Itaú)
AVG (Version: 16.12.7294 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7294 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.196.18 - Broadcom Corporation)
Calibrize 2.0 (HKLM-x32\...\Calibrize_is1) (Version: - Colorjinn)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
EVEREST Ultimate Edition v5.30 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.30 - Lavalys, Inc.)
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Camera Codec Pack (HKLM\...\{8DEC84EB-77F9-481E-BA44-9F40C816B8FF}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {093E2D57-A343-45E3-9192-DC9ACAF5DA40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {0CC530EA-B0C8-4865-973F-ECF06FAD7669} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {3BFC33FE-0059-4BB3-AAF6-718F91C7C3A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {4F23A100-5E49-4825-979B-4357D54F25CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {6FB7AFB4-20C6-4916-8A60-A435C7193063} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {95D67569-9E97-466E-A616-303DA928B5BD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:10-01-2015 01
Executado por note (administrador) em NOTE-PC (16-01-2016 10:52:43)
Executando a partir de C:\Users\note\Downloads
Perfis Carregados: note (Perfis Disponíveis: note)
Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\note\Downloads\FRST64 (1).exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7144960 2015-09-28] (Broadcom Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2814864 2015-12-17] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1139112 2015-12-08] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ACSW15EN] => C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [1135304 2012-12-17] (ACD Systems)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco)
HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\Run: [GoogleChromeAutoLaunch_A7DC97DA8E421CE530DA6D7F07DA8440] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-11-12] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 200.152.98.2 200.152.98.5 192.168.0.1
Tcpip\..\Interfaces\{777B7622-0D1D-4A31-89F8-EB03DE6AFD97}: [DhcpNameServer] 200.152.98.2 200.152.98.5 192.168.0.1
Internet Explorer:
==================
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll [2015-12-17] (AVG)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco)
FireFox:
========
FF ProfilePath: C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.4\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default\Extensions\abs@avira.com [2015-12-27]
FF Extension: Avira SafeSearch Plus - C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default\Extensions\safesearchplus2@avira.com [2015-12-27]
Chrome:
=======
CHR DefaultSearchURL: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR Profile: C:\Users\note\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\note\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1049000 2015-12-08] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [587576 2015-08-12] (GAS Tecnologia)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 vToolbarUpdater40.2.4; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2015-12-17] (AVG Secure Search)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5836800 2015-09-28] (Broadcom Corporation) [Arquivo não assinado]
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-17] ()
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-01-16] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-04] (GAS Tecnologia)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-04] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-16 10:51 - 2016-01-16 10:51 - 02370560 _____ (Farbar) C:\Users\note\Downloads\FRST64 (1).exe
2016-01-16 08:44 - 2016-01-16 10:52 - 00011200 _____ C:\Users\note\Downloads\FRST.txt
2016-01-16 08:44 - 2016-01-16 08:46 - 00020885 _____ C:\Users\note\Downloads\Addition.txt
2016-01-16 08:43 - 2016-01-16 10:52 - 00000000 ____D C:\FRST
2016-01-16 08:43 - 2016-01-16 08:43 - 02370560 _____ (Farbar) C:\Users\note\Downloads\FRST64.exe
2016-01-16 08:42 - 2016-01-16 08:42 - 01721856 _____ (Farbar) C:\Users\note\Downloads\FRST.exe
2016-01-10 08:33 - 2016-01-10 08:33 - 00002845 _____ C:\Users\Public\Desktop\ACDSee 15.lnk
2016-01-10 08:33 - 2016-01-10 08:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2016-01-10 08:32 - 2016-01-10 08:32 - 00000000 ____D C:\Program Files (x86)\ACD Systems
2016-01-10 08:22 - 2016-01-10 08:22 - 00000000 ____D C:\Spacekace
2016-01-10 08:11 - 2016-01-10 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-01-10 08:07 - 2016-01-10 08:07 - 17223680 _____ C:\Users\note\Downloads\MicrosoftCameraCodecPack-x64.msi
2016-01-10 08:02 - 2016-01-10 08:06 - 243833520 _____ C:\Users\note\Downloads\DNGConverter_9_3.exe
2016-01-07 20:21 - 2016-01-07 20:21 - 14283821 _____ C:\Users\note\Downloads\Nikon-PT-Camera-D90.zip
2016-01-03 07:43 - 2015-10-08 21:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-01-03 07:43 - 2015-10-08 21:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-01-03 07:43 - 2015-10-08 17:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-01-03 07:43 - 2015-10-08 16:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-30 22:50 - 2016-01-02 17:48 - 00000000 ____D C:\Users\note\Desktop\fRIBURGO
2015-12-29 22:32 - 2015-12-29 22:32 - 00521340 _____ C:\Users\note\Downloads\Fatura_012016_MICHELLE_5829_MASTER_00068718710595.PDF
2015-12-29 20:11 - 2015-12-29 20:11 - 00000000 ____D C:\Users\note\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2015-12-27 14:19 - 2015-12-27 14:19 - 00000000 ____D C:\Users\note\AppData\Roaming\Mozilla
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\Users\Todos os Usuários\Avira
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\ProgramData\Avira
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-27 14:07 - 2015-12-27 14:07 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\note\Downloads\avira_pt-br_av_56800c8996406__ws.exe
2015-12-24 19:02 - 2015-12-24 19:02 - 00000000 _____ C:\Users\note\AppData\Local\{7050444F-B692-45C6-86C3-4F016703572D}
2015-12-17 22:19 - 2015-12-17 22:19 - 00001126 _____ C:\Users\note\Desktop\EVEREST Ultimate Edition.lnk
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-16 10:48 - 2015-09-28 22:23 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-16 09:48 - 2009-07-14 02:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-16 09:48 - 2009-07-14 02:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-16 09:46 - 2015-10-10 16:48 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-16 09:45 - 2015-10-10 16:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-16 09:06 - 2015-11-15 04:47 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{071E9C56-2647-4C90-944C-09030F262E6E}
2016-01-16 09:01 - 2015-10-08 23:03 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-01-16 09:00 - 2015-10-08 23:03 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-01-16 09:00 - 2015-09-28 22:23 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-16 09:00 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-01-16 08:59 - 2015-10-08 23:03 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-01-16 08:59 - 2015-10-08 23:03 - 00000000 ____D C:\ProgramData\GbPlugin
2016-01-16 08:59 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-16 08:59 - 2009-07-14 01:20 - 00000000 ____D C:\Windows
2016-01-16 08:39 - 2015-10-08 21:43 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2016-01-16 08:39 - 2015-10-08 21:43 - 00000000 ____D C:\ProgramData\MFAData
2016-01-14 21:34 - 2015-10-08 21:33 - 00000000 ____D C:\Users\note\AppData\Local\ElevatedDiagnostics
2016-01-14 21:14 - 2015-10-08 22:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-14 05:44 - 2014-08-04 08:49 - 00000000 ____D C:\Users\note\Documents\SENHAS
2016-01-13 21:15 - 2015-09-28 22:24 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-10 08:11 - 2015-10-10 16:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-05 07:42 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2016-01-04 09:40 - 2009-07-14 02:45 - 00404416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-02 20:49 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-02 17:34 - 2009-07-14 15:55 - 00708586 _____ C:\Windows\system32\prfh0416.dat
2016-01-02 17:34 - 2009-07-14 15:55 - 00148366 _____ C:\Windows\system32\prfc0416.dat
2016-01-02 17:34 - 2009-07-14 03:13 - 01642378 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-02 12:05 - 2009-07-14 03:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-29 20:11 - 2015-11-25 03:52 - 00002165 _____ C:\Users\note\Desktop\Itaú.lnk
2015-12-29 20:11 - 2015-11-25 03:52 - 00000000 ____D C:\Users\note\AppData\Local\Aplicativo Itau
2015-12-27 15:37 - 2015-10-08 21:44 - 00000000 ____D C:\Users\note\AppData\Local\AvgSetupLog
2015-12-27 15:37 - 2015-09-28 21:55 - 00000000 ____D C:\Windows\Panther
2015-12-27 15:37 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\tracing
2015-12-27 15:37 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-12-27 15:07 - 2015-09-28 22:20 - 00102184 _____ C:\Users\note\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-27 14:49 - 2015-11-20 19:19 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-27 14:49 - 2015-11-20 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-12-26 14:04 - 2015-11-15 05:05 - 01606924 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-18 23:42 - 2015-11-28 02:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 23:42 - 2015-11-28 02:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 20:25 - 2015-10-08 22:06 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
==================== Arquivos na raiz de alguns diretórios =======
2015-12-24 19:02 - 2015-12-24 19:02 - 0000000 _____ () C:\Users\note\AppData\Local\{7050444F-B692-45C6-86C3-4F016703572D}
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2015-12-31 08:03
==================== Fim de FRST.txt ============================
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:10-01-2015 01
Executado por note (2016-01-16 11:56:49)
Executando a partir de C:\Users\note\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-09-29 00:13:27)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2613640555-1934774403-2107965588-500 - Administrator - Disabled)
Convidado (S-1-5-21-2613640555-1934774403-2107965588-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2613640555-1934774403-2107965588-1002 - Limited - Enabled)
note (S-1-5-21-2613640555-1934774403-2107965588-1000 - Administrator - Enabled) => C:\Users\note
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: AVG AntiVirus Free Edition (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
ACDSee 15 (HKLM-x32\...\{B580C89C-F7F8-4A78-BAF0-5560C6E9E76D}) (Version: 15.2.212 - ACD Systems International Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Aplicativo Itaú (HKLM-x32\...\{DB13E590-A006-4556-8DF4-67EB5F1B2EB5}) (Version: 1.0.57 - Banco Itaú)
AVG (Version: 16.12.7294 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7294 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.196.18 - Broadcom Corporation)
Calibrize 2.0 (HKLM-x32\...\Calibrize_is1) (Version: - Colorjinn)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
EVEREST Ultimate Edition v5.30 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.30 - Lavalys, Inc.)
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Camera Codec Pack (HKLM\...\{8DEC84EB-77F9-481E-BA44-9F40C816B8FF}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {093E2D57-A343-45E3-9192-DC9ACAF5DA40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {0CC530EA-B0C8-4865-973F-ECF06FAD7669} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {3BFC33FE-0059-4BB3-AAF6-718F91C7C3A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {4F23A100-5E49-4825-979B-4357D54F25CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {6FB7AFB4-20C6-4916-8A60-A435C7193063} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {95D67569-9E97-466E-A616-303DA928B5BD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
Jose Wilson- Iniciante
- Mensagens : 47
Reputação : 1
Data de inscrição : 07/10/2013
Idade : 64
Localização : Centro - Rio de Janeiro
Re: Imagens bloqueadas
por joram Sáb 16 Jan 2016, 14:37
/!\ Boa Tarde! Jose Wilson /!\
> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as no desktop! ( Área de trabalho ... )
start
CloseProcesses:
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
CHR DefaultSearchURL: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF Extension: Avira Browser Safety - C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default\Extensions\abs@avira.com [2015-12-27]
FF Extension: Avira SafeSearch Plus - C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default\Extensions\safesearchplus2@avira.com [2015-12-27]
Task: {3BFC33FE-0059-4BB3-AAF6-718F91C7C3A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\Windows\System32:871D4EC4_Uni.gbp
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end
> Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
> Na mensagem,clique Executar.
> Poste o relatório! (Fixlog.txt)
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >
A+
> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as no desktop! ( Área de trabalho ... )
start
CloseProcesses:
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
CHR DefaultSearchURL: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
FF Extension: Avira Browser Safety - C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default\Extensions\abs@avira.com [2015-12-27]
FF Extension: Avira SafeSearch Plus - C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default\Extensions\safesearchplus2@avira.com [2015-12-27]
Task: {3BFC33FE-0059-4BB3-AAF6-718F91C7C3A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\Windows\System32:871D4EC4_Uni.gbp
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
CreateRestorePoint:
RemoveProxy:
EmptyTemp:
Reboot:
Hosts:
end
> Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
> Na mensagem,clique Executar.
> Poste o relatório! (Fixlog.txt)
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Imagens bloqueadas
por Jose Wilson Sáb 16 Jan 2016, 18:08
Desculpe minha ignorância, mas quando mando corrigir ele diz que o arquivo está salvo na pasta ou diretorio onde a se encontra.
Jose Wilson- Iniciante
- Mensagens : 47
Reputação : 1
Data de inscrição : 07/10/2013
Idade : 64
Localização : Centro - Rio de Janeiro
Re: Imagens bloqueadas
por joram Sáb 16 Jan 2016, 18:19
/!\ Boa Noite! Jose Wilson /!\
> Mova FRST.exe ao desktop,pois o mesmo está em pasta incorreta! ( C:\Users\note\Downloads )
> Ao concluir,repita o procedimento!
A+
> Mova FRST.exe ao desktop,pois o mesmo está em pasta incorreta! ( C:\Users\note\Downloads )
> Ao concluir,repita o procedimento!
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Imagens bloqueadas
por Jose Wilson Seg 18 Jan 2016, 20:29
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Desculpe-me a demora, é que cheguei à pouco do trabalho.
Obs. O navegador google Chrome não está funcionado
Desculpe-me a demora, é que cheguei à pouco do trabalho.
Obs. O navegador google Chrome não está funcionado
Jose Wilson- Iniciante
- Mensagens : 47
Reputação : 1
Data de inscrição : 07/10/2013
Idade : 64
Localização : Centro - Rio de Janeiro
Re: Imagens bloqueadas
por joram Seg 18 Jan 2016, 20:59
/_ Jose Wilson _\Jose Wilson escreveu:Desculpe-me a demora, é que cheguei à pouco do trabalho.
Obs. O navegador google Chrome não está funcionado
> Como o Avira foi mal desinstalado desde a origem,a remoção de alguns resquícios em pontos chave ou sensíveis,podem paralizar um navegador,um teclado,um mouse...CHR DefaultSearchURL: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
> Poste novo relatório da FRST. ( FRST.txt + Addition.txt )
> Neste caso,não há mais necessidade de configurá-la para 90 dias.
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Imagens bloqueadas
por Jose Wilson Ter 19 Jan 2016, 03:44
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:18-01-2016
Executado por note (administrador) em NOTE-PC (19-01-2016 03:38:49)
Executando a partir de C:\Users\note\Desktop
Perfis Carregados: note (Perfis Disponíveis: note)
Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\note\Desktop\FRST64 (1).exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\note\Desktop\FRST64 (1).exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7144960 2015-09-28] (Broadcom Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2814864 2015-12-17] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [91048 2015-12-08] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ACSW15EN] => C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [1135304 2012-12-17] (ACD Systems)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco)
HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\Run: [GoogleChromeAutoLaunch_A7DC97DA8E421CE530DA6D7F07DA8440] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-11-12] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 200.152.98.2 200.152.98.5 192.168.0.1
Tcpip\..\Interfaces\{777B7622-0D1D-4A31-89F8-EB03DE6AFD97}: [DhcpNameServer] 200.152.98.2 200.152.98.5 192.168.0.1
Internet Explorer:
==================
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll [2015-12-17] (AVG)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco)
FireFox:
========
FF ProfilePath: C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.4\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\note\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1049000 2015-12-08] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [587576 2015-08-12] (GAS Tecnologia)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 vToolbarUpdater40.2.4; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2015-12-17] (AVG Secure Search)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5836800 2015-09-28] (Broadcom Corporation) [Arquivo não assinado]
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-17] ()
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-01-19] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-04] (GAS Tecnologia)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-04] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-18 20:36 - 2016-01-18 20:36 - 00002980 _____ C:\Windows\System32\Tasks\{1A6AB1AF-7E6C-49AF-A9B8-8390580FC867}
2016-01-18 19:57 - 2016-01-18 19:58 - 00004145 _____ C:\Users\note\Documents\Fixlog.txt
2016-01-18 19:54 - 2016-01-18 19:54 - 00001227 _____ C:\Users\note\Documents\fxlist..txt
2016-01-18 19:51 - 2016-01-19 03:39 - 00010612 _____ C:\Users\note\Desktop\FRST.txt
2016-01-18 19:51 - 2016-01-18 20:05 - 00134715 _____ C:\Users\note\Documents\FRST.txt
2016-01-18 19:51 - 2016-01-18 19:56 - 00020571 _____ C:\Users\note\Documents\Addition.txt
2016-01-18 19:49 - 2016-01-18 19:49 - 02370560 _____ (Farbar) C:\Users\note\Desktop\FRST64 (1).exe
2016-01-16 08:44 - 2016-01-16 08:46 - 00020885 _____ C:\Users\note\Downloads\Addition.txt
2016-01-16 08:43 - 2016-01-19 03:38 - 00000000 ____D C:\FRST
2016-01-13 21:52 - 2015-12-23 21:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 21:52 - 2015-12-23 20:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 21:52 - 2015-12-12 16:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 21:52 - 2015-12-12 16:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 21:52 - 2015-12-12 16:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 21:52 - 2015-12-12 16:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 21:52 - 2015-12-12 16:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 21:52 - 2015-12-12 16:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 21:52 - 2015-12-12 16:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 21:52 - 2015-12-12 16:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 21:52 - 2015-12-12 16:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 21:52 - 2015-12-12 16:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 21:52 - 2015-12-12 16:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 21:52 - 2015-12-12 16:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 21:52 - 2015-12-12 16:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 21:52 - 2015-12-12 16:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 21:52 - 2015-12-12 16:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 21:52 - 2015-12-12 16:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 21:52 - 2015-12-12 16:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 21:52 - 2015-12-12 16:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 21:52 - 2015-12-12 15:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 21:52 - 2015-12-12 15:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 21:52 - 2015-12-12 15:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 21:52 - 2015-12-12 15:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 21:52 - 2015-12-12 15:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 21:52 - 2015-12-12 15:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 21:52 - 2015-12-12 15:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 21:52 - 2015-12-12 15:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 21:52 - 2015-12-12 15:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 21:52 - 2015-12-12 15:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 21:52 - 2015-12-12 15:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 21:52 - 2015-12-12 15:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 21:52 - 2015-12-12 15:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 21:52 - 2015-12-12 15:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 21:52 - 2015-12-12 15:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 21:52 - 2015-12-12 15:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 21:52 - 2015-12-12 15:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 21:52 - 2015-12-12 15:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 21:52 - 2015-12-12 15:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 21:52 - 2015-12-12 15:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 21:52 - 2015-12-12 15:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 21:52 - 2015-12-12 15:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 21:52 - 2015-12-12 15:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 21:52 - 2015-12-12 15:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 21:52 - 2015-12-12 15:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 21:52 - 2015-12-12 15:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 21:52 - 2015-12-12 15:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 21:52 - 2015-12-12 15:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 21:52 - 2015-12-12 15:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 21:52 - 2015-12-12 15:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 21:52 - 2015-12-12 15:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 21:52 - 2015-12-12 15:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 21:52 - 2015-12-12 15:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 21:52 - 2015-12-12 15:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 21:52 - 2015-12-12 15:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 21:52 - 2015-12-12 15:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 21:52 - 2015-12-12 15:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 21:52 - 2015-12-12 15:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 21:52 - 2015-12-12 15:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 21:52 - 2015-12-12 14:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 21:52 - 2015-12-12 14:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 21:52 - 2015-12-12 14:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 21:52 - 2015-12-12 14:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 21:52 - 2015-12-12 14:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 21:42 - 2015-11-16 23:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 21:42 - 2015-11-16 23:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 21:42 - 2015-11-16 23:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 21:42 - 2015-11-16 23:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 21:42 - 2015-11-16 23:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 21:42 - 2015-11-16 23:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 21:42 - 2015-11-16 18:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 21:41 - 2015-12-11 16:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 21:41 - 2015-11-13 21:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 21:41 - 2015-11-13 21:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 21:41 - 2015-11-13 21:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 21:41 - 2015-11-13 20:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 21:41 - 2015-11-13 20:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 21:41 - 2015-11-13 20:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 21:40 - 2015-12-08 19:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 21:40 - 2015-12-08 17:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 21:39 - 2015-12-08 19:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 21:39 - 2015-12-08 19:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 21:39 - 2015-12-08 19:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 21:39 - 2015-12-08 19:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 21:39 - 2015-12-08 19:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 21:39 - 2015-12-08 19:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 21:39 - 2015-12-08 19:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 21:39 - 2015-12-08 17:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 21:39 - 2015-12-08 17:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 21:39 - 2015-12-08 17:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 21:39 - 2015-12-08 17:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 21:39 - 2015-12-08 16:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 21:39 - 2015-12-08 16:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 21:39 - 2015-12-08 16:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 21:37 - 2015-12-08 15:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 21:32 - 2015-12-08 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 21:32 - 2015-12-08 17:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 21:31 - 2015-12-08 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 21:31 - 2015-12-08 17:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 21:30 - 2015-12-30 17:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 21:30 - 2015-12-30 17:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 21:30 - 2015-12-30 17:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 21:30 - 2015-12-30 17:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 21:30 - 2015-12-30 17:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 21:30 - 2015-12-30 16:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 21:30 - 2015-12-30 16:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 21:30 - 2015-12-30 16:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 21:30 - 2015-12-30 16:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 21:30 - 2015-12-30 16:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 21:30 - 2015-12-30 16:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 21:30 - 2015-12-30 16:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 21:30 - 2015-12-30 16:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 21:30 - 2015-12-30 16:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 21:30 - 2015-12-30 16:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 21:30 - 2015-12-30 16:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 21:30 - 2015-12-30 16:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 21:30 - 2015-12-30 16:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 21:30 - 2015-12-30 16:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 21:30 - 2015-12-30 16:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 21:30 - 2015-12-30 16:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 21:30 - 2015-12-30 16:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 21:30 - 2015-12-30 16:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 21:30 - 2015-12-30 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 21:30 - 2015-12-30 16:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 21:30 - 2015-12-30 16:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 15:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 21:30 - 2015-12-30 15:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 21:30 - 2015-12-30 15:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 21:30 - 2015-12-30 15:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 21:30 - 2015-12-30 15:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 21:30 - 2015-12-30 15:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 21:30 - 2015-12-30 15:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 21:30 - 2015-12-30 15:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 21:30 - 2015-12-30 15:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 21:30 - 2015-12-30 15:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 21:30 - 2015-12-30 15:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 21:30 - 2015-12-30 15:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 21:30 - 2015-12-30 15:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 21:30 - 2015-12-30 15:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 21:30 - 2015-12-30 15:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 15:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-10 08:33 - 2016-01-10 08:33 - 00002845 _____ C:\Users\Public\Desktop\ACDSee 15.lnk
2016-01-10 08:33 - 2016-01-10 08:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2016-01-10 08:32 - 2016-01-10 08:32 - 00000000 ____D C:\Program Files (x86)\ACD Systems
2016-01-10 08:22 - 2016-01-10 08:22 - 00000000 ____D C:\Spacekace
2016-01-10 08:11 - 2016-01-10 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-01-10 08:07 - 2016-01-10 08:07 - 17223680 _____ C:\Users\note\Downloads\MicrosoftCameraCodecPack-x64.msi
2016-01-10 08:02 - 2016-01-10 08:06 - 243833520 _____ C:\Users\note\Downloads\DNGConverter_9_3.exe
2016-01-07 20:21 - 2016-01-07 20:21 - 14283821 _____ C:\Users\note\Downloads\Nikon-PT-Camera-D90.zip
2016-01-03 07:43 - 2015-10-08 21:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-01-03 07:43 - 2015-10-08 21:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-01-03 07:43 - 2015-10-08 17:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-01-03 07:43 - 2015-10-08 16:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-30 22:50 - 2016-01-02 17:48 - 00000000 ____D C:\Users\note\Desktop\fRIBURGO
2015-12-29 22:32 - 2015-12-29 22:32 - 00521340 _____ C:\Users\note\Downloads\Fatura_012016_MICHELLE_5829_MASTER_00068718710595.PDF
2015-12-29 20:11 - 2015-12-29 20:11 - 00000000 ____D C:\Users\note\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2015-12-27 14:19 - 2015-12-27 14:19 - 00000000 ____D C:\Users\note\AppData\Roaming\Mozilla
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\Users\Todos os Usuários\Avira
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\ProgramData\Avira
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-27 14:07 - 2015-12-27 14:07 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\note\Downloads\avira_pt-br_av_56800c8996406__ws.exe
2015-12-24 19:02 - 2015-12-24 19:02 - 00000000 _____ C:\Users\note\AppData\Local\{7050444F-B692-45C6-86C3-4F016703572D}
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-19 03:39 - 2015-10-08 23:03 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-01-19 03:39 - 2015-09-28 22:23 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-19 03:37 - 2015-11-15 04:47 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{071E9C56-2647-4C90-944C-09030F262E6E}
2016-01-19 03:01 - 2015-09-28 22:23 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-18 20:09 - 2009-07-14 02:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-18 20:09 - 2009-07-14 02:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-18 20:08 - 2015-10-08 23:03 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-01-18 20:07 - 2015-10-08 23:03 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-01-18 20:07 - 2015-10-08 23:03 - 00000000 ____D C:\ProgramData\GbPlugin
2016-01-18 19:59 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-18 19:58 - 2015-10-18 16:48 - 00000000 ____D C:\Users\note\AppData\LocalLow\Temp
2016-01-18 19:55 - 2009-07-14 01:20 - 00000000 ____D C:\Windows
2016-01-18 18:59 - 2015-10-08 21:43 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2016-01-18 18:59 - 2015-10-08 21:43 - 00000000 ____D C:\ProgramData\MFAData
2016-01-18 15:21 - 2009-07-14 15:55 - 00708586 _____ C:\Windows\system32\prfh0416.dat
2016-01-18 15:21 - 2009-07-14 15:55 - 00148366 _____ C:\Windows\system32\prfc0416.dat
2016-01-18 15:21 - 2009-07-14 03:13 - 01642378 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-18 15:21 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-01-17 22:01 - 2009-07-14 02:45 - 00404416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-17 21:57 - 2015-10-09 06:48 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-17 21:57 - 2015-10-09 06:48 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-17 05:58 - 2015-10-09 06:32 - 00000000 ____D C:\Windows\system32\MRT
2016-01-17 05:54 - 2015-10-09 06:32 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-16 09:45 - 2015-10-10 16:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 21:34 - 2015-10-08 21:33 - 00000000 ____D C:\Users\note\AppData\Local\ElevatedDiagnostics
2016-01-14 21:14 - 2015-10-08 22:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-14 05:44 - 2014-08-04 08:49 - 00000000 ____D C:\Users\note\Documents\SENHAS
2016-01-13 21:15 - 2015-09-28 22:24 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-10 08:11 - 2015-10-10 16:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-05 07:42 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2016-01-02 20:49 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-02 12:05 - 2009-07-14 03:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-29 20:11 - 2015-11-25 03:52 - 00002165 _____ C:\Users\note\Desktop\Itaú.lnk
2015-12-29 20:11 - 2015-11-25 03:52 - 00000000 ____D C:\Users\note\AppData\Local\Aplicativo Itau
2015-12-27 15:37 - 2015-10-08 21:44 - 00000000 ____D C:\Users\note\AppData\Local\AvgSetupLog
2015-12-27 15:37 - 2015-09-28 21:55 - 00000000 ____D C:\Windows\Panther
2015-12-27 15:37 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\tracing
2015-12-27 15:37 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-12-27 15:07 - 2015-09-28 22:20 - 00102184 _____ C:\Users\note\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-27 14:49 - 2015-11-20 19:19 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-27 14:49 - 2015-11-20 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-12-26 14:04 - 2015-11-15 05:05 - 01606924 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Arquivos na raiz de alguns diretórios =======
2015-12-24 19:02 - 2015-12-24 19:02 - 0000000 _____ () C:\Users\note\AppData\Local\{7050444F-B692-45C6-86C3-4F016703572D}
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-01-16 20:58
==================== Fim de FRST.txt ============================
Executado por note (administrador) em NOTE-PC (19-01-2016 03:38:49)
Executando a partir de C:\Users\note\Desktop
Perfis Carregados: note (Perfis Disponíveis: note)
Platform: Windows 7 Professional Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\note\Desktop\FRST64 (1).exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\note\Desktop\FRST64 (1).exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7144960 2015-09-28] (Broadcom Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2814864 2015-12-17] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [91048 2015-12-08] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ACSW15EN] => C:\Program Files (x86)\ACD Systems\ACDSee\15.0\ACDSee15InTouch2.exe [1135304 2012-12-17] (ACD Systems)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-09-04] (Banco Itaú Unibanco)
HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\Run: [GoogleChromeAutoLaunch_A7DC97DA8E421CE530DA6D7F07DA8440] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-11-12] (Microsoft Corporation)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1896696 2015-09-04] (Banco Itaú Unibanco)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 200.152.98.2 200.152.98.5 192.168.0.1
Tcpip\..\Interfaces\{777B7622-0D1D-4A31-89F8-EB03DE6AFD97}: [DhcpNameServer] 200.152.98.2 200.152.98.5 192.168.0.1
Internet Explorer:
==================
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll [2015-12-17] (AVG)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-09-04] (Banco Itaú Unibanco)
FireFox:
========
FF ProfilePath: C:\Users\note\AppData\Roaming\Mozilla\Firefox\Profiles\BOayKnS3.default
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.4\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\note\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1049000 2015-12-08] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [587576 2015-08-12] (GAS Tecnologia)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 vToolbarUpdater40.2.4; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\ToolbarUpdater.exe [1923984 2015-12-17] (AVG Secure Search)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [858424 2015-06-19] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5836800 2015-09-28] (Broadcom Corporation) [Arquivo não assinado]
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-17] ()
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-01-19] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-04] (GAS Tecnologia)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-04] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-04-01] (Basil)
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-18 20:36 - 2016-01-18 20:36 - 00002980 _____ C:\Windows\System32\Tasks\{1A6AB1AF-7E6C-49AF-A9B8-8390580FC867}
2016-01-18 19:57 - 2016-01-18 19:58 - 00004145 _____ C:\Users\note\Documents\Fixlog.txt
2016-01-18 19:54 - 2016-01-18 19:54 - 00001227 _____ C:\Users\note\Documents\fxlist..txt
2016-01-18 19:51 - 2016-01-19 03:39 - 00010612 _____ C:\Users\note\Desktop\FRST.txt
2016-01-18 19:51 - 2016-01-18 20:05 - 00134715 _____ C:\Users\note\Documents\FRST.txt
2016-01-18 19:51 - 2016-01-18 19:56 - 00020571 _____ C:\Users\note\Documents\Addition.txt
2016-01-18 19:49 - 2016-01-18 19:49 - 02370560 _____ (Farbar) C:\Users\note\Desktop\FRST64 (1).exe
2016-01-16 08:44 - 2016-01-16 08:46 - 00020885 _____ C:\Users\note\Downloads\Addition.txt
2016-01-16 08:43 - 2016-01-19 03:38 - 00000000 ____D C:\FRST
2016-01-13 21:52 - 2015-12-23 21:13 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-13 21:52 - 2015-12-23 20:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-13 21:52 - 2015-12-12 16:54 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 21:52 - 2015-12-12 16:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-13 21:52 - 2015-12-12 16:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-01-13 21:52 - 2015-12-12 16:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-01-13 21:52 - 2015-12-12 16:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-13 21:52 - 2015-12-12 16:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 21:52 - 2015-12-12 16:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-13 21:52 - 2015-12-12 16:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-01-13 21:52 - 2015-12-12 16:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-01-13 21:52 - 2015-12-12 16:07 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 21:52 - 2015-12-12 16:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-13 21:52 - 2015-12-12 16:07 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-01-13 21:52 - 2015-12-12 16:03 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-13 21:52 - 2015-12-12 16:02 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 21:52 - 2015-12-12 16:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 21:52 - 2015-12-12 16:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-01-13 21:52 - 2015-12-12 16:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-13 21:52 - 2015-12-12 16:02 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-01-13 21:52 - 2015-12-12 15:55 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-01-13 21:52 - 2015-12-12 15:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-13 21:52 - 2015-12-12 15:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-01-13 21:52 - 2015-12-12 15:44 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-01-13 21:52 - 2015-12-12 15:40 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-01-13 21:52 - 2015-12-12 15:39 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 21:52 - 2015-12-12 15:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 21:52 - 2015-12-12 15:37 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-13 21:52 - 2015-12-12 15:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-01-13 21:52 - 2015-12-12 15:37 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-01-13 21:52 - 2015-12-12 15:36 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-01-13 21:52 - 2015-12-12 15:36 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-13 21:52 - 2015-12-12 15:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-01-13 21:52 - 2015-12-12 15:33 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-13 21:52 - 2015-12-12 15:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-01-13 21:52 - 2015-12-12 15:30 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-01-13 21:52 - 2015-12-12 15:28 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-13 21:52 - 2015-12-12 15:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 21:52 - 2015-12-12 15:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-01-13 21:52 - 2015-12-12 15:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-01-13 21:52 - 2015-12-12 15:25 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-13 21:52 - 2015-12-12 15:23 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 21:52 - 2015-12-12 15:22 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-13 21:52 - 2015-12-12 15:21 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-01-13 21:52 - 2015-12-12 15:20 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-13 21:52 - 2015-12-12 15:19 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-01-13 21:52 - 2015-12-12 15:18 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 21:52 - 2015-12-12 15:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-01-13 21:52 - 2015-12-12 15:12 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-01-13 21:52 - 2015-12-12 15:10 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-13 21:52 - 2015-12-12 15:10 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-01-13 21:52 - 2015-12-12 15:09 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 21:52 - 2015-12-12 15:08 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-01-13 21:52 - 2015-12-12 15:06 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 21:52 - 2015-12-12 15:02 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-13 21:52 - 2015-12-12 15:00 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 21:52 - 2015-12-12 15:00 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-13 21:52 - 2015-12-12 15:00 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-01-13 21:52 - 2015-12-12 15:00 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 21:52 - 2015-12-12 14:54 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 21:52 - 2015-12-12 14:42 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 21:52 - 2015-12-12 14:41 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 21:52 - 2015-12-12 14:38 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 21:52 - 2015-12-12 14:36 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 21:42 - 2015-11-16 23:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 21:42 - 2015-11-16 23:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 21:42 - 2015-11-16 23:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 21:42 - 2015-11-16 23:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 21:42 - 2015-11-16 23:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 21:42 - 2015-11-16 23:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-13 21:42 - 2015-11-16 18:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 21:41 - 2015-12-11 16:57 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 21:41 - 2015-11-13 21:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 21:41 - 2015-11-13 21:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 21:41 - 2015-11-13 21:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-13 21:41 - 2015-11-13 20:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-01-13 21:41 - 2015-11-13 20:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-01-13 21:41 - 2015-11-13 20:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-01-13 21:40 - 2015-12-08 19:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 21:40 - 2015-12-08 17:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 21:39 - 2015-12-08 19:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-01-13 21:39 - 2015-12-08 19:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-01-13 21:39 - 2015-12-08 19:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 21:39 - 2015-12-08 19:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 21:39 - 2015-12-08 19:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 21:39 - 2015-12-08 19:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 21:39 - 2015-12-08 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-01-13 21:39 - 2015-12-08 19:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-01-13 21:39 - 2015-12-08 19:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-01-13 21:39 - 2015-12-08 19:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 21:39 - 2015-12-08 17:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 21:39 - 2015-12-08 17:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 21:39 - 2015-12-08 17:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 21:39 - 2015-12-08 17:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 21:39 - 2015-12-08 17:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 21:39 - 2015-12-08 17:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 21:39 - 2015-12-08 16:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 21:39 - 2015-12-08 16:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 21:39 - 2015-12-08 16:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 21:37 - 2015-12-08 15:58 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-13 21:32 - 2015-12-08 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 21:32 - 2015-12-08 17:07 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 21:31 - 2015-12-08 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 21:31 - 2015-12-08 17:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 21:30 - 2015-12-30 17:08 - 05572544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 21:30 - 2015-12-30 17:08 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 21:30 - 2015-12-30 17:08 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-13 21:30 - 2015-12-30 17:05 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-13 21:30 - 2015-12-30 17:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-13 21:30 - 2015-12-30 17:01 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-13 21:30 - 2015-12-30 17:00 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-13 21:30 - 2015-12-30 16:59 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-13 21:30 - 2015-12-30 16:59 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 21:30 - 2015-12-30 16:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-13 21:30 - 2015-12-30 16:58 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 21:30 - 2015-12-30 16:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-13 21:30 - 2015-12-30 16:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-13 21:30 - 2015-12-30 16:57 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-13 21:30 - 2015-12-30 16:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-13 21:30 - 2015-12-30 16:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-13 21:30 - 2015-12-30 16:55 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-13 21:30 - 2015-12-30 16:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:47 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-13 21:30 - 2015-12-30 16:47 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-13 21:30 - 2015-12-30 16:44 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-13 21:30 - 2015-12-30 16:41 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-13 21:30 - 2015-12-30 16:40 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 21:30 - 2015-12-30 16:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-13 21:30 - 2015-12-30 16:39 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-13 21:30 - 2015-12-30 16:39 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 21:30 - 2015-12-30 16:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-13 21:30 - 2015-12-30 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-13 21:30 - 2015-12-30 16:38 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-13 21:30 - 2015-12-30 16:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 16:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 15:57 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-13 21:30 - 2015-12-30 15:50 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-13 21:30 - 2015-12-30 15:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-13 21:30 - 2015-12-30 15:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-13 21:30 - 2015-12-30 15:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 21:30 - 2015-12-30 15:42 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-13 21:30 - 2015-12-30 15:42 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 21:30 - 2015-12-30 15:41 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-13 21:30 - 2015-12-30 15:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-13 21:30 - 2015-12-30 15:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-13 21:30 - 2015-12-30 15:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-13 21:30 - 2015-12-30 15:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-13 21:30 - 2015-12-30 15:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-13 21:30 - 2015-12-30 15:30 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-13 21:30 - 2015-12-30 15:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 15:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 15:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-13 21:30 - 2015-12-30 15:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-10 08:33 - 2016-01-10 08:33 - 00002845 _____ C:\Users\Public\Desktop\ACDSee 15.lnk
2016-01-10 08:33 - 2016-01-10 08:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2016-01-10 08:32 - 2016-01-10 08:32 - 00000000 ____D C:\Program Files (x86)\ACD Systems
2016-01-10 08:22 - 2016-01-10 08:22 - 00000000 ____D C:\Spacekace
2016-01-10 08:11 - 2016-01-10 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-01-10 08:07 - 2016-01-10 08:07 - 17223680 _____ C:\Users\note\Downloads\MicrosoftCameraCodecPack-x64.msi
2016-01-10 08:02 - 2016-01-10 08:06 - 243833520 _____ C:\Users\note\Downloads\DNGConverter_9_3.exe
2016-01-07 20:21 - 2016-01-07 20:21 - 14283821 _____ C:\Users\note\Downloads\Nikon-PT-Camera-D90.zip
2016-01-03 07:43 - 2015-10-08 21:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-01-03 07:43 - 2015-10-08 21:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-01-03 07:43 - 2015-10-08 21:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-01-03 07:43 - 2015-10-08 21:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-01-03 07:43 - 2015-10-08 17:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-01-03 07:43 - 2015-10-08 16:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-30 22:50 - 2016-01-02 17:48 - 00000000 ____D C:\Users\note\Desktop\fRIBURGO
2015-12-29 22:32 - 2015-12-29 22:32 - 00521340 _____ C:\Users\note\Downloads\Fatura_012016_MICHELLE_5829_MASTER_00068718710595.PDF
2015-12-29 20:11 - 2015-12-29 20:11 - 00000000 ____D C:\Users\note\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2015-12-27 14:19 - 2015-12-27 14:19 - 00000000 ____D C:\Users\note\AppData\Roaming\Mozilla
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\Users\Todos os Usuários\Avira
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\ProgramData\Avira
2015-12-27 14:08 - 2015-12-28 10:31 - 00000000 ____D C:\Program Files (x86)\Avira
2015-12-27 14:07 - 2015-12-27 14:07 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\note\Downloads\avira_pt-br_av_56800c8996406__ws.exe
2015-12-24 19:02 - 2015-12-24 19:02 - 00000000 _____ C:\Users\note\AppData\Local\{7050444F-B692-45C6-86C3-4F016703572D}
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-19 03:39 - 2015-10-08 23:03 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-01-19 03:39 - 2015-09-28 22:23 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-19 03:37 - 2015-11-15 04:47 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{071E9C56-2647-4C90-944C-09030F262E6E}
2016-01-19 03:01 - 2015-09-28 22:23 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-18 20:09 - 2009-07-14 02:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-18 20:09 - 2009-07-14 02:45 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-18 20:08 - 2015-10-08 23:03 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-01-18 20:07 - 2015-10-08 23:03 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-01-18 20:07 - 2015-10-08 23:03 - 00000000 ____D C:\ProgramData\GbPlugin
2016-01-18 19:59 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-18 19:58 - 2015-10-18 16:48 - 00000000 ____D C:\Users\note\AppData\LocalLow\Temp
2016-01-18 19:55 - 2009-07-14 01:20 - 00000000 ____D C:\Windows
2016-01-18 18:59 - 2015-10-08 21:43 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2016-01-18 18:59 - 2015-10-08 21:43 - 00000000 ____D C:\ProgramData\MFAData
2016-01-18 15:21 - 2009-07-14 15:55 - 00708586 _____ C:\Windows\system32\prfh0416.dat
2016-01-18 15:21 - 2009-07-14 15:55 - 00148366 _____ C:\Windows\system32\prfc0416.dat
2016-01-18 15:21 - 2009-07-14 03:13 - 01642378 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-18 15:21 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-01-17 22:01 - 2009-07-14 02:45 - 00404416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-17 21:57 - 2015-10-09 06:48 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-17 21:57 - 2015-10-09 06:48 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-17 05:58 - 2015-10-09 06:32 - 00000000 ____D C:\Windows\system32\MRT
2016-01-17 05:54 - 2015-10-09 06:32 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-16 09:45 - 2015-10-10 16:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 21:34 - 2015-10-08 21:33 - 00000000 ____D C:\Users\note\AppData\Local\ElevatedDiagnostics
2016-01-14 21:14 - 2015-10-08 22:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-14 05:44 - 2014-08-04 08:49 - 00000000 ____D C:\Users\note\Documents\SENHAS
2016-01-13 21:15 - 2015-09-28 22:24 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-10 08:11 - 2015-10-10 16:47 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-05 07:42 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2016-01-02 20:49 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-02 12:05 - 2009-07-14 03:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-29 20:11 - 2015-11-25 03:52 - 00002165 _____ C:\Users\note\Desktop\Itaú.lnk
2015-12-29 20:11 - 2015-11-25 03:52 - 00000000 ____D C:\Users\note\AppData\Local\Aplicativo Itau
2015-12-27 15:37 - 2015-10-08 21:44 - 00000000 ____D C:\Users\note\AppData\Local\AvgSetupLog
2015-12-27 15:37 - 2015-09-28 21:55 - 00000000 ____D C:\Windows\Panther
2015-12-27 15:37 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\tracing
2015-12-27 15:37 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\Msdtc
2015-12-27 15:07 - 2015-09-28 22:20 - 00102184 _____ C:\Users\note\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-27 14:49 - 2015-11-20 19:19 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-27 14:49 - 2015-11-20 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-12-26 14:04 - 2015-11-15 05:05 - 01606924 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Arquivos na raiz de alguns diretórios =======
2015-12-24 19:02 - 2015-12-24 19:02 - 0000000 _____ () C:\Users\note\AppData\Local\{7050444F-B692-45C6-86C3-4F016703572D}
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-01-16 20:58
==================== Fim de FRST.txt ============================
Jose Wilson- Iniciante
- Mensagens : 47
Reputação : 1
Data de inscrição : 07/10/2013
Idade : 64
Localização : Centro - Rio de Janeiro
Re: Imagens bloqueadas
por Jose Wilson Ter 19 Jan 2016, 03:46
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:18-01-2016
Executado por note (2016-01-19 03:39:28)
Executando a partir de C:\Users\note\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-09-29 00:13:27)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2613640555-1934774403-2107965588-500 - Administrator - Disabled)
Convidado (S-1-5-21-2613640555-1934774403-2107965588-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2613640555-1934774403-2107965588-1002 - Limited - Enabled)
note (S-1-5-21-2613640555-1934774403-2107965588-1000 - Administrator - Enabled) => C:\Users\note
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: AVG AntiVirus Free Edition (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
ACDSee 15 (HKLM-x32\...\{B580C89C-F7F8-4A78-BAF0-5560C6E9E76D}) (Version: 15.2.212 - ACD Systems International Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Aplicativo Itaú (HKLM-x32\...\{DB13E590-A006-4556-8DF4-67EB5F1B2EB5}) (Version: 1.0.57 - Banco Itaú)
AVG (Version: 16.12.7294 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7294 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.196.18 - Broadcom Corporation)
Calibrize 2.0 (HKLM-x32\...\Calibrize_is1) (Version: - Colorjinn)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
EVEREST Ultimate Edition v5.30 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.30 - Lavalys, Inc.)
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Camera Codec Pack (HKLM\...\{8DEC84EB-77F9-481E-BA44-9F40C816B8FF}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {093E2D57-A343-45E3-9192-DC9ACAF5DA40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {32BDB71D-2028-473A-BD30-118812A6DFD8} - System32\Tasks\{1A6AB1AF-7E6C-49AF-A9B8-8390580FC867} => Chrome.exe
Task: {4F23A100-5E49-4825-979B-4357D54F25CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {95D67569-9E97-466E-A616-303DA928B5BD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {CA96EF50-C13E-4118-8C1F-99F6AF0BC6B2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {DBD646EB-B889-4AC5-A9BE-3C6012F52AB9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-10-08 22:06 - 2015-12-17 20:24 - 01164688 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-12-17 20:25 - 2015-12-17 20:24 - 00192912 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
2015-09-28 22:27 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2015-06-01 22:00 - 2015-06-01 22:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-08 22:06 - 2015-12-17 20:24 - 02814864 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-12-17 20:25 - 2015-12-17 20:24 - 00533904 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\log4cplusU.dll
2016-01-13 21:15 - 2016-01-12 14:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-13 21:15 - 2016-01-12 14:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\google.com -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\google.com.br -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\itau.b.br -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\itau.com.br -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\itaupersonnalite.com.br -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\itaupersonnalite.com.br -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2016-01-18 19:58 - 00000035 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\note\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.152.98.2 - 200.152.98.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{71B22E7E-2328-41D6-B43B-602FA073DD4A}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{D24CB39E-80A7-4262-A4CC-6226C15B4FAD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F62A0AE8-E5E8-41FF-9188-5256882C2CF0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{CE09D6D8-4D87-4979-9858-91F2958A9BDC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{F95F88FB-410F-4F58-8AF4-98E1AC7439E2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{E50044BF-5E8B-4BDD-8D3A-92A8736AEA9B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{66417370-1AAC-4586-8137-17B098783200}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{53CC52AA-4775-4D57-A45C-F552656657B0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{BC50B215-9512-42E0-ACFB-2B2BFE6255DA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{0AD8305B-7903-46CB-A38B-2C54B8924BDD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
10-01-2016 08:08:34 Installed Microsoft Camera Codec Pack
10-01-2016 08:13:42 Removed ACDSee 15.
10-01-2016 08:32:25 Installed ACDSee 15.
11-01-2016 21:47:32 Backup do Windows
17-01-2016 05:50:12 Windows Update
17-01-2016 21:53:29 Backup do Windows
18-01-2016 19:57:52 Restore Point Created by FRST
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Controlador de armazenamento em massa
Description: Controlador de armazenamento em massa
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Broadcom USH
Description: Broadcom USH
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controlador Ethernet
Description: Controlador Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controlador de barramento SM
Description: Controlador de barramento SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/18/2016 07:57:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {ef960123-80e4-4931-944a-259edf94ee05}
Error: (01/17/2016 09:53:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
System Error:
O arquivo já está sendo usado por outro processo.
.
Error: (01/17/2016 09:53:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
O arquivo já está sendo usado por outro processo.
.
Error: (01/14/2016 09:40:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.1.7601.17514 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: ea4
Hora de Início: 01d14a5077e9cd28
Hora de Término: 187
Caminho do Aplicativo: C:\Windows\Explorer.EXE
Id do Relatório: 276a3bca-bb18-11e5-982b-f437ba738f80
Error: (01/10/2016 08:33:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (01/10/2016 08:33:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (01/02/2016 08:35:21 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={D7F55F28-25D0-46FA-A61D-FCFCC4F3B306}: o usuário note-PC\note discou uma conexão de nome Conexão de Banda Larga que falhou. O código do erro retornado na falha é 651.
Error: (01/02/2016 08:30:19 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={C980DF15-9C42-476A-B8C0-7E1C8843BFDB}: o usuário note-PC\note discou uma conexão de nome Conexão de Banda Larga que falhou. O código do erro retornado na falha é 0.
Error: (01/02/2016 05:53:43 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={3638DDE2-E173-43CA-A58C-5AB1589D95CE}: o usuário note-PC\note discou uma conexão de nome Conexão de Banda Larga que falhou. O código do erro retornado na falha é 651.
Error: (12/30/2015 11:23:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Lightroom.exe versão 5.7.1.10 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: e8c
Hora de Início: 01d14369b60348c7
Hora de Término: 31
Caminho do Aplicativo: C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7.1\Lightroom.exe
Id do Relatório: fa38ae6c-af5c-11e5-ae5b-94f651551ba6
Erros de Sistema:
=============
Error: (01/18/2016 07:58:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORIDADE NT)
Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente.
Caminho do Módulo: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/18/2016 07:58:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORIDADE NT)
Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente.
Caminho do Módulo: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/18/2016 07:58:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORIDADE NT)
Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente.
Caminho do Módulo: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/18/2016 07:58:16 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Windows Search, mas essa ação falhou com o seguinte erro:
%%1056
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Serviço de Compartilhamento de Rede do Windows Media Player foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço AVG Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço vToolbarUpdater40.2.4 foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Adobe Acrobat Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentagem de memória em uso: 45%
RAM física total: 3977.05 MB
RAM física disponível: 2163.65 MB
Virtual Total: 7952.31 MB
Virtual disponível: 5760.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:311.94 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 465.8 GB) (Disk ID: CC2CE45E)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Executado por note (2016-01-19 03:39:28)
Executando a partir de C:\Users\note\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-09-29 00:13:27)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-2613640555-1934774403-2107965588-500 - Administrator - Disabled)
Convidado (S-1-5-21-2613640555-1934774403-2107965588-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2613640555-1934774403-2107965588-1002 - Limited - Enabled)
note (S-1-5-21-2613640555-1934774403-2107965588-1000 - Administrator - Enabled) => C:\Users\note
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: AVG AntiVirus Free Edition (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
ACDSee 15 (HKLM-x32\...\{B580C89C-F7F8-4A78-BAF0-5560C6E9E76D}) (Version: 15.2.212 - ACD Systems International Inc.)
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Aplicativo Itaú (HKLM-x32\...\{DB13E590-A006-4556-8DF4-67EB5F1B2EB5}) (Version: 1.0.57 - Banco Itaú)
AVG (Version: 16.12.7294 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4489 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7294 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.4.155 - AVG Technologies)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.196.18 - Broadcom Corporation)
Calibrize 2.0 (HKLM-x32\...\Calibrize_is1) (Version: - Colorjinn)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
EVEREST Ultimate Edition v5.30 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.30 - Lavalys, Inc.)
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
Malwarebytes Anti-Malware versão 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Camera Codec Pack (HKLM\...\{8DEC84EB-77F9-481E-BA44-9F40C816B8FF}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Warsaw 1.8.0.10356 64 bits (HKLM\...\{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1) (Version: 1.8.0.10356 - GAS Tecnologia)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {093E2D57-A343-45E3-9192-DC9ACAF5DA40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {32BDB71D-2028-473A-BD30-118812A6DFD8} - System32\Tasks\{1A6AB1AF-7E6C-49AF-A9B8-8390580FC867} => Chrome.exe
Task: {4F23A100-5E49-4825-979B-4357D54F25CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {95D67569-9E97-466E-A616-303DA928B5BD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {CA96EF50-C13E-4118-8C1F-99F6AF0BC6B2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {DBD646EB-B889-4AC5-A9BE-3C6012F52AB9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-10-08 22:06 - 2015-12-17 20:24 - 01164688 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-12-17 20:25 - 2015-12-17 20:24 - 00192912 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\loggingserver.exe
2015-09-28 22:27 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2015-06-01 22:00 - 2015-06-01 22:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-10-08 22:06 - 2015-12-17 20:24 - 02814864 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-12-17 20:25 - 2015-12-17 20:24 - 00533904 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.4\log4cplusU.dll
2016-01-13 21:15 - 2016-01-12 14:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-13 21:15 - 2016-01-12 14:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\google.com -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\google.com.br -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\itau.b.br -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\itau.com.br -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\itau.com.br -> bankline.itau.com.br
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\itaupersonnalite.com.br -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
IE trusted site: HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\itaupersonnalite.com.br -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2009-07-14 00:34 - 2016-01-18 19:58 - 00000035 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\note\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.152.98.2 - 200.152.98.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{71B22E7E-2328-41D6-B43B-602FA073DD4A}] => (Allow) C:\Program Files\Diebold\Warsaw\core.exe
FirewallRules: [{D24CB39E-80A7-4262-A4CC-6226C15B4FAD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{F62A0AE8-E5E8-41FF-9188-5256882C2CF0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{CE09D6D8-4D87-4979-9858-91F2958A9BDC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{F95F88FB-410F-4F58-8AF4-98E1AC7439E2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{E50044BF-5E8B-4BDD-8D3A-92A8736AEA9B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{66417370-1AAC-4586-8137-17B098783200}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{53CC52AA-4775-4D57-A45C-F552656657B0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{BC50B215-9512-42E0-ACFB-2B2BFE6255DA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{0AD8305B-7903-46CB-A38B-2C54B8924BDD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Pontos de Restauração =========================
10-01-2016 08:08:34 Installed Microsoft Camera Codec Pack
10-01-2016 08:13:42 Removed ACDSee 15.
10-01-2016 08:32:25 Installed ACDSee 15.
11-01-2016 21:47:32 Backup do Windows
17-01-2016 05:50:12 Windows Update
17-01-2016 21:53:29 Backup do Windows
18-01-2016 19:57:52 Restore Point Created by FRST
==================== Dispositivos Apresentando Falhas No Gerenciador =============
Name: Controlador de armazenamento em massa
Description: Controlador de armazenamento em massa
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Broadcom USH
Description: Broadcom USH
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controlador Ethernet
Description: Controlador Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Controlador de barramento SM
Description: Controlador de barramento SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (01/18/2016 07:57:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Erro do Serviço de Cópias de Sombra de Volume: erro inesperado ao consultar a interface IVssWriterCallback. hr = 0x80070005, Acesso negado.
.
Muitas vezes, isso é causado por configurações de segurança incorretas no processo gravador ou solicitante.
Operação:
Obtendo Dados do Gravador
Contexto:
Id de Classe de Gravador: {e8132975-6f93-4464-a53e-1050253ae220}
Nome do Gravador: System Writer
ID de Instância de Gravador: {ef960123-80e4-4931-944a-259edf94ee05}
Error: (01/17/2016 09:53:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.
System Error:
O arquivo já está sendo usado por outro processo.
.
Error: (01/17/2016 09:53:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Falha dos Serviços de Criptografia ao processar a chamada de OnIdentity() no Objeto de Gravador do Sistema..
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
O arquivo já está sendo usado por outro processo.
.
Error: (01/14/2016 09:40:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Explorer.EXE versão 6.1.7601.17514 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: ea4
Hora de Início: 01d14a5077e9cd28
Hora de Término: 187
Caminho do Aplicativo: C:\Windows\Explorer.EXE
Id do Relatório: 276a3bca-bb18-11e5-982b-f437ba738f80
Error: (01/10/2016 08:33:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (01/10/2016 08:33:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Assembly dependente Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.
Error: (01/02/2016 08:35:21 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={D7F55F28-25D0-46FA-A61D-FCFCC4F3B306}: o usuário note-PC\note discou uma conexão de nome Conexão de Banda Larga que falhou. O código do erro retornado na falha é 651.
Error: (01/02/2016 08:30:19 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={C980DF15-9C42-476A-B8C0-7E1C8843BFDB}: o usuário note-PC\note discou uma conexão de nome Conexão de Banda Larga que falhou. O código do erro retornado na falha é 0.
Error: (01/02/2016 05:53:43 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={3638DDE2-E173-43CA-A58C-5AB1589D95CE}: o usuário note-PC\note discou uma conexão de nome Conexão de Banda Larga que falhou. O código do erro retornado na falha é 651.
Error: (12/30/2015 11:23:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa Lightroom.exe versão 5.7.1.10 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.
ID de Processo: e8c
Hora de Início: 01d14369b60348c7
Hora de Término: 31
Caminho do Aplicativo: C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7.1\Lightroom.exe
Id do Relatório: fa38ae6c-af5c-11e5-ae5b-94f651551ba6
Erros de Sistema:
=============
Error: (01/18/2016 07:58:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORIDADE NT)
Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente.
Caminho do Módulo: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/18/2016 07:58:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORIDADE NT)
Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente.
Caminho do Módulo: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/18/2016 07:58:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: AUTORIDADE NT)
Description: Módulo de Extensibilidade de WLAN interrompido inesperadamente.
Caminho do Módulo: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/18/2016 07:58:16 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: O Gerenciador de controle de serviços tentou executar uma ação corretiva (Reiniciar o serviço) após a finalização inesperada do serviço Windows Search, mas essa ação falhou com o seguinte erro:
%%1056
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Serviço de Compartilhamento de Rede do Windows Media Player foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Warsaw Technology foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço AVG Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 0 milissegundos: Reiniciar o serviço.
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço vToolbarUpdater40.2.4 foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
Error: (01/18/2016 07:57:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: O serviço Adobe Acrobat Update Service foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
==================== Informações da Memória ===========================
Processador: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentagem de memória em uso: 45%
RAM física total: 3977.05 MB
RAM física disponível: 2163.65 MB
Virtual Total: 7952.31 MB
Virtual disponível: 5760.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:311.94 GB) NTFS ==>[drive com componentes de inicialização (obtido através de BCD)]
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 465.8 GB) (Disk ID: CC2CE45E)Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================
Jose Wilson- Iniciante
- Mensagens : 47
Reputação : 1
Data de inscrição : 07/10/2013
Idade : 64
Localização : Centro - Rio de Janeiro
Re: Imagens bloqueadas
por joram Ter 19 Jan 2016, 09:52
/!\ Bom Dia! Jose Wilson /!\
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Pelo visto,o problema ou bloqueio efetuado é inerente a locais específicos.
> Vc já contatou o Administrador do site Caterva,sobre esta ocorrência?
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > << Link
> Ps: Após a conclusão do script,reinstale o Chrome,utilizando novo setup.
> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as no desktop! ( Área de trabalho ... )
start
CloseProcesses:
HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\Run: [GoogleChromeAutoLaunch_A7DC97DA8E421CE530DA6D7F07DA8440] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
CHR Profile: C:\Users\note\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
2016-01-14 21:14 - 2015-10-08 22:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-13 21:15 - 2015-09-28 22:24 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-13 21:15 - 2016-01-12 14:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-13 21:15 - 2016-01-12 14:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
Task: {093E2D57-A343-45E3-9192-DC9ACAF5DA40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {32BDB71D-2028-473A-BD30-118812A6DFD8} - System32\Tasks\{1A6AB1AF-7E6C-49AF-A9B8-8390580FC867} => Chrome.exe
Task: {4F23A100-5E49-4825-979B-4357D54F25CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
FirewallRules: [{0AD8305B-7903-46CB-A38B-2C54B8924BDD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CreateRestorePoint:
EmptyTemp:
Reboot:
Hosts:
end
> Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
> Na mensagem,clique Executar.
> Poste o relatório! (Fixlog.txt)
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >
A+
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] >
> Pelo visto,o problema ou bloqueio efetuado é inerente a locais específicos.
> Vc já contatou o Administrador do site Caterva,sobre esta ocorrência?
> Já aqui no Índice,não vi mensagens de alerta.[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
< [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > << Link
> Ps: Após a conclusão do script,reinstale o Chrome,utilizando novo setup.
> Copie estas informações que estão em vermelho,para o Bloco de Notas.
> Salve-as com o nome fixlist. << Texto!
> Salve-as no desktop! ( Área de trabalho ... )
start
CloseProcesses:
HKU\S-1-5-21-2613640555-1934774403-2107965588-1000\...\Run: [GoogleChromeAutoLaunch_A7DC97DA8E421CE530DA6D7F07DA8440] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748360 2016-01-12] (Google Inc.)
CHR Profile: C:\Users\note\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
2016-01-14 21:14 - 2015-10-08 22:00 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-13 21:15 - 2015-09-28 22:24 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-13 21:15 - 2016-01-12 14:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-13 21:15 - 2016-01-12 14:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
Task: {093E2D57-A343-45E3-9192-DC9ACAF5DA40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {32BDB71D-2028-473A-BD30-118812A6DFD8} - System32\Tasks\{1A6AB1AF-7E6C-49AF-A9B8-8390580FC867} => Chrome.exe
Task: {4F23A100-5E49-4825-979B-4357D54F25CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
FirewallRules: [{0AD8305B-7903-46CB-A38B-2C54B8924BDD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt
AlternateDataStreams: C:\Program Files (x86)\GbPlugin:u6eBQrM0Z2K3FKLVBMG8dY3IkKT2rqFO+Sf68h8fDg==
AlternateDataStreams: C:\Windows\system32\Drivers\gbpddfac64.sys:X5ZN8aGvT4
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CreateRestorePoint:
EmptyTemp:
Reboot:
Hosts:
end
> Execute FRST/FRST64 >> Clique "Corrigir" << Aguarde!
> Na mensagem,clique Executar.
> Poste o relatório! (Fixlog.txt)
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
< Peço aos visitantes que não utilizem este script em outros computadores,sob risco de danos aos mesmos! >
A+
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Re: Imagens bloqueadas
por Jose Wilson Seg 25 Jan 2016, 23:58
Olá, boa noite.
Desculpe-me pela demora em responder.
Eu contactei o administrador do forum Caterva, e realmente o problema é com eles.
Agradeço ao amigo Joram pela ajuda e interesse.
Muito obrigado mais uma vez.
Desculpe-me pela demora em responder.
Eu contactei o administrador do forum Caterva, e realmente o problema é com eles.
Agradeço ao amigo Joram pela ajuda e interesse.
Muito obrigado mais uma vez.
Jose Wilson- Iniciante
- Mensagens : 47
Reputação : 1
Data de inscrição : 07/10/2013
Idade : 64
Localização : Centro - Rio de Janeiro
Re: Imagens bloqueadas
por joram Ter 26 Jan 2016, 00:18
Caso Resolvido!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para sua Segurança!
Leia as dicas ou orientações contidas na Cartilha de Segurança para Internet.
Caso Resolvido!
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Para sua Segurança!
Leia as dicas ou orientações contidas na Cartilha de Segurança para Internet.
Caso Resolvido!
joram- Administrador
- Mensagens : 4162
Reputação : 471
Data de inscrição : 26/01/2014
Localização : Rio de Janeiro
Página 1 de 1
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|