Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:25-01-2016
Executado por Diogo Manfroi (administrador) em MANFROI-PC (25-01-2016 21:05:53)
Executando a partir de C:\Users\Diogo Manfroi\Downloads
Perfis Carregados: Diogo Manfroi (Perfis Disponíveis: Diogo Manfroi)
Platform: Windows 8.1 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_70dacb64382a61a7\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-09-27] (Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [SpaceSoundPro] => "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM-x32\...\Run: [apphide] => C:\Program Files (x86)\ppt\ppt.exe
HKLM-x32\...\Run: [pcmgr] => C:\Program Files (x86)\ppt\Uninst.exe
HKLM-x32\...\Run: [gmsd_br_005010206] => [X]
HKLM-x32\...\Run: [mbot_br_014010206] => [X]
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3874216 2016-01-08] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
HKU\S-1-5-21-3170260940-2186706211-3293098651-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3170260940-2186706211-3293098651-1001\...\Run: [apphide] => C:\Program Files (x86)\ppt\ppt.exe
HKU\S-1-5-21-3170260940-2186706211-3293098651-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-3170260940-2186706211-3293098651-1001\...\MountPoints2: {f4b835aa-d547-11e4-826a-002713c02072} - "D:\LaunchU3.exe" -a
HKU\S-1-5-21-3170260940-2186706211-3293098651-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11776 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\ProgramData\NavRight\PWHK64.dll => Nenhum Arquivo
AppInit_DLLs:  C:\ProgramData\Poposhidu\GUHYI64.dll => Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1867432 2015-09-01] (Caixa Economica Federal)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aplicativo de Download Automático do SOLIDWORKS.lnk [2016-01-22]
ShortcutTarget: Aplicativo de Download Automático do SOLIDWORKS.lnk -> C:\Program Files (x86)\Common Files\Gerenciador de Instalação do SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Nenhum Arquivo)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
CHR HKU\.DEFAULT\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
CHR HKU\S-1-5-21-3170260940-2186706211-3293098651-1001\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

AutoConfigURL: [S-1-5-21-3170260940-2186706211-3293098651-1001] => hxxp://unstopp.me/wpad.dat?9b1466272b0e1ba9c0329dc9b9f77b0e4244706
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.86.1
Tcpip\Parameters: [NameServer] 199.203.131.151 82.163.143.181
Tcpip\..\Interfaces\{69D16ADF-D87E-47CB-86EC-8E18E4DAC8AD}: [NameServer] 10.0.0.3,200.175.89.139
Tcpip\..\Interfaces\{919C73B1-1026-4E13-9374-DD1905F6A115}: [DhcpNameServer] 199.203.131.151
Tcpip\..\Interfaces\{9F96E4C6-76EB-43DC-8E8E-CC481482E425}: [DhcpNameServer] 199.203.131.151
Tcpip\..\Interfaces\{F5F24BE8-77D4-4A5E-9867-41DCCA3A7EEF}: [DhcpNameServer] 192.168.86.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggaIVpeU18TRBhGeVoNTA1JGFAOeQhbVxRAEwASJg9ZBwpCR1AFIk0FA1ADB0VXfVBdFElXTwhwJVx1DksUc1BQNVVMEnEEQw==
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdks_inner_hp_09_hao123_br&guid=fc68b6d7237039285adcc8d9f7489894
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-3170260940-2186706211-3293098651-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQBZAl9DR1dGbVwBAgxcFQ0aJRQBUFpHDAQRdQheV1gXEgZFJR9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQBZAl9DR1dGbVwBAgxcFQ0aJRQBUFpHDAQRdQheV1gXEgZFJR9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = 
SearchScopes: HKU\S-1-5-21-3170260940-2186706211-3293098651-1001 -> DefaultScope {D18C4443-1369-4560-B58C-BFAF481F4EAF} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQBZAl9DR1dGbVwBAgxcFQ0aJRQBUFpHDAQRdQheV1gXEgZFJR9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3170260940-2186706211-3293098651-1001 -> OldSearch URL = 
SearchScopes: HKU\S-1-5-21-3170260940-2186706211-3293098651-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3170260940-2186706211-3293098651-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-3170260940-2186706211-3293098651-1001 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = 
SearchScopes: HKU\S-1-5-21-3170260940-2186706211-3293098651-1001 -> {cf34d395-9ff1-49a0-98a5-8db1636431b1} URL = 
SearchScopes: HKU\S-1-5-21-3170260940-2186706211-3293098651-1001 -> {D18C4443-1369-4560-B58C-BFAF481F4EAF} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQBZAl9DR1dGbVwBAgxcFQ0aJRQBUFpHDAQRdQheV1gXEgZFJR9aFQQTSEcFME0FCFwEURNNfWpdBHQeU1BxJUpNDU0CaUBB&q={searchTerms}
BHO: Sem Nome -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Nenhum Arquivo
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-03] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-01] (Caixa Economica Federal)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-03] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe hxxp://www.hao123.com/?tn=91655181_hao_pg                                                                                        

FireFox:
========
FF ProfilePath: C:\Users\Diogo Manfroi\AppData\Roaming\Mozilla\Firefox\Profiles\g5duy8gi.default-1451852064202
FF Homepage: hxxp://houmpage.com/?src=hp&ssid=1452715170&a=1003624&uuid=7d8409d6-bd69-44eb-ba38-9f672d8e36f2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2016-01-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2016-01-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Diogo Manfroi\AppData\Roaming\Mozilla\Firefox\Profiles\g5duy8gi.default-1451852064202\user.js [2016-01-13]
FF HKLM\...\Firefox\Extensions: [{732FB83F-E39A-4A95-a908-89DED4542656}] - C:\Program Files\shopperz130120161434\Firefox\{732FB83F-E39A-4A95-a908-89DED4542656}.xpi => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [{732FB83F-E39A-4A95-a908-89DED4542656}] - C:\Program Files\shopperz130120161434\Firefox\{732FB83F-E39A-4A95-a908-89DED4542656}.xpi => não encontrado (a)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Profile: C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-13]
CHR Extension: (Google Drive) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-13]
CHR Extension: (YouTube) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-13]
CHR Extension: (Driving Force) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbnnhgfeedopneicogmifgcbhpfkhecn [2016-01-17]
CHR Extension: (Google Search) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-13]
CHR Extension: (Jogos de Tiro) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eajfiehdfmmeijgichdpngbmmpckcmfo [2016-01-17]
CHR Extension: (Planilhas do Google) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-13]
CHR Extension: (Formula Racer) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkbdhckhoedkmbcoilkjmhnfchiceocl [2016-01-17]
CHR Extension: (Documentos Google off-line) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-13]
CHR Extension: (Pênaltis 2010) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\heglpchjbjmchcmenfopoohbdibnnfap [2016-01-17]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-13]
CHR Extension: (Gmail) - C:\Users\Diogo Manfroi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-13]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_70dacb64382a61a7\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [627544 2016-01-08] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3906568 2016-01-08] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [583936 2016-01-08] (AVG Technologies CZ, s.r.o.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576 2015-08-13] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4665168 2015-09-24] (SafeNet Inc.)
S3 hpqwmiex; C:\Users\Diogo Manfroi\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe [794112 2014-10-15] (Hewlett-Packard Company) [Arquivo não assinado]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-09-27] (Intel Corporation)
S2 IBG_gds_db; C:\Program Files (x86)\Embarcadero\Studio\15.0\InterBaseXE3\bin\ibguard.exe [636744 2014-05-14] (Embarcadero Technologies, Inc.)
S3 IBS_gds_db; C:\Program Files (x86)\Embarcadero\Studio\15.0\InterBaseXE3\bin\ibserver.exe [5489992 2014-05-14] (Embarcadero Technologies, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [327064 2010-05-18] (Enigma Software Group USA, LLC.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_70dacb64382a61a7\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11061\CalendarServ.exe [X]
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
S2 UCBrowserSvc; "C:\Program Files (x86)\UCBrowser\Application\UCService.exe" [X]
S2 UGSVC; C:\Program Files (x86)\UPCleaner\1.3.52.14692\UGSvc.exe [X]
S2 Util Web Amplified; "C:\Program Files (x86)\Web Amplified\bin\utilWebAmplified.exe" [X]
S2 WajaNetEn Monitor; "C:\Program Files\WajaNetEn\9d448f86c7a64ae72aa83bff3e18adc6.exe" [X]
S2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [258480 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [5248 2010-01-27] () [Arquivo não assinado]
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [350552 2015-09-24] (SafeNet Inc.)
S3 jlink; C:\Windows\System32\drivers\jlinkx64.sys [32376 2014-07-31] (SEGGER Microcontroller Systeme GmbH)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [52128 2013-11-26] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 RENESASELUSBDV; C:\Windows\system32\DRIVERS\MQB2SALL.sys [31112 2014-03-25] (INTERFACE Co.,Ltd.)
S3 RENESASELUSBDV_FILTER; C:\Windows\system32\DRIVERS\MQB2SVCP.sys [44040 2014-03-25] (INTERFACE Co.,Ltd.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-10-15] ()
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [89840 2015-12-02] (Huorong Borui (Beijing) Technology Co., Ltd.)
R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-11-10] (Oracle Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-11-03] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [266752 2012-08-26] (Jungo)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S3 JMCR; \SystemRoot\System32\drivers\jmcr.sys [X]
S3 MotDev; \SystemRoot\system32\DRIVERS\motodrv.sys [X]
S2 NPF; \??\C:\Program Files (x86)\UPCleaner\1.3.52.14692\npf64.sys [X]
S1 pfnfd_1_10_0_12; system32\drivers\pfnfd_1_10_0_12.sys [X]
S3 SPBIUpdd; \??\C:\Program Files\Common Files\ShopperPro3\spbiw.sys [X]
S1 swsedrvr_vw_1_10_0_25; system32\drivers\swsedrvr_vw_1_10_0_25.sys [X]
S1 tcfd_vw_1_10_0_24; system32\drivers\tcfd_vw_1_10_0_24.sys [X]
S1 UGBroMon; \??\C:\Program Files (x86)\UPCleaner\1.3.52.14692\UGBroMon64.sys [X]
S1 UGKrnlDrv; \??\C:\Program Files (x86)\UPCleaner\1.3.52.14692\UGKrnlDrv64.sys [X]
S1 UGProtect; \??\C:\Program Files (x86)\UPCleaner\1.3.52.14692\UGProtect64.sys [X]
S2 UPKernel; \??\C:\Program Files (x86)\UPCleaner\1.3.52.14692\UPKernel64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-01-25 21:03 - 2016-01-25 21:05 - 00058580 _____ C:\Users\Diogo Manfroi\Downloads\Addition.txt
2016-01-25 21:03 - 2016-01-25 21:05 - 00024469 _____ C:\Users\Diogo Manfroi\Downloads\FRST.txt
2016-01-25 21:02 - 2016-01-25 21:05 - 00000000 ____D C:\FRST
2016-01-25 21:02 - 2016-01-25 21:02 - 02370560 _____ (Farbar) C:\Users\Diogo Manfroi\Downloads\FRST64.exe
2016-01-25 20:13 - 2016-01-25 20:13 - 00450735 _____ C:\Users\Diogo Manfroi\Downloads\4353-11530-1-PB.pdf
2016-01-25 08:07 - 2016-01-25 08:07 - 00003278 _____ C:\Windows\System32\Tasks\{F0573C89-21C8-43C9-943E-FF8CD7EA8F92}
2016-01-22 21:07 - 2016-01-22 21:07 - 00067628 _____ C:\Users\Diogo Manfroi\Downloads\se20st4tor.rar
2016-01-22 20:39 - 2016-01-22 20:39 - 00000000 ____D C:\Users\Todos os Usuários\FLEXnet
2016-01-22 20:39 - 2016-01-22 20:39 - 00000000 ____D C:\ProgramData\FLEXnet
2016-01-22 12:25 - 2016-01-22 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gerenciador de Instalação do SOLIDWORKS
2016-01-21 15:55 - 2016-01-22 20:55 - 00000000 ____D C:\Windows\SolidWorks
2016-01-21 15:55 - 2016-01-22 20:51 - 00000000 ____D C:\Users\Diogo Manfroi\Documents\SOLIDWORKS Downloads
2016-01-21 15:55 - 2016-01-21 15:55 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\SOLIDWORKS
2016-01-20 21:12 - 2016-01-20 21:12 - 02049738 _____ C:\Users\Diogo Manfroi\Desktop\SOLID_EDGE_ST7_32BIT_64BI.zip
2016-01-19 11:37 - 2016-01-19 11:37 - 08055477 _____ C:\Users\Diogo Manfroi\Downloads\PDF_128_manual.pdf
2016-01-19 08:06 - 2016-01-19 08:06 - 00000578 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-01-19 08:06 - 2016-01-19 08:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-01-19 08:06 - 2015-12-18 17:08 - 00965440 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2016-01-19 08:06 - 2015-12-18 17:08 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-01-18 21:28 - 2016-01-18 21:30 - 00000000 ____D C:\Users\Diogo Manfroi\Desktop\SD18012016
2016-01-18 20:33 - 2016-01-18 20:33 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\IoTCoreImageHelper
2016-01-18 10:47 - 2016-01-18 10:47 - 01511106 _____ C:\Users\Diogo Manfroi\Desktop\Propostas_NeoMot-2016-01-18.zip
2016-01-18 07:57 - 2016-01-18 07:57 - 00296048 _____ C:\Windows\Minidump\011816-19109-01.dmp
2016-01-18 07:57 - 2016-01-18 07:57 - 00000492 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-01-18 07:57 - 2016-01-18 07:57 - 00000492 __RSH C:\ProgramData\ntuser.pol
2016-01-14 10:22 - 2016-01-14 10:22 - 11714032 _____ C:\Users\Diogo Manfroi\Downloads\conversores cc-cc basicos nao isolados - ivo barbi.pdf
2016-01-14 10:08 - 2016-01-14 10:08 - 00002335 _____ C:\Users\Public\Desktop\Proteus 8 Professional.lnk
2016-01-14 10:08 - 2016-01-14 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proteus 8 Professional
2016-01-14 10:07 - 2016-01-14 10:07 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\Labcenter Electronics
2016-01-13 20:06 - 2016-01-19 19:40 - 00000000 ____D C:\Users\Todos os Usuários\AVG Security Toolbar
2016-01-13 20:06 - 2016-01-19 19:40 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2016-01-13 20:06 - 2016-01-13 20:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-13 18:30 - 2016-01-13 18:30 - 00002484 _____ C:\Windows\System32\Tasks\0615piUpdateInfo
2016-01-13 18:30 - 2016-01-13 18:30 - 00000370 _____ C:\Windows\Tasks\0615piUpdateInfo.job
2016-01-13 18:28 - 2016-01-13 18:28 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\AVG
2016-01-13 18:28 - 2016-01-13 18:28 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-13 18:27 - 2016-01-13 18:27 - 00000965 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-01-13 18:27 - 2016-01-13 18:27 - 00000000 ___HD C:\$AVG
2016-01-13 18:27 - 2016-01-13 18:27 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\TuneUp Software
2016-01-13 18:27 - 2016-01-13 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-01-13 18:26 - 2016-01-13 18:27 - 00000000 ____D C:\Users\Todos os Usuários\Avg
2016-01-13 18:26 - 2016-01-13 18:27 - 00000000 ____D C:\ProgramData\Avg
2016-01-13 18:26 - 2016-01-13 18:27 - 00000000 ____D C:\Program Files (x86)\AVG
2016-01-13 18:25 - 2016-01-25 19:46 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2016-01-13 18:25 - 2016-01-25 19:46 - 00000000 ____D C:\ProgramData\MFAData
2016-01-13 18:25 - 2016-01-13 18:28 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\Avg
2016-01-13 18:25 - 2016-01-13 18:26 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\AvgSetupLog
2016-01-13 18:25 - 2016-01-13 18:25 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\MFAData
2016-01-13 18:25 - 2016-01-13 18:25 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\Avg2015
2016-01-13 18:10 - 2016-01-25 17:59 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3170260940-2186706211-3293098651-1001
2016-01-13 18:07 - 2016-01-13 18:10 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\BrowserHelper
2016-01-13 18:05 - 2016-01-13 18:06 - 00002229 _____ C:\Users\Diogo Manfroi\Desktop\chrome.lnk
2016-01-13 18:05 - 2016-01-13 18:05 - 00000000 ____D C:\Users\Public\Documents\ShopperPro3
2016-01-13 18:00 - 2016-01-13 18:00 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\SpringFiles
2016-01-13 17:46 - 2016-01-13 17:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-13 16:57 - 2016-01-25 20:02 - 00000380 ____H C:\Windows\Tasks\XBOWMUJKVLLTNLFQ.job
2016-01-13 16:57 - 2016-01-18 14:21 - 00000000 ____D C:\Users\Todos os Usuários\NavRight
2016-01-13 16:57 - 2016-01-18 14:21 - 00000000 ____D C:\ProgramData\NavRight
2016-01-13 16:57 - 2016-01-13 16:57 - 00003404 _____ C:\Windows\System32\Tasks\XBOWMUJKVLLTNLFQ
2016-01-13 16:54 - 2015-11-20 19:27 - 00019888 _____ () C:\Windows\system32\roboot64.exe
2016-01-13 16:53 - 2016-01-13 16:59 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\systweak
2016-01-13 16:53 - 2016-01-13 16:53 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\LocalLow\Company
2016-01-13 16:53 - 2016-01-13 16:53 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-01-13 16:41 - 2016-01-18 13:10 - 00007806 _____ C:\spyhunter.fix
2016-01-13 16:33 - 2016-01-18 09:56 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\CalendarTool
2016-01-13 16:33 - 2016-01-13 16:33 - 00000008 _____ C:\END
2016-01-13 16:30 - 2016-01-13 16:36 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\pptassist
2016-01-13 16:30 - 2016-01-13 16:35 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\PPTAssist
2016-01-13 16:30 - 2016-01-13 16:30 - 00000000 ____D C:\Users\Todos os Usuários\kingsoft
2016-01-13 16:30 - 2016-01-13 16:30 - 00000000 ____D C:\ProgramData\kingsoft
2016-01-13 16:29 - 2016-01-25 08:07 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\Tencent
2016-01-13 16:20 - 2016-01-13 16:20 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\UCBrowser
2016-01-13 16:20 - 2015-12-02 12:20 - 00089840 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\Windows\system32\Drivers\ucguard.sys
2016-01-13 16:18 - 2016-01-13 09:08 - 00450771 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-01-13 16:17 - 2016-01-25 19:22 - 00000380 ____H C:\Windows\Tasks\IUXOHWACBFVMOPNC.job
2016-01-13 16:17 - 2016-01-18 14:21 - 00000000 ____D C:\Users\Todos os Usuários\Poposhidu
2016-01-13 16:17 - 2016-01-18 14:21 - 00000000 ____D C:\ProgramData\Poposhidu
2016-01-13 16:17 - 2016-01-14 17:17 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\WindowsUpdater
2016-01-13 16:17 - 2016-01-13 16:17 - 00003670 _____ C:\Windows\System32\Tasks\WindowsUpdater
2016-01-13 16:17 - 2016-01-13 16:17 - 00003404 _____ C:\Windows\System32\Tasks\IUXOHWACBFVMOPNC
2016-01-13 16:17 - 2016-01-13 16:17 - 00000000 ____D C:\Users\Todos os Usuários\12db864551ae4c578eb17db1a9f5d3cf
2016-01-13 16:17 - 2016-01-13 16:17 - 00000000 ____D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
2016-01-13 15:54 - 2016-01-13 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
2016-01-13 14:09 - 2016-01-13 15:49 - 00000000 ____D C:\Users\Diogo Manfroi\Desktop\PAINEL 8LC64 V2.5
2016-01-13 10:37 - 2016-01-13 16:53 - 00056728 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\cherimoya.sys
2016-01-13 09:04 - 2016-01-13 09:04 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\macpromosoft
2016-01-13 09:02 - 2016-01-13 09:08 - 00000000 ____D C:\Program Files (x86)\Web Amplified
2016-01-13 09:02 - 2016-01-13 09:02 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\yoursearching
2016-01-13 09:01 - 2016-01-13 09:01 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-01-13 09:01 - 2016-01-13 09:01 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\UG
2016-01-11 16:56 - 2016-01-11 16:56 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\Labcenter Electronics
2016-01-11 16:55 - 2016-01-14 10:08 - 00000000 ____D C:\Program Files (x86)\Labcenter Electronics
2016-01-11 16:55 - 2016-01-11 16:55 - 00000000 ____D C:\Users\Todos os Usuários\Labcenter Electronics
2016-01-11 16:55 - 2016-01-11 16:55 - 00000000 ____D C:\ProgramData\Labcenter Electronics
2016-01-11 08:38 - 2016-01-11 08:39 - 00000258 _____ C:\Users\Diogo Manfroi\Desktop\Novo Documento de Texto.txt
2016-01-06 15:32 - 2016-01-06 15:32 - 01487872 _____ C:\Users\Diogo Manfroi\Documents\Sheet_8L_32C_PANEL-V01R02.SchDoc
2016-01-06 15:32 - 2016-01-06 15:32 - 00000000 ___HD C:\Users\Diogo Manfroi\Documents\__Previews
2016-01-04 11:31 - 2016-01-04 11:31 - 00002333 _____ C:\Users\Diogo Manfroi\Desktop\SpyHunter.lnk
2016-01-04 11:31 - 2016-01-04 11:31 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2016-01-04 11:31 - 2016-01-04 11:31 - 00000000 ____D C:\sh4ldr
2016-01-04 11:31 - 2016-01-04 11:31 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2016-01-04 11:30 - 2016-01-04 11:31 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2016-01-04 11:23 - 2016-01-24 11:53 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\qBittorrent
2016-01-04 11:23 - 2016-01-04 11:23 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\qBittorrent
2016-01-04 11:22 - 2016-01-04 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2016-01-04 11:22 - 2016-01-04 11:22 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2016-01-03 19:36 - 2016-01-03 19:36 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\Unity
2016-01-03 19:30 - 2016-01-13 16:46 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\LocalLow\Unity
2016-01-03 19:30 - 2016-01-13 16:46 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\Unity
2016-01-03 19:28 - 2016-01-03 19:28 - 00000000 _____ C:\Windows\system32\REN6230.tmp
2015-12-30 19:32 - 2015-12-30 19:32 - 00019360 _____ C:\Windows\System32\Tasks\{EB17F334-8091-D65B-C56A-C3F71EB9EB35}
2015-12-30 19:32 - 2015-12-30 19:32 - 00000000 ____D C:\Users\Todos os Usuários\{0b1a104b-70c8-1}
2015-12-30 19:32 - 2015-12-30 19:32 - 00000000 ____D C:\Users\Todos os Usuários\{059a7d99-30c8-0}
2015-12-30 19:32 - 2015-12-30 19:32 - 00000000 ____D C:\ProgramData\{0b1a104b-70c8-1}
2015-12-30 19:32 - 2015-12-30 19:32 - 00000000 ____D C:\ProgramData\{059a7d99-30c8-0}

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-01-25 21:04 - 2013-08-22 11:36 - 00000000 ____D C:\Windows
2016-01-25 09:05 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\system32\NDF
2016-01-25 08:07 - 2015-11-30 08:27 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\ElevatedDiagnostics
2016-01-22 20:59 - 2014-10-15 13:56 - 01800588 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-22 20:59 - 2013-08-31 14:31 - 00775938 _____ C:\Windows\system32\prfh0416.dat
2016-01-22 20:59 - 2013-08-31 14:31 - 00159030 _____ C:\Windows\system32\prfc0416.dat
2016-01-22 20:59 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\Inf
2016-01-22 20:44 - 2014-12-27 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\18 Wheels of Steel Haulin
2016-01-22 13:12 - 2014-10-18 13:55 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2016-01-22 13:12 - 2014-10-18 13:55 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-01-22 08:30 - 2014-10-18 13:33 - 00000000 ____D C:\Users\Diogo Manfroi\.codewarrior
2016-01-20 20:22 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-01-20 16:07 - 2014-10-15 13:50 - 00000000 ____D C:\Users\Diogo Manfroi
2016-01-19 14:36 - 2015-11-12 15:04 - 00000000 ____D C:\Users\Diogo Manfroi\.VirtualBox
2016-01-19 14:34 - 2015-01-17 10:37 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\Kinetis Design Studio
2016-01-19 13:53 - 2015-12-11 17:59 - 00000000 ____D C:\Freescale
2016-01-19 13:53 - 2015-12-11 09:24 - 00000000 __SHD C:\AI_RecycleBin
2016-01-19 13:53 - 2015-01-16 22:10 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-01-19 12:51 - 2015-11-12 15:04 - 00000000 ____D C:\Users\Diogo Manfroi\VirtualBox VMs
2016-01-19 09:37 - 2014-10-15 14:20 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-19 09:24 - 2014-12-19 16:31 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-01-19 09:24 - 2014-10-23 06:58 - 00000000 ____D C:\Users\Todos os Usuários\Embarcadero
2016-01-19 09:24 - 2014-10-23 06:58 - 00000000 ____D C:\ProgramData\Embarcadero
2016-01-19 09:24 - 2013-08-22 12:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-18 12:59 - 2014-10-15 13:57 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Roaming\ClassicShell
2016-01-18 07:57 - 2014-11-08 15:03 - 00000000 ____D C:\Windows\Minidump
2016-01-14 17:18 - 2015-10-28 08:21 - 00098816 ___SH C:\Users\Diogo Manfroi\Desktop\Thumbs.db
2016-01-13 18:27 - 2013-08-22 13:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-01-13 18:09 - 2013-08-22 11:25 - 00000194 _____ C:\Windows\win.ini
2016-01-13 18:02 - 2013-08-22 13:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-01-13 18:00 - 2014-10-15 13:50 - 00001612 _____ C:\Users\Diogo Manfroi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-13 17:49 - 2013-08-22 11:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-13 17:46 - 2014-10-15 14:00 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-13 17:45 - 2014-11-26 21:13 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\Deployment
2016-01-13 09:08 - 2014-11-10 17:11 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-01-13 09:08 - 2014-11-10 17:11 - 00000000 ____D C:\ProgramData\GbPlugin
2016-01-13 09:01 - 2013-08-22 13:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-01-05 14:27 - 2014-10-15 22:49 - 00000000 ____D C:\Users\Public\Documents\Altium
2016-01-05 10:34 - 2014-10-15 13:59 - 00000000 ____D C:\Users\Diogo Manfroi\AppData\Local\Google
2016-01-05 09:55 - 2014-12-07 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-04 12:06 - 2015-09-06 20:32 - 00000000 ____D C:\Users\Todos os Usuários\{4a5b0aeb-a347-5ee6-4a5b-b0aeba342bae}
2016-01-04 12:06 - 2015-09-06 20:32 - 00000000 ____D C:\ProgramData\{4a5b0aeb-a347-5ee6-4a5b-b0aeba342bae}
2016-01-04 12:06 - 2015-08-20 20:59 - 00000000 ____D C:\Users\Todos os Usuários\{7fe8bac9-bf20-f4b3-7fe8-8bac9bf2eb26}
2016-01-04 12:06 - 2015-08-20 20:59 - 00000000 ____D C:\ProgramData\{7fe8bac9-bf20-f4b3-7fe8-8bac9bf2eb26}
2016-01-04 12:06 - 2015-08-17 18:11 - 00000000 ____D C:\Users\Todos os Usuários\{38fc27aa-b79d-4061-38fc-c27aab799eaa}
2016-01-04 12:06 - 2015-08-17 18:11 - 00000000 ____D C:\ProgramData\{38fc27aa-b79d-4061-38fc-c27aab799eaa}
2016-01-03 19:30 - 2014-10-15 13:58 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-01-03 19:30 - 2014-10-15 13:58 - 00000000 ____D C:\ProgramData\Oracle
2016-01-03 19:28 - 2015-10-05 20:02 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-03 19:28 - 2015-07-08 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-03 19:28 - 2014-10-15 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-01-03 19:28 - 2014-10-15 14:24 - 00000000 ____D C:\Program Files\Java
2016-01-03 19:27 - 2015-10-05 20:03 - 00000000 ____D C:\Users\Diogo Manfroi\.oracle_jre_usage
2016-01-03 19:26 - 2015-10-05 20:03 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== Arquivos na raiz de alguns diretórios =======

2015-02-02 20:27 - 2015-08-11 21:35 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-08-21 17:42 - 2015-08-21 17:46 - 0000337 _____ () C:\Users\Diogo Manfroi\AppData\Local\Perfmon.PerfmonCfg
2015-04-21 21:10 - 2015-05-10 19:43 - 0000806 _____ () C:\Users\Diogo Manfroi\AppData\Local\Temp-log.txt
2014-10-15 14:34 - 2014-10-15 14:34 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Alguns arquivos em TEMP:
====================
C:\Users\Diogo Manfroi\AppData\Local\Temp\2FB2.tmp.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\711C.tmp.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\8B.tmp.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\93C5.tmp.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup1561__14991.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup1590__17115.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup1616__17115.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup1695__16666.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup1721__16581.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup1744__16581.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup1926__16608.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup1953__13746.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup1982__13746.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup2139__13749.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup2171__13749.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup2612__16582.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup2645__10235.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup8957__13749.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup9032__13749.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup9528__16582.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\amisetup9564__10235.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\AudioConverterSetup.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\avg-f47be42b-603f-4c76-a9f4-ba6983d3c17e.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\avguirn_081686933100.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\B382.tmp.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\Browser_V5.5.7852.9_r_4670_(Build1512022057).exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\C2F6.tmp.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\C74A.tmp.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\downloader_2.0.0.2_340br_90_20160112_1153_1452570798.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\DownPageDll.dll
C:\Users\Diogo Manfroi\AppData\Local\Temp\ERWbMRrk4o.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\ICReinstall_B382.tmp.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\ICReinstall_BitTorrent_Setup.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\ICReinstall_C2F6.tmp.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\ICReinstall_setup.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\InstallHelper.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\itr2_yoursearching.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\lvzhou_br_IBD_Bundle.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\OfficeAssist.0744.80.1211.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\Oursurfing.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\qqpcmgr_v11.0.16779.224_74672_Silence.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\qqpcmgr_v11.1.16923.222_45101_Silence.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\set.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\sqlite3.dll
C:\Users\Diogo Manfroi\AppData\Local\Temp\u0KYZ232eC.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\Uninstall.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\UninstallModule.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\UPCleaner1.3.52.exe
C:\Users\Diogo Manfroi\AppData\Local\Temp\ytdieamodc_amodc_inst.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-01-19 11:49

==================== Fim de FRST.txt ============================