Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 16-09-05.01 - Bruno 08/09/2016 18:06:16.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1033.18.1645.395 [GMT -3:00]
Executando de: c:\users\Bruno\Desktop\ComboFix.exe
AV: AVG AntiVirus *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - system32: deleted 2 bytes in 1 streams. [/i]
[i] ADS - drivers: deleted 212 bytes in 1 streams. [/i]
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Bruno\AppData\Roaming\DRPSu
c:\users\Bruno\AppData\Roaming\DRPSu\diagnostics\hardware.json
c:\users\Bruno\AppData\Roaming\DRPSu\diagnostics\localdiagnostics.json
c:\users\Bruno\AppData\Roaming\DRPSu\diagnostics\newsoft.json
c:\users\Bruno\AppData\Roaming\DRPSu\diagnostics\soft.json
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\AMD-FORCED-7x86-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\AMD-FORCED-Legacy-7x86-15.7.1-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\Atheros-FORCED-7x86-WiFi_10.0.0.339-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\Realtek-Allx86-6.1.7600.144-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\Realtek-NTx86-6.2.9200.10296-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\Samsung-WinAll-25_escape-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\Internet\WifiInterface.txt
c:\users\Bruno\AppData\Roaming\DRPSu\Logs\log___2016-06-16-20-35-15.html
c:\users\Bruno\AppData\Roaming\DRPSu\Logs\log___2016-06-19-04-44-01.html
c:\users\Bruno\AppData\Roaming\DRPSu\Logs\log___2016-06-19-04-44-10.html
c:\users\Bruno\AppData\Roaming\DRPSu\Logs\log___2016-07-16-20-25-46.html
c:\users\Bruno\AppData\Roaming\DRPSu\ohm\openhardwaremonitor.zip
c:\users\Bruno\AppData\Roaming\DRPSu\snapshots\DriverPack_Snapshot_20160716_202611.zip
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_18036.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_28507.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_37612.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_37872.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_4362.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_46599.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_6495.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_67008.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_70074.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_7234.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_77894.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_78890.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_82553.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_89876.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_95700.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\driversInstallationStatus.json
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_18036.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_28507.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_37612.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_37872.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_4362.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_46599.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_6495.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_67008.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_70074.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_7234.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_77894.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_78890.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_82553.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_89876.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_95700.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipiy28z8.wi7ji.cmd.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipiy28z8.wi7ji.stderr.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipiy28z8.wi7ji.stdout.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipmaepdl.3qvao.cmd.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipmaepdl.3qvao.stderr.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipmaepdl.3qvao.stdout.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.iqpsxlk8.qwf5d.cmd.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.iqpsxlk8.qwf5d.stderr.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.iqpsxlk8.qwf5d.stdout.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_18036.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_28507.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_37612.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_37872.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_4362.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_46599.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_6495.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_67008.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_70074.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_7234.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_77894.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_78890.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_82553.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_89876.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_95700.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_undefined.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_18036.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_28507.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_37612.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_37872.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_4362.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_46599.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_55450.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_6495.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_67008.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_70074.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_7234.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_77894.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_78890.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_82553.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_89876.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_95700.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_18036.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_28507.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_37612.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_37872.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_4362.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_46599.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_55450.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_6495.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_67008.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_70074.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_7234.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_77894.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_78890.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_82553.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_89876.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_95700.log
c:\users\Bruno\AppData\Roaming\Roaming
c:\users\Bruno\AppData\Roaming\Roaming\Quest3D\ShipSimExtreme\channels.lst
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2016-08-08 to 2016-09-08 ))))))))))))))))))))))))))))
.
.
2016-09-08 09:20 . 2016-09-08 09:20 -------- d-----w- c:\program files\Adw Cleaner
2016-09-08 08:21 . 2016-09-08 08:21 -------- d-----w- C:\zoek_backup
2016-09-08 05:10 . 2016-09-08 05:11 -------- d-----w- c:\users\Bruno\AppData\Local\AVG Web TuneUp
2016-09-08 05:10 . 2016-09-08 05:10 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2016-09-08 05:10 . 2016-09-08 05:11 -------- d-----w- c:\programdata\AVG Web TuneUp
2016-09-08 05:10 . 2016-09-08 05:10 -------- d-----w- c:\program files\AVG Web TuneUp
2016-09-08 04:24 . 2016-09-08 04:24 -------- d-----w- c:\users\Bruno\AppData\Roaming\AVG
2016-09-08 04:19 . 2016-09-08 04:19 -------- d-----w- c:\users\Bruno\AppData\Roaming\TuneUp Software
2016-09-08 04:08 . 2016-09-08 04:08 -------- d-----w- C:\$AVG
2016-09-08 04:00 . 2016-09-08 07:48 -------- d-----w- c:\programdata\MFAData
2016-09-08 04:00 . 2016-09-08 04:00 -------- d-----w- c:\users\Bruno\AppData\Local\MFAData
2016-09-08 03:55 . 2016-09-08 04:03 -------- d-----w- c:\program files\AVG
2016-09-08 03:52 . 2016-09-08 04:08 -------- d-----w- c:\programdata\Avg
2016-09-08 03:52 . 2016-09-08 03:52 -------- d--h--w- c:\programdata\Common Files
2016-09-08 03:52 . 2016-09-08 04:24 -------- d-----w- c:\users\Bruno\AppData\Local\Avg
2016-09-07 20:16 . 2016-09-08 02:50 -------- d-----w- c:\programdata\Kaspersky Lab
2016-09-07 12:53 . 2016-09-07 12:53 -------- d-----w- c:\users\Bruno\AppData\Local\ESET
2016-09-07 12:43 . 2016-09-08 09:20 -------- d-----w- C:\AdwCleaner
2016-09-06 18:32 . 2016-08-02 22:19 9654712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7A11F62-1B91-4FB0-ABA9-38380D75371E}\mpengine.dll
2016-09-05 04:26 . 2016-09-05 04:26 -------- d-----w- c:\users\Bruno\AppData\Local\Rockstar Games
2016-09-04 19:31 . 2016-09-04 19:31 -------- d-----w- c:\program files\City Interactive
2016-09-04 02:15 . 2016-09-04 02:18 -------- d-----w- C:\Resident Evil 3
2016-09-04 02:14 . 2000-05-14 22:19 77824 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2016-09-04 02:14 . 2000-05-14 22:18 217088 ----a-w- c:\program files\Common Files\InstallShield\IScript\IScript.dll
2016-09-04 02:14 . 2000-05-14 22:14 217088 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2016-09-04 02:14 . 2000-05-14 22:12 32768 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2016-09-04 01:17 . 2016-09-04 01:17 -------- d-----w- c:\users\Bruno\AppData\Roaming\Steam
2016-09-04 00:08 . 2016-09-04 00:08 -------- d-----w- c:\program files\CAPCOM
2016-09-03 04:50 . 2016-09-03 04:50 -------- d-----w- c:\programdata\LumaEmu_SteamCloud
2016-09-03 04:49 . 2016-09-03 04:50 -------- d-----w- c:\users\Bruno\AppData\Local\SniperV2
2016-09-03 04:41 . 2010-06-02 07:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2016-09-03 04:41 . 2010-06-02 07:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2016-09-03 04:41 . 2010-06-02 07:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2016-09-03 04:41 . 2010-05-26 14:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2016-09-03 04:41 . 2010-05-26 14:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2016-09-03 04:41 . 2010-05-26 14:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2016-09-03 04:41 . 2010-05-26 14:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2016-09-03 04:41 . 2010-05-26 14:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2016-09-03 04:24 . 2016-09-04 01:34 -------- d-----w- C:\Sniper Elite V2
2016-09-02 02:21 . 2016-09-02 03:42 -------- d-----w- C:\Delta Force Black Hawk Down Full PC Game {Highly Compress} {Uploaded} @IGI
2016-09-01 15:11 . 2016-09-01 15:11 -------- d--h--r- c:\users\Bruno\AppData\Roaming\SecuROM
2016-09-01 15:09 . 2016-09-01 15:09 -------- d-sh--w- c:\programdata\SecuROM
2016-09-01 05:29 . 2016-09-04 05:01 -------- d-----w- c:\program files\Speed Up My PC - for gamer
2016-09-01 05:29 . 2016-09-01 05:29 -------- d-----w- c:\users\Bruno\AppData\Roaming\Uniblue
2016-09-01 01:38 . 2016-09-01 01:38 -------- d-----w- c:\users\Bruno\AppData\Local\Ubisoft Game Launcher
2016-08-31 22:51 . 2010-02-04 13:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2016-08-31 22:51 . 2010-02-04 13:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2016-08-31 22:51 . 2010-02-04 13:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2016-08-31 22:51 . 2010-02-04 13:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2016-08-31 22:51 . 2009-09-04 20:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2016-08-31 22:51 . 2009-09-04 20:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2016-08-31 22:51 . 2009-09-04 20:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2016-08-30 21:09 . 2016-08-31 02:07 -------- d-----w- c:\program files\PowerISO
2016-08-29 11:37 . 2016-08-29 11:54 -------- d-----w- C:\Tom Clancy's Ghost Recon Advanced Warfighter
2016-08-29 11:28 . 2005-03-24 08:18 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2016-08-29 11:28 . 2002-12-05 17:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2016-08-29 11:28 . 2002-12-02 18:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2016-08-29 11:28 . 2002-12-02 16:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2016-08-29 11:28 . 2002-12-02 16:33 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2016-08-29 11:28 . 2002-12-02 16:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2016-08-29 11:28 . 2016-08-29 11:28 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2016-08-29 11:28 . 2016-08-29 11:28 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2016-08-29 10:57 . 2016-08-29 10:57 -------- d-----w- c:\users\Bruno\AppData\Local\Disc_Soft_Ltd
2016-08-29 10:27 . 2016-08-29 10:29 25016 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2016-08-29 10:27 . 2016-08-31 04:21 -------- d-----w- c:\users\Bruno\AppData\Roaming\DAEMON Tools Lite
2016-08-29 10:27 . 2016-08-29 10:37 -------- d-----w- c:\program files\DAEMON Tools Lite
2016-08-29 10:26 . 2016-08-29 10:26 -------- d-----w- c:\programdata\DAEMON Tools Lite
2016-08-29 09:24 . 2016-09-05 18:42 -------- d-----w- c:\program files\Common Files\Nero
2016-08-29 09:05 . 2016-08-29 09:05 -------- d-----w- c:\programdata\GbPlugin
2016-08-29 08:26 . 2016-08-29 08:26 329384 ----a-w- c:\windows\system32\drivers\sptd.sys
2016-08-29 06:44 . 2016-08-29 06:46 -------- d-----w- c:\users\Bruno\AppData\Roaming\Guitar Pro 6
2016-08-29 06:44 . 2016-08-29 06:44 -------- d-----w- c:\programdata\Guitar Pro 6
2016-08-29 06:41 . 2016-08-29 06:42 -------- d-----w- c:\program files\Guitar Pro 6
2016-08-29 04:49 . 2016-08-29 04:49 14792 ----a-w- c:\program files\Mozilla Firefox\qipcap.dll
2016-08-28 23:56 . 2016-08-28 23:56 -------- d-----w- c:\users\Bruno\AppData\Local\Activision
2016-08-28 21:03 . 2016-08-29 02:19 -------- d-----w- C:\Call of Duty 4 - Modern Warfare
2016-08-28 21:03 . 2016-08-28 21:03 -------- d-----w- c:\programdata\Call of Duty 4 - Mode rn Warfare (Rip by X-NET)
2016-08-28 21:03 . 2016-09-08 04:28 -------- d-----w- c:\program files\Call of Duty - World at War
2016-08-28 18:54 . 2016-08-28 18:54 -------- d-----w- C:\Call of Duty - World at War
2016-08-28 18:52 . 2016-08-28 18:52 -------- d-----w- c:\users\Bruno\AppData\Roaming\Call of Duty - World at War
2016-08-28 13:52 . 2016-08-28 13:52 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2016-08-28 12:55 . 2016-08-28 12:55 3148 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2016-08-27 16:46 . 2016-08-27 16:46 -------- d-----w- C:\found.000
2016-08-27 02:47 . 2016-08-27 02:47 -------- d-----w- c:\users\Bruno\AppData\Local\Setup Integrity Check
2016-08-27 02:42 . 2016-08-27 02:42 -------- d-----w- c:\programdata\Mastiff
2016-08-27 02:33 . 2016-08-27 02:42 -------- d-----w- C:\Heavy Fire Afghanistan
2016-08-26 22:41 . 2016-08-26 22:58 -------- d-----w- C:\Men of Valor
2016-08-26 07:06 . 2016-08-26 07:31 -------- d-----w- C:\Far Cry 2 - Fortune's Edition
2016-08-25 20:15 . 2016-08-25 20:15 -------- d-----w- c:\users\Bruno\AppData\Roaming\Resident Evil HD REMASTER
2016-08-25 17:24 . 2016-08-26 02:04 -------- d-----w- C:\Resident Evil HD REMASTER
2016-08-25 14:04 . 2016-08-25 14:04 -------- d-----w- c:\users\Bruno\AppData\Roaming\Auslogics
2016-08-25 14:04 . 2016-08-25 14:04 -------- d-----w- c:\programdata\Auslogics
2016-08-25 14:03 . 2016-08-25 14:03 -------- d-----w- c:\program files\Auslogics
2016-08-25 13:51 . 2016-08-25 13:51 -------- d-----w- c:\program files\Common Files\IObit
2016-08-25 13:50 . 2016-08-25 13:50 -------- d-----w- c:\programdata\ProductData
2016-08-25 13:48 . 2016-08-25 14:09 -------- d-----w- c:\users\Bruno\AppData\Roaming\IObit
2016-08-25 06:33 . 2016-08-25 06:33 -------- d-----w- c:\users\Bruno\AppData\Roaming\Sniper Ghost Warrior - Gold Edition
2016-08-25 04:29 . 2016-08-26 06:14 -------- d-----w- C:\Sniper Ghost Warrior - Gold Edition
2016-08-24 03:55 . 2016-08-24 03:55 -------- d-----w- c:\users\Bruno\AppData\Local\ArmA 2 OA DEMO
2016-08-23 18:04 . 2016-08-26 02:55 -------- d-----w- c:\programdata\RELOADED
2016-08-23 16:36 . 2016-08-23 16:41 -------- d-----w- C:\Arma 2 - Operation Arrowhead - DEMO
2016-08-21 20:19 . 2016-08-21 20:19 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2016-08-21 20:18 . 2016-08-21 20:18 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2016-08-20 04:15 . 2016-07-07 15:20 1309928 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-08-20 04:15 . 2016-07-07 15:20 240872 ----a-w- c:\windows\system32\drivers\netio.sys
2016-08-20 04:15 . 2016-07-07 15:20 187624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-08-20 04:15 . 2016-07-07 14:57 35840 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2016-08-20 04:15 . 2016-07-01 15:13 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-08-20 04:15 . 2016-07-01 15:13 741888 ----a-w- c:\windows\system32\inetcomm.dll
2016-08-20 04:15 . 2016-07-01 14:50 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2016-08-20 04:15 . 2016-07-01 14:50 313856 ----a-w- c:\windows\system32\drivers\srv2.sys
2016-08-20 04:15 . 2016-07-01 14:50 116224 ----a-w- c:\windows\system32\drivers\srvnet.sys
2016-08-19 00:53 . 2016-08-19 03:04 -------- d-----w- C:\H.A.W.X. 2
2016-08-18 21:08 . 2016-08-18 21:31 -------- d-----w- C:\Rainbow Six Vegas 2
2016-08-17 19:10 . 2016-08-17 19:28 -------- d-----w- C:\Tom Clancy's Splinter Cell Conviction
2016-08-17 06:41 . 2016-08-18 05:55 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2016-08-17 06:41 . 2016-08-18 05:55 107832 ----a-w- c:\windows\system32\PnkBstrB.exe
2016-08-17 06:41 . 2016-08-17 06:41 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2016-08-17 06:18 . 2016-08-23 20:35 -------- d-----w- c:\program files\GameVicio
2016-08-17 05:21 . 2016-09-04 16:40 -------- d-----w- c:\users\Bruno\AppData\Local\eclipse
2016-08-17 05:21 . 2016-08-17 05:21 -------- d-----w- c:\users\Bruno\.swt
2016-08-17 05:19 . 2016-08-17 05:19 -------- d-----w- c:\users\Bruno\.oracle_jre_usage
2016-08-17 05:14 . 2016-08-17 05:19 -------- d-----w- c:\program files\Zona
2016-08-17 05:13 . 2016-09-04 16:45 -------- d-----w- c:\users\Bruno\AppData\Roaming\Zona
2016-08-17 04:29 . 2016-09-03 23:34 -------- d-----w- c:\program files\RG Games
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-07 08:09 . 2016-01-01 02:32 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-08-18 06:44 . 2009-07-14 02:05 12464 ----a-w- c:\windows\system32\drivers\secdrv.sys
2016-08-07 05:47 . 2016-08-07 05:47 37920 ----a-w- c:\windows\system32\drivers\Neo_0108.sys
2016-08-07 05:45 . 2016-08-07 05:45 141768 ----a-w- c:\windows\system32\vpncmd.exe
2016-08-06 19:26 . 2016-06-09 07:48 138056 ----a-w- c:\users\Bruno\AppData\Roaming\PnkBstrK.sys
2016-07-26 17:24 . 2015-11-29 04:21 406184 ------w- c:\windows\system32\MpSigStub.exe
2016-07-19 15:28 . 2016-07-19 15:28 201472 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2016-07-17 00:19 . 2015-12-08 07:30 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-07-17 00:19 . 2015-12-08 07:30 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-07-12 19:12 . 2016-07-12 19:12 231168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2016-07-05 00:58 . 2016-07-05 00:58 281688 ----a-w- c:\windows\system32\PnkBstrB.xtr
2016-06-30 17:46 . 2016-06-30 17:46 259328 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2016-06-25 20:01 . 2016-07-16 08:19 37096 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-06-25 19:54 . 2016-07-16 08:20 497152 ----a-w- c:\windows\system32\win32spl.dll
2016-06-25 19:53 . 2016-07-16 08:20 297472 ----a-w- c:\windows\system32\ntprint.dll
2016-06-25 19:53 . 2016-07-16 08:20 779776 ----a-w- c:\windows\system32\localspl.dll
2016-06-25 19:53 . 2016-07-16 08:20 126464 ----a-w- c:\windows\system32\inetpp.dll
2016-06-25 19:53 . 2016-07-16 08:19 1004544 ----a-w- c:\windows\system32\aeinv.dll
2016-06-25 19:42 . 2016-07-16 08:20 39424 ----a-w- c:\windows\system32\wpnpinst.exe
2016-06-25 19:41 . 2016-07-16 08:20 61952 ----a-w- c:\windows\system32\ntprint.exe
2016-06-25 19:41 . 2016-07-16 08:20 18944 ----a-w- c:\windows\system32\inetppui.dll
2016-06-25 19:40 . 2016-07-16 08:20 29696 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\winprint.dll
2016-06-22 13:06 . 2016-07-16 08:19 208896 ----a-w- c:\windows\system32\centel.dll
2016-06-20 18:17 . 2016-06-20 18:17 65280 ----a-w- c:\windows\system32\drivers\avgunivx.sys
2016-06-17 18:23 . 2016-07-16 08:19 468992 ----a-w- c:\windows\system32\generaltel.dll
2016-06-17 18:23 . 2016-07-16 08:19 461312 ----a-w- c:\windows\system32\devinv.dll
2016-06-17 18:23 . 2016-07-16 08:19 251392 ----a-w- c:\windows\system32\invagent.dll
2016-06-17 18:23 . 2016-07-16 08:19 1288192 ----a-w- c:\windows\system32\appraiser.dll
2016-06-17 18:23 . 2016-07-16 08:19 65536 ----a-w- c:\windows\system32\acmigration.dll
2016-06-17 18:23 . 2016-07-16 08:19 179712 ----a-w- c:\windows\system32\aepic.dll
2016-06-14 15:21 . 2016-07-16 08:20 2560 ----a-w- c:\windows\apppatch\AcRes.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2016-09-08 05:09 2260040 ----a-w- c:\program files\AVG Web TuneUp\4.3.5.160\AVG Web TuneUp.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-01-22 16:54 486064 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-01-22 16:54 486064 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-01-22 16:54 486064 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^rvlkl.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk
backup=c:\windows\pss\rvlkl.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk
backup=c:\windows\pss\SoftEther VPN Client Manager Startup.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2016-01-07 23:33 508128 ----a-w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUi]
2016-07-20 17:01 186640 ----a-w- c:\program files\AVG\Framework\Common\avguirnx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI]
2016-07-28 12:39 32528 ----a-w- c:\program files\AVG\Av\avuirunnerx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-11-16 16:54 6602152 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
2015-06-18 12:55 3576664 ----a-w- c:\program files\DAEMON Tools Lite\DTAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Everything]
2014-08-06 01:01 1048576 ----a-w- c:\program files\Everything\Everything.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2016-01-08 23:08 318248 ----a-w- c:\program files\SAMSUNG\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\qBittorrent]
2016-06-20 01:51 15881216 ----a-w- c:\program files\qBittorrent\qbittorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2015-06-18 17:57 12336856 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftEther VPN Client UI Helper]
2016-08-07 05:45 3957704 ----a-w- c:\program files\SoftEther VPN Client\vpnclient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
2015-07-28 21:17 1011200 ----a-w- c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2015-03-17 04:58 748232 ----a-w- c:\program files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperRam]
2014-11-09 21:47 1955992 ----a-w- c:\program files\PGWARE.super.ram\SuperRam\SuperRamTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
2016-09-08 05:09 2180680 ----a-w- c:\program files\AVG Web TuneUp\vprot.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IDMan"=c:\program files\Internet Download Manager\IDMan.exe /onboot
.
R0 gbpddreg;Gbpddreg svc; [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2016-04-25 108032]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-08-02 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2016-04-25 199936]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys [2016-04-25 199936]
R3 SWDUMon;SWDUMon; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 vfdriver;vfdriver; [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [2010-11-01 14416]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2015-08-04 214528]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-03-17 276992]
R4 AvgAMPS;AvgAMPS;c:\program files\AVG\Av\avgamps.exe [2016-07-28 674552]
R4 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\Av\avgidsagent.exe [2016-07-28 4097280]
R4 avgsvc;AVG Service;c:\program files\AVG\Framework\Common\avgsvcx.exe [2016-07-20 906512]
R4 avgwd;AVG WatchDog;c:\program files\AVG\Av\avgwdsvcx.exe [2016-07-28 632632]
R4 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [2015-05-22 255192]
R4 SEVPNCLIENT;SoftEther VPN Client;c:\program files\SoftEther VPN Client\vpnclient.exe [2016-08-07 3957704]
R4 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R4 SuperRam;SuperRam Memory Service;c:\program files\PGWARE.super.ram\SuperRam\SuperRamService.exe [2014-11-09 1939600]
R4 vToolbarUpdater40.3.5;vToolbarUpdater40.3.5;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.5\ToolbarUpdater.exe [2016-09-08 1349704]
R4 WtuSystemSupport;WtuSystemSupport;c:\program files\AVG Web TuneUp\WtuSystemSupport.exe [2016-09-08 980552]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2016-06-01 201472]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2016-02-16 287008]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2016-06-01 47360]
S0 avgunivx;AVG Universal Driver;c:\windows\system32\DRIVERS\avgunivx.sys [2016-06-20 65280]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2015-09-03 49496]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2013-10-08 71888]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2013-10-08 63824]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2016-05-13 134912]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2016-06-30 259328]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2015-11-20 31664]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2016-06-01 212736]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2016-07-12 231168]
S1 ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2015-12-04 29400]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-08-22 2159320]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2016-03-01 87568]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys [2016-08-29 25016]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2013-07-15 110280]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0108.sys [2016-08-07 37920]
S3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\DRIVERS\rtsuvc.sys [2015-01-13 1565400]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
LocalDriverService REG_MULTI_SZ LDrvSvc
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3f8598a-6dcb-11e6-9629-00acb7759e71}]
\shell\AutoRun\command - E:\ResidentEvil2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-09-08 00:06 1267528 ----a-w- c:\program files\Google\Chrome\Application\53.0.2785.101\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2016-09-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08 00:19]
.
2016-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-01-26 22:24]
.
2016-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-01-26 22:24]
.
2016-09-08 c:\windows\Tasks\SpeedUpMyPC Maintenance.job
- c:\program files\Speed Up My PC - for gamer\speedupmypc.exe [2016-09-01 11:28]
.
2016-09-08 c:\windows\Tasks\SpeedUpMyPC Subscription.job
- c:\program files\Speed Up My PC - for gamer\speedupmypc.exe [2016-09-01 11:28]
.
.
------- Scan Suplementar -------
.
uStart Page = https://www.google.com.br/
mStart Page = https://www.google.com/?bcutc=sp-006
mSearch Bar = https://www.google.com/?bcutc=sp-006
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\imagem2
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FA052A12-46E0-4BF9-89C1-9EFE4BABE39E}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\ymn5h0bb.default\
FF - user.js: browser.startup.homepage - hxxp://www.surfvox.com
FF - user.js: browser.search.defaultenginename - SurfVox
FF - user.js: browser.search.selectedEngine - SurfVox
FF - user.js: browser.search.update - false
FF - user.js: browser.search.useDBForOrder - true
user_pref(extensions.lastAppVersion);
user_pref(extensions.lastPlatformVersion);
.
.
------- Associação de arquivos/ficheiros -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - ORFÃOS REMOVIDOS - - - -
.
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
Notify- GbPluginCef - c:\program files\GbPlugin\gbiehCef.dll
SafeBoot-AppXSvc
SafeBoot-ClipSvc
SafeBoot-TweakingRemoveSafeBoot
SafeBoot-WSService
MSConfigStartUp-DelaypluginInstall - c:\programdata\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSConfigStartUp-IDMan - c:\program files\Internet Download Manager\IDMan.exe
MSConfigStartUp-Wondershare Helper Compact - c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
AddRemove-{A6356F2F-D3E1-4D83-9AA2-72871DD0C298} - c:\program files\InstallShield Installation Information\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}\setup.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-27_ssconn - c:\program files\Samsung\USB Drivers\27_ssconn\Uninstall.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-109191986-1445244477-1993111821-1000\Software\SecuROM\License information*]
"datasecu"=hex:5c,6a,20,c2,c6,f0,35,74,0f,6f,0c,83,8e,e7,b8,4e,17,27,66,0b,37,
36,01,f8,d4,b2,a2,9d,7f,52,6a,88,04,a4,2a,88,f5,86,0f,99,9c,9c,41,c7,6a,ed,\
"rkeysecu"=hex:1d,a6,b2,84,5a,6a,34,d6,23,12,6e,ce,85,49,f1,0d
.
[HKEY_USERS\S-1-5-21-109191986-1445244477-1993111821-1000_Classes\CLSID\{75846e02-3d6e-4681-9516-9246397897d9}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000007e
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-109191986-1445244477-1993111821-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):c7,54,d5,2e,4c,94,6b,83,a9,79,24,a5,a5,14,ec,f4,53,14,a3,f2,ce,
3e,bc,05,a2,f5,c8,62,8d,f9,ce,4d,38,a6,fd,fa,de,fd,87,1e,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\progra~1\AVG\Av\avgrsx.exe
c:\program files\AVG\Av\avgcsrvx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
.
**************************************************************************
.
Tempo para conclusão: 2016-09-08 18:51:29 - Máquina reiniciou
ComboFix-quarantined-files.txt 2016-09-08 21:51
.
Pré-execução: 87.057.031.168 bytes free
Pós execução: 86.310.088.704 bytes free
.
- - End Of File - - 3907FE8D408AAF150A5B23FABA656678
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.55.1033.18.1645.395 [GMT -3:00]
Executando de: c:\users\Bruno\Desktop\ComboFix.exe
AV: AVG AntiVirus *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
[i] ADS - system32: deleted 2 bytes in 1 streams. [/i]
[i] ADS - drivers: deleted 212 bytes in 1 streams. [/i]
.
((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Bruno\AppData\Roaming\DRPSu
c:\users\Bruno\AppData\Roaming\DRPSu\diagnostics\hardware.json
c:\users\Bruno\AppData\Roaming\DRPSu\diagnostics\localdiagnostics.json
c:\users\Bruno\AppData\Roaming\DRPSu\diagnostics\newsoft.json
c:\users\Bruno\AppData\Roaming\DRPSu\diagnostics\soft.json
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\AMD-FORCED-7x86-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\AMD-FORCED-Legacy-7x86-15.7.1-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\Atheros-FORCED-7x86-WiFi_10.0.0.339-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\Realtek-Allx86-6.1.7600.144-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\Realtek-NTx86-6.2.9200.10296-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\DRIVERS\Samsung-WinAll-25_escape-drp.zip
c:\users\Bruno\AppData\Roaming\DRPSu\Internet\WifiInterface.txt
c:\users\Bruno\AppData\Roaming\DRPSu\Logs\log___2016-06-16-20-35-15.html
c:\users\Bruno\AppData\Roaming\DRPSu\Logs\log___2016-06-19-04-44-01.html
c:\users\Bruno\AppData\Roaming\DRPSu\Logs\log___2016-06-19-04-44-10.html
c:\users\Bruno\AppData\Roaming\DRPSu\Logs\log___2016-07-16-20-25-46.html
c:\users\Bruno\AppData\Roaming\DRPSu\ohm\openhardwaremonitor.zip
c:\users\Bruno\AppData\Roaming\DRPSu\snapshots\DriverPack_Snapshot_20160716_202611.zip
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_18036.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_28507.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_37612.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_37872.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_4362.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_46599.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_6495.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_67008.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_70074.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_7234.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_77894.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_78890.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_82553.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_89876.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\devcon_95700.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\driversInstallationStatus.json
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_18036.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_28507.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_37612.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_37872.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_4362.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_46599.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_6495.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_67008.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_70074.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_7234.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_77894.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_78890.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_82553.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_89876.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\log_zip_file_95700.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipiy28z8.wi7ji.cmd.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipiy28z8.wi7ji.stderr.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipiy28z8.wi7ji.stdout.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipmaepdl.3qvao.cmd.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipmaepdl.3qvao.stderr.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.ipmaepdl.3qvao.stdout.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.iqpsxlk8.qwf5d.cmd.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.iqpsxlk8.qwf5d.stderr.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\ps.iqpsxlk8.qwf5d.stdout.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_18036.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_28507.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_37612.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_37872.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_4362.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_46599.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_6495.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_67008.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_70074.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_7234.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_77894.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_78890.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_82553.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_89876.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_95700.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\unzipping_undefined.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_18036.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_28507.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_37612.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_37872.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_4362.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_46599.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_55450.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_6495.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_67008.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_70074.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_7234.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_77894.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_78890.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_82553.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_89876.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_finished_95700.txt
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_18036.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_28507.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_37612.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_37872.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_4362.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_46599.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_55450.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_6495.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_67008.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_70074.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_7234.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_77894.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_78890.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_82553.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_89876.log
c:\users\Bruno\AppData\Roaming\DRPSu\temp\wget_log_95700.log
c:\users\Bruno\AppData\Roaming\Roaming
c:\users\Bruno\AppData\Roaming\Roaming\Quest3D\ShipSimExtreme\channels.lst
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
(((((((((((((((( Arquivos/Ficheiros criados de 2016-08-08 to 2016-09-08 ))))))))))))))))))))))))))))
.
.
2016-09-08 09:20 . 2016-09-08 09:20 -------- d-----w- c:\program files\Adw Cleaner
2016-09-08 08:21 . 2016-09-08 08:21 -------- d-----w- C:\zoek_backup
2016-09-08 05:10 . 2016-09-08 05:11 -------- d-----w- c:\users\Bruno\AppData\Local\AVG Web TuneUp
2016-09-08 05:10 . 2016-09-08 05:10 -------- d-----w- c:\program files\Common Files\AVG Secure Search
2016-09-08 05:10 . 2016-09-08 05:11 -------- d-----w- c:\programdata\AVG Web TuneUp
2016-09-08 05:10 . 2016-09-08 05:10 -------- d-----w- c:\program files\AVG Web TuneUp
2016-09-08 04:24 . 2016-09-08 04:24 -------- d-----w- c:\users\Bruno\AppData\Roaming\AVG
2016-09-08 04:19 . 2016-09-08 04:19 -------- d-----w- c:\users\Bruno\AppData\Roaming\TuneUp Software
2016-09-08 04:08 . 2016-09-08 04:08 -------- d-----w- C:\$AVG
2016-09-08 04:00 . 2016-09-08 07:48 -------- d-----w- c:\programdata\MFAData
2016-09-08 04:00 . 2016-09-08 04:00 -------- d-----w- c:\users\Bruno\AppData\Local\MFAData
2016-09-08 03:55 . 2016-09-08 04:03 -------- d-----w- c:\program files\AVG
2016-09-08 03:52 . 2016-09-08 04:08 -------- d-----w- c:\programdata\Avg
2016-09-08 03:52 . 2016-09-08 03:52 -------- d--h--w- c:\programdata\Common Files
2016-09-08 03:52 . 2016-09-08 04:24 -------- d-----w- c:\users\Bruno\AppData\Local\Avg
2016-09-07 20:16 . 2016-09-08 02:50 -------- d-----w- c:\programdata\Kaspersky Lab
2016-09-07 12:53 . 2016-09-07 12:53 -------- d-----w- c:\users\Bruno\AppData\Local\ESET
2016-09-07 12:43 . 2016-09-08 09:20 -------- d-----w- C:\AdwCleaner
2016-09-06 18:32 . 2016-08-02 22:19 9654712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E7A11F62-1B91-4FB0-ABA9-38380D75371E}\mpengine.dll
2016-09-05 04:26 . 2016-09-05 04:26 -------- d-----w- c:\users\Bruno\AppData\Local\Rockstar Games
2016-09-04 19:31 . 2016-09-04 19:31 -------- d-----w- c:\program files\City Interactive
2016-09-04 02:15 . 2016-09-04 02:18 -------- d-----w- C:\Resident Evil 3
2016-09-04 02:14 . 2000-05-14 22:19 77824 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\ctor.dll
2016-09-04 02:14 . 2000-05-14 22:18 217088 ----a-w- c:\program files\Common Files\InstallShield\IScript\IScript.dll
2016-09-04 02:14 . 2000-05-14 22:14 217088 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\iuser.dll
2016-09-04 02:14 . 2000-05-14 22:12 32768 ----a-w- c:\program files\Common Files\InstallShield\engine\6\Intel 32\objectps.dll
2016-09-04 01:17 . 2016-09-04 01:17 -------- d-----w- c:\users\Bruno\AppData\Roaming\Steam
2016-09-04 00:08 . 2016-09-04 00:08 -------- d-----w- c:\program files\CAPCOM
2016-09-03 04:50 . 2016-09-03 04:50 -------- d-----w- c:\programdata\LumaEmu_SteamCloud
2016-09-03 04:49 . 2016-09-03 04:50 -------- d-----w- c:\users\Bruno\AppData\Local\SniperV2
2016-09-03 04:41 . 2010-06-02 07:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2016-09-03 04:41 . 2010-06-02 07:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2016-09-03 04:41 . 2010-06-02 07:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2016-09-03 04:41 . 2010-05-26 14:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2016-09-03 04:41 . 2010-05-26 14:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2016-09-03 04:41 . 2010-05-26 14:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2016-09-03 04:41 . 2010-05-26 14:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2016-09-03 04:41 . 2010-05-26 14:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2016-09-03 04:24 . 2016-09-04 01:34 -------- d-----w- C:\Sniper Elite V2
2016-09-02 02:21 . 2016-09-02 03:42 -------- d-----w- C:\Delta Force Black Hawk Down Full PC Game {Highly Compress} {Uploaded} @IGI
2016-09-01 15:11 . 2016-09-01 15:11 -------- d--h--r- c:\users\Bruno\AppData\Roaming\SecuROM
2016-09-01 15:09 . 2016-09-01 15:09 -------- d-sh--w- c:\programdata\SecuROM
2016-09-01 05:29 . 2016-09-04 05:01 -------- d-----w- c:\program files\Speed Up My PC - for gamer
2016-09-01 05:29 . 2016-09-01 05:29 -------- d-----w- c:\users\Bruno\AppData\Roaming\Uniblue
2016-09-01 01:38 . 2016-09-01 01:38 -------- d-----w- c:\users\Bruno\AppData\Local\Ubisoft Game Launcher
2016-08-31 22:51 . 2010-02-04 13:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2016-08-31 22:51 . 2010-02-04 13:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2016-08-31 22:51 . 2010-02-04 13:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2016-08-31 22:51 . 2010-02-04 13:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2016-08-31 22:51 . 2009-09-04 20:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2016-08-31 22:51 . 2009-09-04 20:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2016-08-31 22:51 . 2009-09-04 20:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2016-08-30 21:09 . 2016-08-31 02:07 -------- d-----w- c:\program files\PowerISO
2016-08-29 11:37 . 2016-08-29 11:54 -------- d-----w- C:\Tom Clancy's Ghost Recon Advanced Warfighter
2016-08-29 11:28 . 2005-03-24 08:18 692224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2016-08-29 11:28 . 2002-12-05 17:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2016-08-29 11:28 . 2002-12-02 18:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2016-08-29 11:28 . 2002-12-02 16:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2016-08-29 11:28 . 2002-12-02 16:33 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2016-08-29 11:28 . 2002-12-02 16:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2016-08-29 11:28 . 2016-08-29 11:28 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2016-08-29 11:28 . 2016-08-29 11:28 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2016-08-29 10:57 . 2016-08-29 10:57 -------- d-----w- c:\users\Bruno\AppData\Local\Disc_Soft_Ltd
2016-08-29 10:27 . 2016-08-29 10:29 25016 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2016-08-29 10:27 . 2016-08-31 04:21 -------- d-----w- c:\users\Bruno\AppData\Roaming\DAEMON Tools Lite
2016-08-29 10:27 . 2016-08-29 10:37 -------- d-----w- c:\program files\DAEMON Tools Lite
2016-08-29 10:26 . 2016-08-29 10:26 -------- d-----w- c:\programdata\DAEMON Tools Lite
2016-08-29 09:24 . 2016-09-05 18:42 -------- d-----w- c:\program files\Common Files\Nero
2016-08-29 09:05 . 2016-08-29 09:05 -------- d-----w- c:\programdata\GbPlugin
2016-08-29 08:26 . 2016-08-29 08:26 329384 ----a-w- c:\windows\system32\drivers\sptd.sys
2016-08-29 06:44 . 2016-08-29 06:46 -------- d-----w- c:\users\Bruno\AppData\Roaming\Guitar Pro 6
2016-08-29 06:44 . 2016-08-29 06:44 -------- d-----w- c:\programdata\Guitar Pro 6
2016-08-29 06:41 . 2016-08-29 06:42 -------- d-----w- c:\program files\Guitar Pro 6
2016-08-29 04:49 . 2016-08-29 04:49 14792 ----a-w- c:\program files\Mozilla Firefox\qipcap.dll
2016-08-28 23:56 . 2016-08-28 23:56 -------- d-----w- c:\users\Bruno\AppData\Local\Activision
2016-08-28 21:03 . 2016-08-29 02:19 -------- d-----w- C:\Call of Duty 4 - Modern Warfare
2016-08-28 21:03 . 2016-08-28 21:03 -------- d-----w- c:\programdata\Call of Duty 4 - Mode rn Warfare (Rip by X-NET)
2016-08-28 21:03 . 2016-09-08 04:28 -------- d-----w- c:\program files\Call of Duty - World at War
2016-08-28 18:54 . 2016-08-28 18:54 -------- d-----w- C:\Call of Duty - World at War
2016-08-28 18:52 . 2016-08-28 18:52 -------- d-----w- c:\users\Bruno\AppData\Roaming\Call of Duty - World at War
2016-08-28 13:52 . 2016-08-28 13:52 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2016-08-28 12:55 . 2016-08-28 12:55 3148 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2016-08-27 16:46 . 2016-08-27 16:46 -------- d-----w- C:\found.000
2016-08-27 02:47 . 2016-08-27 02:47 -------- d-----w- c:\users\Bruno\AppData\Local\Setup Integrity Check
2016-08-27 02:42 . 2016-08-27 02:42 -------- d-----w- c:\programdata\Mastiff
2016-08-27 02:33 . 2016-08-27 02:42 -------- d-----w- C:\Heavy Fire Afghanistan
2016-08-26 22:41 . 2016-08-26 22:58 -------- d-----w- C:\Men of Valor
2016-08-26 07:06 . 2016-08-26 07:31 -------- d-----w- C:\Far Cry 2 - Fortune's Edition
2016-08-25 20:15 . 2016-08-25 20:15 -------- d-----w- c:\users\Bruno\AppData\Roaming\Resident Evil HD REMASTER
2016-08-25 17:24 . 2016-08-26 02:04 -------- d-----w- C:\Resident Evil HD REMASTER
2016-08-25 14:04 . 2016-08-25 14:04 -------- d-----w- c:\users\Bruno\AppData\Roaming\Auslogics
2016-08-25 14:04 . 2016-08-25 14:04 -------- d-----w- c:\programdata\Auslogics
2016-08-25 14:03 . 2016-08-25 14:03 -------- d-----w- c:\program files\Auslogics
2016-08-25 13:51 . 2016-08-25 13:51 -------- d-----w- c:\program files\Common Files\IObit
2016-08-25 13:50 . 2016-08-25 13:50 -------- d-----w- c:\programdata\ProductData
2016-08-25 13:48 . 2016-08-25 14:09 -------- d-----w- c:\users\Bruno\AppData\Roaming\IObit
2016-08-25 06:33 . 2016-08-25 06:33 -------- d-----w- c:\users\Bruno\AppData\Roaming\Sniper Ghost Warrior - Gold Edition
2016-08-25 04:29 . 2016-08-26 06:14 -------- d-----w- C:\Sniper Ghost Warrior - Gold Edition
2016-08-24 03:55 . 2016-08-24 03:55 -------- d-----w- c:\users\Bruno\AppData\Local\ArmA 2 OA DEMO
2016-08-23 18:04 . 2016-08-26 02:55 -------- d-----w- c:\programdata\RELOADED
2016-08-23 16:36 . 2016-08-23 16:41 -------- d-----w- C:\Arma 2 - Operation Arrowhead - DEMO
2016-08-21 20:19 . 2016-08-21 20:19 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2016-08-21 20:18 . 2016-08-21 20:18 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2016-08-20 04:15 . 2016-07-07 15:20 1309928 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-08-20 04:15 . 2016-07-07 15:20 240872 ----a-w- c:\windows\system32\drivers\netio.sys
2016-08-20 04:15 . 2016-07-07 15:20 187624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-08-20 04:15 . 2016-07-07 14:57 35840 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2016-08-20 04:15 . 2016-07-01 15:13 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-08-20 04:15 . 2016-07-01 15:13 741888 ----a-w- c:\windows\system32\inetcomm.dll
2016-08-20 04:15 . 2016-07-01 14:50 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2016-08-20 04:15 . 2016-07-01 14:50 313856 ----a-w- c:\windows\system32\drivers\srv2.sys
2016-08-20 04:15 . 2016-07-01 14:50 116224 ----a-w- c:\windows\system32\drivers\srvnet.sys
2016-08-19 00:53 . 2016-08-19 03:04 -------- d-----w- C:\H.A.W.X. 2
2016-08-18 21:08 . 2016-08-18 21:31 -------- d-----w- C:\Rainbow Six Vegas 2
2016-08-17 19:10 . 2016-08-17 19:28 -------- d-----w- C:\Tom Clancy's Splinter Cell Conviction
2016-08-17 06:41 . 2016-08-18 05:55 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2016-08-17 06:41 . 2016-08-18 05:55 107832 ----a-w- c:\windows\system32\PnkBstrB.exe
2016-08-17 06:41 . 2016-08-17 06:41 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2016-08-17 06:18 . 2016-08-23 20:35 -------- d-----w- c:\program files\GameVicio
2016-08-17 05:21 . 2016-09-04 16:40 -------- d-----w- c:\users\Bruno\AppData\Local\eclipse
2016-08-17 05:21 . 2016-08-17 05:21 -------- d-----w- c:\users\Bruno\.swt
2016-08-17 05:19 . 2016-08-17 05:19 -------- d-----w- c:\users\Bruno\.oracle_jre_usage
2016-08-17 05:14 . 2016-08-17 05:19 -------- d-----w- c:\program files\Zona
2016-08-17 05:13 . 2016-09-04 16:45 -------- d-----w- c:\users\Bruno\AppData\Roaming\Zona
2016-08-17 04:29 . 2016-09-03 23:34 -------- d-----w- c:\program files\RG Games
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-07 08:09 . 2016-01-01 02:32 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-08-18 06:44 . 2009-07-14 02:05 12464 ----a-w- c:\windows\system32\drivers\secdrv.sys
2016-08-07 05:47 . 2016-08-07 05:47 37920 ----a-w- c:\windows\system32\drivers\Neo_0108.sys
2016-08-07 05:45 . 2016-08-07 05:45 141768 ----a-w- c:\windows\system32\vpncmd.exe
2016-08-06 19:26 . 2016-06-09 07:48 138056 ----a-w- c:\users\Bruno\AppData\Roaming\PnkBstrK.sys
2016-07-26 17:24 . 2015-11-29 04:21 406184 ------w- c:\windows\system32\MpSigStub.exe
2016-07-19 15:28 . 2016-07-19 15:28 201472 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2016-07-17 00:19 . 2015-12-08 07:30 796352 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-07-17 00:19 . 2015-12-08 07:30 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-07-12 19:12 . 2016-07-12 19:12 231168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2016-07-05 00:58 . 2016-07-05 00:58 281688 ----a-w- c:\windows\system32\PnkBstrB.xtr
2016-06-30 17:46 . 2016-06-30 17:46 259328 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2016-06-25 20:01 . 2016-07-16 08:19 37096 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-06-25 19:54 . 2016-07-16 08:20 497152 ----a-w- c:\windows\system32\win32spl.dll
2016-06-25 19:53 . 2016-07-16 08:20 297472 ----a-w- c:\windows\system32\ntprint.dll
2016-06-25 19:53 . 2016-07-16 08:20 779776 ----a-w- c:\windows\system32\localspl.dll
2016-06-25 19:53 . 2016-07-16 08:20 126464 ----a-w- c:\windows\system32\inetpp.dll
2016-06-25 19:53 . 2016-07-16 08:19 1004544 ----a-w- c:\windows\system32\aeinv.dll
2016-06-25 19:42 . 2016-07-16 08:20 39424 ----a-w- c:\windows\system32\wpnpinst.exe
2016-06-25 19:41 . 2016-07-16 08:20 61952 ----a-w- c:\windows\system32\ntprint.exe
2016-06-25 19:41 . 2016-07-16 08:20 18944 ----a-w- c:\windows\system32\inetppui.dll
2016-06-25 19:40 . 2016-07-16 08:20 29696 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\winprint.dll
2016-06-22 13:06 . 2016-07-16 08:19 208896 ----a-w- c:\windows\system32\centel.dll
2016-06-20 18:17 . 2016-06-20 18:17 65280 ----a-w- c:\windows\system32\drivers\avgunivx.sys
2016-06-17 18:23 . 2016-07-16 08:19 468992 ----a-w- c:\windows\system32\generaltel.dll
2016-06-17 18:23 . 2016-07-16 08:19 461312 ----a-w- c:\windows\system32\devinv.dll
2016-06-17 18:23 . 2016-07-16 08:19 251392 ----a-w- c:\windows\system32\invagent.dll
2016-06-17 18:23 . 2016-07-16 08:19 1288192 ----a-w- c:\windows\system32\appraiser.dll
2016-06-17 18:23 . 2016-07-16 08:19 65536 ----a-w- c:\windows\system32\acmigration.dll
2016-06-17 18:23 . 2016-07-16 08:19 179712 ----a-w- c:\windows\system32\aepic.dll
2016-06-14 15:21 . 2016-07-16 08:20 2560 ----a-w- c:\windows\apppatch\AcRes.dll
.
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2016-09-08 05:09 2260040 ----a-w- c:\program files\AVG Web TuneUp\4.3.5.160\AVG Web TuneUp.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2016-01-22 16:54 486064 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2016-01-22 16:54 486064 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2016-01-22 16:54 486064 ----a-w- c:\program files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^rvlkl.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk
backup=c:\windows\pss\rvlkl.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk
backup=c:\windows\pss\SoftEther VPN Client Manager Startup.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2016-01-07 23:33 508128 ----a-w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUi]
2016-07-20 17:01 186640 ----a-w- c:\program files\AVG\Framework\Common\avguirnx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI]
2016-07-28 12:39 32528 ----a-w- c:\program files\AVG\Av\avuirunnerx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
2015-11-16 16:54 6602152 ----a-w- c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
2015-06-18 12:55 3576664 ----a-w- c:\program files\DAEMON Tools Lite\DTAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Everything]
2014-08-06 01:01 1048576 ----a-w- c:\program files\Everything\Everything.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2016-01-08 23:08 318248 ----a-w- c:\program files\SAMSUNG\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\qBittorrent]
2016-06-20 01:51 15881216 ----a-w- c:\program files\qBittorrent\qbittorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2015-06-18 17:57 12336856 ----a-w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftEther VPN Client UI Helper]
2016-08-07 05:45 3957704 ----a-w- c:\program files\SoftEther VPN Client\vpnclient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotPostWindows10UpgradeReInstall]
2015-07-28 21:17 1011200 ----a-w- c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2015-03-17 04:58 748232 ----a-w- c:\program files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperRam]
2014-11-09 21:47 1955992 ----a-w- c:\program files\PGWARE.super.ram\SuperRam\SuperRamTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
2016-09-08 05:09 2180680 ----a-w- c:\program files\AVG Web TuneUp\vprot.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IDMan"=c:\program files\Internet Download Manager\IDMan.exe /onboot
.
R0 gbpddreg;Gbpddreg svc; [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2016-04-25 108032]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-08-02 102912]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2016-04-25 199936]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys [2016-04-25 199936]
R3 SWDUMon;SWDUMon; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 vfdriver;vfdriver; [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [2010-11-01 14416]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2015-08-04 214528]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-03-17 276992]
R4 AvgAMPS;AvgAMPS;c:\program files\AVG\Av\avgamps.exe [2016-07-28 674552]
R4 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\Av\avgidsagent.exe [2016-07-28 4097280]
R4 avgsvc;AVG Service;c:\program files\AVG\Framework\Common\avgsvcx.exe [2016-07-20 906512]
R4 avgwd;AVG WatchDog;c:\program files\AVG\Av\avgwdsvcx.exe [2016-07-28 632632]
R4 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [2015-05-22 255192]
R4 SEVPNCLIENT;SoftEther VPN Client;c:\program files\SoftEther VPN Client\vpnclient.exe [2016-08-07 3957704]
R4 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R4 SuperRam;SuperRam Memory Service;c:\program files\PGWARE.super.ram\SuperRam\SuperRamService.exe [2014-11-09 1939600]
R4 vToolbarUpdater40.3.5;vToolbarUpdater40.3.5;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.5\ToolbarUpdater.exe [2016-09-08 1349704]
R4 WtuSystemSupport;WtuSystemSupport;c:\program files\AVG Web TuneUp\WtuSystemSupport.exe [2016-09-08 980552]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2016-06-01 201472]
S0 Avglogx;AVG Logging Driver;c:\windows\system32\DRIVERS\avglogx.sys [2016-02-16 287008]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2016-06-01 47360]
S0 avgunivx;AVG Universal Driver;c:\windows\system32\DRIVERS\avgunivx.sys [2016-06-20 65280]
S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\GbpKm.sys [2015-09-03 49496]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2013-10-08 71888]
S0 vsock;vSockets Driver;c:\windows\system32\drivers\vsock.sys [2013-10-08 63824]
S1 Avgdiskx;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiskx.sys [2016-05-13 134912]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2016-06-30 259328]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2015-11-20 31664]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2016-06-01 212736]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2016-07-12 231168]
S1 ndisrd;GAS Tecnologia Filter Driver;c:\windows\system32\DRIVERS\gbpndisrdn.sys [2015-12-04 29400]
S2 AGSService;Adobe Genuine Software Integrity Service;c:\program files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-08-22 2159320]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2016-03-01 87568]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys [2016-08-29 25016]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2013-07-15 110280]
S3 Neo_VPN;VPN Client Device Driver - VPN;c:\windows\system32\DRIVERS\Neo_0108.sys [2016-08-07 37920]
S3 rtsuvc;Realtek USB2.0 PC Camera;c:\windows\system32\DRIVERS\rtsuvc.sys [2015-01-13 1565400]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
utcsvc REG_MULTI_SZ DiagTrack
LocalDriverService REG_MULTI_SZ LDrvSvc
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c3f8598a-6dcb-11e6-9629-00acb7759e71}]
\shell\AutoRun\command - E:\ResidentEvil2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-09-08 00:06 1267528 ----a-w- c:\program files\Google\Chrome\Application\53.0.2785.101\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2016-09-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08 00:19]
.
2016-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-01-26 22:24]
.
2016-09-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2016-01-26 22:24]
.
2016-09-08 c:\windows\Tasks\SpeedUpMyPC Maintenance.job
- c:\program files\Speed Up My PC - for gamer\speedupmypc.exe [2016-09-01 11:28]
.
2016-09-08 c:\windows\Tasks\SpeedUpMyPC Subscription.job
- c:\program files\Speed Up My PC - for gamer\speedupmypc.exe [2016-09-01 11:28]
.
.
------- Scan Suplementar -------
.
uStart Page = https://www.google.com.br/
mStart Page = https://www.google.com/?bcutc=sp-006
mSearch Bar = https://www.google.com/?bcutc=sp-006
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\imagem2
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\internetbankingpf
Trusted Zone: caixa.gov.br\www
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{FA052A12-46E0-4BF9-89C1-9EFE4BABE39E}: NameServer = 8.8.8.8,8.8.4.4
FF - ProfilePath - c:\users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\ymn5h0bb.default\
FF - user.js: browser.startup.homepage - hxxp://www.surfvox.com
FF - user.js: browser.search.defaultenginename - SurfVox
FF - user.js: browser.search.selectedEngine - SurfVox
FF - user.js: browser.search.update - false
FF - user.js: browser.search.useDBForOrder - true
user_pref(extensions.lastAppVersion);
user_pref(extensions.lastPlatformVersion);
.
.
------- Associação de arquivos/ficheiros -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - ORFÃOS REMOVIDOS - - - -
.
ShellIconOverlayIdentifiers-{056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
ShellIconOverlayIdentifiers-{05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
ShellIconOverlayIdentifiers-{0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
Notify- GbPluginCef - c:\program files\GbPlugin\gbiehCef.dll
SafeBoot-AppXSvc
SafeBoot-ClipSvc
SafeBoot-TweakingRemoveSafeBoot
SafeBoot-WSService
MSConfigStartUp-DelaypluginInstall - c:\programdata\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSConfigStartUp-IDMan - c:\program files\Internet Download Manager\IDMan.exe
MSConfigStartUp-Wondershare Helper Compact - c:\program files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
AddRemove-{A6356F2F-D3E1-4D83-9AA2-72871DD0C298} - c:\program files\InstallShield Installation Information\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}\setup.exe
AddRemove-01_Simmental - c:\program files\SAMSUNG\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\SAMSUNG\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\SAMSUNG\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\SAMSUNG\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\SAMSUNG\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\SAMSUNG\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\SAMSUNG\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\SAMSUNG\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\SAMSUNG\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\SAMSUNG\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
AddRemove-27_ssconn - c:\program files\Samsung\USB Drivers\27_ssconn\Uninstall.exe
.
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_USERS\S-1-5-21-109191986-1445244477-1993111821-1000\Software\SecuROM\License information*]
"datasecu"=hex:5c,6a,20,c2,c6,f0,35,74,0f,6f,0c,83,8e,e7,b8,4e,17,27,66,0b,37,
36,01,f8,d4,b2,a2,9d,7f,52,6a,88,04,a4,2a,88,f5,86,0f,99,9c,9c,41,c7,6a,ed,\
"rkeysecu"=hex:1d,a6,b2,84,5a,6a,34,d6,23,12,6e,ce,85,49,f1,0d
.
[HKEY_USERS\S-1-5-21-109191986-1445244477-1993111821-1000_Classes\CLSID\{75846e02-3d6e-4681-9516-9246397897d9}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000007e
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-109191986-1445244477-1993111821-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):c7,54,d5,2e,4c,94,6b,83,a9,79,24,a5,a5,14,ec,f4,53,14,a3,f2,ce,
3e,bc,05,a2,f5,c8,62,8d,f9,ce,4d,38,a6,fd,fa,de,fd,87,1e,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\progra~1\AVG\Av\avgrsx.exe
c:\program files\AVG\Av\avgcsrvx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
.
**************************************************************************
.
Tempo para conclusão: 2016-09-08 18:51:29 - Máquina reiniciou
ComboFix-quarantined-files.txt 2016-09-08 21:51
.
Pré-execução: 87.057.031.168 bytes free
Pós execução: 86.310.088.704 bytes free
.
- - End Of File - - 3907FE8D408AAF150A5B23FABA656678
A36C5E4F47E84449FF07ED3517B43A31