cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 04-11-2016
Executado por Guilherme (administrador) em GUILHERME-PC (08-11-2016 11:37:06)
Executando a partir de C:\Users\Guilherme\Downloads
Perfis Carregados: Guilherme (Perfis Disponíveis: Guilherme)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Akamai Technologies, Inc.) C:\Users\Guilherme\AppData\Local\Akamai\netsession_win.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILDE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILDE.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Akamai Technologies, Inc.) C:\Users\Guilherme\AppData\Local\Akamai\netsession_win.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
() C:\Program Files (x86)\Pingzapper\PZService.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2012-02-21] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-10-10] ()
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-07-06] (Banco Itaú Unibanco)
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Guilherme\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29635712 2016-09-12] (Skype Technologies S.A.)
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\...\MountPoints2: {49649d16-7cde-11e4-b478-806e6f6e6963} - D:\AUTORUN.EXE
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\...\MountPoints2: {a85bca62-74f7-11e5-a47c-dc0ea1c54e0f} - E:\Autorun.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1759992 2015-07-06] (Banco Itaú Unibanco)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => Nenhum Arquivo
Startup: C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2016-04-26]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5649EE60-5781-426B-BEE1-A83FCC16AD05}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{BD63E25E-FF24-4B2F-AE8D-B0542A7B6CD3}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=mbtkv3&uid=S2TTJ9AC636529_ST1000LM024HN-M101MBB&tm=1434923330
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.top8844.com?oem=mbtkv3&uid=S2TTJ9AC636529_ST1000LM024HN-M101MBB&tm=1434923330
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv3&uid=S2TTJ9AC636529_ST1000LM024HN-M101MBB&tm=1434923330
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv3&uid=S2TTJ9AC636529_ST1000LM024HN-M101MBB&tm=1434923330
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={FDBB7C9B-67F7-4B3C-B477-813CDCA84AC6}&mid=e3a8d8b7b30847cdb60d8d8095f6df41-675c6c60652511d999fa99f116a6f6d0721fb2a2&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2016-04-25 17:59:16&v=4.3.5.160&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3773353831-1587287919-3041611652-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv3&uid=S2TTJ9AC636529_ST1000LM024HN-M101MBB&tm=1434923330
SearchScopes: HKU\S-1-5-21-3773353831-1587287919-3041611652-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={FDBB7C9B-67F7-4B3C-B477-813CDCA84AC6}&mid=e3a8d8b7b30847cdb60d8d8095f6df41-675c6c60652511d999fa99f116a6f6d0721fb2a2&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2016-04-25 17:59:16&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3773353831-1587287919-3041611652-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={FDBB7C9B-67F7-4B3C-B477-813CDCA84AC6}&mid=e3a8d8b7b30847cdb60d8d8095f6df41-675c6c60652511d999fa99f116a6f6d0721fb2a2&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2016-04-25 17:59:16&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-10-10] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-07-06] (Banco Itaú Unibanco)
IE Session Restore: HKU\S-1-5-21-3773353831-1587287919-3041611652-1000 -> está habilitado.
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: b6kk878s.default
FF ProfilePath: C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\b6kk878s.default [2016-11-08]
FF NewTab: Mozilla\Firefox\Profiles\b6kk878s.default -> www.123rede.com?oem=mbtkv3&uid=S2TTJ9AC636529_ST1000LM024HN-M101MBB&tm=1443123962
FF Homepage: Mozilla\Firefox\Profiles\b6kk878s.default -> www.123rede.com?oem=mbtkv3&uid=S2TTJ9AC636529_ST1000LM024HN-M101MBB&tm=1443123962
FF Session Restore: Mozilla\Firefox\Profiles\b6kk878s.default -> está habilitado.
FF Extension: (AVG Web TuneUp) - C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\b6kk878s.default\Extensions\avg@toolbar.xpi [2016-10-10]
FF SearchPlugin: C:\Users\Guilherme\AppData\Roaming\Mozilla\Firefox\Profiles\b6kk878s.default\searchplugins\avg-secure-search.xml [2016-10-10]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-10-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-28] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default [2016-11-08]
CHR Extension: (Torrent dos Filmes) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcljimiclefoalalnkempegggobplbe [2016-02-06]
CHR Extension: (Skype) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-21]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Guilherme\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-10-13] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5332384 2016-10-13] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-10-13] (AVG Technologies CZ, s.r.o.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2015-08-19] () [Arquivo não assinado]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3190784 2015-05-19] (INCA Internet Co., Ltd.)
R2 PingzapperSvc; C:\Program Files (x86)\Pingzapper\PZService.exe [632320 2016-05-22] () [Arquivo não assinado]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [Arquivo não assinado]
R2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2016-10-10] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-10-10] ()

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [311552 2016-09-22] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [265472 2016-09-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-07-03] (GAS Tecnologia LTDA)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-11-08 11:35 - 2016-11-08 11:35 - 00042360 _____ C:\Users\Guilherme\Downloads\Addition.txt
2016-11-08 11:34 - 2016-11-08 11:37 - 00020512 _____ C:\Users\Guilherme\Downloads\FRST.txt
2016-11-08 11:34 - 2016-11-08 11:37 - 00000000 ____D C:\FRST
2016-11-08 11:34 - 2016-11-08 11:34 - 02410496 _____ (Farbar) C:\Users\Guilherme\Downloads\FRST64.exe
2016-11-08 11:32 - 2016-11-08 11:32 - 00000000 ____D C:\Users\Guilherme\Desktop\Games
2016-11-08 01:42 - 2016-11-08 01:42 - 00002285 _____ C:\Users\Guilherme\Desktop\Instalar agora Autodesk® AutoCAD® 2017.lnk
2016-11-08 01:36 - 2016-11-08 01:36 - 00002100 _____ C:\Users\Public\Desktop\AutoCAD 2017 - Português - Brasil (Brazilian Portuguese).lnk
2016-11-07 22:55 - 2016-11-07 22:55 - 18633896 _____ C:\Users\Guilherme\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup.exe
2016-11-07 22:55 - 2016-11-07 22:55 - 00338296 _____ (Autodesk Inc.) C:\Users\Guilherme\Downloads\AutoCAD_2017_Brazilian_Portuguese_Win_32_64bit_wi_pt-BR_Setup_webinstall.exe
2016-11-07 17:07 - 2016-11-07 17:19 - 00000000 ____D C:\Windows\system32\MRT
2016-11-07 17:06 - 2016-11-07 17:06 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-07 16:40 - 2011-04-09 04:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-11-07 16:40 - 2011-04-09 04:45 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-07 16:40 - 2011-04-09 04:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-07 16:40 - 2011-04-09 04:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-07 16:40 - 2011-04-09 03:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-11-07 16:39 - 2016-06-25 14:03 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2016-11-07 11:51 - 2012-06-02 20:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-11-07 11:51 - 2012-06-02 20:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-11-07 11:51 - 2012-06-02 20:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-11-07 11:51 - 2012-06-02 20:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-11-07 11:51 - 2012-06-02 20:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-11-07 11:51 - 2012-06-02 20:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-11-07 11:51 - 2012-06-02 20:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-11-07 11:51 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-11-07 11:51 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-11-07 11:45 - 2016-11-07 11:45 - 00629006 _____ C:\Users\Guilherme\Downloads\Windows6.1-KB2999226-x86.msu
2016-11-07 11:44 - 2016-11-07 11:44 - 01034556 _____ C:\Users\Guilherme\Downloads\Windows6.1-KB2999226-x64.msu
2016-11-07 11:39 - 2016-11-07 11:39 - 00001991 _____ C:\Users\Guilherme\Downloads\__32-api-ms-win-crt-heap-l1-1-0.dll10.0.10046.0.zip
2016-11-04 12:07 - 2016-11-04 12:07 - 00000000 ____D C:\Users\Guilherme\Downloads\The Walking Dead S06E01 720p WEB-DL x264-Belex - Dual Audio
2016-11-02 18:07 - 2016-11-02 18:07 - 00002028 _____ C:\Users\Public\Desktop\Aeria Ignite.lnk
2016-11-02 18:07 - 2016-11-02 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-11-02 18:07 - 2016-11-02 18:07 - 00000000 ____D C:\Program Files (x86)\Aeria Games
2016-11-02 18:06 - 2016-11-02 18:06 - 03541664 _____ (Aeria Games & Entertainment) C:\Users\Guilherme\Downloads\aeria_ignite_install.exe
2016-11-02 13:47 - 2016-11-03 07:14 - 00000000 ____D C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E05.720p.WEB-DL.DD5.1.H.264-Cyphanix.DUAL-RK
2016-11-02 12:43 - 2016-11-03 08:58 - 00000000 ____D C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E04.720p.WEB-DL.DD5.1.H.264-Cyphanix.DUAL-RK
2016-11-02 12:43 - 2016-11-03 04:31 - 00000000 ____D C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E02.720p.HDTV.x264-KILLERS.Dual.kayne
2016-11-02 12:42 - 2016-11-02 12:42 - 00000000 ____D C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E03.720p.Dublado.WEB-DL.H.264-PiA
2016-11-02 12:42 - 2016-11-02 12:42 - 00000000 ____D C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E01.PROPER.720p.HDTV.x264-KILLERS.Dual.kayne
2016-11-02 12:41 - 2016-11-02 12:41 - 00030186 _____ C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E05.720p.WEB.DUAL.rar
2016-11-02 12:41 - 2016-11-02 12:41 - 00028489 _____ C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E02.720p.Dual.rar
2016-11-02 12:41 - 2016-11-02 12:41 - 00026414 _____ C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E03.720p.Dublado.rar
2016-11-02 12:41 - 2016-11-02 12:41 - 00023605 _____ C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E04.720p.DUAL.rar
2016-11-02 12:40 - 2016-11-02 12:40 - 00037568 _____ C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E01.720p.Dual.rar
2016-11-02 12:39 - 2016-11-02 12:59 - 00000000 ____D C:\Users\Guilherme\Downloads\Os Caçadores de Fantasmas 2016 WWW.BLUDV.COM
2016-11-02 12:39 - 2016-11-02 12:39 - 00017055 _____ C:\Users\Guilherme\Downloads\Os.Cacadores.de.Fantasmas.2016.720p.Dual.rar
2016-11-02 12:38 - 2016-11-02 12:38 - 00010207 _____ C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E01.PROPER.HDTV.rar
2016-11-02 12:38 - 2016-11-02 12:38 - 00000000 ____D C:\Users\Guilherme\Downloads\The.Walking.Dead.S06E01.PROPER.HDTV.x264-KILLERS[ettv]
2016-11-02 12:11 - 2016-11-02 12:11 - 14749120 _____ (Microsoft Corporation) C:\Users\Guilherme\Downloads\vc_redist.x64.exe
2016-10-28 20:12 - 2016-10-28 20:12 - 00002175 _____ C:\Users\Guilherme\Desktop\Install Now Autodesk® AutoCAD® 2017.lnk
2016-10-28 20:11 - 2016-10-28 20:11 - 00002098 _____ C:\Users\Public\Desktop\AutoCAD 2017 - English.lnk
2016-10-28 20:09 - 2016-10-28 20:09 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-10-28 19:58 - 2016-10-28 19:58 - 18661360 _____ C:\Users\Guilherme\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup.exe
2016-10-28 19:58 - 2016-10-28 19:58 - 00338280 _____ (Autodesk Inc.) C:\Users\Guilherme\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup_webinstall.exe
2016-10-28 12:23 - 2016-10-28 20:11 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-10-28 12:13 - 2016-11-08 01:42 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-10-28 12:10 - 2016-10-28 12:12 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-10-28 12:01 - 2016-10-28 12:01 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2016-10-28 12:01 - 2016-10-28 12:01 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-10-28 10:49 - 2016-11-06 23:11 - 00000000 ____D C:\MuAwaY
2016-10-28 10:49 - 2016-10-28 10:49 - 00000618 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuAwaY.lnk
2016-10-28 10:20 - 2016-10-28 10:21 - 00865792 ____H C:\Users\Guilherme\Downloads\~WRL3859.tmp
2016-10-28 10:20 - 2016-10-28 10:20 - 00081996 _____ C:\Users\Guilherme\Downloads\RELAÇÃO DESCRITIVA DAS RODOVIAS ESTADUAIS Sistema Rodoviário do Estado de Goiás.pdf
2016-10-28 10:20 - 2016-10-28 10:20 - 00081996 _____ C:\Users\Guilherme\Downloads\RELAÇÃO DESCRITIVA DAS RODOVIAS ESTADUAIS Sistema Rodoviário do Estado de Goiás (1).pdf
2016-10-28 01:49 - 2016-10-28 03:14 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\TS3Client
2016-10-28 01:39 - 2016-10-28 01:39 - 00000967 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-10-28 01:39 - 2016-10-28 01:39 - 00000929 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-10-28 01:39 - 2016-10-28 01:39 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-10-28 01:33 - 2016-10-28 01:34 - 32019840 _____ (TeamSpeak Systems GmbH) C:\Users\Guilherme\Downloads\TeamSpeak3-Client-win64-3.0.19.4 (2).exe
2016-10-28 01:01 - 2016-10-28 01:04 - 106092128 _____ (MuAwaY) C:\Users\Guilherme\Downloads\MuAwaY_Setup_v2.12.2.exe
2016-10-22 10:12 - 2016-10-22 10:12 - 00000000 ____D C:\Users\Guilherme\Downloads\Os.Caçadores.1080p.WWW.TORRENTDOSFILMES.COM
2016-10-22 10:12 - 2016-10-22 10:12 - 00000000 ____D C:\Users\Guilherme\Downloads\O.Bom.Gigante.Amigo.HDTS.XviD.DUBLADO-TOM
2016-10-20 11:35 - 2016-10-20 11:35 - 00500832 _____ (Aeria Games & Entertainment) C:\Users\Guilherme\Downloads\grandfantasia_pt_downloader (1).exe
2016-10-19 11:41 - 2016-10-19 11:53 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\ComfortSoftware
2016-10-19 11:41 - 2016-10-19 11:41 - 06244552 _____ (Comfort Software Group ) C:\Users\Guilherme\Downloads\Baixaki_hot-virtual-keyboard [1].exe
2016-10-19 11:41 - 2016-10-19 11:41 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-10-19 11:41 - 2016-10-19 11:41 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-10-19 11:41 - 2016-10-19 11:41 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-10-19 11:41 - 2016-10-19 11:41 - 00000000 ____D C:\Users\Public\Documents\Baidu
2016-10-19 11:41 - 2016-10-19 11:41 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-19 11:40 - 2016-10-19 11:40 - 01816736 _____ ( ) C:\Users\Guilherme\Downloads\Baixaki_hot-virtual-keyboard.exe
2016-10-17 17:13 - 2014-01-23 15:34 - 00427376 _____ (Network Tunnel Lab) C:\Windows\SysWOW64\networkdlllsp.dll
2016-10-17 17:00 - 2016-10-17 17:10 - 00000000 ____D C:\Program Files (x86)\Pingzapper
2016-10-17 17:00 - 2016-10-17 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pingzapper
2016-10-17 11:56 - 2016-10-17 11:57 - 21619033 _____ C:\Users\Guilherme\Downloads\pz_setup_2.1.1.zip
2016-10-17 11:40 - 2016-10-17 11:42 - 50152415 _____ C:\Users\Guilherme\Downloads\vipermu_patch.rar
2016-10-17 01:07 - 2016-10-17 01:07 - 02386444 _____ C:\Users\Guilherme\Downloads\Data.rar
2016-10-17 00:45 - 2016-10-19 11:54 - 00000000 ____D C:\ViperMu_Evolution
2016-10-17 00:25 - 2016-10-17 00:39 - 351923732 _____ () C:\Users\Guilherme\Downloads\Cliente ViperMu.exe
2016-10-07 02:06 - 2016-03-04 00:19 - 00579072 _____ (X-Team) C:\Windows\SysWOW64\MHPVerify.dll
2016-10-07 01:53 - 2016-10-07 01:53 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuAida
2016-10-07 01:50 - 2016-11-06 23:09 - 00000000 ____D C:\MuAida
2016-10-07 01:38 - 2016-10-07 01:50 - 496300621 _____ () C:\Users\Guilherme\Downloads\Cliente MuAida.exe
2016-10-06 02:06 - 2016-10-06 02:06 - 00000000 ____D C:\Users\Guilherme\Downloads\www.TorrentDosFilmes.com.Pets.A.Vida.Secreta.dos.Bichos.720p
2016-10-04 23:20 - 2016-10-04 23:20 - 00012043 _____ C:\Users\Guilherme\Downloads\Detalhamento_do_Agendamento (1).pdf
2016-10-04 18:23 - 2016-10-04 18:23 - 00014216 _____ C:\Users\Guilherme\Downloads\Detalhamento_do_Agendamento.pdf
2016-09-30 17:56 - 2016-09-30 17:58 - 00000000 ____D C:\Users\Guilherme\Desktop\Silicon Valley 1ª Temporada Completa 720p (2014) Dual Áudio BluRay -- By - Lucas Firmo
2016-09-30 17:48 - 2016-09-30 17:48 - 00000000 ____D C:\Users\Guilherme\Desktop\MR ROBOT - 1° Temporada
2016-09-30 17:42 - 2016-09-30 17:47 - 00000000 ____D C:\Users\Guilherme\Desktop\Fear.the.Walking.Dead.1.Temporada.2015.1080p.Dual-JefePsb-WOLVERDONFILMES.COM
2016-09-27 01:31 - 2016-10-19 11:57 - 00000000 ____D C:\Users\Guilherme\AppData\Local\TeamSpeak 3 Client
2016-09-27 01:05 - 2016-09-27 01:05 - 32019840 _____ (TeamSpeak Systems GmbH) C:\Users\Guilherme\Downloads\TeamSpeak3-Client-win64-3.0.19.4 (1).exe
2016-09-26 18:19 - 2016-09-26 18:19 - 00254208 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2016-09-26 01:52 - 2016-09-26 01:52 - 00000000 ____D C:\Users\Guilherme\Downloads\WWW.TORRENTDOSFILMES.COM - Caca.Fantasmas.2016
2016-09-25 20:11 - 2016-09-26 01:53 - 00000000 ____D C:\Users\Guilherme\Downloads\As Tartarugas Ninja - Fora das Sombras 2016 [1080p] WWW.BLUDV.COM
2016-09-25 16:10 - 2016-09-25 16:14 - 00000000 ____D C:\Users\Guilherme\Downloads\Vizinhos 2 2016 Bluray 720p Dublado - WWW.THEPIRATEFILMES.COM
2016-09-22 14:44 - 2016-09-22 14:44 - 00311552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2016-09-21 01:43 - 2016-11-07 14:21 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-09-20 16:55 - 2016-09-20 16:55 - 00265472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2016-09-16 02:30 - 2016-09-16 02:30 - 00000460 _____ C:\Users\Guilherme\Desktop\Estrada1.2.txt
2016-09-16 02:21 - 2016-09-16 02:21 - 00001750 _____ C:\Users\Guilherme\Desktop\Estrada1.1.txt
2016-09-14 03:10 - 2016-09-14 03:11 - 32019840 _____ (TeamSpeak Systems GmbH) C:\Users\Guilherme\Downloads\TeamSpeak3-Client-win64-3.0.19.4.exe
2016-09-12 13:00 - 2016-09-12 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldRAG Full
2016-09-12 00:32 - 2016-09-12 02:37 - 1966321691 _____ (WorldRAG ) C:\Users\Guilherme\Downloads\WorldRAGFull-03-07-2015.exe
2016-09-09 00:16 - 2004-12-30 10:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2016-09-09 00:16 - 2003-07-15 19:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2016-09-08 20:10 - 2016-11-02 12:38 - 00000000 ____D C:\Users\Guilherme\AppData\LocalLow\uTorrent
2016-09-08 19:55 - 2016-09-08 21:11 - 1884394008 _____ (Level Up! Games ) C:\Users\Guilherme\Downloads\Instalador_Client_Ragnarok_1.1.1.2.exe
2016-09-08 19:54 - 2016-09-08 19:54 - 00018696 _____ C:\Users\Guilherme\Downloads\Instalador_Client_Ragnarok_1.1.1.2.exe.torrent
2016-09-01 12:57 - 2016-10-19 11:56 - 00000000 ____D C:\Program Files\Microvirt
2016-08-31 22:09 - 2016-08-31 22:30 - 346529904 _____ (Microvirt) C:\Users\Guilherme\Downloads\Memu-PokemonGO-Setup-2.exe
2016-08-30 12:32 - 2016-09-01 13:00 - 00000000 ____D C:\Users\Guilherme\MEmu
2016-08-28 23:30 - 2016-08-28 23:33 - 63658806 _____ C:\Users\Guilherme\Downloads\com.nianticlabs.pokemongo_0.35.0-2016082200_minAPI19(armeabi-v7a)(nodpi)_apkmirror.com.apk
2016-08-28 23:30 - 2015-09-16 04:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-28 23:30 - 2015-09-16 01:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-28 23:29 - 2016-08-29 01:32 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Nox
2016-08-28 23:29 - 2016-08-28 23:29 - 00003192 _____ C:\Windows\System32\Tasks\{EBDC96CD-E181-4FD4-AC51-2D66087BDEA5}
2016-08-26 12:35 - 2016-08-26 12:35 - 00000000 ____D C:\Users\Guilherme\Desktop\Catchem_1.4.6.5
2016-08-26 12:34 - 2016-08-26 12:34 - 10266640 _____ C:\Users\Guilherme\Desktop\Catchem_1.4.6.5.7z
2016-08-26 12:34 - 2016-08-26 12:34 - 00051712 _____ C:\Users\Guilherme\Downloads\DATAS_N1_e_N2_-_2o_semestre 2016.xls
2016-08-21 22:41 - 2016-08-21 22:45 - 00000000 ____D C:\Users\Guilherme\Downloads\Sucker Punch - Mundo Surreal
2016-08-21 12:41 - 2016-08-21 12:41 - 00000000 ____D C:\Users\Guilherme\Downloads\TorrentDosFilmes.com.Um.Espiao.e.Meio.2016.1080p.Dual.Áudio
2016-08-18 02:20 - 2016-08-18 02:20 - 00000000 ____D C:\Users\Guilherme\AppData\Local\GMap.NET
2016-08-13 20:14 - 2016-08-13 20:16 - 00000000 ____D C:\Users\Guilherme\Downloads\Ele Nunca Morre 2016 WWW.BLUDV.COM
2016-08-13 20:10 - 2016-08-13 20:11 - 00000000 ____D C:\Users\Guilherme\Downloads\WWW.TORRENTDOSFILMES.COM - O Mestre da Guerra BluRay 1080p
2016-08-13 20:10 - 2016-08-13 20:11 - 00000000 ____D C:\Users\Guilherme\Downloads\WWW.TORRENTDOSFILMES.COM - O Mestre da Guerra 2 BluRay 1080p
2016-08-13 15:55 - 2016-08-13 16:01 - 00000000 ____D C:\Users\Guilherme\Downloads\Deus Não Está Morto 2 2016 Bluray 720p Dublado - WWW.THEPIRATEFILMES.COM
2016-08-13 15:48 - 2016-08-13 15:48 - 00000000 ____D C:\Users\Guilherme\Downloads\WWW.TORRENTDOSFILMES.COM - Um Espião e Meio 1080p
2016-08-10 02:21 - 2016-08-10 02:21 - 00000000 ____D C:\Users\Guilherme\Downloads\SU1C1D4.CAM.XviD.DUBLADO-TORRENTDOSFILMES.COM

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-11-08 11:27 - 2016-04-07 18:27 - 00000913 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {281746D3-5078-439C-A785-FAAB92C8D6F3}.job
2016-11-08 11:27 - 2016-04-07 18:27 - 00000727 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {281746D3-5078-439C-A785-FAAB92C8D6F3}.job
2016-11-08 11:21 - 2014-12-06 00:04 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Skype
2016-11-08 11:17 - 2015-11-28 16:05 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-08 11:10 - 2014-12-06 01:41 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2016-11-08 11:10 - 2014-12-06 01:41 - 00000000 ____D C:\ProgramData\MFAData
2016-11-08 11:07 - 2015-08-07 09:40 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-11-08 11:05 - 2015-06-21 23:13 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-08 11:05 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-08 08:06 - 2009-07-14 02:45 - 00009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-08 08:06 - 2009-07-14 02:45 - 00009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-08 08:01 - 2015-06-21 23:13 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-08 08:01 - 2015-01-09 18:01 - 00000913 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {933653A9-CC7F-4A9E-8119-3B3B1D79C38D}.job
2016-11-08 08:01 - 2015-01-09 18:01 - 00000727 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {933653A9-CC7F-4A9E-8119-3B3B1D79C38D}.job
2016-11-08 01:36 - 2016-01-12 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-11-08 01:34 - 2016-01-12 16:57 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-11-08 01:34 - 2009-07-14 03:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-11-08 01:21 - 2016-01-12 16:57 - 00000000 ____D C:\Program Files\Autodesk
2016-11-07 22:55 - 2016-01-12 16:40 - 00000000 ____D C:\Autodesk
2016-11-07 21:55 - 2015-06-21 23:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-11-07 21:55 - 2015-06-21 23:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-11-07 17:27 - 2014-12-06 01:05 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-11-07 17:21 - 2009-07-14 00:34 - 00000478 _____ C:\Windows\win.ini
2016-11-07 17:04 - 2015-06-21 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-11-07 12:33 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2016-11-05 16:20 - 2015-11-14 13:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-04 12:07 - 2015-06-18 18:28 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\uTorrent
2016-11-02 18:07 - 2016-01-24 23:31 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-11-02 17:32 - 2015-08-31 12:47 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\vlc
2016-11-02 12:16 - 2014-12-06 03:06 - 00141256 _____ C:\Users\Guilherme\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-02 12:13 - 2015-04-25 02:45 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-11-02 12:13 - 2015-04-25 02:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-31 16:17 - 2015-12-15 11:12 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-10-31 16:17 - 2015-12-15 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-10-30 14:31 - 2009-07-14 02:45 - 00489872 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-28 20:11 - 2016-01-12 17:12 - 00000000 ____D C:\Users\Guilherme\AppData\Local\Autodesk
2016-10-28 20:11 - 2016-01-12 16:44 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Autodesk
2016-10-28 20:09 - 2016-01-12 16:44 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-10-28 20:09 - 2016-01-12 16:44 - 00000000 ____D C:\ProgramData\Autodesk
2016-10-28 19:52 - 2009-07-29 13:58 - 00705268 _____ C:\Windows\system32\prfh0416.dat
2016-10-28 19:52 - 2009-07-29 13:58 - 00147108 _____ C:\Windows\system32\prfc0416.dat
2016-10-28 19:52 - 2009-07-14 03:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-28 19:52 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-10-28 11:51 - 2014-12-06 03:07 - 00000000 ____D C:\Users\Guilherme\AppData\Local\Google
2016-10-28 01:17 - 2015-11-28 16:05 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-28 01:17 - 2015-11-28 16:05 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-28 01:17 - 2015-11-28 16:05 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-28 01:17 - 2015-11-28 16:05 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-28 01:17 - 2015-11-28 16:05 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-26 01:03 - 2015-06-21 23:19 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-26 01:03 - 2015-06-21 23:19 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-21 01:31 - 2016-04-21 23:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-20 17:02 - 2014-12-06 03:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-10-20 16:49 - 2014-12-06 00:04 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-10-20 16:49 - 2014-12-06 00:04 - 00000000 ____D C:\ProgramData\Skype
2016-10-20 12:10 - 2016-01-24 23:35 - 00000000 ____D C:\Users\Guilherme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2016-10-20 12:06 - 2016-02-02 01:32 - 00000000 ____D C:\AeriaGames
2016-10-19 11:56 - 2014-12-05 22:53 - 00000000 ____D C:\Users\Guilherme
2016-10-19 11:55 - 2009-07-14 01:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-10-12 08:59 - 2015-06-25 12:25 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-10-10 18:04 - 2016-04-25 18:59 - 00000000 ____D C:\Users\Todos os Usuários\AVG Web TuneUp
2016-10-10 18:04 - 2016-04-25 18:59 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-10-10 18:04 - 2016-04-25 18:58 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp

==================== Arquivos na raiz de alguns diretórios =======

2016-08-21 23:20 - 2016-08-21 23:20 - 0000559 _____ () C:\Users\Guilherme\AppData\Local\Nox_crash.log
2015-05-02 21:01 - 2015-05-02 21:01 - 0260876 _____ (VuuPC Limited) C:\Users\Guilherme\AppData\Local\nsh2840.tmp
2015-06-15 01:23 - 2015-06-15 01:23 - 0628688 _____ (CMI Limited) C:\Users\Guilherme\AppData\Local\nsj9738.tmp
2015-05-02 22:03 - 2015-05-02 22:03 - 0628688 _____ (CMI Limited) C:\Users\Guilherme\AppData\Local\nsz6CEE.tmp
2015-02-11 02:15 - 2015-02-11 02:15 - 0000227 _____ () C:\ProgramData\bc.ini

Alguns arquivos em TEMP:
====================
C:\Users\Guilherme\AppData\Local\Temp\AcDeltree.exe
C:\Users\Guilherme\AppData\Local\Temp\avguirn_081055663997.exe
C:\Users\Guilherme\AppData\Local\Temp\avguirn_081294527296.exe
C:\Users\Guilherme\AppData\Local\Temp\avguirn_081344063777.exe
C:\Users\Guilherme\AppData\Local\Temp\avguirn_081585476655.exe
C:\Users\Guilherme\AppData\Local\Temp\avguirn_081694900683.exe
C:\Users\Guilherme\AppData\Local\Temp\avguirn_081784322096.exe
C:\Users\Guilherme\AppData\Local\Temp\avguirn_08191389143.exe
C:\Users\Guilherme\AppData\Local\Temp\avguirn_08554209614.exe
C:\Users\Guilherme\AppData\Local\Temp\BluestacksUninstaller.exe
C:\Users\Guilherme\AppData\Local\Temp\HD-LibraryHandler.dll
C:\Users\Guilherme\AppData\Local\Temp\HD-Logger-Native.dll
C:\Users\Guilherme\AppData\Local\Temp\s3.exe
C:\Users\Guilherme\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Guilherme\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll
[2009-07-13 21:38] - [2009-07-13 23:41] - 1008640 ____A (Microsoft Corporation) E573BD9AB55C8E333C202B9E255F972E

C:\Windows\SysWOW64\User32.dll
[2014-12-06 01:17] - [2014-12-06 01:17] - 0833024 ____A (Microsoft Corporation) 2C9CC9F492CA596B1B9FC1AE5E916356

C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-11-05 18:16

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité