cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 20-06-2016 01
Executado por Adriano (administrador) em ADRIANO-PC (23-06-2016 20:49:31)
Executando a partir de C:\Users\Adriano\Desktop
Perfis Carregados: Adriano (Perfis Disponíveis: Adriano)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgwdsvcx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Av\avgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\Av\avgui.exe [5234960 2016-06-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\...\MountPoints2: {7adc4083-722a-11e0-9140-001d1a0372d4} - E:\autorun.exe
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\...\MountPoints2: {9c372f7d-721e-11e0-9ce7-001d1a0372d4} - E:\autorun.exe
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\...\MountPoints2: {bd8073ab-7b78-11e0-9a2e-00252280ca49} - E:\autorun.exe
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\...\MountPoints2: {dbebedbf-99fd-11e0-b057-00252280ca49} - E:\aoesetup.exe /autorun
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\...\MountPoints2: {ea3679e8-6427-11e3-9697-00252280ca49} - E:\Autorun.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{813FCCA2-0ECA-451E-A0AA-E749B5B2F800}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{813FCCA2-0ECA-451E-A0AA-E749B5B2F800}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oquefazernainternet.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oquefazernainternet.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oquefazernainternet.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.oquefazernainternet.com/
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={E4D45179-B17E-4210-AE85-1E294912A74C}&mid=2ae7ad5508b347d1bd9ad16c646423ba-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2016-06-09 12:34:31&v=4.3.1.831&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.oquefazernainternet.com/
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKU\S-1-5-21-726774660-4275501008-3342498527-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope valor está ausente
SearchScopes: HKLM -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtBzztD0C0AyEzytA0EyC0AtN0D0Tzu0StBtBtAtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1884168598
SearchScopes: HKU\S-1-5-21-726774660-4275501008-3342498527-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E4D45179-B17E-4210-AE85-1E294912A74C}&mid=2ae7ad5508b347d1bd9ad16c646423ba-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-09 12:34:31&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-726774660-4275501008-3342498527-1000 -> Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
SearchScopes: HKU\S-1-5-21-726774660-4275501008-3342498527-1000 -> {6E4DE039-41E6-E713-57A0-2077B9E7DAE3} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-726774660-4275501008-3342498527-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={E4D45179-B17E-4210-AE85-1E294912A74C}&mid=2ae7ad5508b347d1bd9ad16c646423ba-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0616av&pr=fr&d=2016-06-09 12:34:31&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-11] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-11] (Oracle Corporation)
DPF: {CAFEEFAC-0017-0000-0071-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_71-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Nenhum Arquivo

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-17]
CHR Extension: (Google Docs) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-17]
CHR Extension: (Google Drive) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-17]
CHR Extension: (YouTube) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-17]
CHR Extension: (Planilhas do Google) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-17]
CHR Extension: (Documentos Google off-line) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-17]
CHR Extension: (AdBlock) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-18]
CHR Extension: (Menu de Contexto Sci-Hub) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikeafidemepjaelcjhfdjapoldagkedm [2016-06-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-06-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-17]
CHR Extension: (Gmail) - C:\Users\Adriano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-17]
CHR HKLM\...\Chrome\Extension: [hggpkhijoeadmdfmlbdepfbngmhaldci] - C:\Program Files\DealPly\DealPly.crx
CHR HKLM\...\Chrome\Extension: [ialdollnlgfogbjjlmjkdmjdmocdhfio] - C:\Program Files\DealPly\DealPly.crx
CHR HKLM\...\Chrome\Extension: [ohhbldejoecoecfngibhhhfgilhhoilo] - C:\Users\Adriano\AppData\Local\Temp\ohhbldejoecoecfngibhhhfgilhhoilo.crx
CHR HKU\S-1-5-21-726774660-4275501008-3342498527-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Adriano\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx
CHR HKU\S-1-5-21-726774660-4275501008-3342498527-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AvgAMPS; C:\Program Files\AVG\Av\avgamps.exe [636312 2016-06-09] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\Av\avgidsagent.exe [4036128 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [890128 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\Av\avgwdsvcx.exe [592856 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2015-10-13] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Arquivo não assinado]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Arquivo não assinado]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-10-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2015-10-13] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 AR5523; C:\Windows\System32\DRIVERS\ar5523.sys [282976 2004-09-11] (Atheros Communications, Inc.) [Arquivo não assinado]
S3 ATHFMWDL; C:\Windows\System32\Drivers\ATHFMWDL.sys [43264 2004-09-11] (Windows (R) 2000 DDK provider) [Arquivo não assinado]
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [134944 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [253184 2016-05-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [207792 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [31664 2015-11-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [212736 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [287008 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [190208 2016-05-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [46848 2016-05-02] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [216320 2016-05-17] (AVG Technologies CZ, s.r.o.)
R0 Avgunivx; C:\Windows\System32\DRIVERS\avgunivx.sys [61696 2016-05-05] (AVG Technologies CZ, s.r.o.)
S3 CoachUsb; C:\Windows\System32\DRIVERS\CoachUsb.sys [50976 2004-11-24] (FotoNation Inc.) [Arquivo não assinado]
S3 CoachVc; C:\Windows\System32\DRIVERS\CoachVc.sys [44256 2004-11-24] (FotoNation Inc.) [Arquivo não assinado]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-12-13] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-10-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2015-10-13] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [458752 2007-11-08] (PixArt Imaging Inc.)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1143920 2010-08-04] (VIA Technologies, Inc.)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S0 360HookOem; system32\drivers\360HookOem.sys [X]
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BHipsEx; \??\C:\Windows\System32\drivers\BHipsEx.sys [X]
S1 Bnbase; System32\drivers\bnbasex.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-23 20:49 - 2016-06-23 20:49 - 00018982 _____ C:\Users\Adriano\Desktop\FRST.txt
2016-06-23 20:47 - 2016-06-23 20:49 - 00000000 ____D C:\FRST
2016-06-23 20:46 - 2016-06-23 20:46 - 00002810 _____ C:\Users\Adriano\Downloads\FSS.txt
2016-06-23 20:41 - 2016-06-23 20:41 - 00899584 _____ (Farbar) C:\Users\Adriano\Desktop\FSS.exe
2016-06-23 20:40 - 2016-06-23 20:41 - 01738240 _____ (Farbar) C:\Users\Adriano\Desktop\FRST.exe
2016-06-23 19:49 - 2016-06-23 19:49 - 00000989 _____ C:\Users\Adriano\Desktop\Dead Space.lnk
2016-06-23 19:48 - 2016-06-23 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space
2016-06-23 19:48 - 2016-06-23 19:48 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Dead Space_unistall
2016-06-23 19:44 - 2016-06-23 20:00 - 65444688 _____ (Microsoft Corporation) C:\Users\Adriano\Downloads\NDP46-KB3045557-x86-x64-AllOS-ENU.exe
2016-06-23 19:37 - 2016-06-23 19:48 - 00000000 ____D C:\Program Files\Dead Space
2016-06-23 01:20 - 2016-06-23 01:20 - 00000000 ____D C:\Users\Adriano\Documents\Electronic Arts
2016-06-23 01:20 - 2016-06-23 01:20 - 00000000 ____D C:\Users\Adriano\AppData\Local\Electronic Arts
2016-06-23 01:00 - 2016-06-23 01:00 - 00000000 ____D C:\Users\Adriano\Downloads\Wayward.Pines.S02E05.HDTV.x264-FLEET[rarbg]
2016-06-22 18:30 - 2016-06-22 19:19 - 00000000 ____D C:\Users\Adriano\Downloads\01 - Dead Space [2008]
2016-06-22 00:57 - 2016-06-22 00:57 - 00219819 _____ C:\Users\Adriano\Downloads\desobedienciacivil.pdf
2016-06-21 16:34 - 2016-06-21 16:34 - 01275882 _____ C:\Users\Adriano\Downloads\vineeth2016.pdf
2016-06-21 16:32 - 2016-06-21 16:32 - 01474926 _____ C:\Users\Adriano\Downloads\el-sharkawy2016.pdf
2016-06-21 01:01 - 2016-06-21 01:02 - 00000000 ____D C:\Users\Adriano\Downloads\12.Monkeys.S02E10.HDTV.x264-FLEET[rarbg]
2016-06-20 18:29 - 2016-06-20 18:30 - 03762372 _____ C:\Users\Adriano\Downloads\- DETAILED-INSTRUCTIONS-FOR-PREPARATION-OF-PAPERS---final (1).pdf
2016-06-20 18:17 - 2016-06-20 18:18 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2016-06-20 18:17 - 2016-06-20 18:17 - 00000000 ____D C:\Program Files\Microsoft Visual Studio
2016-06-20 00:13 - 2016-06-20 02:25 - 00000000 ____D C:\Users\Adriano\Downloads\Game.of.Thrones.S06E09.HDTV.x264-KILLERS[rarbg]
2016-06-19 03:18 - 2016-06-19 03:20 - 00000000 ____D C:\Users\Adriano\Documents\NFS Most Wanted
2016-06-19 03:17 - 2016-06-19 03:17 - 00002127 _____ C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2016-06-19 03:17 - 2016-06-19 03:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2016-06-19 00:30 - 2016-06-19 00:37 - 00000000 ____D C:\Users\Adriano\Downloads\Outlander.S02E11.HDTV.x264-KILLERS[rarbg]
2016-06-19 00:12 - 2016-06-23 01:52 - 00000000 ____D C:\Users\Adriano\Downloads\pandoras box
2016-06-18 23:52 - 2016-06-19 00:01 - 00000000 ____D C:\Users\Todos os Usuários\NFS Underground
2016-06-18 23:52 - 2016-06-19 00:01 - 00000000 ____D C:\ProgramData\NFS Underground
2016-06-18 23:37 - 2016-06-19 03:18 - 00000000 ____D C:\Program Files\EA GAMES
2016-06-18 22:40 - 2016-06-18 22:40 - 00116848 _____ C:\Users\Adriano\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-18 12:20 - 2016-06-18 12:20 - 00426944 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-18 04:49 - 2016-06-18 04:56 - 00000000 ____D C:\Users\Adriano\Downloads\Outcast.S01E03.HDTV.x264-KILLERS[rarbg]
2016-06-17 21:03 - 2016-06-17 21:03 - 00000000 ____D C:\Users\Todos os Usuários\StatSoft
2016-06-17 21:03 - 2016-06-17 21:03 - 00000000 ____D C:\ProgramData\StatSoft
2016-06-17 20:46 - 2016-06-23 01:25 - 00000000 ____D C:\Users\Adriano\Documents\My Games
2016-06-17 17:48 - 2016-06-17 17:48 - 00000000 ____D C:\Users\Adriano\AppData\Local\My Games
2016-06-17 02:56 - 2016-06-17 02:56 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\WinRAR
2016-06-17 02:37 - 2016-06-17 02:38 - 04007927 _____ C:\Users\Adriano\Desktop\rcsetup153.zip
2016-06-17 02:21 - 2016-06-17 02:21 - 00000000 ____D C:\Users\Adriano\AppData\Local\Skyrim
2016-06-17 00:39 - 2016-06-17 00:39 - 00000000 ____D C:\Users\Adriano\AppData\Local\NVIDIA Corporation
2016-06-17 00:20 - 2016-06-18 04:50 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Media Player Classic
2016-06-16 23:51 - 2016-06-16 23:51 - 00000001 _____ C:\Windows\system32\SI.bin
2016-06-16 20:35 - 2016-06-16 20:35 - 00000000 ____D C:\Users\Adriano\Downloads\Wayward.Pines.S02E04.HDTV.x264-KILLERS[ettv]
2016-06-15 05:03 - 2016-06-15 05:03 - 00000000 __RHD C:\Users\Adriano\AppData\Roaming\SecuROM
2016-06-15 02:05 - 2016-06-17 02:37 - 00000000 ____D C:\Users\Adriano\Downloads\The.Last.Ship.S03E02.HDTV.x264-LOL[ettv]
2016-06-15 02:05 - 2016-06-15 02:05 - 00000000 ____D C:\Users\Adriano\Downloads\Person.of.Interest.S05E12.HDTV.x264-LOL[ettv]
2016-06-14 02:29 - 2016-06-14 02:47 - 00000000 ____D C:\Users\Adriano\Downloads\12.Monkeys.S02E09.HDTV.x264-FLEET[rarbg]
2016-06-13 20:58 - 2016-06-17 02:37 - 00000000 ____D C:\Users\Adriano\Downloads\Game.of.Thrones.S06E08.HDTV.x264-KILLERS[rarbg]
2016-06-11 22:21 - 2016-06-17 02:37 - 00000000 ____D C:\Users\Adriano\Downloads\Outlander.S02E10.WEBRip.XviD-FUM[ettv]
2016-05-30 02:35 - 2016-06-17 02:37 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Sid Meier's Civilization 5
2016-05-30 02:14 - 2016-06-17 02:33 - 00000000 ____D C:\Program Files\R.G. Mechanics

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-23 20:21 - 2013-02-26 10:06 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-23 20:06 - 2011-06-16 21:13 - 00052944 _____ C:\Windows\system32\perfh00A.dat
2016-06-23 20:06 - 2011-06-16 21:13 - 00028880 _____ C:\Windows\system32\perfc00A.dat
2016-06-23 20:06 - 2011-02-18 17:36 - 00154910 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-23 20:06 - 2009-07-14 05:31 - 00050952 _____ C:\Windows\system32\prfh0416.dat
2016-06-23 20:06 - 2009-07-14 05:31 - 00026816 _____ C:\Windows\system32\prfc0416.dat
2016-06-23 20:06 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-06-23 20:02 - 2011-03-02 23:19 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-23 17:03 - 2009-07-14 01:34 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-23 17:03 - 2009-07-14 01:34 - 00017168 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-23 16:56 - 2011-03-02 23:19 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-23 16:55 - 2011-06-16 21:05 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-06-23 16:55 - 2011-06-16 21:05 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-23 16:55 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-23 12:31 - 2014-07-21 05:48 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2016-06-23 12:31 - 2014-07-21 05:48 - 00000000 ____D C:\ProgramData\MFAData
2016-06-23 01:52 - 2016-05-09 04:43 - 00000000 ____D C:\Users\Adriano\AppData\LocalLow\uTorrent
2016-06-23 01:52 - 2014-12-24 00:45 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\uTorrent
2016-06-21 20:08 - 2014-12-24 21:12 - 00000000 ____D C:\Program Files\Age of Empires II HD The Forgotten
2016-06-20 18:18 - 2011-02-19 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-06-20 18:18 - 2011-02-19 07:56 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-06-18 23:39 - 2011-02-19 17:10 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-06-18 23:36 - 2011-06-18 21:08 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\DAEMON Tools Lite
2016-06-18 23:03 - 2011-02-19 12:46 - 00000000 ____D C:\Users\Adriano\AppData\Local\Microsoft Games
2016-06-18 22:40 - 2009-07-13 23:37 - 00000000 __RHD C:\Users\Public\Libraries
2016-06-17 21:01 - 2016-03-02 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
2016-06-17 20:59 - 2011-02-18 17:25 - 00000000 ____D C:\Users\Adriano
2016-06-17 20:57 - 2011-02-19 08:46 - 00000000 ____D C:\Program Files\Windows Live
2016-06-17 20:45 - 2011-03-02 23:19 - 00000000 ____D C:\Program Files\Google
2016-06-17 20:38 - 2009-07-14 01:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-17 20:14 - 2011-02-19 20:21 - 00000000 ____D C:\Users\Adriano\AppData\Local\Google
2016-06-17 19:06 - 2016-01-28 02:50 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 19:06 - 2016-01-28 02:50 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-17 17:53 - 2011-02-19 07:58 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-17 17:53 - 2009-07-13 23:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-17 17:49 - 2016-03-02 21:19 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\VMware
2016-06-17 13:21 - 2013-02-26 10:06 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-17 13:21 - 2013-02-26 10:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-17 02:37 - 2016-03-24 00:14 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Steam
2016-06-17 02:37 - 2016-03-02 18:08 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Andy
2016-06-17 02:37 - 2015-12-17 23:16 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GWX Control Panel
2016-06-17 02:37 - 2015-11-09 15:58 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\AVG
2016-06-17 02:37 - 2015-06-28 23:13 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-17 02:37 - 2013-08-14 13:44 - 00000000 ____D C:\Users\Adriano\AppData\Local\VirtualStore
2016-06-17 02:37 - 2011-09-29 14:32 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Skype
2016-06-17 02:37 - 2011-07-05 02:27 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Foxit Software
2016-06-17 02:37 - 2011-03-21 23:48 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\ArcSoft
2016-06-17 02:37 - 2011-02-19 08:52 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-17 02:37 - 2011-02-19 08:48 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Adobe
2016-06-17 02:37 - 2011-02-19 08:41 - 00000000 ___RD C:\Users\Adriano\Virtual Machines
2016-06-17 02:36 - 2011-12-10 14:41 - 00000000 ____D C:\Users\Adriano\AppData\Local\Facebook
2016-06-17 02:36 - 2011-02-19 20:20 - 00000000 ____D C:\Users\Adriano\AppData\Local\Apps\2.0
2016-06-17 02:36 - 2011-02-19 07:56 - 00000000 ____D C:\Users\Adriano\AppData\Local\Microsoft Help
2016-06-17 02:35 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\registration
2016-06-17 02:34 - 2016-03-02 20:57 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy
2016-06-17 02:34 - 2013-11-30 00:51 - 00000000 ____D C:\Users\Adriano\AppData\Local\PunkBuster
2016-06-17 02:34 - 2011-06-01 00:26 - 00000000 ____D C:\Users\Adriano\AppData\LocalLow\Sun
2016-06-17 02:34 - 2011-02-19 10:52 - 00000000 ____D C:\Users\Adriano\AppData\Roaming\Macromedia
2016-06-17 01:09 - 2015-06-08 19:47 - 00000000 ____D C:\Users\Adriano\AppData\Local\Avg
2016-06-14 20:07 - 2014-12-10 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-06-12 02:28 - 2013-06-10 03:25 - 00000000 ____D C:\Windows\system32\directx
2016-06-11 13:49 - 2011-12-16 22:10 - 00001330 _____ C:\prefs.js
2016-06-04 13:48 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-04 13:48 - 2009-07-14 01:53 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU(85).TXT

==================== Arquivos na raiz de alguns diretórios =======

2014-08-20 20:43 - 2014-08-20 22:21 - 1177208 _____ () C:\Users\Adriano\AppData\Roaming\AndyCleanupTool.exe
2014-08-20 20:44 - 2014-08-20 22:21 - 1176696 _____ () C:\Users\Adriano\AppData\Roaming\AndyCleanVM.exe
2012-06-02 04:13 - 2012-06-02 04:13 - 0087608 _____ () C:\Users\Adriano\AppData\Roaming\inst.exe
2012-06-02 04:13 - 2012-06-02 04:13 - 0007887 _____ () C:\Users\Adriano\AppData\Roaming\pcouffin.cat
2012-06-02 04:13 - 2012-06-02 04:13 - 0001144 _____ () C:\Users\Adriano\AppData\Roaming\pcouffin.inf
2012-06-02 04:13 - 2012-06-02 04:13 - 0047360 _____ (VSO Software) C:\Users\Adriano\AppData\Roaming\pcouffin.sys
2011-03-07 21:15 - 2014-10-23 19:41 - 0139152 _____ () C:\Users\Adriano\AppData\Roaming\PnkBstrK.sys
2011-05-01 02:09 - 2014-11-17 11:44 - 0178176 _____ () C:\Users\Adriano\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Alguns arquivos em TEMP:
====================
C:\Users\Adriano\AppData\Local\Temp\AutoRun.exe
C:\Users\Adriano\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Adriano\AppData\Local\Temp\avguirn_08587955703.exe
C:\Users\Adriano\AppData\Local\Temp\eauninstall.exe
C:\Users\Adriano\AppData\Local\Temp\Need For Speed Underground_uninst.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-17 15:41

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité