Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:02-05-2016 01
Executado por Ballestra (administrador) em BALLESTRA-PC (02-05-2016 18:30:57)
Executando a partir de C:\Users\Ballestra\Desktop
Perfis Carregados: Ballestra (Perfis Disponíveis: Ballestra)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(© 2015 Microsoft Corporation) C:\Users\Ballestra\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\ToolbarUpdater.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft) C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Snap.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Aestan Software) C:\wamp64\wampmanager.exe
() C:\wamp64\bin\mysql\mysql5.7.9\bin\mysqld.exe
(MegaCubo) C:\Program Files (x86)\Megacubo\MegaCubo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2661672 2012-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-09-19] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-07] (Intel Corporation)
HKLM-x32\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [102568 2012-02-06] (ASUS)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-18] (ASUS)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [15872 2012-01-18] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-22] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3930384 2016-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2662472 2016-04-17] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-04-14] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Snap] => C:\Program Files (x86)\USB 2.0 PC CAMERA\Camera Snap.exe [151552 2010-08-06] (Microsoft)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-26] ()
HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240 2015-04-28] (Wondershare)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Ballestra\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=9e4be436564947d3aba2d1418c1cacad-2372e6b755063627ac32990b36c105bd6148efe1 /CMPID=1213b
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\...\Run: [AppSafe] => C:\Program Files (x86)\AppSafe\AppSafe.exe
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\...\Run: [C5EEAF292DCB225F7060002089583EC72C30E6A2._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874648 2016-04-06] (Google Inc.)
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\...\Run: [AVG-Secure-Search-Update_0215tb] => C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0215tb.exe [2794520 2015-02-25] ()
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\...\Run: [BingSvc] => C:\Users\Ballestra\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-02-23] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\...\Policies\Explorer: []
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-10-15] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-15] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavShx64.dll Nenhum Arquivo
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [S-1-5-21-1964720466-2220750990-4245027613-1000] => Proxy está habilitado.
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5D01C682-D123-409B-BC10-34CE166AC825}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9D7FCDC8-9CE5-4FD2-B52C-DCA65DF3E6A0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://prenotaonline.esteri.it/login.aspx?cidsede=600000&returnUrl=%2f
HKU\S-1-5-21-1964720466-2220750990-4245027613-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1964720466-2220750990-4245027613-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1964720466-2220750990-4245027613-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1964720466-2220750990-4245027613-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=icp&utm_campaign=install_ie&utm_content=ds&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&ts=1435173469&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1964720466-2220750990-4245027613-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=icp&utm_campaign=install_ie&utm_content=ds&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&ts=1435173469&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1964720466-2220750990-4245027613-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=icp&utm_campaign=install_ie&utm_content=ds&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&ts=1435173469&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1964720466-2220750990-4245027613-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=icp&utm_campaign=install_ie&utm_content=ds&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX&ts=1435173469&type=default&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-10-26] (Wondershare)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-05] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19] (Atheros Commnucations)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\19.4.0.508\AVG SafeGuard toolbar_toolbar.dll [2016-04-17] (AVG Secure Search)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-05] (Oracle Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\19.4.0.508\AVG SafeGuard toolbar_toolbar.dll [2016-04-17] (AVG Secure Search)
Toolbar: HKU\S-1-5-21-1964720466-2220750990-4245027613-1000 -> Sem Nome - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Nenhum Arquivo
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.4.0\ViProtocol.dll [2016-04-17] (AVG Secure Search)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Nenhum Arquivo
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1435173424&z=23e3f7efc61c5ff093f6811g9z8cfw4gem6cez6o1z&from=icp&uid=HitachiXHTS547575A9E384_J2540054FH5AMEFH5AMEX
FireFox:
========
FF ProfilePath: C:\Users\Ballestra\AppData\Roaming\Mozilla\Firefox\Profiles\v73t30j4.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=pt-br
www.google.com.br
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll [2013-10-25] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.4.0\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-15] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1964720466-2220750990-4245027613-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Ballestra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1964720466-2220750990-4245027613-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ballestra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-09] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Ballestra\AppData\Roaming\Mozilla\Firefox\Profiles\v73t30j4.default\searchplugins\bing-.xml [2016-02-23]
FF Extension: Bing Search - C:\Users\Ballestra\AppData\Roaming\Mozilla\Firefox\Profiles\v73t30j4.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-02-23]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2016-03-01] [não assinado]
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com.br/","hxxp://netflix.com/","hxxps://prenotaonline.esteri.it/login.aspx?cidsede=600000&returnUrl=%2f"
CHR Profile: C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (FeedSquares - Supercharge your Google Reader) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkahgkblobiogkkeedfnjkldecloidi [2014-09-06]
CHR Extension: (NewsBlur) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchdledhagjbhhodjjhiclbnaioljomj [2014-09-06]
CHR Extension: (Facebook Invite All) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2016-01-19]
CHR Extension: (Skype) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Profile: C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Apresentações) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-04]
CHR Extension: (Google Docs) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-04]
CHR Extension: (Google Drive) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-04]
CHR Extension: (YouTube) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-04]
CHR Extension: (Google Search) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-04]
CHR Extension: (Planilhas do Google) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-04]
CHR Extension: (Documentos Google off-line) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Skype) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-26]
CHR Extension: (Planeador de ambientes) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcafejemebbngbglfoinpoaannbihjna [2016-03-04]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Ballestra\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-16] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [Arquivo não assinado]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [638456 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3993088 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1074448 2016-04-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [593880 2016-04-06] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [Arquivo não assinado]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Arquivo não assinado]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-12-12] () [Arquivo não assinado]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2938880 2012-05-18] (PACE Anti-Piracy, Inc.) [Arquivo não assinado]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 vToolbarUpdater19.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\ToolbarUpdater.exe [1888328 2016-04-17] (AVG Secure Search)
R3 wampmysqld64; C:\wamp64\bin\mysql\mysql5.7.9\bin\mysqld.exe [38587904 2015-10-12] () [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [Arquivo não assinado]
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [Arquivo não assinado]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [35968 2011-12-21] (Windows (R) Win 7 DDK provider)
R3 AsusVTouch; C:\Windows\System32\DRIVERS\AsusVTouch.sys [16512 2011-11-07] (Windows (R) Win 7 DDK provider)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [306976 2016-03-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [246560 2016-03-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71456 2016-03-08] (AVG Technologies CZ, s.r.o.)
S3 cpuz138; C:\Users\Ballestra\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2016-03-03] (CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-10-17] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-10-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R2 VBoxDrv; C:\Program Files (x86)\YouWave Android\vb\VBoxDrv.sys [202592 2011-11-19] (Oracle Corporation)
R3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2015-02-27] (Wondershare)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-05-02 18:30 - 2016-05-02 18:32 - 00037527 _____ C:\Users\Ballestra\Desktop\FRST.txt
2016-05-02 18:28 - 2016-05-02 18:29 - 02377216 _____ (Farbar) C:\Users\Ballestra\Desktop\FRST64.exe
2016-05-02 18:19 - 2016-05-02 18:19 - 01034556 _____ C:\Users\Ballestra\Desktop\Windows6.1-KB2999226-x64.msu
2016-05-02 18:17 - 2016-05-02 18:17 - 00000000 ____D C:\Users\Ballestra\AppData\Local\MegaCubo
2016-05-02 18:15 - 2016-05-02 18:15 - 01011280 _____ (www.megacubo.net ) C:\Users\Ballestra\Desktop\Megacubo_12-0-0.exe
2016-05-02 18:15 - 2016-05-02 18:15 - 00001011 _____ C:\Users\Public\Desktop\Megacubo.lnk
2016-05-02 18:15 - 2016-05-02 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megacubo
2016-05-02 18:15 - 2016-05-02 18:15 - 00000000 ____D C:\Program Files (x86)\Megacubo
2016-05-02 11:28 - 2016-05-02 11:28 - 00229276 _____ C:\Users\Ballestra\Relatório de despesas - Frango Caipira - ABRIL 2016.pdf
2016-04-30 20:04 - 2016-04-30 20:04 - 00383562 _____ C:\bootmgr
2016-04-30 08:59 - 2016-04-30 08:59 - 00000000 ____D C:\Users\Ballestra\AppData\Local\Disc_Soft_Ltd
2016-04-30 08:48 - 2016-04-30 08:48 - 00000000 ____D C:\Users\Todos os Usuários\Astroburn Lite
2016-04-30 08:48 - 2016-04-30 08:48 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-04-30 08:48 - 2016-04-30 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
2016-04-30 08:48 - 2016-04-30 08:48 - 00000000 ____D C:\ProgramData\Astroburn Lite
2016-04-30 08:48 - 2016-04-30 08:48 - 00000000 ____D C:\Program Files\Astroburn Lite
2016-04-29 19:24 - 2016-05-02 18:30 - 00000000 ____D C:\FRST
2016-04-29 19:11 - 2015-05-29 10:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-04-29 19:11 - 2015-05-29 10:28 - 00007680 _____ (Microsoft Corporation) C:\Users\Ballestra\Desktop\api-ms-win-crt-runtime-l1-1-0.dll
2016-04-27 22:21 - 2016-04-27 22:25 - 00001445 _____ C:\Users\Public\Desktop\Wampserver64.lnk
2016-04-27 22:21 - 2016-04-27 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver64
2016-04-27 22:19 - 2016-04-27 22:20 - 00000000 ____D C:\wamp64
2016-04-23 12:58 - 2016-04-23 13:00 - 129175152 _____ C:\Users\Ballestra\Desktop\Anahita - Veja como Criar a sua Rede Social - Passo a Passo.mp4
2016-04-22 19:13 - 2016-04-22 19:13 - 00339775 _____ C:\Users\Ballestra\Desktop\pip-pe-a-rede-social-da-gastronomia-a-descoberta-15333-mshvsg.pdf
2016-04-22 17:24 - 2016-04-22 17:25 - 00000000 ____D C:\Users\Ballestra\Desktop\Fotos Olivia
2016-04-20 17:47 - 2016-04-20 17:47 - 00062268 _____ C:\Users\Ballestra\Desktop\food.psd
2016-04-08 12:56 - 2016-04-08 14:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-07 12:55 - 2016-04-07 12:56 - 00098767 _____ C:\Users\Ballestra\Downloads\Fatura (7).PDF
2016-04-07 10:13 - 2016-04-07 10:13 - 00004613 _____ C:\Users\Ballestra\Downloads\The+Witch+2016+BluRay.x264-DEViSE.torrent
2016-04-06 14:17 - 2016-04-06 14:17 - 00077422 _____ C:\Users\Ballestra\Desktop\Relatório de despesas - Frango Caipira - ABRIL 2016 - 01.pdf
2016-04-04 10:07 - 2016-04-04 10:08 - 00281710 _____ C:\Users\Ballestra\Downloads\Fatura.pdf
2016-03-30 12:39 - 2016-03-30 12:41 - 00078210 _____ C:\Users\Ballestra\Desktop\Relatório de despesas - Frango Caipira - MARÇO 2016.pdf
2016-03-19 12:40 - 2016-03-19 12:40 - 00000000 ____D C:\Users\Ballestra\Desktop\OLIVIA VIDEOS
2016-03-16 14:54 - 2016-03-16 14:54 - 00053576 _____ C:\Users\Ballestra\Desktop\TODA-A-TERRA-CANTARÁ.pdf
2016-03-16 14:52 - 2016-03-16 14:52 - 00337631 _____ C:\Users\Ballestra\Desktop\LINDO JESUS.pdf
2016-03-08 17:12 - 2016-03-08 17:12 - 00306976 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2016-03-08 17:12 - 2016-03-08 17:12 - 00071456 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avguniva.sys
2016-03-08 16:06 - 2016-03-08 16:06 - 00042972 _____ C:\Users\Ballestra\Desktop\COZINHEIRO INDUSTRIAL - TURMAS M12015 (254612) (cód. QUA-P-0000042015) (MTE).xlsx
2016-03-08 16:01 - 2016-03-08 16:01 - 00005482 _____ C:\Users\Ballestra\Downloads\Bradesco_08032016_160158.pdf
2016-03-08 07:05 - 2016-03-08 07:05 - 00000000 __SHD C:\found.000
2016-03-07 14:39 - 2016-03-07 14:39 - 00246560 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2016-03-07 14:17 - 2016-03-07 14:17 - 00078251 _____ C:\Users\Ballestra\Desktop\Relatório de despesas - Frango Caipira - FEVEREIRO E MARÇO.pdf
2016-03-07 13:37 - 2016-03-07 13:37 - 00098792 _____ C:\Users\Ballestra\Downloads\fatura_atual.pdf
2016-03-07 13:24 - 2016-03-07 13:24 - 00278662 _____ C:\Users\Ballestra\Downloads\Fatura (6).pdf
2016-03-07 02:42 - 2016-03-07 02:42 - 00011462 _____ C:\Users\Ballestra\Downloads\[kat.cr]room.2015.1080p.bluray.eng.darkzei.torrent
2016-03-07 02:39 - 2016-03-07 02:39 - 00018031 _____ C:\Users\Ballestra\Downloads\[kat.cr]divertida.mente.2015.1080p.bluray.dual.dublado.lapumia.torrent
2016-03-07 02:31 - 2016-03-07 02:32 - 00310987 _____ C:\Users\Ballestra\Downloads\[kat.cr]the.hateful.eight.2015.720p.brrip.xvid.ac3.legi0n.torrent
2016-03-07 02:29 - 2016-03-07 02:29 - 00018821 _____ C:\Users\Ballestra\Downloads\[kat.cr]spotlight.2015.720p.blu.rayx256.dextro.torrent
2016-03-05 23:41 - 2016-03-05 23:42 - 02015732 _____ C:\Users\Ballestra\Desktop\Brochure_ALMA_2014.pdf
2016-03-04 12:28 - 2016-03-04 12:28 - 00263445 _____ C:\Users\Ballestra\Downloads\Battesimo dell'aria - diploma (02) 11.09.10 FINAL_tcm110-15078 (1).pdf
2016-03-02 21:39 - 2016-03-02 21:39 - 00079913 _____ C:\Users\Ballestra\Desktop\CRONOGRAMA COZINHEIRO INDUSTRIAL.pdf
2016-03-02 20:55 - 2016-03-02 20:55 - 00390987 _____ C:\Users\Ballestra\Downloads\Mestre - Rafel Bicudo (1) (2).pdf
2016-03-01 17:22 - 2016-03-01 17:22 - 00001464 _____ C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
2016-03-01 17:22 - 2016-03-01 17:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2016-03-01 17:22 - 2015-02-27 14:38 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2016-03-01 17:22 - 2015-02-27 14:38 - 00214528 _____ () C:\Windows\SysWOW64\WSCM32.dll
2016-03-01 17:21 - 2016-03-01 17:21 - 00000000 ____D C:\Users\Ballestra\Desktop\Wondershare Video Converter Ultimate v8.5.0.5 [ENG] [Serial] [AT-TEAM]
2016-03-01 17:03 - 2016-03-01 17:03 - 00001190 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2016-03-01 17:03 - 2016-03-01 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-03-01 17:03 - 2008-08-18 18:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2016-03-01 17:02 - 2016-03-01 17:02 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2016-03-01 16:58 - 2016-03-01 17:02 - 17172816 _____ (DsNET Corp ) C:\Users\Ballestra\Downloads\atube-catcher-3-8-8007-multi-win.exe
2016-03-01 16:12 - 2016-03-01 16:12 - 00000000 ____D C:\Program Files\Common Files\Wondershare
2016-03-01 16:10 - 2016-03-01 16:10 - 33989302 _____ C:\Users\Ballestra\Downloads\WonderShare Converter + Crack.rar
2016-03-01 15:20 - 2016-03-01 15:23 - 00000000 ____D C:\Users\Ballestra\Documents\Wondershare Video Converter Ultimate
2016-03-01 15:20 - 2016-03-01 15:20 - 00000000 ____D C:\Users\Ballestra\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2016-03-01 15:19 - 2016-03-14 23:37 - 00000000 ____D C:\Users\Ballestra\Documents\Wondershare MediaServer
2016-03-01 15:19 - 2016-03-01 17:27 - 00000000 ____D C:\Users\Ballestra\AppData\Roaming\Wondershare Video Converter Ultimate
2016-03-01 15:19 - 2016-01-19 17:15 - 00000232 _____ C:\Windows\SysWOW64\dllhost.exe.config
2016-03-01 15:18 - 2016-03-14 22:38 - 00000000 ____D C:\Users\Todos os Usuários\Wondershare Video Converter Ultimate
2016-03-01 15:18 - 2016-03-14 22:38 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2016-03-01 15:18 - 2016-03-01 17:22 - 00000000 ____D C:\Users\Todos os Usuários\Wondershare
2016-03-01 15:18 - 2016-03-01 17:22 - 00000000 ____D C:\ProgramData\Wondershare
2016-03-01 15:18 - 2016-03-01 17:22 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-03-01 15:18 - 2015-02-27 14:54 - 00031080 _____ (Wondershare) C:\Windows\system32\Drivers\VirtualAudio.sys
2016-03-01 15:10 - 2016-03-01 15:17 - 50831240 _____ (Wondershare Software ) C:\Users\Ballestra\Downloads\video-converter-ultimate_full872.exe
2016-02-29 15:13 - 2016-02-29 15:13 - 00018959 _____ C:\Users\Ballestra\Downloads\sandra.zip
2016-02-29 15:12 - 2016-02-29 15:12 - 00046664 _____ C:\Users\Ballestra\Downloads\julies.zip
2016-02-29 15:12 - 2016-02-29 15:12 - 00046555 _____ C:\Users\Ballestra\Downloads\a_little_sunshine.zip
2016-02-29 15:12 - 2016-02-29 15:12 - 00020949 _____ C:\Users\Ballestra\Downloads\abigail_print.zip
2016-02-29 15:12 - 2016-02-29 15:12 - 00016634 _____ C:\Users\Ballestra\Downloads\asimplelife.zip
2016-02-29 15:12 - 2016-02-29 15:12 - 00013760 _____ C:\Users\Ballestra\Downloads\teen_dreem_magazeen.zip
2016-02-29 15:12 - 2016-02-29 15:12 - 00011395 _____ C:\Users\Ballestra\Downloads\a_little_pot.zip
2016-02-29 15:11 - 2016-02-29 15:11 - 00118558 _____ C:\Users\Ballestra\Downloads\a_gentle_touch.zip
2016-02-23 12:50 - 2016-02-23 12:50 - 00000000 ____D C:\Users\Ballestra\Tracing
2016-02-23 12:49 - 2016-05-02 21:03 - 00000000 ____D C:\Users\Ballestra\AppData\Roaming\Skype
2016-02-23 12:49 - 2016-02-23 12:49 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-02-23 12:49 - 2016-02-23 12:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-23 12:49 - 2016-02-23 12:49 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-02-23 12:49 - 2016-02-23 12:49 - 00000000 ____D C:\ProgramData\Skype
2016-02-23 12:49 - 2016-02-23 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-23 12:46 - 2016-02-23 12:46 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Ballestra\Downloads\SkypeSetup.exe
2016-02-23 12:35 - 2016-02-23 12:35 - 00000886 _____ C:\Users\Public\Desktop\Camera Capture.lnk
2016-02-23 12:35 - 2016-02-23 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB2.0 PC CAMERA
2016-02-23 12:35 - 2016-02-23 12:35 - 00000000 ____D C:\Program Files (x86)\USB 2.0 PC CAMERA
2016-02-23 12:35 - 2010-07-16 13:42 - 00053704 _____ (usb camera) C:\Windows\system32\Drivers\usbcamcl.sys
2016-02-23 12:35 - 2010-05-11 17:34 - 00061440 _____ C:\Windows\SysWOW64\face.ax
2016-02-23 12:35 - 2009-10-31 14:53 - 08672840 _____ (ark) C:\Windows\system32\Drivers\PictureDll.sys
2016-02-23 12:35 - 2009-04-22 10:54 - 00381512 _____ (ark) C:\Windows\system32\Drivers\FaceDll.sys
2016-02-23 12:35 - 2009-04-22 10:54 - 00014408 _____ (ark) C:\Windows\system32\Drivers\FilterDll.sys
2016-02-23 12:35 - 2009-04-22 10:53 - 00038472 _____ (usb camera) C:\Windows\system32\Drivers\usbDecode.sys
2016-02-23 12:35 - 2001-05-11 13:18 - 00420240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4c32.dll
2016-02-23 12:34 - 2016-02-23 12:34 - 00003210 _____ C:\Windows\System32\Tasks\{385E6102-782B-4EFD-9119-4DC28CB42396}
2016-02-23 12:32 - 2016-02-23 12:33 - 20453301 _____ C:\Users\Ballestra\Downloads\webcam_driver.zip
2016-02-23 11:57 - 2016-02-23 11:57 - 00000796 _____ C:\Users\Public\Desktop\Speccy.lnk
2016-02-23 11:57 - 2016-02-23 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-02-23 11:57 - 2016-02-23 11:57 - 00000000 ____D C:\Program Files\Speccy
2016-02-23 11:56 - 2016-02-23 11:57 - 05111240 _____ (Piriform Ltd) C:\Users\Ballestra\Downloads\spsetup129.exe
2016-02-19 11:51 - 2016-02-19 11:52 - 02439357 _____ C:\Users\Ballestra\Downloads\DD_Comic_Style_Illustration_65650.zip
2016-02-19 11:48 - 2016-02-19 11:51 - 05158803 _____ C:\Users\Ballestra\Downloads\DD_Comic_Pow_Illustration_09567.zip
2016-02-17 20:53 - 2016-02-17 20:53 - 00047647 _____ C:\Users\Ballestra\Downloads\NADA VAI ME SEPARAR )YOUR LOVE NEVER FAILS) - Jesus Culture (versão Nívea Soares).pdf
2016-02-17 18:06 - 2016-02-17 18:06 - 00037888 _____ C:\Users\Ballestra\Downloads\13-TG-PRI (1).dot
2016-02-17 18:05 - 2016-02-17 18:05 - 00037888 _____ C:\Users\Ballestra\Downloads\13-TG-PRI.dot
2016-02-16 16:07 - 2016-02-16 16:07 - 00162592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2016-02-16 16:05 - 2016-02-16 16:05 - 00360736 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2016-02-15 20:43 - 2016-02-15 20:43 - 00103454 _____ C:\Users\Ballestra\Downloads\FAQ MM EARN_16JUN2015_EN_tcm110-17425.pdf
2016-02-15 20:11 - 2016-02-15 20:11 - 00775904 _____ C:\Users\Ballestra\Downloads\FAQ MM_CONTO_16JUN2015_EN_tcm110-17423 (1).pdf
2016-02-15 20:10 - 2016-02-15 20:10 - 00775904 _____ C:\Users\Ballestra\Downloads\FAQ MM_CONTO_16JUN2015_EN_tcm110-17423.pdf
2016-02-15 11:15 - 2016-02-15 11:15 - 00263445 _____ C:\Users\Ballestra\Downloads\Battesimo dell'aria - diploma (02) 11.09.10 FINAL_tcm110-15078.pdf
2016-02-15 08:21 - 2016-02-15 08:21 - 00000708 _____ C:\Users\Ballestra\Downloads\Bibliotecas - Atalho.lnk
2016-02-11 13:53 - 2016-02-11 13:53 - 15185006 _____ C:\Users\Ballestra\Desktop\Sem título-1.cdr
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-05-02 21:14 - 2015-06-29 10:26 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-02 21:14 - 2015-06-29 10:26 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-02 21:14 - 2015-06-29 10:20 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-02 21:06 - 2009-07-14 01:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-02 21:06 - 2009-07-14 01:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-02 21:02 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2016-05-02 21:02 - 2013-12-08 15:55 - 00000000 ____D C:\ProgramData\MFAData
2016-05-02 20:58 - 2013-10-17 19:15 - 00000380 _____ C:\Users\Ballestra\AppData\Roaming\sp_data.sys
2016-05-02 20:57 - 2015-06-29 10:20 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-02 20:57 - 2014-09-12 11:05 - 00000268 _____ C:\Windows\Tasks\AutoKMS.job
2016-05-02 20:57 - 2013-10-17 18:53 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2016-05-02 20:57 - 2013-10-17 18:48 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-05-02 20:57 - 2013-10-17 18:48 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-02 20:57 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-02 11:28 - 2013-10-17 18:31 - 00000000 ____D C:\Users\Ballestra
2016-05-01 23:36 - 2014-06-09 10:36 - 00000306 _____ C:\Windows\Tasks\AppCloudUpdater.job
2016-05-01 23:12 - 2014-08-09 11:07 - 00000944 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1964720466-2220750990-4245027613-1000UA.job
2016-05-01 22:17 - 2015-06-24 16:17 - 00000342 _____ C:\Windows\Tasks\Bidaily Synchronize Task[973b].job
2016-05-01 18:08 - 2013-10-17 18:53 - 00000832 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2016-04-30 12:37 - 2013-10-17 23:18 - 00704900 _____ C:\Windows\system32\prfh0416.dat
2016-04-30 12:37 - 2013-10-17 23:18 - 00147206 _____ C:\Windows\system32\prfc0416.dat
2016-04-30 12:37 - 2009-07-14 02:13 - 01632446 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-30 12:37 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-04-29 22:51 - 2013-10-17 20:21 - 00000000 ____D C:\Users\Ballestra\AppData\Roaming\BitTorrent
2016-04-29 22:16 - 2013-11-24 22:45 - 00000000 ____D C:\Users\Ballestra\AppData\LocalLow\Temp
2016-04-29 19:19 - 2013-10-30 03:46 - 00000000 ____D C:\Users\Ballestra\AppData\Local\CrashDumps
2016-04-27 22:16 - 2015-02-21 00:19 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-04-27 22:16 - 2015-02-21 00:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-26 11:12 - 2014-08-09 11:07 - 00000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1964720466-2220750990-4245027613-1000Core.job
2016-04-25 12:00 - 2014-06-09 10:36 - 00000260 _____ C:\Windows\Tasks\AppSafe.job
2016-04-25 10:55 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-04-22 08:47 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-17 20:15 - 2014-04-25 12:25 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2016-04-14 22:06 - 2014-03-31 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-04-09 08:09 - 2013-11-05 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-07 11:14 - 2015-12-15 10:35 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
2016-04-07 11:14 - 2015-12-15 10:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-04-06 10:28 - 2015-02-02 08:02 - 00000000 ___RD C:\Users\Ballestra\Documents\Scanned Documents
==================== Arquivos na raiz de alguns diretórios =======
2013-10-17 19:15 - 2016-05-02 20:58 - 0000380 _____ () C:\Users\Ballestra\AppData\Roaming\sp_data.sys
2013-10-28 16:37 - 2013-10-28 16:37 - 0007605 _____ () C:\Users\Ballestra\AppData\Local\Resmon.ResmonCfg
2014-10-10 20:49 - 2014-10-10 20:53 - 0000000 _____ () C:\Users\Ballestra\AppData\Local\{50133AFB-6D98-4710-94CE-6425A6AFB376}
2015-06-17 19:18 - 2015-06-17 19:18 - 0000000 _____ () C:\Users\Ballestra\AppData\Local\{960541A2-977A-4007-8946-27BF6B7F82B5}
2015-09-27 16:12 - 2015-09-27 16:12 - 0000000 _____ () C:\Users\Ballestra\AppData\Local\{D0A2FD8F-69EB-48FC-AA9C-BCEDA1CA4D1B}
2014-11-29 18:04 - 2014-11-29 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-11-10 08:23 - 2014-11-10 08:23 - 0000165 _____ () C:\ProgramData\bc.ini
2013-11-20 20:52 - 2013-11-20 20:52 - 0000009 _____ () C:\ProgramData\css.txt
2014-01-15 02:15 - 2014-01-15 02:15 - 0167784 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll
2014-05-01 17:27 - 2014-05-01 17:30 - 0000358 _____ () C:\ProgramData\hpzinstall.log
2014-01-09 08:52 - 2014-01-09 08:52 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2013-10-17 19:32 - 2013-10-17 19:32 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2013-10-17 19:24 - 2013-10-17 19:29 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2013-10-17 19:29 - 2013-10-17 19:32 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2013-10-17 19:22 - 2013-10-17 19:24 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Todos os Usuários\FileSplitUpLoad.dll
Alguns arquivos em TEMP:
====================
C:\Users\Ballestra\AppData\Local\Temp\6_Offer_12.exe
C:\Users\Ballestra\AppData\Local\Temp\avguirn_081437494542.exe
C:\Users\Ballestra\AppData\Local\Temp\avguirn_081523546711.exe
C:\Users\Ballestra\AppData\Local\Temp\avguirn_081910157428.exe
C:\Users\Ballestra\AppData\Local\Temp\avguirn_082107499149.exe
C:\Users\Ballestra\AppData\Local\Temp\avguirn_0844115780.exe
C:\Users\Ballestra\AppData\Local\Temp\baidu_bundle_br.exe
C:\Users\Ballestra\AppData\Local\Temp\Baidu_Secure_SystemUp_5.0.4.91133.exe
C:\Users\Ballestra\AppData\Local\Temp\bassmod.dll
C:\Users\Ballestra\AppData\Local\Temp\BavPro_Setup_Mini_116.exe
C:\Users\Ballestra\AppData\Local\Temp\BavPro_Setup_Mini_203.exe
C:\Users\Ballestra\AppData\Local\Temp\BingSvc.exe
C:\Users\Ballestra\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Ballestra\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Ballestra\AppData\Local\Temp\IrsoDLL.dll
C:\Users\Ballestra\AppData\Local\Temp\ose00001.exe
C:\Users\Ballestra\AppData\Local\Temp\ose00002.exe
C:\Users\Ballestra\AppData\Local\Temp\ose00003.exe
C:\Users\Ballestra\AppData\Local\Temp\ose00004.exe
C:\Users\Ballestra\AppData\Local\Temp\tmp387F.exe
C:\Users\Ballestra\AppData\Local\Temp\tmpD6FE.exe
C:\Users\Ballestra\AppData\Local\Temp\tmpD70E.exe
C:\Users\Ballestra\AppData\Local\Temp\tmpE6F6.exe
C:\Users\Ballestra\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Ballestra\AppData\Local\Temp\vcredist_vs2005_x86.exe
C:\Users\Ballestra\AppData\Local\Temp\WkRuntime32_64.exe
C:\Users\Ballestra\AppData\Local\Temp\_unps.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-04-29 20:19
==================== Fim de FRST.txt ============================