cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 17-08-2016
Executado por usuario (administrador) em USER (18-08-2016 08:53:13)
Executando a partir de C:\Users\usuario\Downloads
Perfis Carregados: usuario (Perfis Disponíveis: usuario)
Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(The Audacity Team) E:\Programas\Audacity\audacity.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-08-01] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2100614821-3770302112-1803748719-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-2100614821-3770302112-1803748719-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [978456 2016-08-11] (BlueStack Systems, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-01] (AVAST Software)
Startup: C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-08-13]
ShortcutTarget: Curse.lnk -> C:\Users\usuario\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{DE1D3DDA-FD51-40BC-AB7A-9A7550B775A4}: [DhcpNameServer] 192.168.25.1

Internet Explorer:
==================
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-12-23] (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-30] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-30] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\px7xty0g.default
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @raidcall.tw/RCplugin -> C:\Users\usuario\AppData\Roaming\RCTW\plugins\nprcplugin.dll [2013-06-25] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-01]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR Session Restore: Default -> está habilitado.
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-25]
CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-25]
CHR Extension: (YouTube) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-25]
CHR Extension: (The Avengers) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckfllifdbmfjehnombllbaojfdkmnpdm [2016-05-25]
CHR Extension: (Pesquisa do Google) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-05-24]
CHR Extension: (Avast SafePrice) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-08-16]
CHR Extension: (Planilhas do Google) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-24]
CHR Extension: (Documentos Google off-line) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-25]
CHR Extension: (Avast Online Security) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-26]
CHR Extension: (Google Play Music) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2016-06-06]
CHR Extension: (GBBD Guardião - Itaú 30 horas) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg [2016-05-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-24]
CHR Extension: (Gmail) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-08-01] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-08-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-08-11] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-08-11] (BlueStack Systems, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [243984 2016-02-19] (EasyAntiCheat Ltd)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [Arquivo não assinado]
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1056544 2015-01-05] (IObit)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-01] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-01] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-08-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-04] (AVAST Software)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-08-11] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [307768 2016-07-28] (Bluestack System Inc. )
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2016-05-24] (Basil Projects)
R1 XQHDrv; C:\Windows\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-08-18 08:53 - 2016-08-18 08:53 - 00014269 _____ C:\Users\usuario\Downloads\FRST.txt
2016-08-18 08:52 - 2016-08-18 08:53 - 00000000 ____D C:\FRST
2016-08-18 08:52 - 2016-08-18 08:52 - 02394624 _____ (Farbar) C:\Users\usuario\Downloads\FRST64.exe
2016-08-18 08:50 - 2016-08-18 08:50 - 01744896 _____ (Farbar) C:\Users\usuario\Downloads\FRST.exe
2016-08-18 08:40 - 2016-08-18 08:39 - 159786764 ____N C:\Users\usuario\Desktop\Gravação de áudio 2016-08-18 08-24-01.wav
2016-08-17 08:45 - 2016-08-17 08:42 - 00003011 _____ C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk
2016-08-17 08:45 - 2016-08-17 08:42 - 00001878 _____ C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk
2016-08-17 08:42 - 2016-08-17 08:42 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-08-17 08:42 - 2016-08-17 08:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-08-17 08:40 - 2016-08-17 08:40 - 00000000 ____D C:\Windows\System32\Tasks\Games
2016-08-17 08:33 - 2016-08-17 08:43 - 00000000 ____D C:\Program Files\Corel
2016-08-15 10:58 - 2016-08-18 08:44 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Audacity
2016-08-15 10:58 - 2016-08-15 10:58 - 00000000 ____D C:\Users\usuario\AppData\Local\Audacity
2016-08-15 10:56 - 2016-08-15 10:56 - 00000681 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-08-15 10:55 - 2016-08-15 10:55 - 00000681 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-08-15 10:37 - 2016-08-15 10:39 - 26496761 _____ (Audacity Team ) C:\Users\usuario\Downloads\audacity-win-2.1.2.exe
2016-08-15 10:18 - 2016-08-15 10:17 - 00081956 _____ C:\Users\usuario\Downloads\Baixaki_audacity [1].exe
2016-08-15 09:47 - 2016-08-15 09:48 - 01656720 _____ ( ) C:\Users\usuario\Downloads\Baixaki_audacity.exe
2016-08-13 23:20 - 2016-08-13 23:20 - 00002402 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_usuario
2016-08-13 23:20 - 2016-08-13 23:20 - 00001310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2016-08-13 23:20 - 2016-08-13 23:20 - 00001298 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2016-08-13 23:20 - 2016-08-13 23:20 - 00000298 _____ C:\Windows\Tasks\Uninstaller_SkipUac_usuario.job
2016-08-13 23:20 - 2016-08-13 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2016-08-13 22:58 - 2016-08-13 22:58 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Macromedia
2016-08-13 22:58 - 2016-08-13 22:58 - 00000000 ____D C:\Users\usuario\AppData\Local\Macromedia
2016-08-13 22:55 - 2016-08-13 22:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-08-13 22:53 - 2016-08-17 12:09 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2016-08-13 22:53 - 2016-08-17 12:09 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-08-13 22:53 - 2016-08-13 22:53 - 00000885 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-08-13 22:53 - 2016-08-13 22:53 - 00000885 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-08-13 22:51 - 2016-08-13 22:53 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2016-08-13 22:46 - 2016-08-13 22:57 - 00000000 ____D C:\Users\usuario\AppData\Local\Bluestacks
2016-08-13 22:21 - 2016-08-13 22:27 - 319685088 _____ (BlueStack Systems Inc.) C:\Users\usuario\Downloads\BlueStacks2_native_184dc74d751f2dfe86a5df8eb2dca62f.exe
2016-08-13 22:12 - 2016-08-13 22:19 - 319685088 _____ (BlueStack Systems Inc.) C:\Users\usuario\Downloads\Não confirmado 853753.crdownload
2016-08-13 21:43 - 2016-08-13 21:50 - 319685088 _____ (BlueStack Systems Inc.) C:\Users\usuario\Downloads\Não confirmado 5532.crdownload
2016-08-13 18:59 - 2016-08-13 18:59 - 00001050 _____ C:\Users\usuario\Desktop\Curse.lnk
2016-08-13 18:59 - 2016-08-13 18:59 - 00001036 _____ C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2016-08-13 18:58 - 2016-08-18 08:08 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Curse Client
2016-08-13 18:57 - 2016-08-13 18:57 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Curse
2016-08-13 18:52 - 2016-08-13 18:54 - 77601088 _____ (Curse) C:\Users\usuario\Downloads\CurseClientSetup.exe
2016-08-12 12:18 - 2016-08-12 12:18 - 00000690 _____ C:\Users\Public\Desktop\Line Of Sight.lnk
2016-08-12 12:18 - 2016-08-12 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Line Of Sight
2016-08-12 12:18 - 2016-02-19 01:24 - 00243984 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2016-08-11 19:47 - 2016-08-11 19:47 - 00000000 ____D C:\Users\usuario\.android
2016-08-11 19:44 - 2016-08-11 19:44 - 00000000 ____D C:\Users\usuario\Nox_share
2016-08-11 19:43 - 2016-08-11 19:44 - 00000000 ____D C:\Users\usuario\.BigNox
2016-08-11 19:43 - 2016-08-11 19:43 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2016-08-11 19:43 - 2016-08-11 19:43 - 00000000 ____D C:\Program Files\DIFX
2016-08-11 19:43 - 2015-09-16 03:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-11 19:43 - 2015-09-16 00:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-11 19:42 - 2016-08-11 19:43 - 00000000 ____D C:\Program Files\Bignox
2016-08-11 19:42 - 2016-08-11 19:42 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Nox
2016-08-11 19:41 - 2016-08-11 19:52 - 00000000 ____D C:\Users\usuario\AppData\Local\Nox
2016-08-11 18:59 - 2016-08-11 19:34 - 00000000 ____D C:\Users\usuario\.aria2
2016-08-11 18:36 - 2016-08-11 19:01 - 266510096 _____ (Duodian Technology Co. Ltd.) C:\Users\usuario\Downloads\nox_setup_v3.6.0.0_full_en.exe
2016-08-11 18:28 - 2016-08-12 19:44 - 00000000 ____D C:\Users\usuario\Documents\LevelUp Data
2016-08-11 18:28 - 2016-08-11 18:29 - 62830864 _____ C:\Users\usuario\Downloads\pokemon go (1).apk
2016-08-11 18:28 - 2016-08-11 18:28 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Level Up
2016-08-11 18:28 - 2016-08-11 18:28 - 00000000 ____D C:\Users\usuario\AppData\Local\IsolatedStorage
2016-08-11 18:28 - 2016-08-11 18:28 - 00000000 ____D C:\Users\Todos os Usuários\levelup downloader
2016-08-11 18:28 - 2016-08-11 18:28 - 00000000 ____D C:\temp
2016-08-11 18:28 - 2016-08-11 18:28 - 00000000 ____D C:\ProgramData\levelup downloader
2016-08-11 18:20 - 2016-08-12 19:45 - 00000000 ____D C:\Users\usuario\AppData\Local\Deployment
2016-08-11 18:20 - 2016-08-11 18:20 - 00000000 ____D C:\Users\usuario\AppData\Local\Apps\2.0
2016-08-11 18:19 - 2016-08-11 18:19 - 00400944 _____ () C:\Users\usuario\Downloads\lineofsight.exe
2016-08-11 17:33 - 2016-08-11 17:34 - 62830864 _____ C:\Users\usuario\Downloads\pokemon go.apk
2016-08-07 17:32 - 2016-08-07 17:32 - 00645890 _____ C:\Users\usuario\Downloads\download.htm
2016-08-03 09:19 - 2016-08-17 08:46 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Corel
2016-08-03 09:18 - 2016-08-17 08:46 - 00003312 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore
2016-08-03 09:18 - 2016-08-03 09:18 - 00000000 ____D C:\Program Files (x86)\gs
2016-08-03 09:18 - 2016-08-03 09:18 - 00000000 ____D C:\Program Files (x86)\Corel
2016-08-03 09:17 - 2016-08-03 09:17 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-08-03 09:15 - 2016-08-17 08:43 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-08-03 09:15 - 2016-08-17 08:43 - 00000000 ____D C:\ProgramData\Corel
2016-08-03 08:48 - 2016-08-03 08:48 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-08-03 08:48 - 2016-08-03 08:48 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-08-02 16:46 - 2016-08-02 16:46 - 01421025 _____ C:\Users\usuario\Desktop\ficha de cadastro SCI.pdf
2016-08-01 09:07 - 2016-08-01 13:05 - 00000000 ____D C:\Users\usuario\AppData\Local\Adobe
2016-08-01 08:09 - 2016-08-01 08:09 - 24719686 _____ C:\Users\usuario\Desktop\SCI como funciona.pdf
2016-08-01 07:53 - 2016-08-01 07:53 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-01 07:53 - 2016-08-01 07:53 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-29 16:50 - 2016-07-29 16:57 - 00234308 _____ C:\Users\usuario\Downloads\earthshaker-bindings-of-deep-magma.jpeg
2016-07-27 17:40 - 2015-03-10 16:41 - 03429558 _____ C:\Users\usuario\Downloads\01.eps
2016-07-27 17:40 - 2015-03-10 16:41 - 01261125 _____ C:\Users\usuario\Downloads\01.ai
2016-07-27 17:40 - 2015-01-12 13:06 - 00000847 ____N C:\Users\usuario\Downloads\License.txt
2016-07-27 17:38 - 2016-07-27 17:38 - 03736577 _____ C:\Users\usuario\Downloads\Analytical-and-creative-brain.zip

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-08-18 08:49 - 2016-05-25 04:43 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1A8C733C-6E79-4812-9C87-4BA75DD3B3E3}
2016-08-18 08:26 - 2016-05-24 22:05 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-18 08:00 - 2016-06-05 16:26 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Skype
2016-08-18 07:56 - 2016-06-05 16:19 - 00000000 __RDO C:\Users\usuario\OneDrive
2016-08-18 07:56 - 2016-05-24 22:05 - 00001082 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-18 07:55 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-17 23:01 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-08-17 20:30 - 2016-05-24 21:36 - 00000000 ____D C:\Users\usuario\AppData\Roaming\IObit
2016-08-17 09:15 - 2016-05-24 21:23 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2100614821-3770302112-1803748719-1001
2016-08-16 08:24 - 2016-05-24 21:54 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-15 20:50 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-08-14 13:27 - 2016-05-24 21:36 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-08-14 13:27 - 2016-05-24 21:36 - 00000000 ____D C:\ProgramData\ProductData
2016-08-13 23:20 - 2016-05-24 21:37 - 00000000 ____D C:\Users\Todos os Usuários\IObit
2016-08-13 23:20 - 2016-05-24 21:37 - 00000000 ____D C:\ProgramData\IObit
2016-08-13 23:20 - 2016-05-24 21:36 - 00000000 ____D C:\Program Files (x86)\IObit
2016-08-13 23:17 - 2016-05-24 21:18 - 00000000 ____D C:\Users\usuario
2016-08-13 22:53 - 2013-08-22 12:36 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-12 19:51 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF
2016-08-12 10:01 - 2014-03-18 07:33 - 01707228 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-12 10:01 - 2014-03-18 06:45 - 00737880 _____ C:\Windows\system32\prfh0416.dat
2016-08-12 10:01 - 2014-03-18 06:45 - 00150516 _____ C:\Windows\system32\prfc0416.dat
2016-08-10 09:18 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-10 09:18 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-08-08 19:29 - 2016-05-24 22:06 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-04 15:05 - 2016-05-24 21:54 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-03 12:29 - 2013-08-22 11:44 - 00552976 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-03 09:18 - 2016-05-25 04:50 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-08-03 09:18 - 2016-05-25 04:50 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-03 09:18 - 2013-08-22 12:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-03 08:49 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-02 19:35 - 2016-05-24 22:18 - 00003888 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1464139093
2016-08-02 19:35 - 2016-05-24 22:18 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-01 18:26 - 2016-05-30 19:27 - 00000000 ____D C:\Users\usuario\AppData\Roaming\vlc
2016-08-01 09:07 - 2016-05-24 21:36 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-08-01 09:07 - 2016-05-24 21:36 - 00000000 ____D C:\ProgramData\Adobe
2016-08-01 09:07 - 2016-05-24 21:18 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Adobe
2016-08-01 07:53 - 2016-05-24 22:13 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-08-01 07:53 - 2016-05-24 21:54 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-08-01 07:53 - 2016-05-24 21:54 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-01 07:53 - 2016-05-24 21:54 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-08-01 07:53 - 2016-05-24 21:54 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-01 07:53 - 2016-05-24 21:54 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-08-01 07:53 - 2016-05-24 21:54 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-01 07:53 - 2016-05-24 21:54 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-28 17:21 - 2016-05-24 22:05 - 00004058 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 17:21 - 2016-05-24 22:05 - 00003822 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-27 15:55 - 2016-06-05 16:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-27 15:55 - 2016-06-05 16:26 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-07-27 15:55 - 2016-06-05 16:26 - 00000000 ____D C:\ProgramData\Skype

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-08-09 10:46

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité