Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 17-10-2016
Executado por Pipano (administrador) em PIPANO-PC (26-10-2016 00:31:04)
Executando a partir de C:\Users\Pipano\Downloads
Perfis Carregados: Pipano (Perfis Disponíveis: Pipano)
Platform: Windows 7 Home Premium (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\ProgramData\Logic Handler\set.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\ProgramData\NetworkPacketManitor\Nettrans.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registro (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKU\S-1-5-18\...\Run: [] => 0

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 201.17.128.197 201.17.128.193
Tcpip\..\Interfaces\{EB957702-1547-45AB-B8F7-1C18DF7B5B36}: [DhcpNameServer] 201.17.128.197 201.17.128.193

Internet Explorer:
==================
HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHuxXEORNBUPHzfw1DgwX2YeI8rs9ejgrI0KcnG_Gt_rCHeUzB-VV-mljXiVDFtu7G8tKBAcTQu9eD-HWiexJEcBE99JhZmAcwuxbRV9ueGgQMN_DOWekVw841F-3nRMkg9uoX7QBmU_Bj1sHKjowVw_HagS8JGUZhS7k14hWw,,&q={searchTerms}
HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHuxXEORNBUPHzfw1DgwX2YeI8rs9ejgrI0KcnG_Gt_rCHeUzB-VV-mljXiVDFtu7G8tKBAcTQu9eD-LOtoeqSPwK8-uhhsMnCj3acD40qIqsfxiJUEF3R8LXEx68whW-MP5t4i2Rb8GqpoKOMu-RaQ2-WlcBl58psqC-xmM6w,,
HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHuxXEORNBUPHzfw1DgwX2YeI8rs9ejgrI0KcnG_Gt_rCHeUzB-VV-mljXiVDFtu7G8tKBAcTQu9eD-HWiexJEcBE99JhZmAcwuxbRV9ueGgQMN_DOWekVw841F-3nRMkg9uoX7QBmU_Bj1sHKjowVw_HagS8JGUZhS7k14hWw,,&q={searchTerms}
HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHuxXEORNBUPHzfw1DgwX2YeI8rs9ejgrI0KcnG_Gt_rCHeUzB-VV-mljXiVDFtu7G8tKBAcTQu9eD-HWiexJEcBE99JhZmAcwuxbRV9ueGgQMN_DOWekVw841F-3nRMkg9uoX7QBmU_Bj1sHKjowVw_HagS8JGUZhS7k14hWw,,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHuxXEORNBUPHzfw1DgwX2YeI8rs9ejgrI0KcnG_Gt_rCHeUzB-VV-mljXiVDFtu7G8tKBAcTQu9eD-HWiexJEcBE99JhZmAcwuxbRV9ueGgQMN_DOWekVw841F-3nRMkg9uoX7QBmU_Bj1sHKjowVw_HagS8JGUZhS7k14hWw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2774441584-2175777879-4090157555-1000 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHuxXEORNBUPHzfw1DgwX2YeI8rs9ejgrI0KcnG_Gt_rCHeUzB-VV-mljXiVDFtu7G8tKBAcTQu9eD-HWiexJEcBE99JhZmAcwuxbRV9ueGgQMN_DOWekVw841F-3nRMkg9uoX7QBmU_Bj1sHKjowVw_HagS8JGUZhS7k14hWw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2774441584-2175777879-4090157555-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHuxXEORNBUPHzfw1DgwX2YeI8rs9ejgrI0KcnG_Gt_rCHeUzB-VV-mljXiVDFtu7G8tKBAcTQu9eD-HWiexJEcBE99JhZmAcwuxbRV9ueGgQMN_DOWekVw841F-3nRMkg9uoX7QBmU_Bj1sHKjowVw_HagS8JGUZhS7k14hWw,,&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: r1hs3x7v.default
FF ProfilePath: C:\Users\Pipano\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\r1hs3x7v.default\Profiles\r1hs3x7v.default [não encontrado (a)]
FF ProfilePath: C:\Users\Pipano\AppData\Roaming\Mozilla\Firefox\Profiles\r1hs3x7v.default [2016-10-26]
FF NewTab: Mozilla\Firefox\Profiles\r1hs3x7v.default -> C:\\ProgramData\\Quoteexs\\ff.NT
FF Homepage: Mozilla\Firefox\Profiles\r1hs3x7v.default -> C:\\ProgramData\\Quoteexs\\ff.HP
FF SearchPlugin: C:\Users\Pipano\AppData\Roaming\Mozilla\Firefox\Profiles\r1hs3x7v.default\searchplugins\pelr2km2.xml [2016-10-25]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHuxXEORNBUPHzfw1DgwX2YeI8rs9ejgrI0KcnG_Gt_rCHeUzB-VV-mljXiVDFtu7G8tKBAcTQu9eD-HQd1bxO2QFCdgCuxH8zJ8cQu6Icjrb_blTATH5yumPavkpU6W_LANBv2yjJlPL3Xhxakx4-Nmuts5yCxtlzQxQ_wfHQ,,
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHuxXEORNBUPHzfw1DgwX2YeI8rs9ejgrI0KcnG_Gt_rCHeUzB-VV-mljXiVDFtu7G8tKBAcTQu9eD-HTXLC3JEppzazZu4nO3JefDzOS44wWEg_s_rBHtUnMMelkl-PG0tVYt5EfZ_pBJEUFX3TLBUl6WqKzlFl1ZU8ldYK9g,,&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> feed.sonic-search.com
CHR DefaultSuggestURL: ChromeDefaultData -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-10-26] <==== ATENÇÃO
CHR Extension: (Google Apresentações) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-25]
CHR Extension: (Google Docs) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-26]
CHR Extension: (Google Drive) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-26]
CHR Extension: (YouTube) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-26]
CHR Extension: (Planilhas do Google) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-26]
CHR Extension: (Documentos Google off-line) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-26]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-25]
CHR Extension: (Gmail) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR Profile: C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default [2016-10-25]
CHR Extension: (Google Apresentações) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-08]
CHR Extension: (Google Docs) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-08]
CHR Extension: (Google Drive) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-08]
CHR Extension: (YouTube) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-08]
CHR Extension: (Planilhas do Google) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-08]
CHR Extension: (Documentos Google off-line) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-08]
CHR Extension: (Video Ad Blocker Plus) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default\Extensions\hegneaniplmfjcmohoclabblbahcbjoe [2016-08-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-08]
CHR Extension: (Gmail) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-08]
CHR Extension: (Chrome Media Router) - C:\Users\Pipano\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKU\S-1-5-21-2774441584-2175777879-4090157555-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx

==================== Serviços (Whitelisted) ====================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 backlh; C:\ProgramData\Logic Handler\set.exe [3786752 2016-10-22] () [Arquivo não assinado]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-29] (NVIDIA Corporation)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-09-23] (Hi-Rez Studios) [Arquivo não assinado]
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 1999-12-31] (Intel Corporation)
R2 Nettrans; C:\ProgramData\NetworkPacketManitor\Nettrans.exe [57856 2016-09-28] () [Arquivo não assinado]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5690752 2016-08-21] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-29] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-29] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-08-31] ()
R2 Prikadom; C:\Program Files (x86)\Ckidoiedhihuly\thavuywifiiedReports.dll [277504 2016-10-25] () [Arquivo não assinado]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 cpuz139; C:\Users\Pipano\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [43312 2016-07-10] (CPUID)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 EMAC Secure; C:\Users\Pipano\AppData\Local\Temp\GCSecure.sys [805512 2016-09-28] (Gamers Club)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [40456 2016-07-09] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 1999-12-31] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-06-29] (NVIDIA Corporation)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-07-09] (Samsung Electronics Co., Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2016-07-09] (SlimWare Utilities, Inc.)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-10-26 00:31 - 2016-10-26 00:31 - 00018632 _____ C:\Users\Pipano\Downloads\FRST.txt
2016-10-26 00:30 - 2016-10-26 00:31 - 00000000 ____D C:\FRST
2016-10-26 00:30 - 2016-10-26 00:30 - 02407424 _____ (Farbar) C:\Users\Pipano\Downloads\FRST64.exe
2016-10-26 00:30 - 2016-10-26 00:30 - 01756672 _____ (Farbar) C:\Users\Pipano\Downloads\FRST.exe
2016-10-26 00:28 - 2016-10-26 00:28 - 03785560 _____ (DLL-Files.com Client ) C:\Users\Pipano\Downloads\clientsetup_d-0.exe
2016-10-26 00:28 - 2016-10-26 00:28 - 00001129 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk
2016-10-26 00:28 - 2016-10-26 00:28 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\DLL-files.com
2016-10-26 00:28 - 2016-10-26 00:28 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\DFXCT
2016-10-26 00:28 - 2016-10-26 00:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2016-10-26 00:28 - 2016-10-26 00:28 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2016-10-26 00:26 - 2016-10-26 00:26 - 03328910 _____ C:\Users\Pipano\Downloads\Windows6.1-KB3102810-x64.msu
2016-10-26 00:26 - 2016-10-26 00:26 - 01034556 _____ C:\Users\Pipano\Downloads\Windows6.1-KB2999226-x64 (2).msu
2016-10-26 00:09 - 2016-10-26 00:09 - 00003258 _____ C:\Windows\System32\Tasks\psv_San-Ex
2016-10-26 00:05 - 2016-10-26 00:05 - 01034556 _____ C:\Users\Pipano\Downloads\Windows6.1-KB2999226-x64 (1).msu
2016-10-26 00:00 - 2016-10-26 00:00 - 00000000 ____D C:\Users\Todos os Usuários\Avira
2016-10-26 00:00 - 2016-10-26 00:00 - 00000000 ____D C:\Users\Todos os Usuários\Avg
2016-10-26 00:00 - 2016-10-26 00:00 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2016-10-26 00:00 - 2016-10-26 00:00 - 00000000 ____D C:\ProgramData\Avira
2016-10-26 00:00 - 2016-10-26 00:00 - 00000000 ____D C:\ProgramData\Avg
2016-10-26 00:00 - 2016-10-26 00:00 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-25 23:59 - 2016-10-25 23:59 - 00006072 _____ C:\Windows\System32\Tasks\Fholeckersory Mapper
2016-10-25 23:58 - 2016-10-26 00:19 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Claqitherthuftion
2016-10-25 23:58 - 2016-10-26 00:07 - 00000000 ____D C:\Program Files (x86)\Ckidoiedhihuly
2016-10-25 23:58 - 2016-10-25 23:59 - 00000000 ____D C:\Users\Pipano\AppData\Local\Wdshnualy
2016-10-25 23:54 - 2016-10-25 23:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-25 23:54 - 2016-10-25 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-25 23:53 - 2016-10-26 00:17 - 00000000 ____D C:\Program Files (x86)\Microleaves
2016-10-25 23:53 - 2016-10-25 23:59 - 00000000 ____D C:\Program Files (x86)\ECF7B6A0-1477446829-11DD-8117-40167EBC29E0
2016-10-25 23:53 - 2016-10-25 23:53 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2016-10-25 23:53 - 2016-10-25 23:53 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\YSPackage
2016-10-25 23:52 - 2016-10-26 00:18 - 00000000 ____D C:\Users\Todos os Usuários\Quoteex
2016-10-25 23:52 - 2016-10-26 00:18 - 00000000 ____D C:\ProgramData\Quoteex
2016-10-25 23:52 - 2016-10-25 23:54 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Microleaves
2016-10-25 23:52 - 2016-10-25 23:52 - 07214592 _____ C:\Users\Pipano\AppData\Roaming\agent.dat
2016-10-25 23:52 - 2016-10-25 23:52 - 01910180 _____ C:\Users\Pipano\AppData\Roaming\Ventojoytex.tst
2016-10-25 23:52 - 2016-10-25 23:52 - 01897574 _____ C:\Users\Pipano\AppData\Roaming\Trans-Fan.bin
2016-10-25 23:52 - 2016-10-25 23:52 - 00190394 _____ C:\Users\Pipano\AppData\Roaming\Runron.bin
2016-10-25 23:52 - 2016-10-25 23:52 - 00126464 _____ C:\Users\Pipano\AppData\Roaming\noah.dat
2016-10-25 23:52 - 2016-10-25 23:52 - 00070704 _____ C:\Users\Pipano\AppData\Roaming\Config.xml
2016-10-25 23:52 - 2016-10-25 23:52 - 00018432 _____ C:\Users\Pipano\AppData\Roaming\Main.dat
2016-10-25 23:52 - 2016-10-25 23:52 - 00005568 _____ C:\Users\Pipano\AppData\Roaming\md.xml
2016-10-25 23:52 - 2016-10-25 23:52 - 00002397 _____ C:\Windows\SysWOW64\findit.xml
2016-10-25 23:52 - 2016-10-25 23:52 - 00000000 ____D C:\Users\Todos os Usuários\Quoteexs
2016-10-25 23:52 - 2016-10-25 23:52 - 00000000 ____D C:\Users\Todos os Usuários\NetworkPacketManitor
2016-10-25 23:52 - 2016-10-25 23:52 - 00000000 ____D C:\Users\Todos os Usuários\Logic Handler
2016-10-25 23:52 - 2016-10-25 23:52 - 00000000 ____D C:\ProgramData\Quoteexs
2016-10-25 23:52 - 2016-10-25 23:52 - 00000000 ____D C:\ProgramData\NetworkPacketManitor
2016-10-25 23:52 - 2016-10-25 23:52 - 00000000 ____D C:\ProgramData\Logic Handler
2016-10-25 23:52 - 2016-10-25 23:51 - 00710656 _____ C:\Users\Pipano\AppData\Roaming\Ventojoytex.exe
2016-10-25 23:51 - 2016-10-26 00:20 - 00000000 ____D C:\Windows\system32\SSL
2016-10-25 23:51 - 2016-10-25 23:52 - 00016224 _____ C:\Users\Pipano\AppData\Roaming\InstallationConfiguration.xml
2016-10-25 23:51 - 2016-10-25 23:51 - 00140288 _____ C:\Users\Pipano\AppData\Roaming\Installer.dat
2016-10-25 23:50 - 2016-10-25 23:50 - 00000000 ____D C:\Users\Pipano\Downloads\Nova pasta
2016-10-25 23:47 - 2016-10-25 23:48 - 00629006 _____ C:\Users\Pipano\Downloads\Windows6.1-KB2999226-x86.msu
2016-10-25 23:43 - 2016-10-25 23:43 - 01034556 _____ C:\Users\Pipano\Downloads\Windows6.1-KB2999226-x64.msu
2016-10-25 23:19 - 2016-10-25 23:19 - 00001441 _____ C:\Users\Pipano\Desktop\MU_LEGEND.lnk
2016-10-25 23:19 - 2016-10-25 23:19 - 00000000 ____D C:\Users\Pipano\AppData\Local\VCLStylesSkin
2016-10-25 23:19 - 2016-10-25 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MU LEGEND GLOBAL
2016-10-25 20:23 - 2016-10-25 20:34 - 00000762 _____ C:\Users\Pipano\Desktop\Resume download of MU LEGEND.lnk
2016-10-25 10:26 - 2016-10-25 10:26 - 05926728 _____ C:\Users\Pipano\Downloads\MU_LEGEND_Downloader_EN.exe
2016-10-24 12:11 - 2016-10-24 12:11 - 01829560 _____ C:\Windows\d15da0aa2f7a7737b8a8e8e5ce9703a8.exe
2016-10-13 21:38 - 2016-10-13 21:38 - 00000000 ____D C:\Users\Pipano\Downloads\Crash Bandicoot Collection (PSX)
2016-10-13 14:14 - 2016-10-13 15:07 - 3192264704 ____R C:\Users\Pipano\Downloads\de_windows_7_professional_x64_dvd_X15-65813.iso
2016-10-12 16:17 - 2016-10-12 16:17 - 00000599 _____ C:\Users\Pipano\Desktop\Jogar Live-RO.lnk
2016-10-12 16:17 - 2016-10-12 16:17 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live-RO
2016-10-12 16:17 - 2016-10-12 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Live-RO
2016-10-12 16:15 - 2016-10-25 22:32 - 00000000 ____D C:\Ragnarok
2016-10-11 09:47 - 2016-10-11 09:47 - 02291937 _____ C:\Users\Pipano\Downloads\Michael Sandel - Justiça - o que e fazer a coisa certa.pdf
2016-10-09 13:55 - 2016-10-09 14:17 - 507225603 _____ C:\Users\Pipano\Documents\Battlerite.wmv
2016-10-09 13:51 - 2016-10-09 13:51 - 01153496 _____ C:\Users\Pipano\Documents\Vinheta.wmv.sfap0
2016-10-09 13:51 - 2016-10-09 13:51 - 00009080 _____ C:\Users\Pipano\Documents\Vinheta.wmv.sfk
2016-10-09 00:50 - 2016-10-09 00:55 - 00000000 ____D C:\Users\Pipano\Downloads\Command & Conquer - Red Alert (USA)
2016-10-09 00:50 - 2016-10-09 00:50 - 00015247 _____ C:\Users\Pipano\Downloads\Command & Conquer - Red Alert (USA).torrent
2016-10-05 18:31 - 2016-10-25 23:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-04 19:01 - 2016-10-04 19:01 - 00000219 _____ C:\Users\Pipano\Desktop\Counter-Strike Global Offensive.url
2016-09-30 20:25 - 2016-09-30 22:15 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\discord
2016-09-30 20:25 - 2016-09-30 20:25 - 00002170 _____ C:\Users\Pipano\Desktop\Discord.lnk
2016-09-30 20:25 - 2016-09-30 20:25 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-09-30 20:25 - 2016-09-30 20:25 - 00000000 ____D C:\Users\Pipano\AppData\Local\SquirrelTemp
2016-09-30 20:25 - 2016-09-30 20:25 - 00000000 ____D C:\Users\Pipano\AppData\Local\Discord
2016-09-29 15:39 - 2016-09-29 15:44 - 00000000 ____D C:\Users\Pipano\Documents\My Games
2016-09-29 15:39 - 2016-09-29 15:39 - 00000000 ____D C:\Users\Pipano\AppData\Local\HirezLauncherUI
2016-09-29 00:48 - 2016-10-09 14:12 - 00000000 ____D C:\Users\Pipano\Downloads\Play 1
2016-09-29 00:28 - 2016-09-29 00:28 - 00000219 _____ C:\Users\Pipano\Desktop\Left 4 Dead 2.url
2016-09-28 23:37 - 2016-09-28 23:37 - 00003697 _____ C:\Users\Pipano\Desktop\Wow - Atalho.lnk
2016-09-28 23:30 - 2016-10-25 23:59 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2016-09-28 23:30 - 2016-09-29 15:44 - 00000000 ____D C:\Users\Todos os Usuários\Hi-Rez Studios
2016-09-28 23:30 - 2016-09-29 15:44 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2016-09-28 23:30 - 2016-09-28 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2016-09-27 22:53 - 2016-09-30 02:21 - 00000000 ____D C:\Users\Pipano\Documents\Wrath of the Lich King 3.3.5a
2016-09-25 05:05 - 2016-09-25 05:05 - 00000222 _____ C:\Users\Pipano\Desktop\Battlerite.url
2016-09-23 16:44 - 2016-09-23 16:44 - 00002236 _____ C:\Users\Pipano\Desktop\GCLauncher.lnk
2016-09-23 16:44 - 2016-09-23 16:44 - 00001266 _____ C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCLauncher.lnk
2016-09-23 16:44 - 2016-09-23 16:44 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gamersclub Anti Cheat
2016-09-23 16:44 - 2016-09-23 16:44 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\EMACLab
2016-09-22 12:17 - 2016-09-22 12:17 - 00971703 _____ C:\Users\Pipano\Downloads\Rawls-O_problema_da_teoria_da_justica.pdf
2016-09-22 12:00 - 2016-09-22 12:00 - 00156306 _____ C:\Users\Pipano\Desktop\Pagamento com cartão de crédito.pdf
2016-09-20 20:20 - 2016-09-20 20:20 - 00001071 _____ C:\Users\Public\Desktop\Macro Recorder.lnk
2016-09-20 20:20 - 2016-09-20 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macro Recorder
2016-09-20 03:46 - 2016-09-20 03:46 - 00000749 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OX-RO.lnk
2016-09-20 03:43 - 2004-12-30 10:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2016-09-20 03:43 - 2003-07-15 19:17 - 00005174 _____ C:\Windows\SysWOW64\nppt9x.vxd
2016-09-20 03:40 - 2016-09-20 03:40 - 00000737 _____ C:\Users\Public\Desktop\Ragnarok.lnk
2016-09-20 03:40 - 2016-09-20 03:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level Up
2016-09-19 13:32 - 2016-09-19 13:32 - 00003094 _____ C:\Windows\System32\Tasks\{3F3E177D-7434-40DE-BCBF-59D44FCA1E61}
2016-09-01 03:23 - 2016-09-01 03:23 - 00000000 ____D C:\Users\Pipano\Documents\Battlefield 4
2016-08-31 22:55 - 2016-08-31 23:09 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-08-31 22:55 - 2016-08-31 23:09 - 00281872 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-08-31 22:55 - 2016-08-31 23:09 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-08-31 16:31 - 2016-09-01 15:17 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Origin
2016-08-31 16:25 - 2016-09-13 01:42 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-08-31 16:25 - 2016-09-13 01:42 - 00000000 ____D C:\ProgramData\Origin
2016-08-29 12:23 - 2016-08-29 12:32 - 00000000 ____D C:\Users\Pipano\AppData\Local\Mozilla
2016-08-29 12:22 - 2016-10-25 23:52 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-29 12:22 - 2016-10-25 23:52 - 00001163 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-22 15:36 - 2016-08-22 15:36 - 00012209 _____ C:\Users\Pipano\Downloads\Plano_de_Ensino_e_Bibliografia_-_Economia_UNIFENAS_2016-02.pdf
2016-08-22 14:47 - 2016-08-22 14:47 - 00197120 _____ C:\Users\Pipano\Downloads\Const__Historico.ppt
2016-08-22 14:47 - 2016-08-22 14:47 - 00189440 _____ C:\Users\Pipano\Downloads\classificacao_CF.ppt
2016-08-20 15:21 - 2016-09-30 17:53 - 00000000 ____D C:\Users\Pipano\Downloads\Inglês
2016-08-20 10:35 - 2016-08-21 05:43 - 05690752 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2016-08-20 10:34 - 2016-08-20 10:34 - 00000000 ____D C:\Program Files\Common Files\INCA Shared
2016-08-20 10:20 - 2016-08-20 10:20 - 00000832 _____ C:\Users\Public\Desktop\Mu.lnk
2016-08-20 10:20 - 2016-08-20 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mu online
2016-08-20 10:07 - 2016-10-25 10:27 - 00000000 ____D C:\Users\Todos os Usuários\WEBZEN
2016-08-20 10:07 - 2016-10-25 10:27 - 00000000 ____D C:\ProgramData\WEBZEN
2016-08-17 23:58 - 2016-08-17 23:58 - 03885487 _____ C:\Users\Pipano\Documents\Vinheta.wmv
2016-08-17 13:09 - 2016-08-17 13:09 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Albion
2016-08-17 13:08 - 2016-09-28 02:47 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\AlbionOnline
2016-08-17 13:04 - 2016-10-09 13:52 - 00000000 ____D C:\Users\Pipano\Desktop\Editaveis
2016-08-17 12:04 - 2016-10-09 13:51 - 00000000 ____D C:\Users\Pipano\Documents\Fraps
2016-08-17 09:48 - 2016-08-17 09:48 - 00001182 _____ C:\Users\Pipano\Desktop\AlbionOnline.lnk
2016-08-17 09:48 - 2016-08-17 09:48 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online
2016-08-16 15:17 - 2016-08-16 15:17 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\MPC-HC
2016-08-16 14:43 - 2016-08-29 12:26 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Mozilla
2016-08-16 14:43 - 2016-08-16 14:43 - 00003574 _____ C:\Windows\System32\Tasks\klcp_update
2016-08-16 14:43 - 2016-08-16 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-08-16 14:43 - 2016-05-08 07:27 - 03613696 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2016-08-16 14:43 - 2015-12-18 07:00 - 00674816 _____ C:\Windows\SysWOW64\xvidcore.dll
2016-08-16 14:43 - 2015-12-18 07:00 - 00282112 _____ C:\Windows\SysWOW64\xvidvfw.dll
2016-08-16 14:43 - 2015-10-24 14:00 - 00112128 _____ C:\Windows\SysWOW64\ff_vfw.dll
2016-08-16 14:43 - 2012-07-21 08:54 - 00122880 _____ (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2016-08-16 14:43 - 2011-12-07 15:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2016-08-16 14:41 - 2016-08-16 14:41 - 00000562 _____ C:\Users\Public\Desktop\Fraps.lnk
2016-08-16 14:41 - 2016-08-16 14:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2016-08-16 12:35 - 2016-08-16 16:47 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Sony
2016-08-16 12:35 - 2016-08-16 12:35 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Publish Providers
2016-08-16 12:27 - 2016-08-16 12:35 - 00000000 ____D C:\Users\Pipano\AppData\Local\Sony
2016-08-16 12:27 - 2016-08-16 12:27 - 00000000 ____D C:\Users\Todos os Usuários\Sony
2016-08-16 12:27 - 2016-08-16 12:27 - 00000000 ____D C:\ProgramData\Sony
2016-08-16 12:27 - 2016-08-16 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-08-13 22:44 - 2016-09-27 22:54 - 00000000 ____D C:\Users\Pipano\Downloads\World of Warcraft 3.3.5a (no install)
2016-08-13 22:43 - 2016-09-28 02:49 - 00000000 ___SD C:\Users\Pipano\AppData\LocalLow\Temp
2016-08-13 22:43 - 2016-08-13 22:43 - 00002645 _____ C:\Users\Pipano\Desktop\µTorrent.lnk
2016-08-13 22:43 - 2016-08-13 22:43 - 00002645 _____ C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-08-13 22:42 - 2016-10-13 21:59 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\uTorrent
2016-08-11 18:26 - 2016-08-11 18:27 - 00000000 ____D C:\Users\Pipano\Downloads\Filosofia
2016-08-11 11:46 - 2016-09-13 18:06 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\TS3Client
2016-08-11 11:46 - 2016-08-11 11:46 - 00001166 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-08-11 11:46 - 2016-08-11 11:46 - 00001128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-08-07 00:20 - 2016-08-20 11:03 - 00000000 ____D C:\Users\Pipano\.android
2016-08-07 00:19 - 2016-08-07 00:19 - 00000000 ____D C:\Users\Pipano\Nox_share
2016-08-07 00:17 - 2016-08-20 11:02 - 00000000 ____D C:\Users\Pipano\vmlogs
2016-08-07 00:17 - 2015-09-16 04:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-07 00:08 - 2015-09-16 01:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-07 00:07 - 2016-08-20 15:33 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Nox
2016-08-07 00:07 - 2016-08-20 15:33 - 00000000 ____D C:\Users\Pipano\AppData\Local\Nox
2016-08-03 15:21 - 2016-08-03 15:21 - 00000000 ____D C:\Users\Pipano\aTubeCatcher
2016-08-01 17:44 - 2016-08-03 11:21 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-08-01 17:31 - 2016-08-02 12:05 - 00000000 ____D C:\Users\Todos os Usuários\McAfee
2016-08-01 17:31 - 2016-08-02 12:05 - 00000000 ____D C:\ProgramData\McAfee
2016-08-01 17:31 - 2016-08-01 17:31 - 00000000 ____D C:\Users\Pipano\AppData\LocalLow\Adobe
2016-08-01 17:30 - 2016-10-12 11:14 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-01 17:30 - 2016-10-12 11:13 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-01 17:30 - 2016-08-01 17:46 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-08-01 17:30 - 2016-08-01 17:46 - 00000000 ____D C:\ProgramData\Adobe
2016-08-01 17:30 - 2016-08-01 17:30 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-08-01 17:29 - 2016-08-01 17:32 - 00000000 ____D C:\Users\Pipano\AppData\Local\Adobe

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-10-26 00:30 - 2016-07-08 22:11 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-26 00:21 - 2016-07-08 23:28 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-10-26 00:21 - 2016-07-08 23:20 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-26 00:20 - 2009-07-14 02:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-26 00:20 - 2009-07-14 02:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-26 00:19 - 2016-07-10 16:41 - 00000000 ____D C:\Program Files\Sandboxie
2016-10-26 00:18 - 2009-07-14 15:55 - 00706830 _____ C:\Windows\system32\prfh0416.dat
2016-10-26 00:18 - 2009-07-14 15:55 - 00148168 _____ C:\Windows\system32\prfc0416.dat
2016-10-26 00:18 - 2009-07-14 03:13 - 01639220 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-26 00:18 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-10-26 00:13 - 2016-07-08 23:13 - 00000000 ____D C:\Users\Pipano\AppData\Local\CrashDumps
2016-10-26 00:11 - 2016-07-08 22:11 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-26 00:10 - 2016-07-08 22:38 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-10-26 00:10 - 2016-07-08 22:38 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-26 00:10 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-26 00:01 - 2016-07-08 22:12 - 00002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-26 00:01 - 2016-07-08 22:12 - 00002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-26 00:00 - 2016-09-20 03:38 - 00000000 ____D C:\Level Up
2016-10-26 00:00 - 2016-08-11 01:39 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-10-26 00:00 - 2016-07-30 04:11 - 00000000 ___RD C:\Sandbox
2016-10-26 00:00 - 2016-07-25 15:15 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-10-26 00:00 - 2016-07-11 20:47 - 00000000 ____D C:\MU BeaT Season 4 - v1.0.4
2016-10-26 00:00 - 2009-07-14 03:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-10-25 23:59 - 2016-09-23 16:44 - 00000000 ____D C:\Program Files (x86)\EMACLab
2016-10-25 23:59 - 2016-09-20 20:20 - 00000000 ____D C:\Program Files (x86)\MacroRecorder
2016-10-25 23:59 - 2016-08-31 23:09 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-10-25 23:59 - 2016-08-29 12:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-25 23:59 - 2016-08-20 10:20 - 00000000 ____D C:\Program Files (x86)\Webzen
2016-10-25 23:59 - 2016-08-17 09:42 - 00000000 ____D C:\Program Files (x86)\AlbionOnline
2016-10-25 23:59 - 2016-08-16 14:43 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-10-25 23:59 - 2016-08-16 12:27 - 00000000 ____D C:\Program Files (x86)\Sony
2016-10-25 23:59 - 2016-08-11 11:46 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2016-10-25 23:59 - 2016-08-01 17:44 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-10-25 23:59 - 2016-08-01 17:30 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-10-25 23:59 - 2016-07-25 15:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-10-25 23:59 - 2016-07-25 15:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-25 23:59 - 2016-07-17 22:43 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2016-10-25 23:59 - 2016-07-16 14:40 - 00000000 ____D C:\Program Files (x86)\FreeTime
2016-10-25 23:59 - 2016-07-09 15:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-10-25 23:59 - 2016-07-09 00:26 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-10-25 23:59 - 2016-07-08 22:59 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-10-25 23:59 - 2016-07-08 22:52 - 00000000 ____D C:\Program Files (x86)\Intel
2016-10-25 23:59 - 2016-07-08 22:49 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-10-25 23:59 - 2016-07-08 22:38 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-10-25 23:59 - 2016-07-08 22:10 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-25 23:59 - 2016-07-08 22:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-25 23:59 - 2016-07-08 22:00 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-10-25 23:59 - 2009-07-14 03:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-10-25 23:59 - 2009-07-14 03:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-10-25 23:59 - 2009-07-14 03:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-25 23:59 - 2009-07-14 03:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-10-25 23:59 - 2009-07-14 03:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-10-25 23:59 - 2009-07-14 01:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-10-25 23:52 - 2016-07-08 21:21 - 00001435 _____ C:\Users\Pipano\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-25 23:27 - 2016-07-08 22:54 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-10-25 23:27 - 2016-07-08 22:54 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-25 23:10 - 2016-08-20 10:07 - 00000000 ____D C:\download
2016-10-24 10:18 - 2016-07-10 16:41 - 00001774 _____ C:\Windows\Sandboxie.ini
2016-10-22 03:01 - 2016-07-09 15:45 - 00000000 ____D C:\Users\Pipano\AppData\Roaming\Skype
2016-10-21 20:32 - 2016-07-11 12:16 - 00000121 _____ C:\Users\Pipano\Desktop\Novo Documento de Texto.txt

==================== Arquivos na raiz de alguns diretórios =======

2016-10-25 23:52 - 2016-10-25 23:52 - 7214592 _____ () C:\Users\Pipano\AppData\Roaming\agent.dat
2016-10-25 23:52 - 2016-10-25 23:52 - 0070704 _____ () C:\Users\Pipano\AppData\Roaming\Config.xml
2016-10-25 23:51 - 2016-10-25 23:52 - 0016224 _____ () C:\Users\Pipano\AppData\Roaming\InstallationConfiguration.xml
2016-10-25 23:51 - 2016-10-25 23:51 - 0140288 _____ () C:\Users\Pipano\AppData\Roaming\Installer.dat
2016-10-25 23:52 - 2016-10-25 23:52 - 0018432 _____ () C:\Users\Pipano\AppData\Roaming\Main.dat
2016-10-25 23:52 - 2016-10-25 23:52 - 0005568 _____ () C:\Users\Pipano\AppData\Roaming\md.xml
2016-10-25 23:52 - 2016-10-25 23:52 - 0126464 _____ () C:\Users\Pipano\AppData\Roaming\noah.dat
2016-10-25 23:52 - 2016-10-25 23:52 - 0190394 _____ () C:\Users\Pipano\AppData\Roaming\Runron.bin
2016-10-25 23:52 - 2016-10-25 23:52 - 1897574 _____ () C:\Users\Pipano\AppData\Roaming\Trans-Fan.bin
2016-10-25 23:52 - 2016-10-25 23:52 - 0032038 _____ () C:\Users\Pipano\AppData\Roaming\uninstall_temp.ico
2016-10-25 23:52 - 2016-10-25 23:51 - 0710656 _____ () C:\Users\Pipano\AppData\Roaming\Ventojoytex.exe
2016-10-25 23:52 - 2016-10-25 23:52 - 1910180 _____ () C:\Users\Pipano\AppData\Roaming\Ventojoytex.tst
2016-07-08 22:51 - 2016-07-08 22:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Alguns arquivos em TEMP:
====================
C:\Users\Pipano\AppData\Local\Temp\GCAC.dll
C:\Users\Pipano\AppData\Local\Temp\nsn2DB.tmp.exe
C:\Users\Pipano\AppData\Local\Temp\nvStInst.exe
C:\Users\Pipano\AppData\Local\Temp\ose00000.exe
C:\Users\Pipano\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pipano\AppData\Local\Temp\sonarinst.exe


==================== Bamital & volsnap ======================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-10-25 09:41

==================== Fim de FRST.txt ============================