cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 28-05-2017
Executado por Notebook (administrador) em NOTEBOOK-PC (30-05-2017 13:44:02)
Executando a partir de C:\Users\Notebook\Desktop
Perfis Carregados: Notebook (Perfis Disponíveis: Notebook)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Windows\KMS-R@1n.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Mega Limited) C:\Users\Notebook\AppData\Local\MEGAsync\MEGAsync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files\MegaDownloader\MegaDownloader.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-06] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-10] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-12-09] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-642567197-675224764-7212141-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKU\S-1-5-21-642567197-675224764-7212141-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-642567197-675224764-7212141-1000\...\Run: [ApowersoftScreenRecorder] => C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe /autoStart
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170688 2016-12-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2016-12-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Notebook\AppData\Local\MEGAsync\ShellExtX64.dll [2017-04-26] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Notebook\AppData\Local\MEGAsync\ShellExtX64.dll [2017-04-26] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Notebook\AppData\Local\MEGAsync\ShellExtX64.dll [2017-04-26] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-10] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-10] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Notebook\AppData\Local\MEGAsync\ShellExtX32.dll [2017-04-26] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Notebook\AppData\Local\MEGAsync\ShellExtX32.dll [2017-04-26] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Notebook\AppData\Local\MEGAsync\ShellExtX32.dll [2017-04-26] ()
Startup: C:\Users\Notebook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-05-27]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Notebook\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 187.33.208.1 8.8.8.8
Tcpip\..\Interfaces\{6F8960CA-D5EE-493E-A46C-D446431699CD}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{727DD7FF-1454-4336-8CD2-81973D7049BE}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{CF1FA69E-A436-4C6A-B5A8-2E5B6E3721FA}: [DhcpNameServer] 187.33.208.1 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-642567197-675224764-7212141-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
HKU\S-1-5-21-642567197-675224764-7212141-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-04] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-11] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-04] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-11] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: zprapl9p.default
FF ProfilePath: C:\Users\Notebook\AppData\Roaming\Mozilla\Firefox\Profiles\zprapl9p.default [2017-05-30]
FF Homepage: Mozilla\Firefox\Profiles\zprapl9p.default -> hxxp://www.google.com/
FF Extension: (MEGA) - C:\Users\Notebook\AppData\Roaming\Mozilla\Firefox\Profiles\zprapl9p.default\Extensions\firefox@mega.co.nz.xpi [2017-05-27]
FF Extension: (Avast SafePrice) - C:\Users\Notebook\AppData\Roaming\Mozilla\Firefox\Profiles\zprapl9p.default\Extensions\sp@avast.com.xpi [2017-05-10]
FF Extension: (Avast Online Security) - C:\Users\Notebook\AppData\Roaming\Mozilla\Firefox\Profiles\zprapl9p.default\Extensions\wrc@avast.com.xpi [2017-05-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-642567197-675224764-7212141-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Nenhum Arquivo]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR NewTab: Profile 3 -> Not-active:"chrome-extension://choppijpibfbjjiakefcboeceikgldlo/newtab/newtab.html"
CHR Profile: C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Default [2017-04-24]
CHR Extension: (Google Docs) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-09]
CHR Extension: (Google Drive) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-09]
CHR Extension: (YouTube) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-09]
CHR Extension: (Documentos Google off-line) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-09]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2017-01-03]
CHR Extension: (Gmail) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-09]
CHR Extension: (Chrome Media Router) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-09]
CHR Profile: C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-04-24]
CHR Profile: C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-04-24]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2017-01-04]
CHR Extension: (Gmail) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-03]
CHR Extension: (Chrome Media Router) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-03]
CHR Profile: C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-05-30]
CHR Extension: (Google Apresentações) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-04]
CHR Extension: (Google Docs) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-04]
CHR Extension: (Google Drive) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-04]
CHR Extension: (YouTube) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-04]
CHR Extension: (TV Hero) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\choppijpibfbjjiakefcboeceikgldlo [2017-05-25]
CHR Extension: (Avast SafePrice) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-16]
CHR Extension: (Planilhas do Google) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-04]
CHR Extension: (Documentos Google off-line) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-04]
CHR Extension: (Avast Online Security) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-27]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-04]
CHR Extension: (Chrome Media Router) - C:\Users\Notebook\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-14]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-10] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-10] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [310496 2017-05-10] (AVAST Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [383016 2017-05-23] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [354936 2016-01-17] (Intel Corporation)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-12-09] () [Arquivo não assinado]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-02-23] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-12-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-09-03] (Microsoft Corporation)
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [311808 2017-05-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [190256 2017-05-10] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334576 2017-05-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [49016 2017-05-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-05-10] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32600 2017-05-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [128648 2017-05-10] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [29432 2017-02-15] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [507928 2017-05-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [101152 2017-05-10] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-05-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1007160 2017-05-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [569192 2017-05-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [158880 2017-05-14] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2017-02-14] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [339696 2017-05-10] (AVAST Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-12-09] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-07-24] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-28] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2017-01-20] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-05-30 13:44 - 2017-05-30 13:44 - 00021233 _____ C:\Users\Notebook\Desktop\FRST.txt
2017-05-30 13:36 - 2017-05-30 13:37 - 02429952 _____ (Farbar) C:\Users\Notebook\Desktop\FRST64.exe
2017-05-30 13:33 - 2017-05-30 13:33 - 00000000 ____D C:\Users\Notebook\Desktop\Nova pasta
2017-05-30 13:28 - 2017-05-30 13:30 - 00003376 _____ C:\Windows\System32\Tasks\DllKitPRO
2017-05-30 13:28 - 2017-05-30 13:28 - 00000000 ____D C:\Users\Notebook\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64}
2017-05-30 13:22 - 2017-05-30 13:34 - 00000000 ____D C:\Users\Notebook\Downloads\coleçao Sexta Feira 13 Dublado By Comicsnett
2017-05-30 13:20 - 2017-05-23 19:43 - 00383016 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2017-05-30 11:52 - 2017-05-30 11:52 - 00000000 ____D C:\Users\Todos os Usuários\SWCUTemp
2017-05-30 11:52 - 2017-05-30 11:52 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-30 08:07 - 2017-05-30 08:07 - 00000000 ____D C:\Users\Notebook\Desktop\Friday.The.13th.The.Game.Update.Build.b6286
2017-05-29 21:32 - 2017-05-29 21:33 - 00889416 _____ (Microsoft Corporation) C:\Users\Notebook\Downloads\dotNetFx40_Full_setup.exe
2017-05-29 21:30 - 2017-05-29 21:34 - 13310864 _____ (MEGA Limited) C:\Users\Notebook\Downloads\MEGAsyncSetup.exe
2017-05-29 21:28 - 2017-05-29 21:35 - 00000000 ____D C:\Users\Notebook\AppData\Local\MegaDownloader
2017-05-29 21:28 - 2017-05-29 21:28 - 00000891 _____ C:\Users\Public\Desktop\MegaDownloader.lnk
2017-05-29 21:28 - 2017-05-29 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader
2017-05-29 21:28 - 2017-05-29 21:28 - 00000000 ____D C:\Program Files\MegaDownloader
2017-05-29 21:10 - 2017-05-29 21:50 - 00000000 ____D C:\Users\Notebook\Downloads\Corel PaintShop Pro X9 19.2.0.7 Setup + Keygen
2017-05-29 20:58 - 2017-05-29 21:15 - 00000000 ____D C:\Users\Notebook\Downloads\3DMGAME-THE.KING.OF.FIGHTERS.XIV.CBT.Multi10.Cracked-3DM
2017-05-27 10:21 - 2017-05-27 10:21 - 00000000 ____D C:\Users\Notebook\Downloads\NARUTO.SHIPPUDEN.Ultimate.Ninja.STORM.4-CODEX
2017-05-27 09:12 - 2017-05-29 21:40 - 00000000 ____D C:\Users\Notebook\Documents\MEGAsync Downloads
2017-05-27 09:12 - 2017-05-27 09:12 - 00000000 ___RD C:\Users\Notebook\Documents\MEGA
2017-05-27 09:10 - 2017-05-29 21:35 - 00001064 _____ C:\Users\Notebook\Desktop\MEGAsync.lnk
2017-05-27 09:10 - 2017-05-29 21:35 - 00000000 ____D C:\Users\Notebook\AppData\Local\MEGAsync
2017-05-27 09:10 - 2017-05-27 09:10 - 00000000 ____D C:\Users\Notebook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2017-05-27 09:10 - 2017-05-27 09:10 - 00000000 ____D C:\Users\Notebook\AppData\Local\Mega Limited
2017-05-27 01:26 - 2017-05-27 01:27 - 2342955008 _____ C:\Users\Notebook\Downloads\Injustice Gods Among Us Ultimate Edition (Revision 2787) [BR-Repacks].ISO
2017-05-16 20:34 - 2017-05-16 20:46 - 13448788 _____ C:\Users\Notebook\Desktop\SammyWidgets.zip
2017-05-11 13:16 - 2017-05-11 13:16 - 00000000 ____D C:\Users\Notebook\AppData\LocalLow\Oracle
2017-05-10 16:28 - 2017-05-10 16:28 - 00400456 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-05-07 13:39 - 2017-05-07 23:21 - 00455182 _____ C:\Users\Notebook\Documents\polyvideo_6122.apk
2017-05-07 13:39 - 2017-05-06 15:50 - 61264680 ____N C:\Users\Notebook\Documents\Burrito Bison Launcha Libre v2.10 [MOD].apk
2017-05-07 10:02 - 2017-05-07 10:02 - 00000455 _____ C:\DADOS (D) - Atalho.lnk
2017-05-07 09:42 - 2017-05-07 10:54 - 00011367 _____ C:\Users\Notebook\Desktop\MAE.xlsx
2017-05-06 23:28 - 2017-05-06 23:28 - 00073553 _____ C:\Users\Notebook\Documents\FATURA 042017.pdf
2017-05-06 23:19 - 2017-05-07 14:00 - 00000000 ____D C:\Users\Notebook\Downloads\Doutor Estranho 2017 WWW.BLUDV.COM
2017-05-06 23:12 - 2017-05-27 01:25 - 00000000 ____D C:\Users\Notebook\Downloads\Divertida Mente (2015) 720p 5.1Ch Dublado - Alan_680
2017-05-06 23:08 - 2017-05-06 23:08 - 03299375 _____ C:\Users\Notebook\Documents\S1001_PLUS_V1.09.17317 (2).zip
2017-05-06 23:02 - 2017-05-06 23:03 - 03292569 _____ C:\Users\Notebook\Documents\S1001PLUS_V1.09.17580_29112016.zip
2017-05-06 22:49 - 2017-05-06 22:49 - 00000855 _____ C:\Users\Notebook\Documents\29-04-2017-SKS58.zip
2017-05-06 17:47 - 2017-05-06 17:47 - 00004572 _____ C:\Users\Notebook\Downloads\CodigosParaTvOnline.rar
2017-05-05 09:47 - 2017-05-05 09:47 - 596119091 _____ C:\Windows\MEMORY.DMP
2017-05-05 09:47 - 2017-05-05 09:47 - 00358792 _____ C:\Windows\Minidump\050517-20514-01.dmp
2017-05-01 13:47 - 2017-05-01 13:47 - 00000000 ____D C:\Users\Todos os Usuários\Apowersoft
2017-05-01 13:47 - 2017-05-01 13:47 - 00000000 ____D C:\ProgramData\Apowersoft
2017-05-01 12:26 - 2017-05-01 13:47 - 00000000 ____D C:\Users\Notebook\Documents\Apowersoft
2017-05-01 12:26 - 2017-05-01 13:47 - 00000000 ____D C:\Users\Notebook\AppData\Roaming\Apowersoft

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2017-05-30 13:44 - 2017-04-23 12:57 - 00000000 ____D C:\FRST
2017-05-30 13:36 - 2016-12-10 15:10 - 00000000 ____D C:\Users\Notebook\AppData\Roaming\uTorrent
2017-05-30 12:25 - 2016-12-09 14:55 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2017-05-30 12:25 - 2016-12-09 14:55 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-30 11:59 - 2009-07-14 01:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-30 11:59 - 2009-07-14 01:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-30 11:57 - 2016-12-11 07:35 - 00000000 ____D C:\Users\Notebook\AppData\LocalLow\Mozilla
2017-05-30 11:57 - 2011-04-12 10:40 - 00709718 _____ C:\Windows\system32\prfh0416.dat
2017-05-30 11:57 - 2011-04-12 10:40 - 00148956 _____ C:\Windows\system32\prfc0416.dat
2017-05-30 11:57 - 2009-07-14 02:13 - 01646072 _____ C:\Windows\system32\PerfStringBackup.INI
2017-05-30 11:57 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-05-30 11:51 - 2016-12-09 14:44 - 00000000 __SHD C:\Users\Notebook\IntelGraphicsProfiles
2017-05-30 11:51 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-05-30 04:08 - 2016-12-10 16:48 - 00000000 ____D C:\Users\Notebook\AppData\Local\ElevatedDiagnostics
2017-05-29 18:31 - 2017-01-25 13:42 - 00000000 ____D C:\Users\Notebook\Desktop\CONTAS
2017-05-26 18:33 - 2017-04-14 17:27 - 00043520 _____ C:\Users\Notebook\Desktop\Cópia de lcaixapf.xls
2017-05-24 18:48 - 2016-12-11 03:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-24 18:48 - 2016-12-09 13:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-24 17:52 - 2017-03-30 19:23 - 00000000 ____D C:\Users\Notebook\Desktop\FACULDADE
2017-05-23 16:59 - 2016-12-10 16:51 - 00000000 ____D C:\Windows\System32\Tasks\Games
2017-05-18 23:06 - 2017-02-15 18:20 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-05-16 13:27 - 2016-12-09 13:48 - 00002200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-16 13:27 - 2016-12-09 13:48 - 00002188 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-14 09:36 - 2017-02-14 21:54 - 00158880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-05-11 13:18 - 2016-12-09 13:49 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-05-11 13:18 - 2016-12-09 13:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-11 13:18 - 2016-12-09 13:49 - 00000000 ____D C:\Program Files (x86)\Java
2017-05-10 16:28 - 2017-02-14 21:57 - 00003904 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1487120237
2017-05-10 16:28 - 2017-02-14 21:54 - 00569192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-05-10 16:28 - 2017-02-14 21:54 - 00339696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-05-10 16:28 - 2017-02-14 21:54 - 00128648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-05-10 16:28 - 2017-02-14 21:54 - 00101152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-05-10 16:28 - 2017-02-14 21:54 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-05-10 16:28 - 2017-02-14 21:54 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-05-10 16:27 - 2017-02-15 18:20 - 00334576 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-05-10 16:27 - 2017-02-15 18:20 - 00311808 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-05-10 16:27 - 2017-02-15 18:20 - 00190256 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-05-10 16:27 - 2017-02-15 18:20 - 00049016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-05-10 16:27 - 2017-02-14 21:54 - 01007160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-05-10 16:27 - 2017-02-14 21:54 - 00507928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-05-10 16:27 - 2017-02-14 21:54 - 00032600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-05-10 16:17 - 2016-12-26 17:59 - 00803320 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-05-10 16:17 - 2016-12-26 17:59 - 00144888 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-10 16:17 - 2016-12-26 17:59 - 00004384 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-05-10 16:17 - 2016-12-26 17:59 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-05-10 16:17 - 2016-12-26 17:59 - 00000000 ____D C:\Windows\system32\Macromed
2017-05-07 23:29 - 2017-02-26 18:59 - 2046124557 _____ C:\Users\Notebook\Downloads\CorelDraw X8 Graphics Suite X8 Multilanguage 32 e 64 Bits PT-BR.rar
2017-05-07 01:20 - 2016-12-12 21:49 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-05-06 23:13 - 2017-04-21 20:04 - 00000000 ____D C:\Users\Notebook\Downloads\Power Rangers 2017 720p HDTS DUAL - LAPUMiAFiLMES.COM
2017-05-05 09:47 - 2017-01-19 17:39 - 00000000 ____D C:\Windows\Minidump
2017-05-05 09:44 - 2016-12-10 15:04 - 00000000 ____D C:\Users\Notebook\AppData\Local\CrashDumps
2017-05-04 09:31 - 2016-12-10 15:12 - 00000069 _____ C:\Windows\NeroDigital.ini
2017-05-03 15:30 - 2017-04-23 17:48 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-05-01 13:41 - 2016-12-10 15:12 - 00000000 ____D C:\Users\Notebook\AppData\Roaming\MPC-HC

==================== Arquivos na raiz de alguns diretórios =======

2017-02-24 19:17 - 2017-02-26 10:57 - 0000570 _____ () C:\Users\Notebook\AppData\Local\TroubleshooterConfig.json
2016-12-09 14:41 - 2016-12-09 14:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Alguns arquivos em TEMP:
====================
2017-05-11 13:16 - 2017-05-11 13:16 - 0739904 _____ (Oracle Corporation) C:\Users\Notebook\AppData\Local\Temp\jre-8u131-windows-au.exe

==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente

LastRegBack: 2017-05-23 16:52

==================== Fim de FRST.txt ============================

Publicité

Signaler le contenu de ce document

Publicité