API tools faq
paste
Advertisement
Guest User

FRST.txt

a guest
Jun 26th, 2015
466
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 29.87 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
  2. Ran by Thaís (administrator) on ANOTHERBRICK on 26-06-2015 17:09:16
  3. Running from C:\Users\Thaís\Desktop
  4. Loaded Profiles: Thaís (Available Profiles: Thaís & Emília)
  5. Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Português (Brasil)
  6. Internet Explorer Version 10 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
  15. (AMD) C:\Windows\System32\atiesrxx.exe
  16. (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
  17. (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
  18. (AMD) C:\Windows\System32\atieclxx.exe
  19. (Microsoft Corporation) C:\Windows\System32\wlanext.exe
  20. (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
  21. (Microsoft Corporation) C:\Windows\System32\rundll32.exe
  22. (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
  23. (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
  24. (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
  25. (Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
  26. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
  27. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
  28. (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
  29. (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
  30. (Microsoft Corporation) C:\Windows\System32\rundll32.exe
  31. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  32. (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
  33. (BitTorrent Inc.) C:\Users\Thaís\AppData\Roaming\BitTorrent\BitTorrent.exe
  34. (Spotify Ltd) C:\Users\Thaís\AppData\Roaming\Spotify\SpotifyWebHelper.exe
  35. (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
  36. (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
  37. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  38. (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
  39. (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
  40. (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
  41. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  42. (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
  43. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  44. (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
  45. (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
  46. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  47. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  48. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  49. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  50. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  51. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  52. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  53. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  54. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  55. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  56. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  57. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  58. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  59. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  60. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  61. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  62. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  63. (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
  64. (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coNatHst.exe
  65. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  66. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  67.  
  68.  
  69. ==================== Registry (Whitelisted) ==================
  70.  
  71. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  72.  
  73. HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2057000 2010-02-18] (Synaptics Incorporated)
  74. HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-12-04] (IDT, Inc.)
  75. HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
  76. HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe
  77. HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2711576 2014-10-03] (Sony Corporation)
  78. HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
  79. HKLM-x32\...\Run: [] => [X]
  80. Winlogon\Notify\ GbPluginAbn: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [2014-11-18] (Banco Real)
  81. Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2014-11-28] (Caixa Economica Federal)
  82. HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [BitTorrent] => C:\Users\Thaís\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-12] (BitTorrent Inc.)
  83. HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [Spotify Web Helper] => C:\Users\Thaís\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-10] (Spotify Ltd)
  84. HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
  85. HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [Google Update] => C:\Users\Thaís\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-27] (Google Inc.)
  86. HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [Google+ Auto Backup] => C:\Users\Thaís\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)
  87. HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [GoogleChromeAutoLaunch_08C5FDF9E323A43CA58AF2869C5E0FD6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
  88. HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Run: [Spotify] => C:\Users\Thaís\AppData\Roaming\Spotify\Spotify.exe [6611512 2015-03-10] (Spotify Ltd)
  89. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2014-06-08]
  90. ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
  91. Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-04-09]
  92. ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
  93. CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  94.  
  95. ==================== Internet (Whitelisted) ====================
  96.  
  97. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  98.  
  99. HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/pt-br/?ocid=iehp
  100. BHO: biogDeaal -> {222c3406-7acb-42b7-abcd-0d13a592692b} -> C:\Program Files (x86)\biogDeaal\Y4RyK9UI8jHLXK.x64.dll [2015-06-26] ()
  101. BHO: baigdeale -> {da74cd3d-7d00-4813-b262-db50d3768fdb} -> C:\Program Files (x86)\baigdeale\avqYjY76vDJ85R.x64.dll [2015-06-26] ()
  102. BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
  103. BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
  104. BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2014-11-28] (Caixa Economica Federal)
  105. BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> C:\Program Files (x86)\GbPlugin\gbiehabn.dll [2014-11-18] (Banco Real)
  106. Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-06-12] (Symantec Corporation)
  107. ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1939512 2014-11-18] (Banco Real)
  108. ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1789792 2014-11-28] (Caixa Economica Federal)
  109. Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
  110.  
  111. FireFox:
  112. ========
  113. FF ProfilePath: C:\Users\Thaís\AppData\Roaming\Mozilla\Firefox\Profiles\67eq8z68.default
  114. FF NetworkProxy: "type", 0
  115. FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-26] ()
  116. FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
  117. FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
  118. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
  119. FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll No File
  120. FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-26] ()
  121. FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1206147.dll No File
  122. FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
  123. FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
  124. FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google, Inc.)
  125. FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation)
  126. FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
  127. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
  128. FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
  129. FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Thaís\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-12-23] (Raidcall)
  130. FF Plugin-x32: @real.com/nppl3260;version=6.0.12.69 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2008-09-10] (RealNetworks, Inc.)
  131. FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.69 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2008-09-10] (RealNetworks, Inc.)
  132. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
  133. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
  134. FF Plugin HKU\S-1-5-21-3180074193-2118160070-2237393808-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Thaís\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
  135. FF Plugin HKU\S-1-5-21-3180074193-2118160070-2237393808-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Thaís\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
  136. FF Plugin HKU\S-1-5-21-3180074193-2118160070-2237393808-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Thaís\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-10] (Unity Technologies ApS)
  137. FF Plugin HKU\S-1-5-21-3180074193-2118160070-2237393808-1000: gastecnologia.com.br/sf/abn -> C:\Users\Thaís\AppData\Local\GAS Tecnologia\GBBD\npsf_abn.dll [2014-04-07] (GAS Tecnologia)
  138. FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
  139. FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn
  140. FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.2.0.38\coFFPlgn [2015-06-26]
  141. FF HKU\S-1-5-21-3180074193-2118160070-2237393808-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\Thaís\AppData\Local\GAS Tecnologia\GBBD\abn\xpi
  142. FF Extension: GBBD Banco Santander (Brasil) S.A. - C:\Users\Thaís\AppData\Local\GAS Tecnologia\GBBD\abn\xpi [2014-06-16]
  143. FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
  144.  
  145. Chrome:
  146. =======
  147. CHR dev: Chrome dev build detected! <======= ATTENTION
  148. CHR Profile: C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default
  149. CHR Extension: (YouTube) - C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-20]
  150. CHR Extension: (Google Search) - C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-20]
  151. CHR Extension: (No Name) - C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcioajokdgfncdnnhajlofmphdobjhla [2015-06-26]
  152. CHR Extension: (Norton Security Toolbar) - C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-02-20]
  153. CHR Extension: (Gmail) - C:\Users\Thaís\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-20]
  154. CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
  155. CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-22]
  156. CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
  157. CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
  158. CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-22]
  159.  
  160. ==================== Services (Whitelisted) =================
  161.  
  162. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  163.  
  164. R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2253016 2013-10-02] (Broadcom Corporation.)
  165. R2 fa6789c5; c:\Program Files (x86)\VideoCnv\Zet.dll [3752448 2014-10-26] () [File not signed]
  166. R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [555320 2014-10-31] (GAS Tecnologia)
  167. S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
  168. R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
  169. R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [485400 2014-10-03] (Sony Corporation)
  170. R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-12-04] (IDT, Inc.) [File not signed]
  171. R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-09] (Company) [File not signed]
  172. S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
  173.  
  174. ==================== Drivers (Whitelisted) ====================
  175.  
  176. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  177.  
  178. S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-10-02] (Broadcom Corporation.)
  179. R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\BASHDefs\20150625.001\BHDrvx64.sys [1648880 2015-06-16] (Symantec Corporation)
  180. R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-24] (Symantec Corporation)
  181. R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-28] (Symantec Corporation)
  182. R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-28] (Symantec Corporation)
  183. R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\IPSDefs\20150625.001\IDSvia64.sys [692984 2015-06-20] (Symantec Corporation)
  184. R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20150626.006\ENG64.SYS [138488 2015-06-23] (Symantec Corporation)
  185. R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20150626.006\EX64.SYS [2146040 2015-06-23] (Symantec Corporation)
  186. R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
  187. R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
  188. R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
  189. R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
  190. R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
  191. R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-04-11] (Symantec Corporation)
  192. R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
  193. R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
  194. R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-09-01] (GAS Tecnologia LTDA)
  195. S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  196.  
  197. ==================== NetSvcs (Whitelisted) ===================
  198.  
  199. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  200.  
  201.  
  202. ==================== One Month Created files and folders ========
  203.  
  204. (If an entry is included in the fixlist, the file/folder will be moved.)
  205.  
  206. 2015-06-26 17:09 - 2015-06-26 17:11 - 00019680 _____ C:\Users\Thaís\Desktop\FRST.txt
  207. 2015-06-26 17:08 - 2015-06-26 17:09 - 00000000 ____D C:\FRST
  208. 2015-06-26 17:06 - 2015-06-26 17:07 - 02112512 _____ (Farbar) C:\Users\Thaís\Desktop\FRST64.exe
  209. 2015-06-26 16:30 - 2015-06-26 16:30 - 00000000 ____D C:\Program Files (x86)\getuitt4CheAper
  210. 2015-06-26 16:30 - 2015-06-26 16:30 - 00000000 ____D C:\Program Files (x86)\biogDeaal
  211. 2015-06-26 16:29 - 2015-06-26 16:29 - 00000000 ____D C:\Users\Todos os Usuários\pgjjnnepillpkfikipgdanmmmnejicmd
  212. 2015-06-26 16:29 - 2015-06-26 16:29 - 00000000 ____D C:\ProgramData\pgjjnnepillpkfikipgdanmmmnejicmd
  213. 2015-06-26 16:28 - 2015-06-26 16:28 - 00000000 ____D C:\Program Files (x86)\History Calendar
  214. 2015-06-26 16:28 - 2015-06-26 16:28 - 00000000 ____D C:\Program Files (x86)\baigdeale
  215. 2015-06-26 16:27 - 2015-06-26 16:27 - 00000000 ____D C:\Users\Todos os Usuários\shopwithme
  216. 2015-06-26 16:27 - 2015-06-26 16:27 - 00000000 ____D C:\ProgramData\shopwithme
  217. 2015-06-26 16:26 - 2015-06-26 16:28 - 00000000 ____D C:\Program Files (x86)\bigedeal
  218. 2015-06-26 16:26 - 2015-06-26 16:27 - 00000000 ____D C:\Program Files (x86)\BrowSe2buY
  219. 2015-06-26 16:26 - 2015-06-26 16:26 - 00000000 ____D C:\Users\Todos os Usuários\rocketsaler
  220. 2015-06-26 16:26 - 2015-06-26 16:26 - 00000000 ____D C:\Users\Todos os Usuários\crazydeal
  221. 2015-06-26 16:26 - 2015-06-26 16:26 - 00000000 ____D C:\ProgramData\rocketsaler
  222. 2015-06-26 16:26 - 2015-06-26 16:26 - 00000000 ____D C:\ProgramData\crazydeal
  223. 2015-06-26 16:26 - 2015-06-26 16:26 - 00000000 ____D C:\Program Files (x86)\jointheshooP
  224. 2015-06-26 16:25 - 2015-06-26 16:25 - 00000000 ____D C:\Program Files (x86)\The Png Project
  225. 2015-06-26 16:24 - 2015-06-26 16:24 - 00000000 ____D C:\Users\Todos os Usuários\marketcompare
  226. 2015-06-26 16:24 - 2015-06-26 16:24 - 00000000 ____D C:\Users\Todos os Usuários\jointheshop
  227. 2015-06-26 16:24 - 2015-06-26 16:24 - 00000000 ____D C:\ProgramData\marketcompare
  228. 2015-06-26 16:24 - 2015-06-26 16:24 - 00000000 ____D C:\ProgramData\jointheshop
  229. 2015-06-26 16:23 - 2015-06-26 16:30 - 00000000 ____D C:\Users\Todos os Usuários\13663584757147550952
  230. 2015-06-26 16:23 - 2015-06-26 16:30 - 00000000 ____D C:\ProgramData\13663584757147550952
  231. 2015-06-26 16:23 - 2015-06-26 16:25 - 00000000 ____D C:\Program Files (x86)\browSuE2buy
  232. 2015-06-26 16:23 - 2015-06-26 16:23 - 00000000 ____D C:\Program Files (x86)\Markuetcomparei
  233. 2015-06-26 16:23 - 2015-06-26 16:23 - 00000000 ____D C:\Program Files (x86)\compaRenbuy
  234. 2015-06-20 11:55 - 2015-06-20 11:55 - 01599891 _____ C:\Users\Emília\Downloads\1506192004-BD.wmv
  235. 2015-06-15 18:47 - 2015-06-15 18:47 - 00711168 _____ () C:\Users\Thaís\Downloads\install_flashplayer (1).exe
  236. 2015-06-14 20:35 - 2015-06-14 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
  237. 2015-06-14 20:29 - 2015-06-14 20:29 - 15963960 _____ (Last.fm ) C:\Users\Thaís\Downloads\Last.fm-2.1.37.exe
  238. 2015-06-11 03:23 - 2015-06-11 03:24 - 261472709 _____ C:\Users\Thaís\Downloads\MOV07278 (2).MPG
  239. 2015-06-11 03:23 - 2015-06-11 03:23 - 261472709 _____ C:\Users\Thaís\Downloads\MOV07278 (1) (1).MPG
  240. 2015-06-11 03:22 - 2015-06-11 03:23 - 261472709 _____ C:\Users\Thaís\Downloads\MOV07278 (1).MPG
  241. 2015-06-11 03:22 - 2015-06-11 03:22 - 261472709 _____ C:\Users\Thaís\Downloads\MOV07278.MPG
  242. 2015-06-11 01:06 - 2015-06-11 01:06 - 00000000 ____D C:\Program Files\Common Files\AV
  243. 2015-06-09 15:04 - 2015-06-09 15:08 - 00023069 ____H C:\Users\Thaís\Downloads\~WRL3648.tmp
  244. 2015-06-07 14:29 - 2015-06-11 03:51 - 00025461 _____ C:\Users\Thaís\Downloads\amigo secreto.xlsx
  245. 2015-06-07 14:29 - 2015-06-07 14:29 - 00025110 _____ C:\Users\Thaís\Downloads\amigo secreto (1).xlsx
  246. 2015-06-05 17:55 - 2015-06-05 17:55 - 00000000 __SHD C:\found.002
  247. 2015-06-02 22:31 - 2015-06-02 22:33 - 00994304 _____ C:\Users\Thaís\Downloads\install_flashplayer.exe
  248. 2015-06-02 19:26 - 2015-06-02 21:37 - 00000000 ____D C:\tmp
  249. 2015-06-02 18:52 - 2015-06-02 18:52 - 00020915 _____ C:\Users\Thaís\Downloads\[kat.cr]the.tallest.man.on.earth.collection.4.albums.torrent
  250. 2015-06-02 18:42 - 2015-06-02 18:42 - 00012264 _____ C:\Users\Thaís\Downloads\soley_archive.torrent
  251. 2015-06-02 18:34 - 2015-06-02 18:34 - 00173515 _____ C:\Users\Thaís\Downloads\[kat.cr]junip.junip.2013.eac.log.cue.flac (1).torrent
  252. 2015-06-02 18:16 - 2015-06-02 18:16 - 07161192 _____ (FLAC To MP3, http://www.FlacMP3.net/ ) C:\Users\Thaís\Downloads\flac2mp3.exe
  253. 2015-06-02 17:44 - 2015-06-02 19:12 - 00000000 ____D C:\Users\Thaís\Downloads\Tio Chico
  254. 2015-06-02 17:43 - 2015-06-02 17:43 - 00018578 _____ C:\Users\Thaís\Downloads\[kat.cr]junip.fields.mp3.320.torrent
  255. 2015-06-02 17:42 - 2015-06-02 17:42 - 00173515 _____ C:\Users\Thaís\Downloads\[kat.cr]junip.junip.2013.eac.log.cue.flac.torrent
  256.  
  257. ==================== One Month Modified files and folders ========
  258.  
  259. (If an entry is included in the fixlist, the file/folder will be moved.)
  260.  
  261. 2015-06-26 17:08 - 2014-04-15 23:29 - 00000000 ____D C:\Users\Thaís\AppData\Roaming\BitTorrent
  262. 2015-06-26 16:52 - 2014-06-02 21:39 - 00000000 ____D C:\Users\Thaís\AppData\Local\CrashDumps
  263. 2015-06-26 16:36 - 2014-04-10 10:08 - 01975819 _____ C:\Windows\WindowsUpdate.log
  264. 2015-06-26 16:35 - 2014-06-16 20:41 - 00000000 ____D C:\Program Files (x86)\GbPlugin
  265. 2015-06-26 16:34 - 2014-05-03 16:46 - 00000000 ____D C:\Users\Thaís\AppData\Local\Spotify
  266. 2015-06-26 16:34 - 2014-05-03 16:44 - 00000000 ____D C:\Users\Thaís\AppData\Roaming\Spotify
  267. 2015-06-26 16:32 - 2015-04-09 10:09 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
  268. 2015-06-26 16:32 - 2015-02-20 14:20 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  269. 2015-06-26 16:32 - 2014-12-31 14:39 - 00012160 _____ C:\Windows\setupact.log
  270. 2015-06-26 16:32 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
  271. 2015-06-26 16:31 - 2009-07-14 01:45 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  272. 2015-06-26 16:31 - 2009-07-14 01:45 - 00020832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  273. 2015-06-26 16:30 - 2015-03-31 20:40 - 00030960 _____ C:\Users\Thaís\Documents\Livros que tenho.xlsx
  274. 2015-06-26 16:30 - 2015-02-20 14:20 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  275. 2015-06-26 16:30 - 2014-11-18 23:24 - 00000000 ____D C:\Users\Todos os Usuários\bd9ecdf1a038c4e8
  276. 2015-06-26 16:30 - 2014-11-18 23:24 - 00000000 ____D C:\ProgramData\bd9ecdf1a038c4e8
  277. 2015-06-26 16:29 - 2015-04-09 10:09 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
  278. 2015-06-26 16:29 - 2014-04-10 11:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
  279. 2015-06-26 16:29 - 2014-04-10 11:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
  280. 2015-06-26 16:18 - 2014-07-27 20:39 - 00001078 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3180074193-2118160070-2237393808-1000UA.job
  281. 2015-06-23 22:40 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
  282. 2015-06-23 01:18 - 2014-07-27 20:39 - 00001026 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3180074193-2118160070-2237393808-1000Core.job
  283. 2015-06-22 21:37 - 2015-02-20 14:21 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  284. 2015-06-22 20:35 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
  285. 2015-06-21 12:06 - 2011-04-12 10:40 - 00663804 _____ C:\Windows\system32\prfh0416.dat
  286. 2015-06-21 12:06 - 2011-04-12 10:40 - 00128094 _____ C:\Windows\system32\prfc0416.dat
  287. 2015-06-21 12:06 - 2009-07-14 02:13 - 01517030 _____ C:\Windows\system32\PerfStringBackup.INI
  288. 2015-06-21 11:45 - 2015-05-23 10:41 - 00000000 ____D C:\Users\Emília\Desktop\Chico
  289. 2015-06-20 17:45 - 2010-11-21 00:47 - 00047630 _____ C:\Windows\PFRO.log
  290. 2015-06-20 15:10 - 2015-05-23 10:53 - 00000000 ____D C:\Users\Emília\AppData\Roaming\Foxit Software
  291. 2015-06-18 02:48 - 2014-06-22 16:42 - 00000000 ____D C:\Program Files (x86)\SoulseekQt
  292. 2015-06-14 20:35 - 2014-11-29 17:25 - 00001047 _____ C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
  293. 2015-06-14 20:35 - 2014-05-03 16:31 - 00000000 ____D C:\Program Files (x86)\Last.fm
  294. 2015-06-13 10:52 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
  295. 2015-06-11 01:10 - 2014-12-17 13:44 - 00000000 ____D C:\Users\Thaís\Desktop\fotos mama~e
  296. 2015-06-02 18:34 - 2015-03-18 00:35 - 00000000 ____D C:\Users\Thaís\Downloads\Radical Face - The Family Tree - The Branches (2013) [FLAC]
  297. 2015-06-02 18:34 - 2015-03-18 00:34 - 00000000 ____D C:\Users\Thaís\Downloads\Radical Face - Ghost (2006) [FLAC]
  298. 2015-06-02 18:34 - 2015-03-10 17:36 - 00000000 ____D C:\Users\Thaís\Downloads\04 - Convoque seu Buda (2014)
  299.  
  300. ==================== Files in the root of some directories =======
  301.  
  302. 2013-02-07 09:22 - 2013-02-07 09:22 - 0050330 _____ () C:\Program Files (x86)\AntiDust.exe
  303. 2014-11-20 18:24 - 2014-12-17 23:01 - 0000004 _____ () C:\Users\Thaís\AppData\Roaming\appdataFr2.bin
  304. 2014-06-15 16:07 - 2014-06-16 20:41 - 0049014 _____ () C:\Users\Thaís\AppData\Roaming\unins000.dat
  305. 2014-06-16 20:41 - 2014-06-16 20:40 - 0811218 _____ () C:\Users\Thaís\AppData\Roaming\unins000.exe
  306. 2014-05-06 22:46 - 2014-05-06 22:46 - 0000057 _____ () C:\ProgramData\Ament.ini
  307.  
  308. Some files in TEMP:
  309. ====================
  310. C:\Users\Emília\AppData\Local\Temp\Foxit Reader Updater.exe
  311. C:\Users\Thaís\AppData\Local\Temp\jre-8u31-windows-au.exe
  312. C:\Users\Thaís\AppData\Local\Temp\ose00000.exe
  313. C:\Users\Thaís\AppData\Local\Temp\Quarantine.exe
  314. C:\Users\Thaís\AppData\Local\Temp\sqlite3.dll
  315.  
  316.  
  317. ==================== Bamital & volsnap Check =================
  318.  
  319. (There is no automatic fix for files that do not pass verification.)
  320.  
  321. C:\Windows\System32\winlogon.exe => File is digitally signed
  322. C:\Windows\System32\wininit.exe => File is digitally signed
  323. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  324. C:\Windows\explorer.exe => File is digitally signed
  325. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  326. C:\Windows\System32\svchost.exe => File is digitally signed
  327. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  328. C:\Windows\System32\services.exe => File is digitally signed
  329. C:\Windows\System32\User32.dll => File is digitally signed
  330. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  331. C:\Windows\System32\userinit.exe => File is digitally signed
  332. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  333. C:\Windows\System32\rpcss.dll => File is digitally signed
  334. C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
  335.  
  336.  
  337. LastRegBack: 2015-06-08 18:38
  338.  
  339. ==================== End of log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!