Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 13-10-2016
Executado por Juliano (administrador) em JULIANO-PC (14-10-2016 18:54:49)
Executando a partir de C:\Users\Juliano\Desktop
Perfis Carregados: Juliano (Perfis Disponíveis: Juliano)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
() C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
() C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILDE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-11-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2776872 2011-08-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10357008 2011-10-18] (Intel Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9083840 2016-10-13] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1706895055-2555399755-2880598896-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-1706895055-2555399755-2880598896-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1706895055-2555399755-2880598896-1000\...\Run: [EPLTarget\P0000000000000000] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-26] (AVAST Software)
BootExecute:
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{66FF1986-DF3B-4FD0-B1A8-CE55FAEEDA08}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{FF900DC5-0E80-452D-AAEC-05A90A90C92C}: [NameServer] 192.168.15.1,200.175.5.139
Tcpip\..\Interfaces\{FF900DC5-0E80-452D-AAEC-05A90A90C92C}: [DhcpNameServer] 192.168.25.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
HKU\S-1-5-21-1706895055-2555399755-2880598896-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
HKU\S-1-5-21-1706895055-2555399755-2880598896-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
SearchScopes: HKLM -> DefaultScope valor está ausente
SearchScopes: HKLM-x32 -> DefaultScope valor está ausente
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1706895055-2555399755-2880598896-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2016-02-28] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-26] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2016-02-28] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-02-28] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-26] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-02-28] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-26]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\windows\system32\npDeployJava1.dll [2016-02-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2016-02-28] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2016-02-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-02-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-03-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default [2016-10-14]
CHR Extension: (Google Apresentações) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-28]
CHR Extension: (Tab Memory Purge) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aclmceilickagfkaddbiedcnccdkfafa [2016-06-06]
CHR Extension: (Google Docs) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-28]
CHR Extension: (Google Drive) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-28]
CHR Extension: (YouTube) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-28]
CHR Extension: (Webmail Ad Blocker) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbhfdchmklhpcngcgjmpdbjakdggkkjp [2016-05-17]
CHR Extension: (Adblock Plus) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
CHR Extension: (OneTab) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-06-07]
CHR Extension: (Google Search) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-28]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2016-02-28]
CHR Extension: (Avast SafePrice) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-09-27]
CHR Extension: (Planilhas do Google) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-28]
CHR Extension: (Stylish) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-04-04]
CHR Extension: (Documentos Google off-line) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-09]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-10-09]
CHR Extension: (Salvar no Google Drive) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2016-02-28]
CHR Extension: (Avast Online Security) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-18]
CHR Extension: (SearchPreview) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2016-08-02]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2016-07-13]
CHR Extension: (ProxyMate) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\lebpnjmmkockepeffbadcnechelmhekc [2016-02-28]
CHR Extension: (Download Master) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2016-04-13]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Adblock Pro) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2016-05-14]
CHR Extension: (Gmail) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-28]
CHR Extension: (Chrome Media Router) - C:\Users\Juliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-26] (AVAST Software)
R2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [180970 2014-08-03] () [Arquivo não assinado]
R2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [245962 2014-08-03] () [Arquivo não assinado]
R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2011-09-23] (Diskeeper Corporation)
R2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2010-12-17] () [Arquivo não assinado]
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [184320 2011-07-06] (Intel Corporation) [Arquivo não assinado]
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-12-02] ()
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [66872 2016-05-26] ()
R2 PnkBstrB; C:\windows\SysWOW64\PnkBstrB.exe [103736 2016-05-26] ()
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2015-12-02] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 aswHdsKe; C:\windows\system32\drivers\aswHdsKe.sys [79216 2016-09-04] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-26] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2016-02-28] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2011-09-23] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [80688 2011-09-23] (Diskeeper Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-15] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-04] (Intel Corporation)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2016-04-19] (Duplex Secure Ltd.)
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation) [Arquivo não assinado]
U3 aqmps6l9; C:\Windows\System32\Drivers\aqmps6l9.sys [0 ] (Microsoft Corporation) <==== ATENÇÃO (zero byte Arquivo/Pasta)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-10-14 18:54 - 2016-10-14 18:55 - 00023476 _____ C:\Users\Juliano\Desktop\FRST.txt
2016-10-14 18:54 - 2016-10-14 18:54 - 00000000 ____D C:\FRST
2016-10-14 18:53 - 2016-10-14 18:53 - 02406912 _____ (Farbar) C:\Users\Juliano\Desktop\FRST64.exe
2016-10-14 01:23 - 2016-10-14 01:23 - 00000805 _____ C:\AdwCleaner[R8].txt
2016-10-11 15:29 - 2016-10-11 15:29 - 00000000 ____D C:\Users\Juliano\Desktop\Mame HLSL Presets
2016-10-11 15:12 - 2016-10-11 16:19 - 00000000 ____D C:\Users\Juliano\Desktop\MameUI64
2016-10-05 20:37 - 2016-10-05 20:37 - 00000000 ____D C:\Users\Juliano\Desktop\Nintendo - Game Boy
2016-10-05 15:39 - 2016-10-05 15:39 - 00000000 ____D C:\Users\Juliano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetLogo 5.3.1
2016-10-05 15:38 - 2016-10-05 15:39 - 00000000 ____D C:\Program Files\NetLogo 5.3.1
2016-10-05 15:32 - 2016-10-05 15:38 - 159496372 _____ C:\Users\Juliano\Downloads\NetLogo-5.3.1-64.msi
2016-09-27 14:02 - 2016-09-27 14:02 - 00000000 ____D C:\Users\Juliano\AppData\Local\CEF
2016-09-27 13:53 - 2016-09-30 13:12 - 00003900 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1458690946
2016-09-26 20:23 - 2016-09-26 20:22 - 00391496 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-09-26 20:22 - 2016-09-26 20:22 - 00053208 _____ (AVAST Software) C:\windows\avastSS.scr
2016-09-25 21:23 - 2016-09-25 21:41 - 00007774 _____ C:\Users\Juliano\Desktop\amigos antigos face.txt
2016-09-23 19:12 - 2016-09-23 19:13 - 00000000 ____D C:\Users\Juliano\Desktop\Saturn
2016-09-23 19:12 - 2016-09-23 19:12 - 01251364 _____ C:\Users\Juliano\Desktop\SSF_012_beta_R4-916.zip
2016-09-16 02:27 - 2015-12-16 12:48 - 00000000 ____D C:\Users\Juliano\Desktop\MazeGenerator-master
2016-09-16 01:58 - 2016-09-16 01:58 - 00000000 ____D C:\Users\Juliano\Documents\.recommenders
2016-09-16 00:02 - 2016-09-28 18:01 - 00000000 ____D C:\Users\Juliano\Documents\IA_II_Algoritmo_Genetico_Labirinto
2016-09-15 17:55 - 2016-09-15 17:55 - 00000000 ____D C:\Users\Juliano\.idlerc
2016-09-13 17:37 - 2016-10-13 13:21 - 00000000 ____D C:\Users\Juliano\Documents\Packt Books
2016-09-13 17:29 - 2016-09-13 17:29 - 00000000 ____D C:\Users\Juliano\.jsfml
2016-09-13 17:26 - 2016-09-29 14:13 - 00000000 ____D C:\Users\Juliano\AppData\Local\Eclipse
2016-09-13 17:26 - 2016-09-29 14:13 - 00000000 ____D C:\Users\Juliano\.p2
2016-09-13 17:26 - 2016-09-16 01:58 - 00000000 ____D C:\Users\Juliano\.eclipse
2016-09-13 17:25 - 2016-09-13 17:26 - 00000000 ____D C:\Users\Juliano\Documents\.metadata
2016-09-13 17:24 - 2016-09-29 14:06 - 00000000 ____D C:\Users\Juliano\Desktop\eclipse
2016-09-12 15:42 - 2016-09-12 18:49 - 623902720 _____ C:\Users\Juliano\Desktop\TPrtnd-GC[86-013HDs].part1.rar
2016-09-05 02:58 - 2016-09-04 11:49 - 00079216 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2016-09-03 00:05 - 2016-10-06 02:00 - 00000000 ____D C:\Users\Juliano\Desktop\SupARC-MULTILANG-v160715
2016-09-02 23:54 - 2016-09-03 00:00 - 60631430 _____ C:\Users\Juliano\Downloads\SupARC-MULTILANG-v160715.zip
2016-08-28 19:33 - 2016-10-13 01:24 - 00006175 _____ C:\Users\Juliano\Desktop\texto elfo.txt
2016-08-26 03:25 - 2016-08-26 03:25 - 00000000 ____D C:\Users\Juliano\AppData\Roaming\fltk.org
2016-08-24 18:01 - 2016-08-24 18:09 - 497122712 _____ C:\Users\Juliano\Desktop\King of Fighters '95, The (USA).7z
2016-08-24 16:20 - 2016-08-24 16:26 - 562077964 _____ C:\Users\Juliano\Desktop\Street Fighter Collection (USA) (Disc 1).7z
2016-08-24 10:26 - 2016-08-24 10:30 - 234298029 _____ C:\Users\Juliano\Desktop\Capcom Generation - Dai 5 Shuu Kakutouka Tachi (Japan).7z
2016-08-24 10:22 - 2016-08-24 10:23 - 01381554 _____ C:\Users\Juliano\Desktop\ePSXe205.zip
2016-08-09 17:46 - 2016-10-11 15:08 - 00000000 ____D C:\Users\Juliano\Desktop\Magazine
2016-08-08 14:45 - 2016-08-08 14:45 - 00045958 _____ C:\Users\Juliano\Desktop\AM2R_1-0_torrent.torrent
2016-07-29 17:58 - 2016-07-29 17:58 - 00093350 _____ C:\Users\Juliano\Desktop\Sega-CD_Bios_USA.zip
2016-07-29 17:57 - 2016-07-29 17:57 - 00086856 _____ C:\Users\Juliano\Desktop\Sega_Mega-CD_Bios_Japan.zip
2016-07-19 19:28 - 2016-10-11 14:58 - 00000000 ____D C:\Users\Juliano\Desktop\ppsspp
2016-07-16 15:39 - 2016-07-16 15:39 - 02854912 _____ C:\Users\Juliano\Downloads\xb1usb.11059.0.140526x64.msi
2016-07-16 00:08 - 2016-07-16 00:09 - 00000000 ____D C:\KVRT_Data
2016-07-16 00:06 - 2016-07-16 00:08 - 98916696 _____ (Kaspersky Lab ZAO) C:\Users\Juliano\Downloads\KVRT.exe
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-10-14 18:55 - 2016-05-03 17:20 - 00000000 ____D C:\ProgramData\BitMeterOS
2016-10-14 18:53 - 2016-02-28 19:36 - 00000000 ____D C:\Users\Juliano\AppData\Roaming\foobar2000
2016-10-14 18:35 - 2016-03-01 00:35 - 00000913 _____ C:\windows\Tasks\EPSON XP-211 214 216 Series Update {CB347F0A-AD48-4351-8D12-A9B78D780917}.job
2016-10-14 18:35 - 2016-03-01 00:35 - 00000727 _____ C:\windows\Tasks\EPSON XP-211 214 216 Series Invitation {CB347F0A-AD48-4351-8D12-A9B78D780917}.job
2016-10-14 18:35 - 2009-07-14 02:32 - 00000000 ____D C:\windows\system32\FxsTmp
2016-10-14 16:18 - 2016-02-28 19:52 - 00001066 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-14 13:51 - 2009-07-14 01:45 - 00020992 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-14 13:51 - 2009-07-14 01:45 - 00020992 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-14 13:43 - 2009-07-14 02:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-10-14 04:11 - 2016-02-28 22:20 - 00000000 ____D C:\Users\Juliano\AppData\Roaming\uTorrent
2016-10-14 02:19 - 2012-01-31 17:23 - 00719782 _____ C:\windows\system32\prfh0416.dat
2016-10-14 02:19 - 2012-01-31 17:23 - 00149324 _____ C:\windows\system32\prfc0416.dat
2016-10-14 02:19 - 2009-07-14 02:13 - 01675202 _____ C:\windows\system32\PerfStringBackup.INI
2016-10-14 02:18 - 2009-07-14 00:20 - 00000000 ____D C:\windows\inf
2016-10-14 02:00 - 2016-02-28 17:52 - 00000000 ____D C:\Users\Juliano\AppData\Local\Adobe
2016-10-13 12:05 - 2016-02-28 19:45 - 00293352 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys
2016-10-12 01:35 - 2016-04-10 01:37 - 00001180 _____ C:\Users\Juliano\ggpo-ng.ini
2016-10-12 01:25 - 2016-04-10 01:38 - 00006503 _____ C:\Users\Juliano\ggpofba-ng.bkp.ini
2016-10-08 22:57 - 2016-04-21 18:56 - 00000000 ____D C:\Users\Juliano\Desktop\PSP ISOs
2016-10-08 12:31 - 2016-02-28 19:51 - 00000000 ___SD C:\Users\Juliano\AppData\LocalLow\Temp
2016-10-07 20:07 - 2016-02-28 23:33 - 00000000 ____D C:\Users\Juliano\Desktop\Nintendo - Super Nintendo Entertainment System
2016-10-07 19:27 - 2016-02-28 16:58 - 00000000 ____D C:\Users\Juliano
2016-10-03 19:04 - 2016-03-10 00:25 - 00000000 ____D C:\Users\Juliano\Desktop\Great Teacher Onizuka DVD 480p
2016-10-03 18:30 - 2016-02-28 19:53 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-26 20:24 - 2016-02-28 19:45 - 00969184 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2016-09-26 20:24 - 2016-02-28 19:45 - 00513632 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2016-09-26 20:23 - 2016-02-28 19:45 - 00003922 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-09-26 20:22 - 2016-02-28 19:45 - 00513496 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys.147493225558510
2016-09-26 20:22 - 2016-02-28 19:45 - 00163416 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-09-26 20:22 - 2016-02-28 19:45 - 00108816 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-09-26 20:22 - 2016-02-28 19:45 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-09-26 20:22 - 2016-02-28 19:45 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-09-26 20:22 - 2016-02-28 19:45 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-09-26 20:21 - 2016-03-22 20:55 - 00037144 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2016-09-26 20:21 - 2016-02-28 19:45 - 00969560 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.147493225165307
2016-09-23 15:31 - 2016-04-10 17:35 - 00000000 ____D C:\Users\Juliano\AppData\Roaming\Skype
2016-09-23 15:30 - 2016-02-28 16:59 - 00000000 ____D C:\ProgramData\Skype
2016-09-20 20:11 - 2009-07-14 02:08 - 00032608 _____ C:\windows\Tasks\SCHEDLGU.TXT
2016-09-16 21:21 - 2016-03-03 15:35 - 00015628 _____ C:\Users\Juliano\Desktop\Links.txt
==================== Arquivos na raiz de alguns diretórios =======
2016-02-28 17:44 - 2016-02-28 17:44 - 0000008 __RSH () C:\ProgramData\8D19940EED.sys
2016-02-28 17:44 - 2016-07-06 14:01 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
Alguns arquivos em TEMP:
====================
C:\Users\Juliano\AppData\Local\Temp\Foxit Reader Updater.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\windows\explorer.exe => O arquivo é assinado digitalmente
C:\windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\windows\system32\services.exe => O arquivo é assinado digitalmente
C:\windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-10-05 00:07
==================== Fim de FRST.txt ============================