Ir ao conteúdo
  • Cadastre-se
vitão89

Ferramenta da kaspersky detectou alguns problemas no notebook

Recommended Posts

Eu estava navegando pelo blog da kaspersky e encontrei uma postagem sobre um aplicativo deles chamado Kaspersky Security Scan. Executei o programa em meu notebook e o programa encontrou alguns problemas. Apesar de detalhar todos esses problemas, não há uma opção para resolver esses problemas e o programa não ensina como corrigir isso. Pra corrigir todos aqueles problemas eu teria que baixar outra ferramenta deles (que é paga) e não tenho interesse nisso. Por isso peço a ajuda de vocês..

 

Segue a lista dos problemas especificados nessa ferramenta da kaspersky

 

Citação

Microsoft Internet Explorer: o uso de elementos ActiveX sem marcações de segurança é permitido

Usando itens ActiveX não seguros, um atacante pode executar código malicioso no computador do usuário e obter controle sobre o sistema e os dados do usuário. Esse problema geralmente se deve à operação de malware ou scripts maliciosos.

 

Microsoft Internet Explorer: o download de elementos ActiveX assinados é permitido sem pedidos de ação

Ao baixar elementos ActiveX assinados, é necessário ter atenção à validade da assinatura, ao CA que confirmou a assinatura e a seu desenvolvedor. Alguns elementos ActiveX maliciosos ou vulneráveis provavelmente terão assinaturas. Um atacante pode usar isso para executar código malicioso no computador e obter controle sobre o sistema e os dados do usuário. Esse problema geralmente se deve à operação de malware ou scripts maliciosos.

 

Microsoft Internet Explorer: o histórico de URLs digitados não está vazio

No caso de controlar um sistema, um histórico dos endereços de sites inseridos permite a um atacante saber quais páginas da Web o usuário visitou. Isso pode ser usado para chantagear ou redirecionar para sites de phishing.

 

Microsoft Internet Explorer: o download de elementos ActiveX não assinados é permitido

Controles ActiveX não assinados podem conter código malicioso, através do qual um atacante pode obter controle sobre o sistema e os dados do usuário. Esse problema geralmente se deve à operação de malware ou scripts maliciosos.

 

Microsoft Internet Explorer: consultas automáticas de elementos ActiveX são permitidas

Quando as consultas de controles ActiveX automatizados são autorizadas, o código malicioso pode ser executado automaticamente, através do qual o atacante pode obter controle sobre o sistema e os dados do usuário. Esse problema geralmente se deve à operação de malware ou scripts maliciosos.

 

Microsoft Internet Explorer: a execução de programas e arquivos em uma janela IFRAME é permitida sem pedidos de ação

A execução de aplicativos a partir de uma janela pop-up sem solicitação para o usuário pode causar a execução de um programa malicioso, através do qual um atacante pode obter controle do sistema e dos dados do usuário. Esse problema geralmente se deve à operação de malware ou scripts maliciosos.

 

Microsoft Internet Explorer: cache de dados recebidos por canais criptografados ativados

No caso do controle de um sistema, um atacante pode acessar dados confidenciais do usuário armazenados na cache (informações de sites de bancos on-line, dados particulares, mensagens de e-mail etc.), bem como informações sobre quais sites o usuário visitou.

 

Microsoft Internet Explorer: envio de relatórios de erros ativado

Além de relatar informações sobre o erro, podem também ser relatadas informações sobre o computador do usuário. A interceptação dessas informações pode permitir que um atacante ataque o computador de um usuário com mais facilidade.

 

Microsoft Internet Explorer: a limpeza automática do cache na saída do navegador está desativada

No caso do controle de um sistema, um atacante pode acessar os dados confidenciais de um usuário armazenados no cache (dados particulares, mensagens de e-mail etc.), bem como informações sobre quais sites o usuário visitou.

 

Microsoft Internet Explorer: alguns sites salvaram cookies no seu computador

No caso do controle de um sistema, um atacante pode acessar dados confidenciais do usuário armazenados nos cookies (informações de sites de bancos on-line, dados particulares, mensagens de e-mail, etc.), bem como informações sobre quais sites o usuário visitou.

 

Microsoft Internet Explorer: alguns sites são adicionados à lista de sites confiáveis

O software malicioso frequentemente adiciona seus sites à lista de "Sites confiáveis". Além disso, para sites nessa lista, por padrão, são aplicadas restrições de segurança. Quando os visitantes acessam o site que contém código malicioso, se o site for listado na lista de "sites confiáveis", o atacante pode controlar o sistema e os dados do usuário. Esse problema geralmente se deve a malware ativo.

 

Microsoft Internet Explorer: redefinição da página inicial

Usado para substituir a página inicial do usuário por um site com código malicioso. O usuário não pode substituir essa página maliciosa, o que faz com que ela seja baixada sempre que o Internet Explorer é iniciado e permite que um atacante obtenha controle sobre o sistema e os dados do usuário.

 

A execução automática de discos rígidos é permitida

Existem tipos de malware que se reproduzem copiando todas as unidades de disco rígido disponíveis usando o arquivo autorun.inf. Isso permite que um atacante obtenha controle sobre o sistema e os dados do usuário.

 

A execução automática de unidades de rede está ativada

Existem tipos de malware que se reproduzem copiando todas as unidades de rede usando o arquivo autorun.inf. Isso permite que um atacante obtenha controle sobre o sistema e os dados do usuário.

 

A execução automática de CDs/DVDs está ativada

Alguns tipos de malware e adware são executados automaticamente a partir de CDs/DVDs quando esses discos são inseridos. Isso permite que um atacante controle o sistema e os dados do usuário.

 

A execução automática de mídias removíveis está ativada

Devido à ampla proliferação de mídias removíveis, muitos programas maliciosos usam a execução automática para distribuição/infecção. Os tipos de mídia removível incluem unidades flash, celulares, câmeras, leitores de cartões e outros dispositivos que se conectam a uma porta USB e permitem o uso de cartões de memória.

 

 

O ZA-Scan já está sendo executado por 3h seguidas e ainda não terminou. É normal essa demora?

 

Edit: depois de mais 3h de scan e não terminar, vi que apareceu um log no disco local. Por isso, estou postando esse log aqui:

 

Edit: removi o log por escrito e o anexei ao post.
 

zoek-results2016-06-26-205625.log

Editado por vitão89

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vitão89

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Aqui estão os logs...

 

 

diego_moicano, queria tirar uma dúvida aqui. Eu percebi que depois de executar todas essas ferramentas, não consigo mais desativar o touchpad. Antes bastava abrir o ASUS Smart Gesture e apertar Fn+F9 mas agora isso não funciona mais. Será que você saberia o motivo? Se não tiver mais jeito disso funcionar, você sabe me dizer como eu posso desativar o touchpad no W8? Nunca consegui encontrar outra maneira a não ser essa que citei. Obrigado

 

Edit: consegui resolver :)

Adwcleaner

 

# AdwCleaner v5.036 - Relatório criado 25/02/2016 às 00:48:42
# Atualizado 22/02/2016 por Xplode
# Banco de dados : 2016-02-24.1 [Servidor]
# Sistema operacional : Windows 8.1 Single Language  (x64)
# Usuário : Victor - ASUS-PC
# Executando de : C:\Users\Victor\Desktop\AdwCleaner.exe
# Opção : Limpar
# Apoio : hxxp://toolslib.net/forum

***** [ Serviços ] *****


***** [ Pastas ] *****

[x] Pasta Não Excluído : C:\Program Files (x86)\mipony
[-] Pasta Excluído : C:\Program Files (x86)\myfree codec
[x] Pasta Não Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mipony
[-] Pasta Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[x] Pasta Não Excluído : C:\Users\Victor\AppData\Roaming\mipony
[x] Pasta Não Excluído : C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mipony

***** [ Arquivos ] *****

[x] Arquivo Não Excluído : C:\Users\Victor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk[x] Arquivo Não Excluído : C:\Users\Victor\Desktop\MiPony.lnk
***** [ DLLs ] *****


***** [ Atalhos ] *****


***** [ Tarefas agendadas ] *****


***** [ Registro ] *****

[x] Chave Não Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{0DC81A74-1FBD-4EF6-82B2-DE3FA05E8233}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{1B26E4A2-7F09-4365-9AB8-13E6891E42CB}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{21402197-BB5B-476C-AA1D-3FFED8ED813A}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{42E8D680-A18B-4CAA-ACE0-18EA05E4A056}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{454A4044-16EC-4D64-9069-C5B8832B7B55}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{4FEB1BAD-35AD-4A08-B6EC-E6D832F1ED4D}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{8F2B3016-17D4-447A-B207-FFA8957A834A}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{E66B63B0-49F8-47E3-A9BA-799287B59E87}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{F8FA5B48-B7A2-4BC6-8389-9587643A4660}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09E90109-A9AA-4980-BCEF-76F8D924E902}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{0DC81A74-1FBD-4EF6-82B2-DE3FA05E8233}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{1B26E4A2-7F09-4365-9AB8-13E6891E42CB}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{21402197-BB5B-476C-AA1D-3FFED8ED813A}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{42E8D680-A18B-4CAA-ACE0-18EA05E4A056}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{454A4044-16EC-4D64-9069-C5B8832B7B55}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{4FEB1BAD-35AD-4A08-B6EC-E6D832F1ED4D}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{8F2B3016-17D4-447A-B207-FFA8957A834A}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{E66B63B0-49F8-47E3-A9BA-799287B59E87}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Classes\Interface\{F8FA5B48-B7A2-4BC6-8389-9587643A4660}
[-] Chave Excluída : HKCU\Software\Myfree Codec
[-] Chave Excluída : HKLM\SOFTWARE\Myfree Codec
[-] Chave Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[x] Chave Não Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiPony

***** [ Navegadores ] *****

[-] [C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Excluído : br.ask.com

*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3786 bytes] - [25/02/2016 00:48:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [3735 bytes] - [25/02/2016 00:31:56]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3932 bytes] ##########
# AdwCleaner v5.200 - Relatório criado 30/06/2016 às 11:19:55
# Atualizado 14/06/2016 por ToolsLib
# Banco de dados : 2016-06-30.1 [Servidor]
# Sistema operacional : Windows 8.1 Single Language  (X64)
# Usuário : Victor - ASUS-PC
# Executando de : C:\Users\Victor\Desktop\adwcleaner_5.200.exe
# Opção : Limpar
# Apoio : https://toolslib.net/forum

***** [ Serviços ] *****


***** [ Pastas ] *****

[-] Pasta Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mipony
[-] Pasta Excluído : C:\Program Files (x86)\mipony
[-] Pasta Excluído : C:\Users\Victor\AppData\Roaming\mipony
[-] Pasta Excluído : C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mipony
[-] Pasta Excluído : C:\Users\Victor\AppData\Local\VirtualStore\Program Files (x86)\Bywifi

***** [ Arquivos ] *****

[-] Arquivo Excluído : C:\Windows\SysWOW64\SVCProxyOff.ini
[-] Arquivo Excluído : C:\Users\Victor\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
[-] Arquivo Excluído : C:\Users\Victor\Desktop\MiPony.lnk
[-] Arquivo Excluído : C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Arquivo Excluído : C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Arquivo Excluído : C:\Windows\SysNative\SVCProxyOff.ini

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Atalhos ] *****


***** [ Tarefas agendadas ] *****


***** [ Registro ] *****

[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MiPony.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\mipony
[-] Chave Excluída : HKLM\SOFTWARE\Classes\mipony-ext
[-] Chave Excluída : HKLM\SOFTWARE\Classes\mpybrowser
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Chave Excluída : HKCU\Software\IM
[-] Chave Excluída : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Chave Excluída : HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MiPony
[-] Chave Excluída : [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Chave Excluída : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Valor Excluída : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [bywifi]

***** [ Navegadores ] *****


*************************

:: Políticas do IE excluídas
:: Políticas do Chrome excluídas

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [7045 bytes] - [25/02/2016 00:48:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [6952 bytes] - [25/02/2016 00:31:56]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7191 bytes] ##########
 

 

 

JRT

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 8.1 Single Language x64 
Ran by Victor (Administrator) on 30/06/2016 at 11:27:51,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 11 

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\ProgramData\thunder network (Folder) 
Successfully deleted: C:\Users\Public\thunder network (Folder) 
Successfully deleted: C:\Users\Victor\AppData\Roaming\iobit\driver booster (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (Victor) (Task)
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder) 
Successfully deleted: C:\Windows\prefetch\DRIVERBOOSTER.EXE-5A181E91.pf (File) 
Successfully deleted: C:\Windows\prefetch\DRIVERBOOSTER.EXE-D5205666.pf (File) 

Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/06/2016 at 11:48:44,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

ZHPCleaner

 

 

~ ZHPCleaner v2016.6.29.78 by Nicolas Coolman (2016/06/25)
~ Run by Victor (Administrator)  (30/06/2016 11:56:52)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Victor\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Victor\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Single Language, 64-bit  (Build 9600)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (1)
SUPRIMIDO dados: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : local]  =>Hijacker.Proxy


---\\  Arquivo hosts (1)
~ O arquivo hosts é legítimo (61)


---\\  Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Explorer ( Arquivos, Pastas) (88)
MOVIDO pasta: C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage    =>.Superfluous.CloudfrontNet
MOVIDO pasta: C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal    =>.Superfluous.CloudfrontNet
MOVIDO arquivo: C:\ProgramData\Microsoft Toolkit  =>HackTool.AutoKMS
MOVIDO arquivo: C:\Users\Victor\Desktop\Goosebumps.2015.1080p.BluRay.x264-Replica  =>.Superfluous.MaxStart
MOVIDO arquivo: C:\Windows\Installer\MSI1194.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI167C.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI1BA5.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI230A.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI270C.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI2BA4.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI2DEE.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI374E.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI37B3.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI395A.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI3B98.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI3EBA.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI41B1.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI439D.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI444F.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI44DA.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI481D.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI4AA3.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI5168.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI5381.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI553E.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI561E.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI59A9.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI60ED.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI618B.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI6236.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI665E.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI6702.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI67F5.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI68BA.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI69FA.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI6CF8.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI6EED.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI6F4A.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI7269.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI7382.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI752.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI7653.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI79B0.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI7B88.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI8402.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI86A3.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI86D0.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI88D7.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI8A0A.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI8A7E.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI8BE6.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI8D5B.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI8FB.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI90B5.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI9270.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI936B.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI98DA.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI9A5C.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI9CDD.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI9CD3.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI9D93.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI9E1C.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI9E94.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI9F4A.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSI9FFA.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIA5AA.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIAA4.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIAA86.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIB145.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIB560.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIB6F8.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIC04.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIC0BD.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIC288.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIC6A0.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSICB3E.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSICEDA.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSID707.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIDA4F.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIDB05.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIE3B2.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIE4F2.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIE94D.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIEB8B.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIECC9.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIF272.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIF3D8.tmp-  =>Empty
MOVIDO arquivo: C:\Windows\Installer\MSIF9CA.tmp-  =>Empty


---\\  Registro ( Chaves, Valores, Dados ) (5)
SUPRIMIDO chave*: HKEY_USERS\S-1-5-21-3928538914-1254491160-1078913021-1001\SOFTWARE\Bywifi []  =>PUP.Optional.Bywifi
SUPRIMIDO chave: HKCU\Software\Bywifi []  =>PUP.Optional.Bywifi
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman]  =>Trojan.Camec
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Bywifi []  =>PUP.Optional.Bywifi
SUPRIMIDO chave: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [secman]  =>Trojan.Camec


---\\  Resumo dos elementos encontrados na sua estação de trabalho (6)
https://www.nicolascoolman.info/2016/06/09/pirate-de-serveur-proxy-hijacker-proxy/  =>Hijacker.Proxy
http://www.nicolascoolman.fr/?p=5145  =>.Superfluous.CloudfrontNet
https://www.nicolascoolman.info/2016/05/04/hacktool-autokms/  =>HackTool.AutoKMS
https://www.nicolascoolman.info/2016/06/07/superfluous-maxstart/  =>.Superfluous.MaxStart
http://www.nicolascoolman.fr/?p=1624  =>PUP.Optional.Bywifi
http://www.nicolascoolman.fr/?p=4664  =>Trojan.Camec


---\\  Dodatkowe oczyszczenie. (20)
~ Chave de registro Tracing Supprimido (20)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 655
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 94


~ End of clean in 00h00mn16s
~====================
ZHPCleaner-[R]-30062016-11_57_08.txt
ZHPCleaner--30062016-11_55_23.txt
 

Editado por vitão89

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vitão89

 

Que bom que resolveu... muitas vezes o Windows quando infectado se comporta de uma maneira, mas durante a remoção, com a eliminação da(s) infecção(ões) ele vai readquirindo seu comportamento padrão, ou seja, retornando as suas atividades normalmente.

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites
43 minutos atrás, diego_moicano disse:

Caro @vitão89

 

Que bom que resolveu... muitas vezes o Windows quando infectado se comporta de uma maneira, mas durante a remoção, com a eliminação da(s) infecção(ões) ele vai readquirindo seu comportamento padrão, ou seja, retornando as suas atividades normalmente.

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

 

 

quando eu abri o programa, ele já veio com outras opções marcadas. Eu desmarquei pois pelo que eu entendi, era pra marcar somente "arquivos 90 dias". Os logs foram feitos somente com essa opção marcada...

 

O log addition.txt não foi gerado

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 29-06-2016
Executado por Victor (administrador) em ASUS-PC (01-07-2016 09:07:49)
Executando a partir de C:\Users\Victor\Desktop
Perfis Carregados: Victor (Perfis Disponíveis: Victor)
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Todos) =========================

(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) C:\Windows\System32\taskhostex.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Droid4X\Droid4XService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\System32\conhost.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(hxxp://winaero.com) C:\Users\Victor\Desktop\Miniaturas - Barras laterais\wcbk_[winaero.com]_135\WinaeroCharmsBarKiller.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
() C:\Users\Victor\MEmu\MEmuConsole.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NETSTAT.EXE
(Microsoft Corporation) C:\Windows\System32\conhost.exe
() C:\Users\Victor\MEmu\adb.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Farbar) C:\Users\Victor\Desktop\FRST64.exe

==================== Registro (Todos) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [391128 2013-11-25] (Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [771032 2013-11-25] (Intel Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2015-11-20] (ESET)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111488 2015-11-20] (Intel Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-02-10] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114368 2015-05-31] (VMware, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2623456 2016-06-02] (Malwarebytes Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [26112 2014-10-28] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [22528 2014-10-28] (Microsoft Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe [2757616 2016-02-08] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [2412576 2016-02-08] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-16] (Banco do Brasil)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-10-30] (Atheros Communications)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [f.lux] => C:\Users\Victor\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-14] (Valve Corporation)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [CharmsBarKiller] => C:\Users\Victor\Desktop\Miniaturas - Barras laterais\wcbk_[winaero.com]_135\WinaeroCharmsBarKiller.exe [349184 2013-11-23] (hxxp://winaero.com)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [BankerFixV3] => \LinhaDefensiva\rotinas\postreboot.bat
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {7130a44a-8f2c-11e5-825c-10c37bc2c9b2} - "G:\autorun.exe" 
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e1737e-a184-11e5-8290-10c37bc2c9b2} - "H:\autorun.exe" 
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e17385-a184-11e5-8290-10c37bc2c9b2} - "I:\autorun.exe" 
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e1738c-a184-11e5-8290-10c37bc2c9b2} - "J:\autorun.exe" 
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-08] (Microsoft Corporation) <==== ATENÇÃO
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  Nenhum Arquivo
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -  Nenhum Arquivo
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-06-16] (Banco do Brasil)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\System32\EhStorShell.dll [2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-06-25]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar365.lnk [2016-07-01]
ShortcutTarget: Sidebar365.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
BootExecute: autocheck autochk * 
AlternateShell: cmd.exe

==================== Internet (Todos) ===========================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296 2014-10-28] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144 2014-10-28] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144 2014-10-28] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536 2014-10-28] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040 2014-10-28] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688 2014-10-28] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9 12 C:\Windows\SysWOW64\vsocklib.dll [64192 2015-05-21] (VMware, Inc.)
Winsock: Catalog9 13 C:\Windows\SysWOW64\vsocklib.dll [64192 2015-05-21] (VMware, Inc.)
Winsock: Catalog5-x64 01 C:\Windows\system32\napinsp.dll [69120 2014-10-28] (Microsoft Corporation)
Winsock: Catalog5-x64 02 C:\Windows\system32\pnrpnsp.dll [88576 2014-10-28] (Microsoft Corporation)
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [88576 2014-10-28] (Microsoft Corporation)
Winsock: Catalog5-x64 04 C:\Windows\system32\NLAapi.dll [86016 2014-10-28] (Microsoft Corporation)
Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [30720 2014-10-28] (Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Windows\system32\wshbth.dll [63488 2014-10-28] (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [339456 2016-05-13] (Microsoft Corporation)
Winsock: Catalog9-x64 12 C:\Windows\system32\vsocklib.dll [68288 2015-05-21] (VMware, Inc.)
Winsock: Catalog9-x64 13 C:\Windows\system32\vsocklib.dll [68288 2015-05-21] (VMware, Inc.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.225.197.34 200.225.197.37
Tcpip\..\Interfaces\{57E59905-8E39-4E95-83A9-F9EF2A0F2B8F}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{57E59905-8E39-4E95-83A9-F9EF2A0F2B8F}: [DhcpNameServer] 200.225.197.34 200.225.197.37
Tcpip\..\Interfaces\{9A03BE3B-6ECC-47C8-B6B1-A49A2E6510AF}: [DhcpNameServer] 200.225.197.34 200.225.197.37
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
URLSearchHook: HKU\S-1-5-21-3928538914-1254491160-1078913021-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
URLSearchHook: HKU\S-1-5-21-3928538914-1254491160-1078913021-1001 - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
SearchScopes: HKU\S-1-5-21-3928538914-1254491160-1078913021-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-04-25] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-06-16] (Banco do Brasil)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-10-28] (FreeDownloadManager.ORG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-04-25] (Oracle Corporation)
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2016-05-21] (Microsoft Corporation)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2016-05-21] (Microsoft Corporation)
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2014-10-28] (Microsoft Corporation)
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2014-10-28] (Microsoft Corporation)
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2014-10-28] (Microsoft Corporation)
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2014-10-28] (Microsoft Corporation)
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2016-05-21] (Microsoft Corporation)
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2016-05-21] (Microsoft Corporation)
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2016-05-21] (Microsoft Corporation)
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2016-05-21] (Microsoft Corporation)
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2016-05-20] (Microsoft Corporation)
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2016-05-20] (Microsoft Corporation)
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2016-05-20] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2014-01-23] (Microsoft Corporation)
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2014-10-28] (Microsoft Corporation)
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2014-10-28] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2016-05-21] (Microsoft Corporation)
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2016-05-21] (Microsoft Corporation)
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2014-10-28] (Microsoft Corporation)
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2014-10-28] (Microsoft Corporation)
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2016-05-21] (Microsoft Corporation)
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2016-05-21] (Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll [2013-08-22] (Microsoft Corporation)
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL [2014-01-23] (Microsoft Corporation)
Filter-x32: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL [2014-01-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Victor\AppData\Roaming\Mozilla\Firefox\Profiles\jsbri4ua.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-24] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-04-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-25] (Google Inc.)
FF Plugin HKU\S-1-5-21-3928538914-1254491160-1078913021-1001: @tools.coowon.com/Coowon Update;version=3 -> C:\Users\Victor\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2016-02-20] (Coowon.)
FF Plugin HKU\S-1-5-21-3928538914-1254491160-1078913021-1001: @tools.coowon.com/Coowon Update;version=9 -> C:\Users\Victor\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2016-02-20] (Coowon.)
FF Extension: leethax.net extension - C:\Users\Victor\AppData\Roaming\Mozilla\Firefox\Profiles\jsbri4ua.default\extensions\leethax@leethax.net.xpi [2016-06-25]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-06-28] [não assinado]
FF HKLM-x32\...\Mozilla Firefox 47.0.1\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components => não encontrado (a)
FF HKLM-x32\...\Mozilla Firefox 47.0.1\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins => não encontrado (a)
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2015-11-20] [não assinado]
FF HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager extension - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2016-03-25]
FF HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Mozilla Firefox 47.0.1\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components => não encontrado (a)
FF HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Mozilla Firefox 47.0.1\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins => não encontrado (a)
FF HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => não encontrado (a)
StartMenuInternet: FIREFOX.EXE - "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\channel-prefs.js [2015-10-29]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Profile: C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-25]
CHR Extension: (YouTube) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-25]
CHR Extension: (Facebook Disconnect) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2016-06-25]
CHR Extension: (AdBlock) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-29]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-25]
CHR Extension: (SiteBlock) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj [2016-06-25]
CHR Extension: (Gmail) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <não encontrado (a)>
StartMenuInternet: Google Chrome - "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

==================== Serviços (Todos) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [214528 2014-10-28] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [96768 2014-10-28] (Microsoft Corporation)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [39936 2015-08-01] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [110080 2016-01-31] (Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [562688 2014-10-28] (Microsoft Corporation)
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1348096 2016-02-08] (Microsoft Corporation)
R2 ASLDRService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [115512 2014-02-18] (ASUSTek Computer Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [317568 2013-10-30] (Windows (R) Win 7 DDK provider) [Arquivo não assinado]
R2 ATKGFNEXSrv; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [230400 2015-05-30] (Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [911360 2015-05-30] (Microsoft Corporation)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [111104 2014-10-28] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [348672 2015-09-24] (Microsoft Corporation)
R2 BFE; C:\Windows\System32\bfe.dll [845312 2016-02-05] (Microsoft Corporation)
S3 BITS; C:\Windows\System32\qmgr.dll [933376 2014-10-28] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [270336 2014-10-28] (Microsoft Corporation)
R3 Browser; C:\Windows\System32\browser.dll [135168 2014-10-28] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [94720 2014-10-28] (Microsoft Corporation)
R2 CertPropSvc; C:\Windows\System32\certprop.dll [156160 2014-10-28] (Microsoft Corporation)
S3 cphs; C:\Windows\SysWow64\IntelCpHeciSvc.exe [279000 2013-11-25] (Intel Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [131584 2014-10-28] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [817664 2016-01-27] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [524288 2014-10-28] (Microsoft Corporation)
R2 DeviceAssociationService; C:\Windows\system32\das.dll [407040 2014-10-28] (Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [116736 2014-10-28] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [365056 2014-10-28] (Microsoft Corporation)
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [292864 2014-10-28] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1633792 2015-07-22] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [252416 2014-11-04] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [262144 2014-10-28] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [174080 2014-10-28] (Microsoft Corporation)
S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-17] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2015-11-20] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2015-11-20] (Intel Corporation)
R2 Droid4XService; C:\Program Files (x86)\Droid4X\Droid4XService.exe [279552 2016-04-29] () [Arquivo não assinado]
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [206848 2014-10-28] (Microsoft Corporation)
S3 Eaphost; C:\Windows\System32\eapsvc.dll [110592 2014-10-28] (Microsoft Corporation)
S3 EFS; C:\Windows\system32\efssvc.dll [41472 2014-10-28] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2016-02-25] (Intel Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1696256 2015-03-05] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [516608 2014-10-28] (Microsoft Corporation)
R2 EventSystem; C:\Windows\SysWOW64\es.dll [367616 2014-10-28] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [658944 2014-10-28] (Microsoft Corporation)
S3 fdPHost; C:\Windows\system32\fdPHost.dll [22016 2014-10-28] (Microsoft Corporation)
S3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2014-10-28] (Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [121856 2014-10-28] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1383936 2015-11-08] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2013-08-22] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-06-16] (GAS Tecnologia)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1360896 2016-05-12] (Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-25] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-25] (Google Inc.)
R3 hidserv; C:\Windows\system32\hidserv.dll [33792 2014-10-28] (Microsoft Corporation)
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [30720 2014-10-28] (Microsoft Corporation)
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [101376 2014-10-28] (Microsoft Corporation)
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [275968 2014-10-28] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [445952 2014-10-28] (Microsoft Corporation)
S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [366080 2014-10-28] (Microsoft Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-10-31] (Microsoft Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [1083904 2016-02-05] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Arquivo não assinado]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [926208 2014-10-28] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S3 KeyIso; C:\Windows\system32\keyiso.dll [62464 2014-10-28] (Microsoft Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [46592 2014-10-28] (Microsoft Corporation)
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [373248 2014-10-28] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [329216 2014-10-28] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [289280 2014-10-28] (Microsoft Corporation)
S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [522240 2015-05-07] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [367104 2015-05-07] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [279040 2014-10-28] (Microsoft Corporation)
S2 lmhosts; C:\Windows\System32\lmhsvc.dll [24576 2014-10-28] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616 2013-10-23] (Intel Corporation)
R2 LSM; C:\Windows\System32\lsm.dll [780800 2015-02-20] (Microsoft Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [742368 2016-06-02] (Malwarebytes Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MMCSS; C:\Windows\system32\mmcss.dll [71168 2014-10-28] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [146888 2016-06-28] (Mozilla Foundation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [880640 2014-10-28] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [144384 2014-10-28] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151040 2014-10-28] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [65024 2015-06-15] (Microsoft Corporation)
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [59904 2015-06-15] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [446464 2014-10-28] (Microsoft Corporation)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [166400 2014-10-28] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [154112 2014-10-28] (Microsoft Corporation)
S3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [74752 2015-07-16] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\netlogon.dll [839168 2015-12-20] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [696320 2015-12-20] (Microsoft Corporation)
S3 Netman; C:\Windows\System32\netman.dll [266752 2014-10-28] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [550912 2014-10-28] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-08-09] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [391680 2014-12-05] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [28672 2014-10-28] (Microsoft Corporation)
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [922912 2013-11-11] (NVIDIA Corporation)
S3 ose64; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [178760 2014-01-23] (Microsoft Corporation)
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [380416 2014-10-28] (Microsoft Corporation)
S3 p2psvc; C:\Windows\system32\p2psvc.dll [440832 2014-10-28] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [472576 2016-06-03] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2013-08-22] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1526784 2014-10-28] (Microsoft Corporation)
S3 pla; C:\Windows\SysWOW64\pla.dll [1534464 2014-10-28] (Microsoft Corporation)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [116736 2014-10-28] (Microsoft Corporation)
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [26624 2014-10-28] (Microsoft Corporation)
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [380416 2014-10-28] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [398848 2016-05-12] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [80384 2014-10-28] (Microsoft Corporation)
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [2988544 2015-09-08] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [228864 2015-07-09] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [303104 2014-10-28] (Microsoft Corporation)
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [261632 2014-10-28] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [102912 2014-10-28] (Microsoft Corporation)
S3 RasMan; C:\Windows\System32\rasmans.dll [542208 2014-10-28] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [226816 2014-10-28] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [183296 2014-10-28] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [166400 2014-10-28] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [80896 2014-10-28] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2014-10-28] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [817664 2016-01-27] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [47024 2014-10-29] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)
S2 SCardSvr; C:\Windows\System32\SCardSvr.dll [194048 2014-10-28] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [131072 2014-10-28] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [1265152 2015-08-01] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [156160 2014-10-28] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [31744 2016-02-06] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [73728 2014-10-28] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [243200 2014-10-28] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [339968 2014-10-28] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [296448 2014-10-28] (Microsoft Corporation)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [452608 2014-10-28] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [640000 2014-10-28] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [576512 2014-10-28] (Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [13312 2014-10-28] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2014-10-28] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14848 2014-10-28] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [827392 2014-11-04] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [6521800 2015-04-30] (Microsoft Corporation)
S3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [249344 2014-10-28] (Microsoft Corporation)
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [142848 2014-10-28] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1518672 2016-06-14] (Valve Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [670720 2014-10-28] (Microsoft Corporation)
S3 StorSvc; C:\Windows\system32\storsvc.dll [20480 2014-10-28] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [17920 2014-10-28] (Microsoft Corporation)
S3 svsvc; C:\Windows\system32\svsvc.dll [13312 2014-10-28] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [706048 2014-10-28] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [1217024 2015-07-10] (Microsoft Corporation)
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [294912 2015-05-12] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [154624 2014-10-28] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [313344 2014-10-28] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [254464 2014-10-28] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH)
S3 TermService; C:\Windows\System32\termsrv.dll [1114624 2014-10-28] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-10-28] (Microsoft Corporation)
S3 THREADORDER; C:\Windows\system32\mmcss.dll [71168 2014-10-28] (Microsoft Corporation)
R3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [262656 2014-10-28] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [124416 2014-10-28] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [106496 2014-10-28] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [41984 2014-10-28] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [300032 2014-10-28] (Microsoft Corporation)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [254904 2016-03-18] (RaMMicHaeL)
S3 upnphost; C:\Windows\System32\upnphost.dll [457728 2014-10-28] (Microsoft Corporation)
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [331776 2014-10-28] (Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [260608 2014-10-28] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [1313792 2014-10-28] (Microsoft Corporation)
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [87744 2015-05-31] (VMware, Inc.)
S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
R2 VMnetDHCP; C:\Windows\SysWOW64\vmnetdhcp.exe [359104 2015-05-31] (VMware, Inc.)
R2 VMUSBArbService; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [916672 2015-05-22] (VMware, Inc.)
R2 VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [438464 2015-05-31] (VMware, Inc.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12732608 2015-05-31] ()
S3 VSS; C:\Windows\system32\vssvc.exe [1455104 2016-02-05] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [411648 2014-10-28] (Microsoft Corporation)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
S3 wbengine; C:\Windows\system32\wbengine.exe [1574912 2016-02-02] (Microsoft Corporation)
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [465920 2014-10-28] (Microsoft Corporation)
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [374784 2014-10-28] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [465920 2014-10-28] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [43520 2014-10-28] (Microsoft Corporation)
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [34304 2014-10-28] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [95744 2014-10-28] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [84992 2014-10-28] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [95744 2014-10-28] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [84992 2014-10-28] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [228864 2015-07-01] (Microsoft Corporation)
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [198656 2015-07-01] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [209408 2014-10-28] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [26112 2014-10-28] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84992 2014-10-28] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [108544 2014-10-28] (Microsoft Corporation)
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [67584 2014-10-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [802816 2016-05-13] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [631808 2016-05-13] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [230400 2014-10-28] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2609152 2016-02-02] (Microsoft Corporation)
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [2170880 2016-02-02] (Microsoft Corporation)
R2 WlanSvc; C:\Windows\System32\wlansvc.dll [1547264 2014-10-28] (Microsoft Corporation)
S3 wlidsvc; C:\Windows\system32\wlidsvc.dll [1639424 2014-10-28] (Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [201728 2014-10-28] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1478144 2014-10-28] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1673728 2016-02-03] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2014-10-28] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10240 2014-10-28] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [86528 2014-10-28] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [146944 2016-01-06] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [903168 2015-04-01] (Microsoft Corporation)
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [710144 2015-03-31] (Microsoft Corporation)
S3 WSService; C:\Windows\System32\WSService.dll [3460472 2014-10-29] (Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\wuaueng.dll [3708416 2016-02-12] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [104960 2014-10-28] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [513536 2014-10-28] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-30] (Atheros) [Arquivo não assinado]
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 svcprocess; C:\Windows\svcproxy\svcprocess.exe [X]

==================== Drivers (Todos) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [231424 2013-08-22] (Microsoft Corporation)
S0 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [533824 2014-10-07] (Microsoft Corporation)
R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation)
S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [10240 2013-08-22] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [12288 2013-08-22] (Microsoft Corporation)
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [10752 2013-08-22] (Microsoft Corporation)
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R1 AFD; C:\Windows\system32\drivers\afd.sys [559616 2015-10-13] (Microsoft Corporation)
S3 AgereSoftModem; C:\Windows\system32\DRIVERS\agrsm64.sys [1146880 2013-06-18] (LSI Corp)
S0 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [80384 2015-03-19] (Microsoft Corporation)
R3 AiCharger; C:\Windows\system32\DRIVERS\AiCharger.sys [17152 2014-03-27] (ASUSTek Computer Inc.)
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [95744 2013-08-22] (Microsoft Corporation)
S3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [98816 2013-08-22] (Microsoft Corporation)
S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices)
S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.)
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices)
S3 AppID; C:\Windows\system32\drivers\appid.sys [82944 2014-10-28] (Microsoft Corporation)
S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [15416 2009-07-02] (ASUS)
S0 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation)
S3 AthBTPort; C:\Windows\system32\DRIVERS\btath_flt.sys [89800 2013-10-30] (Qualcomm Atheros)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4297216 2016-04-10] (Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [19768 2013-07-02] (ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2015-11-20] (ASUS Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [50688 2013-08-22] (Microsoft Corporation)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [33280 2014-02-22] (Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [35168 2013-08-22] (Microsoft Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows (R) Win 7 DDK provider)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [7680 2013-08-22] (Microsoft Corporation)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [102912 2013-08-22] (Microsoft Corporation)
S3 BTATH_A2DP; C:\Windows\system32\drivers\btath_a2dp.sys [338120 2013-10-30] (Qualcomm Atheros)
S3 btath_avdt; C:\Windows\system32\drivers\btath_avdt.sys [116424 2013-10-30] (Qualcomm Atheros)
R3 BTATH_BUS; C:\Windows\System32\drivers\btath_bus.sys [34384 2013-10-30] (Qualcomm Atheros)
S3 BTATH_HCRP; C:\Windows\System32\drivers\btath_hcrp.sys [179432 2013-10-30] (Qualcomm Atheros)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-10-30] (Qualcomm Atheros)
S3 BTATH_RCP; C:\Windows\System32\drivers\btath_rcp.sys [137928 2013-10-30] (Qualcomm Atheros)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [53776 2016-06-14] (IVT Corporation.)
S3 BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [600776 2015-11-20] (Qualcomm Atheros)
S3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation)
S3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [53248 2015-06-09] (Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2015-03-08] (Microsoft Corporation)
S3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [64000 2014-07-24] (Microsoft Corporation)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Corporation)
S3 BthPan; C:\Windows\System32\drivers\bthpan.sys [118272 2015-07-10] (Microsoft Corporation)
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [1201664 2015-06-09] (Microsoft Corporation)
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [81920 2015-06-09] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [88576 2013-08-22] (Microsoft Corporation)
R1 cdrom; C:\Windows\System32\drivers\cdrom.sys [164352 2013-08-22] (Microsoft Corporation)
S3 circlass; C:\Windows\System32\drivers\circlass.sys [44032 2013-08-22] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [377152 2015-03-04] (Microsoft Corporation)
R3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [25472 2013-08-22] (Microsoft Corporation)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [563016 2016-05-16] (Microsoft Corporation)
R3 CnxtHdAudService; C:\Windows\system32\drivers\CHDRT64.sys [1534656 2016-06-14] (Conexant Systems Inc.)
R3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [36352 2013-08-22] (Microsoft Corporation)
R3 condrv; C:\Windows\System32\drivers\condrv.sys [43008 2013-08-22] (Microsoft Corporation)
S1 dam; C:\Windows\System32\drivers\dam.sys [58176 2014-11-04] (Microsoft Corporation)
R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [134144 2014-03-06] (Microsoft Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [120416 2016-01-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 disk; C:\Windows\System32\drivers\disk.sys [99672 2016-01-20] (Microsoft Corporation)
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [29696 2013-08-22] (Microsoft Corporation)
S3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-17] (Intel Corporation)
S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2015-11-20] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2016-02-25] (Intel Corporation)
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [14528 2014-10-29] (Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-19] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2015-11-19] (Disc Soft Ltd)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [1549144 2016-04-10] (Microsoft Corporation)
S3 e1iexpress; C:\Windows\system32\DRIVERS\e1i63x64.sys [460288 2013-06-18] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation)
S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [10240 2013-08-22] (Microsoft Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [260072 2016-02-25] (Intel Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-06-02] ()
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [200704 2013-08-22] (Microsoft Corporation)
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [217952 2013-08-22] (Microsoft Corporation)
S3 fdc; C:\Windows\System32\drivers\fdc.sys [30720 2013-08-22] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-02-22] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34816 2013-08-22] (Microsoft Corporation)
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [25088 2013-08-22] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [354112 2014-08-26] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [61248 2014-10-15] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-04-07] (Microsoft Corporation)
S3 FxPPM; C:\Windows\System32\drivers\fxppm.sys [27136 2013-08-22] (Microsoft Corporation)
S0 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-07-01] (GAS Tecnologia)
R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg64.sys [29816 2016-07-01] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-22] (GAS Tecnologia)
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [11264 2013-08-22] (Microsoft Corporation)
S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [146752 2014-08-14] (Microsoft Corporation)
S3 GunBod; C:\Windows\system32\gunbod64.sys [86352 2016-05-13] ()
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [55488 2015-05-22] (VMware, Inc.)
S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [395776 2013-08-22] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [76800 2014-07-24] (Microsoft Corporation)
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [26624 2013-08-22] (Microsoft Corporation)
S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [97792 2015-01-30] (Microsoft Corporation)
S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [41472 2013-08-22] (Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [45568 2013-08-22] (Microsoft Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsHIDSwitch64.sys [20280 2013-10-07] (ASUS)
R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [33280 2014-03-06] (Microsoft Corporation)
S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [991552 2015-02-24] (Microsoft Corporation)
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation)
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [13824 2013-08-22] (Microsoft Corporation)
S3 HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [22016 2013-08-22] (Microsoft Corporation)
R3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [108544 2014-11-04] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
R0 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [1462720 2015-12-19] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation)
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [4208640 2013-11-25] (Intel Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [39320 2013-10-28] (Intel Corporation)
S3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [475384 2015-11-20] (Intel(R) Corporation)
S0 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-17] (Microsoft Corporation)
R3 intelppm; C:\Windows\System32\drivers\intelppm.sys [98816 2013-08-22] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [84992 2013-08-22] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [80896 2016-02-03] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [142848 2013-11-27] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2013-08-22] (Microsoft Corporation)
S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [275800 2014-04-06] (Microsoft Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [27032 2013-10-28] (Intel Corporation)
R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [59712 2014-11-04] (Microsoft Corporation)
R3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [32256 2014-11-04] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 kdnic; C:\Windows\system32\DRIVERS\kdnic.sys [19456 2013-08-22] (Microsoft Corporation)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100672 2014-10-29] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [178008 2016-05-16] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [21248 2013-08-22] (Microsoft Corporation)
R3 L1C; C:\Windows\system32\DRIVERS\L1C63x64.sys [130248 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R2 lltdio; C:\Windows\system32\DRIVERS\lltdio.sys [59392 2013-08-22] (Microsoft Corporation)
S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation)
S0 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [124416 2014-02-22] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-26] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation)
S0 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-04-25] (Intel Corporation)
R2 memudrv; C:\Users\Victor\MEmuHyperv\MEmuDrv.sys [260328 2016-01-16] (Microvirt Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40960 2013-08-22] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\drivers\monitor.sys [30208 2013-08-22] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [51008 2014-11-04] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [30208 2014-11-04] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101720 2015-07-15] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [74240 2014-10-28] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2016-01-06] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [401920 2016-04-06] (Microsoft Corporation)
R2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [284672 2016-04-06] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [201728 2016-04-06] (Microsoft Corporation)
S3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [115712 2014-10-28] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [30208 2013-08-22] (Microsoft Corporation)
S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [41824 2013-08-22] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2013-08-22] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [9728 2013-08-22] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\system32\drivers\MSKSSRV.sys [10624 2013-08-22] (Microsoft Corporation)
S3 MsLldp; C:\Windows\system32\DRIVERS\mslldp.sys [66560 2014-10-28] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\system32\drivers\MSPCLOCK.sys [7040 2013-08-22] (Microsoft Corporation)
S3 MSPQM; C:\Windows\system32\drivers\MSPQM.sys [6784 2013-08-22] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366432 2013-08-22] (Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [37728 2013-08-22] (Microsoft Corporation)
S3 MSTEE; C:\Windows\system32\drivers\MSTEE.sys [7936 2013-08-22] (Microsoft Corporation)
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [13312 2013-08-22] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation)
S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.)
R2 NativeWifiP; C:\Windows\system32\DRIVERS\nwifi.sys [445440 2014-10-28] (Microsoft Corporation)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1113944 2015-07-14] (Microsoft Corporation)
S3 NdisCap; C:\Windows\system32\DRIVERS\ndiscap.sys [43008 2014-10-28] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-28] (Microsoft Corporation)
S3 NdisTapi; C:\Windows\system32\DRIVERS\ndistapi.sys [24576 2014-11-08] (Microsoft Corporation)
R3 Ndisuio; C:\Windows\system32\DRIVERS\ndisuio.sys [60416 2013-08-22] (Microsoft Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 NdisWan; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation)
S3 NdisWanLegacy; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation)
S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [72192 2014-11-08] (Microsoft Corporation)
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [103424 2014-10-28] (Microsoft Corporation)
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [48128 2014-10-28] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [281088 2016-05-13] (Microsoft Corporation)
S3 netvsc; C:\Windows\System32\drivers\netvsc63.sys [87040 2014-10-28] (Microsoft Corporation)
S3 NETwNs64; C:\Windows\system32\DRIVERS\Netwsw00.sys [11518976 2013-06-18] (Intel Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [58880 2013-08-22] (Microsoft Corporation)
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [23040 2013-08-22] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [39424 2014-10-28] (Microsoft Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [2017624 2015-12-30] (Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [5632 2013-08-22] (Microsoft Corporation)
R3 nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [12613408 2013-11-13] (NVIDIA Corporation)
S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation)
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation)
S0 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation)
S3 Parport; C:\Windows\System32\drivers\parport.sys [94208 2013-08-22] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [88896 2014-10-15] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation)
S0 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation)
S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation)
R0 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-17] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663040 2014-02-22] (Microsoft Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider)
S3 Processor; C:\Windows\System32\drivers\processr.sys [92160 2013-08-22] (Microsoft Corporation)
R1 Psched; C:\Windows\system32\DRIVERS\pacer.sys [151040 2014-10-28] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [47104 2014-10-28] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2014-10-28] (Microsoft Corporation)
S3 RasPppoe; C:\Windows\system32\DRIVERS\raspppoe.sys [84992 2013-08-22] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [408576 2013-12-17] (Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [22528 2013-08-22] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [195584 2013-08-22] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [27456 2014-10-29] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-02-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [921920 2014-10-15] (Microsoft Corporation)
S3 RFCOMM; C:\Windows\System32\drivers\rfcomm.sys [167424 2015-01-30] (Microsoft Corporation)
R2 rspndr; C:\Windows\system32\DRIVERS\rspndr.sys [80384 2013-08-22] (Microsoft Corporation)
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [7168 2013-08-22] (Microsoft Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)
S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [40960 2014-10-28] (Microsoft Corporation)
R3 sdbus; C:\Windows\System32\drivers\sdbus.sys [239424 2015-03-13] (Microsoft Corporation)
R3 sdstor; C:\Windows\System32\drivers\sdstor.sys [79192 2014-02-22] (Microsoft Corporation)
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2013-08-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [18768 2016-03-27] () [Arquivo não assinado]
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [69472 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
S3 Serenum; C:\Windows\System32\drivers\serenum.sys [23040 2013-08-22] (Microsoft Corporation)
S3 Serial; C:\Windows\System32\drivers\serial.sys [83456 2013-08-22] (Microsoft Corporation)
S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [26112 2014-11-04] (Microsoft Corporation)
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [17408 2013-08-22] (Microsoft Corporation)
S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-02-25] (Synaptics Incorporated)
R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [419160 2016-01-24] (Microsoft Corporation)
S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [72032 2013-08-22] (Microsoft Corporation)
R2 srv; C:\Windows\System32\DRIVERS\srv.sys [416768 2016-05-13] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [675328 2016-05-13] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [243712 2016-05-13] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [213088 2016-01-08] (DEVGURU Co., LTD.(www.devguru.co.kr))
S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.)
S0 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation)
S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [49944 2014-10-29] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-12-18] (Microsoft Corporation)
S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation)
R2 svcp; C:\Windows\system32\Drivers\svcp64.sys [43800 2015-10-09] (Kurupira.net)
R3 swenum; C:\Windows\System32\drivers\swenum.sys [14144 2014-10-29] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2466136 2016-03-11] (Microsoft Corporation)
S3 TCPIP6; C:\Windows\system32\DRIVERS\tcpip.sys [2466136 2016-03-11] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [49152 2014-03-06] (Microsoft Corporation)
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [108032 2015-10-13] (Microsoft Corporation)
S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [37216 2013-08-22] (Microsoft Corporation)
S3 TPM; C:\Windows\system32\drivers\tpm.sys [155480 2015-09-29] (Microsoft Corporation)
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56320 2013-08-22] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [29696 2014-10-28] (Microsoft Corporation)
R3 tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [154112 2015-09-04] (Microsoft Corporation)
S0 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation)
R3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [74080 2013-08-22] (Microsoft Corporation)
R3 UCX01000; C:\Windows\System32\drivers\ucx01000.sys [189248 2014-10-07] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [316416 2015-03-12] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S0 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\drivers\umbus.sys [46080 2013-08-22] (Microsoft Corporation)
S3 UmPass; C:\Windows\System32\drivers\umpass.sys [11776 2013-08-22] (Microsoft Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [143680 2014-07-24] (Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [98304 2014-10-28] (Microsoft Corporation)
R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [91992 2016-01-08] (Microsoft Corporation)
R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [462168 2015-10-11] (Microsoft Corporation)
R3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [468824 2015-10-11] (Microsoft Corporation)
S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2015-10-10] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [26112 2013-08-22] (Microsoft Corporation)
R3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [148832 2016-01-31] (Microsoft Corporation)
S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [37376 2015-10-10] (Microsoft Corporation)
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [212736 2014-06-21] (Microsoft Corporation)
R3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [325464 2015-04-16] (Microsoft Corporation)
R1 VBoxDrv; C:\Windows\system32\DRIVERS\VBoxDrv.sys [254240 2014-05-16] (Oracle Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation)
S3 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [175960 2013-12-18] (Microsoft Corporation)
S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [551256 2016-02-06] (Microsoft Corporation)
S0 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.)
S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [97048 2014-10-29] (Microsoft Corporation)
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [21760 2013-08-22] (Microsoft Corporation)
R0 vmci; C:\Windows\System32\drivers\vmci.sys [85584 2015-05-21] (VMware, Inc.)
R3 VMnetAdapter; C:\Windows\system32\DRIVERS\vmnetadapter.sys [28864 2015-05-31] (VMware, Inc.)
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [48832 2015-05-31] (VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [26816 2015-05-31] (VMware, Inc.)
R2 vmx86; C:\Windows\system32\drivers\vmx86.sys [66752 2015-05-31] (VMware, Inc.)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [74584 2016-04-11] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [316760 2016-03-14] (Microsoft Corporation)
S3 vpci; C:\Windows\System32\drivers\vpci.sys [72024 2016-01-26] (Microsoft Corporation)
S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation)
R3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2013-08-22] (Microsoft Corporation)
R1 vwififlt; C:\Windows\system32\DRIVERS\vwififlt.sys [71680 2013-08-22] (Microsoft Corporation)
R3 vwifimp; C:\Windows\system32\DRIVERS\vwifimp.sys [36864 2013-08-22] (Microsoft Corporation)
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [26752 2013-08-22] (Microsoft Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-22] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R0 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136512 2014-11-10] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [33600 2014-10-29] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
S3 WinUsb; C:\Windows\System32\drivers\WinUSB.sys [78848 2015-10-10] (Microsoft Corporation)
R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [16384 2013-08-22] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 wpcfltr; C:\Windows\System32\DRIVERS\wpcfltr.sys [54784 2014-10-29] (Microsoft Corporation)
S3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [26976 2013-08-22] (Microsoft Corporation)
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2013-08-22] (Microsoft Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-07-01] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S3 WSDPrintDevice; C:\Windows\System32\drivers\WSDPrint.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WSDScan; C:\Windows\system32\DRIVERS\WSDScan.sys [23040 2014-10-28] (Microsoft Corporation)
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [113664 2014-10-28] (Microsoft Corporation)
R3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 WUDFWpdFs; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S1 HWiNFO32; \??\C:\Users\Victor\AppData\Local\Temp\HWiNFO64A.SYS [X]
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-01 09:07 - 2016-07-01 09:07 - 00088789 _____ C:\Users\Victor\Desktop\FRST.txt
2016-07-01 09:05 - 2016-07-01 09:05 - 00000000 ____D C:\FRST
2016-07-01 08:57 - 2016-07-01 08:57 - 02390016 _____ (Farbar) C:\Users\Victor\Desktop\FRST64.exe
2016-06-30 22:46 - 2016-06-30 22:46 - 01327860 _____ C:\Users\Victor\Desktop\Diego Moicano.pdf
2016-06-30 11:57 - 2016-06-30 11:57 - 00008136 _____ C:\Users\Victor\Desktop\ZHPCleaner.txt
2016-06-30 11:51 - 2016-06-30 11:57 - 00000000 ____D C:\Users\Victor\AppData\Roaming\ZHP
2016-06-30 11:51 - 2016-06-30 11:51 - 00000841 _____ C:\Users\Victor\Desktop\ZHPCleaner.lnk
2016-06-30 11:48 - 2016-06-30 11:48 - 00001499 _____ C:\Users\Victor\Desktop\JRT.txt
2016-06-30 11:14 - 2016-06-30 11:15 - 00000000 ____D C:\Users\Victor\Desktop\chrome backup
2016-06-30 11:08 - 2016-06-30 11:08 - 02275840 _____ C:\Users\Victor\Desktop\ZHPCleaner.exe
2016-06-30 11:07 - 2016-06-30 11:07 - 01610816 _____ (Malwarebytes) C:\Users\Victor\Desktop\JRT.exe
2016-06-30 11:07 - 2016-06-30 11:07 - 01377492 _____ C:\Users\Victor\Desktop\favoritos_30_06_16.html chrome.html
2016-06-30 11:06 - 2016-06-30 11:06 - 03703360 _____ C:\Users\Victor\Desktop\adwcleaner_5.200.exe
2016-06-28 12:46 - 2016-06-29 08:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-27 08:29 - 2016-06-27 08:29 - 01370112 _____ C:\Users\Victor\Desktop\ZA-Scan.exe
2016-06-26 17:47 - 2016-06-27 08:38 - 00000478 _____ C:\runcheck.txt
2016-06-26 17:46 - 2016-06-26 17:46 - 00000000 ____D C:\zoek_backup
2016-06-26 12:38 - 2016-06-26 13:53 - 00000000 ____D C:\Users\Victor\Desktop\O Comeco da Vida 2016 WEBRip 720p Dublado
2016-06-26 11:02 - 2016-06-26 11:02 - 00000000 ____D C:\Users\Victor\Desktop\ANIMEFNDBS48720
2016-06-26 11:01 - 2016-06-26 11:01 - 00000000 ____D C:\Users\Victor\Desktop\ANIFND49720
2016-06-25 22:17 - 2016-06-26 16:09 - 00000000 ____D C:\LinhaDefensiva
2016-06-25 22:08 - 2016-06-25 22:08 - 00003040 _____ C:\Windows\System32\Tasks\{08E04683-6356-4661-9D48-EA4DEC01C217}
2016-06-25 22:07 - 2016-06-25 22:07 - 00178597 _____ (Igor Pavlov) C:\bankerfix.exe
2016-06-25 18:48 - 2016-06-25 18:48 - 00001073 _____ C:\Users\Public\Desktop\Kaspersky Software Updater Beta.lnk
2016-06-25 18:48 - 2016-06-25 18:48 - 00001033 _____ C:\Users\Public\Desktop\Kaspersky Security Scan.lnk
2016-06-25 18:48 - 2016-06-25 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2016-06-25 18:48 - 2016-06-25 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2016-06-25 18:48 - 2016-06-25 18:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-06-25 18:48 - 2016-06-25 18:48 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-06-25 18:43 - 2016-06-25 18:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-06-25 14:02 - 2016-06-25 14:03 - 00000000 ____D C:\Users\Victor\Downloads\Intel Components
2016-06-25 01:21 - 2016-06-25 01:21 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-25 01:21 - 2016-06-25 01:21 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-25 01:20 - 2016-07-01 08:31 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-25 01:20 - 2016-07-01 08:10 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-25 01:20 - 2016-06-25 01:26 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-25 01:20 - 2016-06-25 01:26 - 00003828 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-25 01:14 - 2016-06-25 01:17 - 00000000 ____D C:\Users\Victor\Documents\pfglnpdpgmecffbejlfgpnebopinlclj
2016-06-25 01:14 - 2016-06-25 01:16 - 00000000 ____D C:\Users\Victor\Documents\gighmmpiobklfepjocnamgkkbiglidom
2016-06-25 01:14 - 2016-06-25 01:15 - 00000000 ____D C:\Users\Victor\Documents\ejpepffjfmamnambagiibghpglaidiec
2016-06-23 14:46 - 2016-06-23 14:46 - 00041926 _____ C:\Users\Victor\Desktop\Começando do zero.odt
2016-06-22 21:28 - 2016-06-22 21:28 - 00026526 _____ C:\Users\Victor\Desktop\leethax.xpi
2016-06-22 10:07 - 2016-06-25 14:18 - 00000000 ____D C:\Users\Victor\AppData\Roaming\DMCache
2016-06-22 10:07 - 2016-06-22 10:07 - 00000000 ____D C:\Users\Victor\Downloads\Video
2016-06-22 10:07 - 2016-06-22 10:07 - 00000000 ____D C:\Users\Victor\Downloads\Compressed
2016-06-22 10:07 - 2016-06-22 10:07 - 00000000 ____D C:\ProgramData\IDM
2016-06-21 12:13 - 2016-06-21 12:13 - 00000000 ____D C:\Users\Victor\Downloads\MinhaBox
2016-06-21 12:12 - 2016-06-25 00:44 - 00000720 _____ C:\Users\Public\Desktop\Minhateca.lnk
2016-06-21 12:12 - 2016-06-21 19:43 - 00000000 ____D C:\Users\Victor\AppData\Local\MinhaBox.br
2016-06-21 12:12 - 2016-06-21 12:12 - 00000000 ____D C:\Users\Victor\.gstreamer-0.10
2016-06-21 12:12 - 2016-06-21 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minhateca.com.br
2016-06-21 12:12 - 2016-06-21 12:12 - 00000000 ____D C:\Program Files (x86)\Minhateca.com.br Box
2016-06-20 13:12 - 2016-06-20 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-06-18 11:31 - 2016-03-31 03:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-18 11:30 - 2016-05-12 15:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-18 11:30 - 2016-05-12 14:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-18 11:30 - 2016-05-12 13:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-18 11:30 - 2016-05-12 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-18 11:30 - 2016-05-12 13:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-18 11:30 - 2016-05-12 12:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-18 11:30 - 2016-05-12 12:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-18 11:30 - 2016-05-12 12:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-18 11:30 - 2016-05-06 12:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-18 11:30 - 2016-05-06 12:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-18 11:30 - 2016-03-31 00:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-18 11:29 - 2016-04-12 12:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-18 11:29 - 2016-04-06 18:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-18 11:29 - 2016-04-06 14:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-18 11:29 - 2016-04-06 13:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-18 11:29 - 2016-04-06 12:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-18 11:28 - 2016-06-03 14:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-18 11:28 - 2016-06-03 10:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-18 11:28 - 2016-06-02 14:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-18 11:28 - 2016-05-29 12:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-18 11:28 - 2016-05-29 12:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-18 11:28 - 2016-05-29 12:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-18 11:28 - 2016-05-29 12:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-18 11:28 - 2016-05-29 12:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-18 11:28 - 2016-05-29 12:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-18 11:28 - 2016-04-12 12:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-18 11:28 - 2016-04-09 18:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-06-18 11:28 - 2016-04-09 18:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-06-18 11:28 - 2016-03-28 22:42 - 07446368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-18 11:27 - 2016-05-16 18:13 - 00563016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-18 11:27 - 2016-05-16 18:13 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-18 11:27 - 2016-05-16 18:13 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-18 11:27 - 2016-05-16 18:13 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-18 11:27 - 2016-05-13 20:09 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-18 11:27 - 2016-05-13 20:07 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-18 11:27 - 2016-05-13 20:07 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-18 11:27 - 2016-05-13 20:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-18 11:27 - 2016-05-13 19:34 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-18 11:27 - 2016-05-13 18:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-18 11:27 - 2016-05-09 18:35 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-06-18 11:27 - 2016-05-09 17:56 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-06-18 11:27 - 2016-05-09 17:45 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-18 11:27 - 2016-05-09 17:23 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-18 11:27 - 2016-04-10 01:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-06-18 11:27 - 2016-04-10 01:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-06-18 11:27 - 2016-04-06 15:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-18 11:27 - 2016-04-06 15:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-18 11:27 - 2016-04-06 15:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-18 11:27 - 2016-04-06 13:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-18 11:26 - 2016-02-03 12:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-06-18 11:26 - 2016-02-02 14:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-06-18 11:25 - 2016-05-21 14:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-18 11:25 - 2016-05-21 13:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-18 11:25 - 2016-05-18 02:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-18 11:25 - 2016-05-18 02:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-18 11:25 - 2016-05-13 20:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-18 11:25 - 2016-05-13 19:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-18 11:25 - 2016-03-10 14:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll
2016-06-18 11:25 - 2016-03-10 13:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll
2016-06-18 11:25 - 2016-03-05 14:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-06-18 11:25 - 2016-03-05 14:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-06-18 11:25 - 2016-01-31 14:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-06-18 11:24 - 2016-05-20 19:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-18 11:24 - 2016-05-20 19:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-18 11:24 - 2016-05-20 19:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-18 11:24 - 2016-05-20 18:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-18 11:24 - 2016-05-20 18:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-18 11:24 - 2016-05-20 18:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-18 11:24 - 2016-05-20 18:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-18 11:24 - 2016-05-20 18:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-18 11:24 - 2016-05-20 18:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-18 11:24 - 2016-05-20 18:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-18 11:24 - 2016-05-20 18:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-18 11:24 - 2016-05-20 18:25 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-06-18 11:24 - 2016-05-20 18:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-18 11:24 - 2016-05-20 18:21 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-06-18 11:24 - 2016-05-20 18:19 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-06-18 11:24 - 2016-05-20 18:16 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-06-18 11:24 - 2016-05-20 18:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-18 11:24 - 2016-05-20 18:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-18 11:24 - 2016-05-20 18:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-18 11:24 - 2016-05-20 18:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-18 11:24 - 2016-05-20 18:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-18 11:24 - 2016-05-20 18:09 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-18 11:24 - 2016-05-20 18:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-18 11:24 - 2016-05-20 18:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-18 11:24 - 2016-05-20 18:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-18 11:24 - 2016-05-20 17:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-18 11:24 - 2016-05-20 17:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-18 11:24 - 2016-05-20 17:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-18 11:24 - 2016-05-20 17:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-18 11:24 - 2016-05-20 17:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-18 11:24 - 2016-05-20 17:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-18 11:24 - 2016-04-22 16:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-18 11:24 - 2016-04-22 15:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-18 11:24 - 2016-04-14 12:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-18 11:24 - 2016-04-14 12:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-18 11:24 - 2016-04-10 04:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-06-18 11:24 - 2016-04-10 04:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-06-18 11:24 - 2016-02-27 15:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-06-18 11:24 - 2016-02-27 14:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-06-18 11:24 - 2016-02-27 14:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-06-18 11:24 - 2016-02-27 13:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-06-18 11:24 - 2016-01-31 16:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-18 11:24 - 2016-01-31 15:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-18 11:24 - 2016-01-31 14:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-18 11:24 - 2016-01-31 14:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-18 11:23 - 2016-03-14 13:50 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-06-18 11:22 - 2016-04-11 03:21 - 00074584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2016-06-18 11:22 - 2016-03-15 22:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-18 11:22 - 2016-03-15 22:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-18 11:22 - 2016-03-11 21:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-06-18 11:22 - 2016-03-11 21:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-06-18 11:22 - 2016-03-11 21:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-06-18 11:22 - 2016-03-10 13:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-18 11:22 - 2016-03-10 13:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-06-18 11:22 - 2016-03-10 13:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-18 11:21 - 2016-05-18 20:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-18 11:21 - 2016-05-18 17:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-18 11:21 - 2016-05-14 17:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-18 11:21 - 2016-05-14 17:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-18 11:21 - 2016-05-13 20:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-18 11:21 - 2016-05-13 18:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-18 11:21 - 2016-05-13 18:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-18 11:21 - 2016-05-13 18:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-18 11:21 - 2016-05-13 18:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-18 11:21 - 2016-04-10 02:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-16 18:00 - 2016-06-16 18:00 - 08621221 _____ C:\Users\Victor\Desktop\PET-6138-Delacao-SergioMachado-VOLUME001.pdf
2016-06-16 18:00 - 2016-06-16 18:00 - 03324970 _____ C:\Users\Victor\Desktop\PET-6138-Delacao-Sergio-Machado-VOLUME002.pdf
2016-06-14 18:25 - 2016-06-14 18:25 - 00053776 _____ (IVT Corporation.) C:\Windows\system32\Drivers\btcusb.sys
2016-06-14 18:25 - 2016-06-14 18:25 - 00021496 _____ (IVT Corporation.) C:\Windows\system32\btinstall.dll
2016-06-14 18:24 - 2016-06-14 18:24 - 01534656 _____ (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT64.sys
2016-06-04 19:09 - 2016-06-29 10:37 - 00000014 _____ C:\Users\Victor\Desktop\Torneio.txt
2016-05-30 22:04 - 2016-07-01 08:10 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-05-30 22:04 - 2015-03-18 10:23 - 00103640 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2016-05-30 22:03 - 2016-05-30 22:03 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-05-30 22:03 - 2016-05-30 22:03 - 00000000 ___HD C:\Program Files (x86)\Diebold
2016-05-30 22:03 - 2016-05-30 22:03 - 00000000 ____D C:\Program Files\Diebold
2016-05-28 19:23 - 2016-05-28 19:23 - 00000000 ____D C:\Users\Victor\AppData\Roaming\fltk.org
2016-05-28 19:22 - 2016-05-28 19:23 - 00000000 ____D C:\Users\Victor\Desktop\ePSXe.v1.6.0
2016-05-28 19:21 - 2016-05-28 19:23 - 40684125 _____ C:\Users\Victor\Desktop\CEP HOW TO USE CEP WITH EPSXE EMULATOR AND CHEAT CODES.mp4
2016-05-27 17:02 - 2016-05-27 17:02 - 00000000 ____D C:\ProgramData\X360CE
2016-05-27 11:27 - 2016-05-27 11:27 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-05-27 11:27 - 2014-03-18 05:00 - 00406016 _____ (CANON INC.) C:\Windows\system32\CNMLMCB.DLL
2016-05-25 19:33 - 2016-05-25 19:33 - 00000000 ____D C:\Users\Victor\Documents\My Data Files
2016-05-25 19:32 - 2016-05-25 19:54 - 00000000 ____D C:\ProgramData\Wondershare
2016-05-25 19:32 - 2016-05-25 19:54 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-05-25 19:32 - 2016-05-25 19:32 - 00000000 ____D C:\Users\Victor\AppData\Local\Wondershare
2016-05-25 19:32 - 2016-05-25 19:32 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-05-25 19:23 - 2016-05-25 19:31 - 00000000 ____D C:\Program Files (x86)\Convar
2016-05-24 10:41 - 2016-05-24 10:41 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-05-24 10:41 - 2016-05-24 10:41 - 00000000 ____D C:\Program Files\Unlocker
2016-05-23 19:09 - 2016-05-23 19:10 - 00000000 ____D C:\Users\Victor\Desktop\fceux-2.1.4a-win32-444
2016-05-21 15:31 - 2016-05-21 15:31 - 01264712 _____ C:\Users\Victor\Desktop\alfacon_victor_sabadao_alfartano__ao_vivo_varios_professores_1o_enc_20160521153117.pdf
2016-05-17 15:26 - 2015-10-09 11:47 - 00043800 _____ (Kurupira.net) C:\Windows\system32\Drivers\svcp64.sys
2016-05-17 15:26 - 2015-03-05 21:30 - 00460288 _____ (Kurupira.net) C:\Windows\system32\SVCProxy64.dll
2016-05-17 15:26 - 2015-03-05 21:29 - 00354304 _____ (Kurupira.net) C:\Windows\SysWOW64\SVCProxy.dll
2016-05-16 11:37 - 2016-05-16 11:37 - 01136033 _____ C:\Users\Victor\Desktop\Roteiro-Estudos-120dias-XX-Exame-OAB-1Fase.pdf
2016-05-14 23:37 - 2016-06-25 00:44 - 00001775 _____ C:\Users\Victor\Desktop\DigiMecum.lnk
2016-05-14 23:37 - 2016-05-14 23:37 - 00000000 ____D C:\Users\Victor\Documents\DigiMecum
2016-05-14 23:37 - 2016-05-14 23:37 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DigiMecum 2 Gratuito
2016-05-13 16:19 - 2016-05-13 16:19 - 00086352 _____ C:\Windows\system32\gunbod64.sys
2016-05-13 16:19 - 2016-05-13 16:19 - 00031568 _____ C:\Windows\system32\gunsken64.sys
2016-05-13 16:10 - 2016-05-13 16:10 - 00000000 ____D C:\Users\Victor\AppData\Local\Intel
2016-05-13 16:09 - 2016-03-09 20:43 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2016-05-13 15:57 - 2016-05-13 15:57 - 00000000 ____D C:\Windows\IObit
2016-05-13 15:56 - 2016-05-13 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-05-13 15:25 - 2016-06-25 00:44 - 00000928 _____ C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\GunboundPS.lnk
2016-05-13 15:25 - 2016-05-13 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftnyxGame
2016-05-13 15:24 - 2016-05-13 15:24 - 00000000 ____D C:\Game
2016-05-12 11:55 - 2016-05-12 11:55 - 00000000 ____D C:\Users\Victor\Desktop\oab 1ª fase
2016-05-12 08:31 - 2016-06-09 09:28 - 00000000 ____D C:\Users\Victor\Desktop\DBZDK
2016-05-04 22:23 - 2016-05-04 22:23 - 00002861 _____ C:\Users\Victor\Documents\D + backspace.m2s
2016-05-04 22:18 - 2016-05-04 22:18 - 00000000 ____D C:\Users\Victor\Documents\My Recorded Scripts
2016-05-04 22:17 - 2016-06-25 00:44 - 00001263 _____ C:\Users\Public\Desktop\Mouse Recorder Pro 2.lnk
2016-05-04 22:17 - 2016-06-25 00:44 - 00001201 _____ C:\Users\Public\Desktop\Mouse Recorder Play.lnk
2016-05-04 22:17 - 2016-05-04 22:17 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Mouse Recorder Pro
2016-05-04 22:17 - 2016-05-04 22:17 - 00000000 ____D C:\Users\Victor\AppData\Local\Nemex
2016-05-04 22:17 - 2016-05-04 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Recorder Pro 2
2016-05-04 22:17 - 2016-05-04 22:17 - 00000000 ____D C:\Program Files (x86)\Nemex
2016-05-03 10:52 - 2016-06-23 10:58 - 00000000 ____D C:\Users\Victor\Downloads\MEmu Download
2016-05-03 10:46 - 2016-07-01 08:23 - 00000000 ____D C:\Users\Victor\.MemuHyperv
2016-05-03 10:46 - 2016-06-25 00:44 - 00001700 _____ C:\Users\Victor\Desktop\Multi-MEmu.lnk
2016-05-03 10:46 - 2016-06-25 00:44 - 00001674 _____ C:\Users\Victor\Desktop\MEmu.lnk
2016-05-03 10:46 - 2016-05-03 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEmu
2016-05-03 10:44 - 2016-07-01 08:23 - 00000000 ____D C:\Users\Victor\MEmu
2016-05-03 10:44 - 2016-05-03 10:45 - 00000000 ____D C:\Users\Victor\MEmuHyperv
2016-04-29 16:56 - 2016-04-29 16:59 - 76266809 _____ C:\Users\Victor\Desktop\Carlos Alberto Brilhante Ustra - A Verdade Sufocada.pdf
2016-04-29 16:56 - 2016-04-29 16:56 - 38461144 _____ C:\Users\Victor\Desktop\orvil_completo.pdf
2016-04-28 20:21 - 2016-06-22 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-04-28 20:21 - 2016-06-22 15:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-04-28 15:00 - 2016-06-30 18:15 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-04-27 20:05 - 2016-04-27 20:08 - 00000000 ____D C:\Users\Victor\Desktop\mycap
2016-04-26 09:30 - 2016-06-25 00:44 - 00001010 _____ C:\Users\Public\Desktop\Droid4X Multi Manager.lnk
2016-04-25 10:44 - 2016-04-25 10:44 - 00185896 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverW8x64.sys
2016-04-21 15:25 - 2016-04-21 15:25 - 00000000 ____D C:\Users\Victor\AppData\Roaming\7+ Taskbar Tweaker
2016-04-18 10:44 - 2016-06-29 08:11 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-04-16 15:17 - 2016-04-21 15:26 - 00000000 ____D C:\Users\Victor\Desktop\Miniaturas - Barras laterais
2016-04-14 00:05 - 2016-02-02 15:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-04-14 00:04 - 2016-03-11 11:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-14 00:04 - 2016-03-10 14:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-14 00:04 - 2016-03-10 13:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-14 00:04 - 2016-01-21 16:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-04-14 00:04 - 2016-01-21 15:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-04-14 00:02 - 2016-03-28 10:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-14 00:02 - 2016-03-03 13:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-14 00:02 - 2016-03-03 13:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-14 00:02 - 2016-03-02 22:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-14 00:02 - 2016-03-02 22:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-14 00:02 - 2016-02-08 22:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-04-14 00:02 - 2016-02-08 22:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-04-14 00:02 - 2016-02-08 22:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-04-14 00:02 - 2016-02-08 22:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-04-14 00:02 - 2016-02-08 22:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-04-14 00:02 - 2016-02-08 17:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-04-14 00:02 - 2016-02-08 17:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-04-14 00:02 - 2016-02-08 17:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-04-14 00:02 - 2016-02-08 16:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-04-14 00:02 - 2016-02-08 16:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-04-14 00:02 - 2016-02-08 16:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-04-14 00:02 - 2016-02-08 16:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-04-14 00:02 - 2016-02-08 16:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-04-14 00:02 - 2016-02-08 16:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-04-14 00:02 - 2016-02-08 16:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-04-14 00:02 - 2016-02-08 15:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-04-14 00:02 - 2016-02-08 14:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-04-14 00:02 - 2016-02-08 14:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-04-14 00:02 - 2016-02-08 14:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-04-14 00:02 - 2016-02-08 14:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-04-14 00:02 - 2016-02-08 13:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-04-14 00:02 - 2016-02-08 13:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-04-14 00:02 - 2016-02-08 13:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-04-14 00:02 - 2016-02-08 13:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-04-14 00:02 - 2016-02-08 13:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-04-14 00:02 - 2016-02-08 13:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-04-14 00:02 - 2016-02-08 13:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-04-14 00:02 - 2016-02-08 13:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-04-14 00:02 - 2016-02-08 13:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-04-14 00:02 - 2016-02-05 11:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-04-14 00:02 - 2016-02-03 12:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-04-14 00:02 - 2016-02-02 14:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-04-14 00:02 - 2016-02-02 14:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-04-14 00:02 - 2016-02-02 14:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-04-14 00:02 - 2016-02-02 13:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-04-14 00:02 - 2016-02-02 13:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-04-14 00:02 - 2016-02-02 13:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-04-14 00:02 - 2016-02-02 13:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-04-14 00:02 - 2016-02-02 13:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-04-14 00:02 - 2016-01-27 12:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-14 00:01 - 2016-03-10 16:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-14 00:01 - 2016-03-10 14:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-14 00:01 - 2016-03-10 14:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-14 00:01 - 2016-03-10 13:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-14 00:01 - 2016-03-10 13:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-14 00:01 - 2016-01-22 02:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-04-14 00:01 - 2016-01-22 02:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-04-14 00:00 - 2016-02-04 15:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-04-14 00:00 - 2016-02-04 14:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-04-14 00:00 - 2016-01-26 16:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-04-14 00:00 - 2016-01-20 19:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 23:59 - 2016-06-18 11:26 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 23:59 - 2016-06-18 11:26 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 23:59 - 2016-06-18 11:26 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-13 23:59 - 2016-06-18 11:26 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 23:59 - 2016-06-18 11:26 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 23:59 - 2016-06-18 11:26 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-13 23:59 - 2016-06-18 11:26 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-13 23:59 - 2016-02-06 20:05 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-04-13 23:59 - 2016-02-05 16:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-04-13 23:59 - 2016-02-05 12:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-04-13 23:59 - 2016-02-05 12:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-04-13 23:59 - 2016-02-05 12:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-04-13 23:59 - 2016-02-05 12:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-04-13 23:59 - 2016-02-04 13:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-04-13 23:59 - 2016-02-04 13:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-04-13 23:59 - 2016-02-02 14:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-04-13 23:58 - 2016-03-03 13:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-10 22:56 - 2016-04-10 22:56 - 04297216 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athwbx.sys

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-01 08:23 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-07-01 08:11 - 2015-11-19 22:31 - 00000074 _____ C:\Users\Victor\AppData\Roaming\sp_data.sys
2016-07-01 08:10 - 2016-03-25 20:19 - 00000000 ____D C:\ProgramData\VMware
2016-07-01 08:10 - 2015-11-20 15:00 - 00029816 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg64.sys
2016-07-01 08:10 - 2015-11-20 15:00 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-07-01 08:10 - 2015-11-20 15:00 - 00000000 ____D C:\ProgramData\GbPlugin
2016-07-01 08:10 - 2015-11-20 15:00 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-07-01 08:09 - 2015-12-29 23:43 - 00000000 _____ C:\hsrv.txt
2016-07-01 08:09 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-30 18:11 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-30 18:08 - 2015-11-20 00:08 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-30 12:32 - 2015-11-19 22:28 - 00000000 ____D C:\Users\Victor\AppData\Local\Packages
2016-06-30 12:12 - 2015-11-19 22:34 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3928538914-1254491160-1078913021-1001
2016-06-30 12:00 - 2015-11-19 22:41 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2016-06-30 12:00 - 2015-11-19 22:41 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2016-06-30 11:29 - 2015-11-20 17:49 - 00000000 ____D C:\Users\Victor\AppData\Roaming\IObit
2016-06-30 11:29 - 2015-11-20 17:49 - 00000000 ____D C:\ProgramData\IObit
2016-06-30 11:29 - 2015-11-20 17:49 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-30 11:17 - 2016-02-25 00:31 - 00000000 ____D C:\AdwCleaner
2016-06-30 11:13 - 2015-11-19 23:02 - 00000000 ____D C:\Users\Victor\Desktop\Marvel Avengers Alliance Trainer V9.0 x64 - Brandons PC
2016-06-30 11:13 - 2013-12-18 14:57 - 01805284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-30 11:13 - 2013-12-18 01:10 - 00779020 _____ C:\Windows\system32\prfh0416.dat
2016-06-30 11:13 - 2013-12-18 01:10 - 00160124 _____ C:\Windows\system32\prfc0416.dat
2016-06-30 11:01 - 2016-03-13 22:16 - 00051177 _____ C:\Users\Victor\Desktop\ativos_vitao ATUALIZADA.xlsx
2016-06-30 09:42 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-29 08:09 - 2015-11-19 22:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-28 08:25 - 2015-11-19 22:28 - 00000000 ____D C:\Users\Victor
2016-06-27 23:25 - 2015-11-20 09:31 - 00000000 ____D C:\Users\Victor\AppData\Roaming\uTorrent
2016-06-27 16:45 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF
2016-06-27 10:43 - 2016-03-12 22:17 - 00001618 _____ C:\Windows\Sandboxie.ini
2016-06-27 08:25 - 2016-03-20 14:32 - 00000000 ____D C:\Users\Victor\AppData\Local\ElevatedDiagnostics
2016-06-26 21:08 - 2016-03-23 19:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-26 08:10 - 2015-11-20 00:25 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-06-26 08:08 - 2015-11-19 23:10 - 00000000 ____D C:\Program Files\WinRAR
2016-06-25 23:07 - 2016-03-19 00:30 - 00003570 _____ C:\Windows\System32\Tasks\klcp_update
2016-06-25 23:06 - 2016-03-19 00:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-06-25 23:06 - 2016-03-19 00:30 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-06-25 23:06 - 2015-11-20 18:29 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-25 23:05 - 2015-11-20 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-25 23:05 - 2015-11-19 23:10 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-25 23:05 - 2015-11-19 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-25 23:04 - 2015-11-20 15:23 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-25 14:19 - 2015-11-20 09:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-25 14:00 - 2014-07-10 18:16 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-25 01:34 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-25 01:21 - 2015-11-19 22:57 - 00000000 ____D C:\Users\Victor\AppData\Local\Google
2016-06-25 01:21 - 2015-11-19 22:57 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-25 01:19 - 2015-11-19 22:56 - 00000000 ____D C:\Users\Victor\AppData\Local\Deployment
2016-06-25 00:44 - 2016-03-25 20:20 - 00002139 _____ C:\Users\Public\Desktop\VMware Workstation.lnk
2016-06-25 00:44 - 2016-03-23 19:26 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-25 00:44 - 2016-03-12 22:17 - 00000974 _____ C:\Users\Victor\Desktop\Navegador web em uma caixa.lnk
2016-06-25 00:44 - 2016-02-25 01:20 - 00001336 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2016-06-25 00:44 - 2015-12-29 23:43 - 00001003 _____ C:\Users\Public\Desktop\Droid4X.lnk
2016-06-25 00:44 - 2015-12-02 13:18 - 00000973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-06-25 00:44 - 2015-12-02 13:18 - 00000967 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-06-25 00:44 - 2015-11-20 19:18 - 00000291 _____ C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lixeira.lnk
2016-06-25 00:44 - 2015-11-20 10:58 - 00001006 _____ C:\Users\Victor\Desktop\Bandicam.lnk
2016-06-25 00:44 - 2015-11-20 09:32 - 00002628 _____ C:\Users\Victor\Desktop\µTorrent.lnk
2016-06-25 00:44 - 2015-11-20 09:18 - 00001163 _____ C:\Users\Victor\Desktop\Abex Document Converter Pro.lnk
2016-06-25 00:44 - 2015-11-19 22:59 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-25 00:44 - 2015-11-19 22:59 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-25 00:44 - 2015-11-19 22:29 - 00001424 _____ C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-24 17:08 - 2015-11-25 00:17 - 00000000 ____D C:\Users\Victor\AppData\Local\Adobe
2016-06-24 09:18 - 2015-12-29 23:43 - 00000000 ____D C:\Users\Victor\AppData\Local\Droid4X
2016-06-24 08:59 - 2015-11-24 23:58 - 00000000 ____D C:\Users\Victor\AppData\Local\CrashDumps
2016-06-24 08:56 - 2015-12-29 23:43 - 00000000 ____D C:\Program Files (x86)\Droid4X
2016-06-24 08:55 - 2015-12-29 23:44 - 00000000 ____D C:\Users\Victor\.VirtualBox
2016-06-22 09:17 - 2015-12-02 13:17 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-22 09:16 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\Globalization
2016-06-20 13:12 - 2016-03-12 22:17 - 00000000 ____D C:\Program Files\Sandboxie
2016-06-19 22:01 - 2016-01-16 22:44 - 00000062 _____ C:\Users\Victor\Desktop\mega.txt
2016-06-19 08:51 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2016-06-18 13:27 - 2013-08-22 11:44 - 00409952 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-18 13:22 - 2015-11-21 15:54 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-06-18 13:22 - 2015-11-21 15:54 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-18 13:22 - 2015-11-21 15:54 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-18 13:22 - 2013-08-22 16:12 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-18 13:22 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ToastData
2016-06-18 12:16 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-18 12:10 - 2015-11-19 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-18 11:49 - 2015-11-20 13:52 - 00000000 ____D C:\Windows\system32\MRT
2016-06-18 11:39 - 2015-11-20 13:52 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-17 11:12 - 2015-12-14 19:19 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Free Download Manager
2016-06-17 11:12 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\ModemLogs
2016-06-14 14:13 - 2013-08-22 12:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 14:13 - 2013-08-22 12:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-09 13:45 - 2015-11-19 22:41 - 00003912 _____ C:\Windows\System32\Tasks\Update Checker
2016-06-09 13:45 - 2013-12-18 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-06-09 13:45 - 2013-12-18 14:56 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-06-09 10:42 - 2015-11-19 22:30 - 00000000 ____D C:\Users\Victor\Documents\Bluetooth Folder

==================== Arquivos na raiz de alguns diretórios =======

2015-12-13 07:32 - 2015-12-13 07:32 - 2516288 _____ (IObit) C:\Program Files (x86)\BigUpgrade.exe
2015-12-29 23:36 - 2015-12-29 23:44 - 0002633 _____ () C:\Users\Victor\AppData\Roaming\droid4xinstaller.log
2015-11-19 22:31 - 2016-07-01 08:11 - 0000074 _____ () C:\Users\Victor\AppData\Roaming\sp_data.sys
2013-12-18 14:55 - 2012-09-07 08:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-18 14:55 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-18 14:55 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Alguns arquivos em TEMP:
====================
C:\Users\Victor\AppData\Local\Temp\.gbas.dll
C:\Users\Victor\AppData\Local\Temp\7za.exe
C:\Users\Victor\AppData\Local\Temp\hijackthis.exe
C:\Users\Victor\AppData\Local\Temp\libeay32.dll
C:\Users\Victor\AppData\Local\Temp\msvcr120.dll
C:\Users\Victor\AppData\Local\Temp\NirCmd.exe
C:\Users\Victor\AppData\Local\Temp\PEVZ.EXE
C:\Users\Victor\AppData\Local\Temp\remove.exe
C:\Users\Victor\AppData\Local\Temp\s3.exe
C:\Users\Victor\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Victor\AppData\Local\Temp\sed.exe
C:\Users\Victor\AppData\Local\Temp\shortcut.exe
C:\Users\Victor\AppData\Local\Temp\sqlite3.dll
C:\Users\Victor\AppData\Local\Temp\swreg.exe
C:\Users\Victor\AppData\Local\Temp\swxcacls.exe
C:\Users\Victor\AppData\Local\Temp\wget.exe
C:\Users\Victor\AppData\Local\Temp\ZAScan.exe
C:\Users\Victor\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-23 12:41

==================== Fim de FRST.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vitão89

 

Provavelmente acabou desmarcando a opção Addition.

 

Faça um novo log com o FRST, porém antes de clicar no botão Examinar, marque a opção Addition.

 

Anexe os logs, por favor.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
1 hora atrás, diego_moicano disse:

Caro @vitão89

 

Provavelmente acabou desmarcando a opção Addition.

 

Faça um novo log com o FRST, porém antes de clicar no botão Examinar, marque a opção Addition.

 

Anexe os logs, por favor.

 

Abraços :D

 

 

Sim, você tinha dito pra marcar "arquivos 90 dias". Eu pensei que tinha que desmarcar as outras opções!

Segue os logs!

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 02-07-2016
Executado por Victor (administrador) em ASUS-PC (02-07-2016 11:18:33)
Executando a partir de C:\Users\Victor\Desktop
Perfis Carregados: Victor (Perfis Disponíveis: Victor)
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Droid4X\Droid4XService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(hxxp://winaero.com) C:\Users\Victor\Desktop\Miniaturas - Barras laterais\wcbk_[winaero.com]_135\WinaeroCharmsBarKiller.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2015-11-20] (ESET)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111488 2015-11-20] (Intel Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-02-10] ()
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114368 2015-05-31] (VMware, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597016 2016-03-31] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2623456 2016-06-02] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-16] (Banco do Brasil)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-10-30] (Atheros Communications)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [f.lux] => C:\Users\Victor\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-14] (Valve Corporation)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [CharmsBarKiller] => C:\Users\Victor\Desktop\Miniaturas - Barras laterais\wcbk_[winaero.com]_135\WinaeroCharmsBarKiller.exe [349184 2013-11-23] (hxxp://winaero.com)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [BankerFixV3] => \LinhaDefensiva\rotinas\postreboot.bat
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {7130a44a-8f2c-11e5-825c-10c37bc2c9b2} - "G:\autorun.exe" 
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e1737e-a184-11e5-8290-10c37bc2c9b2} - "H:\autorun.exe" 
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e17385-a184-11e5-8290-10c37bc2c9b2} - "I:\autorun.exe" 
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e1738c-a184-11e5-8290-10c37bc2c9b2} - "J:\autorun.exe" 
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-08] (Microsoft Corporation) <==== ATENÇÃO
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1947872 2016-06-16] (Banco do Brasil)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-06-25]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar763.lnk [2016-07-02]
ShortcutTarget: Sidebar763.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.225.197.34 200.225.197.37
Tcpip\..\Interfaces\{57E59905-8E39-4E95-83A9-F9EF2A0F2B8F}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{57E59905-8E39-4E95-83A9-F9EF2A0F2B8F}: [DhcpNameServer] 200.225.197.34 200.225.197.37
Tcpip\..\Interfaces\{9A03BE3B-6ECC-47C8-B6B1-A49A2E6510AF}: [DhcpNameServer] 200.225.197.34 200.225.197.37
ManualProxies: 

Internet Explorer:
==================
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3928538914-1254491160-1078913021-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll [2016-04-25] (Oracle Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2016-06-16] (Banco do Brasil)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-10-28] (FreeDownloadManager.ORG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll [2016-04-25] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Victor\AppData\Roaming\Mozilla\Firefox\Profiles\jsbri4ua.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-24] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\dtplugin\npDeployJava1.dll [2016-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.92.2 -> C:\Program Files (x86)\Java\jre1.8.0_92\bin\plugin2\npjp2.dll [2016-04-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-25] (Google Inc.)
FF Plugin HKU\S-1-5-21-3928538914-1254491160-1078913021-1001: @tools.coowon.com/Coowon Update;version=3 -> C:\Users\Victor\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2016-02-20] (Coowon.)
FF Plugin HKU\S-1-5-21-3928538914-1254491160-1078913021-1001: @tools.coowon.com/Coowon Update;version=9 -> C:\Users\Victor\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2016-02-20] (Coowon.)
FF Extension: leethax.net extension - C:\Users\Victor\AppData\Roaming\Mozilla\Firefox\Profiles\jsbri4ua.default\extensions\leethax@leethax.net.xpi [2016-06-25]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2015-11-20] [não assinado]
FF HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension
FF Extension: Free Download Manager extension - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2016-03-25]
FF HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => não encontrado (a)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Profile: C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-25]
CHR Extension: (YouTube) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-25]
CHR Extension: (Facebook Disconnect) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2016-06-25]
CHR Extension: (AdBlock) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-29]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-25]
CHR Extension: (SiteBlock) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfglnpdpgmecffbejlfgpnebopinlclj [2016-06-25]
CHR Extension: (Gmail) - C:\Users\Victor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-25]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <não encontrado (a)>

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [317568 2013-10-30] (Windows (R) Win 7 DDK provider) [Arquivo não assinado]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd)
S2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-17] (Intel Corporation)
S2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2015-11-20] (Intel Corporation)
S2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124904 2015-11-20] (Intel Corporation)
R2 Droid4XService; C:\Program Files (x86)\Droid4X\Droid4XService.exe [279552 2016-04-29] () [Arquivo não assinado]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1392792 2016-02-25] (Intel Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-06-16] (GAS Tecnologia)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Arquivo não assinado]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [742368 2016-06-02] (Malwarebytes Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [254904 2016-03-18] (RaMMicHaeL)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12732608 2015-05-31] ()
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [1058864 2016-05-11] (GAS Tecnologia LTDA)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-30] (Atheros) [Arquivo não assinado]
S3 svcprocess; C:\Windows\svcproxy\svcprocess.exe [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4297216 2016-04-10] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [73512 2015-11-20] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-10-30] (Qualcomm Atheros)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [53776 2016-06-14] (IVT Corporation.)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Corporation)
S3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-17] (Intel Corporation)
S3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2015-11-20] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [52200 2016-02-25] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-19] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2015-11-19] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [260072 2016-02-25] (Intel Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [66080 2016-06-02] ()
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-07-02] (GAS Tecnologia)
R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg64.sys [29816 2016-07-02] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-22] (GAS Tecnologia)
S3 GunBod; C:\Windows\system32\gunbod64.sys [86352 2016-05-13] ()
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-26] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-04-25] (Intel Corporation)
R2 memudrv; C:\Users\Victor\MEmuHyperv\MEmuDrv.sys [260328 2016-01-16] (Microvirt Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [18768 2016-03-27] () [Arquivo não assinado]
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2016-02-25] (Synaptics Incorporated)
R2 svcp; C:\Windows\system32\Drivers\svcp64.sys [43800 2015-10-09] (Kurupira.net)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-22] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-07-02] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S1 HWiNFO32; \??\C:\Users\Victor\AppData\Local\Temp\HWiNFO64A.SYS [X]
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-02 11:17 - 2016-07-02 11:17 - 00000000 ____D C:\Users\Victor\Desktop\FRST-OlderVersion
2016-07-01 09:07 - 2016-07-02 11:18 - 00024537 _____ C:\Users\Victor\Desktop\FRST.txt
2016-07-01 09:05 - 2016-07-02 11:18 - 00000000 ____D C:\FRST
2016-07-01 08:57 - 2016-07-02 11:17 - 02390016 _____ (Farbar) C:\Users\Victor\Desktop\FRST64.exe
2016-06-30 22:46 - 2016-06-30 22:46 - 01327860 _____ C:\Users\Victor\Desktop\Diego Moicano.pdf
2016-06-30 11:57 - 2016-06-30 11:57 - 00008136 _____ C:\Users\Victor\Desktop\ZHPCleaner.txt
2016-06-30 11:51 - 2016-06-30 11:57 - 00000000 ____D C:\Users\Victor\AppData\Roaming\ZHP
2016-06-30 11:51 - 2016-06-30 11:51 - 00000841 _____ C:\Users\Victor\Desktop\ZHPCleaner.lnk
2016-06-30 11:48 - 2016-06-30 11:48 - 00001499 _____ C:\Users\Victor\Desktop\JRT.txt
2016-06-30 11:14 - 2016-06-30 11:15 - 00000000 ____D C:\Users\Victor\Desktop\chrome backup
2016-06-30 11:08 - 2016-06-30 11:08 - 02275840 _____ C:\Users\Victor\Desktop\ZHPCleaner.exe
2016-06-30 11:07 - 2016-06-30 11:07 - 01610816 _____ (Malwarebytes) C:\Users\Victor\Desktop\JRT.exe
2016-06-30 11:07 - 2016-06-30 11:07 - 01377492 _____ C:\Users\Victor\Desktop\favoritos_30_06_16.html chrome.html
2016-06-30 11:06 - 2016-06-30 11:06 - 03703360 _____ C:\Users\Victor\Desktop\adwcleaner_5.200.exe
2016-06-28 12:46 - 2016-06-29 08:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-27 08:29 - 2016-06-27 08:29 - 01370112 _____ C:\Users\Victor\Desktop\ZA-Scan.exe
2016-06-26 17:47 - 2016-06-27 08:38 - 00000478 _____ C:\runcheck.txt
2016-06-26 17:46 - 2016-06-26 17:46 - 00000000 ____D C:\zoek_backup
2016-06-26 12:38 - 2016-06-26 13:53 - 00000000 ____D C:\Users\Victor\Desktop\O Comeco da Vida 2016 WEBRip 720p Dublado
2016-06-26 11:02 - 2016-06-26 11:02 - 00000000 ____D C:\Users\Victor\Desktop\ANIMEFNDBS48720
2016-06-26 11:01 - 2016-06-26 11:01 - 00000000 ____D C:\Users\Victor\Desktop\ANIFND49720
2016-06-25 22:17 - 2016-06-26 16:09 - 00000000 ____D C:\LinhaDefensiva
2016-06-25 22:08 - 2016-06-25 22:08 - 00003040 _____ C:\Windows\System32\Tasks\{08E04683-6356-4661-9D48-EA4DEC01C217}
2016-06-25 22:07 - 2016-06-25 22:07 - 00178597 _____ (Igor Pavlov) C:\bankerfix.exe
2016-06-25 18:48 - 2016-06-25 18:48 - 00001073 _____ C:\Users\Public\Desktop\Kaspersky Software Updater Beta.lnk
2016-06-25 18:48 - 2016-06-25 18:48 - 00001033 _____ C:\Users\Public\Desktop\Kaspersky Security Scan.lnk
2016-06-25 18:48 - 2016-06-25 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2016-06-25 18:48 - 2016-06-25 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2016-06-25 18:48 - 2016-06-25 18:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-06-25 18:48 - 2016-06-25 18:48 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-06-25 18:43 - 2016-06-25 18:43 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-06-25 14:02 - 2016-06-25 14:03 - 00000000 ____D C:\Users\Victor\Downloads\Intel Components
2016-06-25 01:21 - 2016-06-25 01:21 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-25 01:21 - 2016-06-25 01:21 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-25 01:20 - 2016-07-02 11:08 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-25 01:20 - 2016-07-02 01:31 - 00001092 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-25 01:20 - 2016-06-25 01:26 - 00004064 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-25 01:20 - 2016-06-25 01:26 - 00003828 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-25 01:14 - 2016-06-25 01:17 - 00000000 ____D C:\Users\Victor\Documents\pfglnpdpgmecffbejlfgpnebopinlclj
2016-06-25 01:14 - 2016-06-25 01:16 - 00000000 ____D C:\Users\Victor\Documents\gighmmpiobklfepjocnamgkkbiglidom
2016-06-25 01:14 - 2016-06-25 01:15 - 00000000 ____D C:\Users\Victor\Documents\ejpepffjfmamnambagiibghpglaidiec
2016-06-23 14:46 - 2016-06-23 14:46 - 00041926 _____ C:\Users\Victor\Desktop\Começando do zero.odt
2016-06-22 21:28 - 2016-06-22 21:28 - 00026526 _____ C:\Users\Victor\Desktop\leethax.xpi
2016-06-22 10:07 - 2016-06-25 14:18 - 00000000 ____D C:\Users\Victor\AppData\Roaming\DMCache
2016-06-22 10:07 - 2016-06-22 10:07 - 00000000 ____D C:\Users\Victor\Downloads\Video
2016-06-22 10:07 - 2016-06-22 10:07 - 00000000 ____D C:\Users\Victor\Downloads\Compressed
2016-06-22 10:07 - 2016-06-22 10:07 - 00000000 ____D C:\ProgramData\IDM
2016-06-21 12:13 - 2016-06-21 12:13 - 00000000 ____D C:\Users\Victor\Downloads\MinhaBox
2016-06-21 12:12 - 2016-06-25 00:44 - 00000720 _____ C:\Users\Public\Desktop\Minhateca.lnk
2016-06-21 12:12 - 2016-06-21 19:43 - 00000000 ____D C:\Users\Victor\AppData\Local\MinhaBox.br
2016-06-21 12:12 - 2016-06-21 12:12 - 00000000 ____D C:\Users\Victor\.gstreamer-0.10
2016-06-21 12:12 - 2016-06-21 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minhateca.com.br
2016-06-21 12:12 - 2016-06-21 12:12 - 00000000 ____D C:\Program Files (x86)\Minhateca.com.br Box
2016-06-20 13:12 - 2016-06-20 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-06-18 11:31 - 2016-03-31 03:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-18 11:30 - 2016-05-12 15:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-18 11:30 - 2016-05-12 14:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-18 11:30 - 2016-05-12 13:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-18 11:30 - 2016-05-12 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-18 11:30 - 2016-05-12 13:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-18 11:30 - 2016-05-12 12:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-18 11:30 - 2016-05-12 12:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-18 11:30 - 2016-05-12 12:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-18 11:30 - 2016-05-06 12:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-18 11:30 - 2016-05-06 12:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-18 11:30 - 2016-03-31 00:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-18 11:29 - 2016-04-12 12:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-18 11:29 - 2016-04-06 18:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-18 11:29 - 2016-04-06 14:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-18 11:29 - 2016-04-06 13:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-18 11:29 - 2016-04-06 12:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-18 11:28 - 2016-06-03 14:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-18 11:28 - 2016-06-03 10:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-18 11:28 - 2016-06-02 14:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-18 11:28 - 2016-05-29 12:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-18 11:28 - 2016-05-29 12:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-18 11:28 - 2016-05-29 12:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-18 11:28 - 2016-05-29 12:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-18 11:28 - 2016-05-29 12:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-18 11:28 - 2016-05-29 12:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-18 11:28 - 2016-04-12 12:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-18 11:28 - 2016-04-09 18:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-06-18 11:28 - 2016-04-09 18:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-06-18 11:28 - 2016-03-28 22:42 - 07446368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-18 11:27 - 2016-05-16 18:13 - 00563016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-18 11:27 - 2016-05-16 18:13 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-18 11:27 - 2016-05-16 18:13 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-18 11:27 - 2016-05-16 18:13 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-18 11:27 - 2016-05-13 20:09 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-18 11:27 - 2016-05-13 20:07 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-18 11:27 - 2016-05-13 20:07 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-18 11:27 - 2016-05-13 20:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-18 11:27 - 2016-05-13 19:34 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-18 11:27 - 2016-05-13 18:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-18 11:27 - 2016-05-09 18:35 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-06-18 11:27 - 2016-05-09 17:56 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-06-18 11:27 - 2016-05-09 17:45 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-18 11:27 - 2016-05-09 17:23 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-18 11:27 - 2016-04-10 01:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-06-18 11:27 - 2016-04-10 01:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-06-18 11:27 - 2016-04-06 15:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-18 11:27 - 2016-04-06 15:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-18 11:27 - 2016-04-06 15:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-18 11:27 - 2016-04-06 13:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-18 11:26 - 2016-02-03 12:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-06-18 11:26 - 2016-02-02 14:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-06-18 11:25 - 2016-05-21 14:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-18 11:25 - 2016-05-21 13:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-18 11:25 - 2016-05-18 02:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-18 11:25 - 2016-05-18 02:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-18 11:25 - 2016-05-13 20:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-18 11:25 - 2016-05-13 19:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-18 11:25 - 2016-03-10 14:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll
2016-06-18 11:25 - 2016-03-10 13:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll
2016-06-18 11:25 - 2016-03-05 14:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-06-18 11:25 - 2016-03-05 14:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-06-18 11:25 - 2016-01-31 14:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-06-18 11:24 - 2016-05-20 19:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-18 11:24 - 2016-05-20 19:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-18 11:24 - 2016-05-20 19:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-18 11:24 - 2016-05-20 18:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-18 11:24 - 2016-05-20 18:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-18 11:24 - 2016-05-20 18:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-18 11:24 - 2016-05-20 18:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-18 11:24 - 2016-05-20 18:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-18 11:24 - 2016-05-20 18:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-18 11:24 - 2016-05-20 18:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-18 11:24 - 2016-05-20 18:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-18 11:24 - 2016-05-20 18:25 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-06-18 11:24 - 2016-05-20 18:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-18 11:24 - 2016-05-20 18:21 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-06-18 11:24 - 2016-05-20 18:19 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-06-18 11:24 - 2016-05-20 18:16 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-06-18 11:24 - 2016-05-20 18:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-18 11:24 - 2016-05-20 18:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-18 11:24 - 2016-05-20 18:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-18 11:24 - 2016-05-20 18:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-18 11:24 - 2016-05-20 18:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-18 11:24 - 2016-05-20 18:09 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-18 11:24 - 2016-05-20 18:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-18 11:24 - 2016-05-20 18:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-18 11:24 - 2016-05-20 18:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-18 11:24 - 2016-05-20 17:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-18 11:24 - 2016-05-20 17:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-18 11:24 - 2016-05-20 17:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-18 11:24 - 2016-05-20 17:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-18 11:24 - 2016-05-20 17:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-18 11:24 - 2016-05-20 17:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-18 11:24 - 2016-04-22 16:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-18 11:24 - 2016-04-22 15:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-18 11:24 - 2016-04-14 12:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-18 11:24 - 2016-04-14 12:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-18 11:24 - 2016-04-10 04:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-06-18 11:24 - 2016-04-10 04:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-06-18 11:24 - 2016-02-27 15:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-06-18 11:24 - 2016-02-27 14:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-06-18 11:24 - 2016-02-27 14:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-06-18 11:24 - 2016-02-27 13:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-06-18 11:24 - 2016-01-31 16:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-18 11:24 - 2016-01-31 15:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-18 11:24 - 2016-01-31 14:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-18 11:24 - 2016-01-31 14:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-18 11:23 - 2016-03-14 13:50 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-06-18 11:22 - 2016-04-11 03:21 - 00074584 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2016-06-18 11:22 - 2016-03-15 22:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-18 11:22 - 2016-03-15 22:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-18 11:22 - 2016-03-11 21:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-06-18 11:22 - 2016-03-11 21:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-06-18 11:22 - 2016-03-11 21:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-06-18 11:22 - 2016-03-10 13:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-18 11:22 - 2016-03-10 13:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-06-18 11:22 - 2016-03-10 13:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-18 11:21 - 2016-05-18 20:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-18 11:21 - 2016-05-18 17:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-18 11:21 - 2016-05-14 17:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-18 11:21 - 2016-05-14 17:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-18 11:21 - 2016-05-13 20:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-18 11:21 - 2016-05-13 18:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-18 11:21 - 2016-05-13 18:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-18 11:21 - 2016-05-13 18:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-18 11:21 - 2016-05-13 18:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-18 11:21 - 2016-04-10 02:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-16 18:00 - 2016-06-16 18:00 - 08621221 _____ C:\Users\Victor\Desktop\PET-6138-Delacao-SergioMachado-VOLUME001.pdf
2016-06-16 18:00 - 2016-06-16 18:00 - 03324970 _____ C:\Users\Victor\Desktop\PET-6138-Delacao-Sergio-Machado-VOLUME002.pdf
2016-06-14 18:25 - 2016-06-14 18:25 - 00053776 _____ (IVT Corporation.) C:\Windows\system32\Drivers\btcusb.sys
2016-06-14 18:25 - 2016-06-14 18:25 - 00021496 _____ (IVT Corporation.) C:\Windows\system32\btinstall.dll
2016-06-14 18:24 - 2016-06-14 18:24 - 01534656 _____ (Conexant Systems Inc.) C:\Windows\system32\Drivers\CHDRT64.sys
2016-06-04 19:09 - 2016-06-29 10:37 - 00000014 _____ C:\Users\Victor\Desktop\Torneio.txt
2016-05-30 22:04 - 2016-07-02 11:08 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-05-30 22:04 - 2015-03-18 10:23 - 00103640 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2016-05-30 22:03 - 2016-05-30 22:03 - 00000000 ___HD C:\Program Files (x86)\GAS Tecnologia
2016-05-30 22:03 - 2016-05-30 22:03 - 00000000 ___HD C:\Program Files (x86)\Diebold
2016-05-30 22:03 - 2016-05-30 22:03 - 00000000 ____D C:\Program Files\Diebold
2016-05-28 19:23 - 2016-05-28 19:23 - 00000000 ____D C:\Users\Victor\AppData\Roaming\fltk.org
2016-05-28 19:22 - 2016-05-28 19:23 - 00000000 ____D C:\Users\Victor\Desktop\ePSXe.v1.6.0
2016-05-28 19:21 - 2016-05-28 19:23 - 40684125 _____ C:\Users\Victor\Desktop\CEP HOW TO USE CEP WITH EPSXE EMULATOR AND CHEAT CODES.mp4
2016-05-27 17:02 - 2016-05-27 17:02 - 00000000 ____D C:\ProgramData\X360CE
2016-05-27 11:27 - 2016-05-27 11:27 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-05-27 11:27 - 2014-03-18 05:00 - 00406016 _____ (CANON INC.) C:\Windows\system32\CNMLMCB.DLL
2016-05-25 19:33 - 2016-05-25 19:33 - 00000000 ____D C:\Users\Victor\Documents\My Data Files
2016-05-25 19:32 - 2016-05-25 19:54 - 00000000 ____D C:\ProgramData\Wondershare
2016-05-25 19:32 - 2016-05-25 19:54 - 00000000 ____D C:\Program Files (x86)\Wondershare
2016-05-25 19:32 - 2016-05-25 19:32 - 00000000 ____D C:\Users\Victor\AppData\Local\Wondershare
2016-05-25 19:32 - 2016-05-25 19:32 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-05-25 19:23 - 2016-05-25 19:31 - 00000000 ____D C:\Program Files (x86)\Convar
2016-05-24 10:41 - 2016-05-24 10:41 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-05-24 10:41 - 2016-05-24 10:41 - 00000000 ____D C:\Program Files\Unlocker
2016-05-23 19:09 - 2016-05-23 19:10 - 00000000 ____D C:\Users\Victor\Desktop\fceux-2.1.4a-win32-444
2016-05-21 15:31 - 2016-05-21 15:31 - 01264712 _____ C:\Users\Victor\Desktop\alfacon_victor_sabadao_alfartano__ao_vivo_varios_professores_1o_enc_20160521153117.pdf
2016-05-17 15:26 - 2015-10-09 11:47 - 00043800 _____ (Kurupira.net) C:\Windows\system32\Drivers\svcp64.sys
2016-05-17 15:26 - 2015-03-05 21:30 - 00460288 _____ (Kurupira.net) C:\Windows\system32\SVCProxy64.dll
2016-05-17 15:26 - 2015-03-05 21:29 - 00354304 _____ (Kurupira.net) C:\Windows\SysWOW64\SVCProxy.dll
2016-05-16 11:37 - 2016-05-16 11:37 - 01136033 _____ C:\Users\Victor\Desktop\Roteiro-Estudos-120dias-XX-Exame-OAB-1Fase.pdf
2016-05-14 23:37 - 2016-06-25 00:44 - 00001775 _____ C:\Users\Victor\Desktop\DigiMecum.lnk
2016-05-14 23:37 - 2016-05-14 23:37 - 00000000 ____D C:\Users\Victor\Documents\DigiMecum
2016-05-14 23:37 - 2016-05-14 23:37 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DigiMecum 2 Gratuito
2016-05-13 16:19 - 2016-05-13 16:19 - 00086352 _____ C:\Windows\system32\gunbod64.sys
2016-05-13 16:19 - 2016-05-13 16:19 - 00031568 _____ C:\Windows\system32\gunsken64.sys
2016-05-13 16:10 - 2016-05-13 16:10 - 00000000 ____D C:\Users\Victor\AppData\Local\Intel
2016-05-13 16:09 - 2016-03-09 20:43 - 00021984 _____ C:\Windows\system32\Drivers\semav6msr64.sys
2016-05-13 15:57 - 2016-05-13 15:57 - 00000000 ____D C:\Windows\IObit
2016-05-13 15:56 - 2016-05-13 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-05-13 15:25 - 2016-06-25 00:44 - 00000928 _____ C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\GunboundPS.lnk
2016-05-13 15:25 - 2016-05-13 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftnyxGame
2016-05-13 15:24 - 2016-05-13 15:24 - 00000000 ____D C:\Game
2016-05-12 11:55 - 2016-05-12 11:55 - 00000000 ____D C:\Users\Victor\Desktop\oab 1ª fase
2016-05-12 08:31 - 2016-06-09 09:28 - 00000000 ____D C:\Users\Victor\Desktop\DBZDK
2016-05-04 22:23 - 2016-05-04 22:23 - 00002861 _____ C:\Users\Victor\Documents\D + backspace.m2s
2016-05-04 22:18 - 2016-05-04 22:18 - 00000000 ____D C:\Users\Victor\Documents\My Recorded Scripts
2016-05-04 22:17 - 2016-06-25 00:44 - 00001263 _____ C:\Users\Public\Desktop\Mouse Recorder Pro 2.lnk
2016-05-04 22:17 - 2016-06-25 00:44 - 00001201 _____ C:\Users\Public\Desktop\Mouse Recorder Play.lnk
2016-05-04 22:17 - 2016-05-04 22:17 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Mouse Recorder Pro
2016-05-04 22:17 - 2016-05-04 22:17 - 00000000 ____D C:\Users\Victor\AppData\Local\Nemex
2016-05-04 22:17 - 2016-05-04 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Recorder Pro 2
2016-05-04 22:17 - 2016-05-04 22:17 - 00000000 ____D C:\Program Files (x86)\Nemex
2016-05-03 10:52 - 2016-06-23 10:58 - 00000000 ____D C:\Users\Victor\Downloads\MEmu Download
2016-05-03 10:46 - 2016-07-01 11:38 - 00000000 ____D C:\Users\Victor\.MemuHyperv
2016-05-03 10:46 - 2016-06-25 00:44 - 00001700 _____ C:\Users\Victor\Desktop\Multi-MEmu.lnk
2016-05-03 10:46 - 2016-06-25 00:44 - 00001674 _____ C:\Users\Victor\Desktop\MEmu.lnk
2016-05-03 10:46 - 2016-05-03 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEmu
2016-05-03 10:44 - 2016-07-01 11:38 - 00000000 ____D C:\Users\Victor\MEmu
2016-05-03 10:44 - 2016-05-03 10:45 - 00000000 ____D C:\Users\Victor\MEmuHyperv
2016-04-29 16:56 - 2016-04-29 16:59 - 76266809 _____ C:\Users\Victor\Desktop\Carlos Alberto Brilhante Ustra - A Verdade Sufocada.pdf
2016-04-29 16:56 - 2016-04-29 16:56 - 38461144 _____ C:\Users\Victor\Desktop\orvil_completo.pdf
2016-04-28 20:21 - 2016-06-22 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-04-28 20:21 - 2016-06-22 15:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-04-28 15:00 - 2016-07-02 02:19 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-04-27 20:05 - 2016-04-27 20:08 - 00000000 ____D C:\Users\Victor\Desktop\mycap
2016-04-26 09:30 - 2016-06-25 00:44 - 00001010 _____ C:\Users\Public\Desktop\Droid4X Multi Manager.lnk
2016-04-25 10:44 - 2016-04-25 10:44 - 00185896 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverW8x64.sys
2016-04-21 15:25 - 2016-04-21 15:25 - 00000000 ____D C:\Users\Victor\AppData\Roaming\7+ Taskbar Tweaker
2016-04-18 10:44 - 2016-06-29 08:11 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-04-16 15:17 - 2016-04-21 15:26 - 00000000 ____D C:\Users\Victor\Desktop\Miniaturas - Barras laterais
2016-04-14 00:05 - 2016-02-02 15:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-04-14 00:04 - 2016-03-11 11:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-14 00:04 - 2016-03-10 14:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-14 00:04 - 2016-03-10 13:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-14 00:04 - 2016-01-21 16:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-04-14 00:04 - 2016-01-21 15:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-04-14 00:02 - 2016-03-28 10:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-14 00:02 - 2016-03-03 13:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-14 00:02 - 2016-03-03 13:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-14 00:02 - 2016-03-02 22:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-14 00:02 - 2016-03-02 22:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-14 00:02 - 2016-02-08 22:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-04-14 00:02 - 2016-02-08 22:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-04-14 00:02 - 2016-02-08 22:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-04-14 00:02 - 2016-02-08 22:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-04-14 00:02 - 2016-02-08 22:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-04-14 00:02 - 2016-02-08 17:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-04-14 00:02 - 2016-02-08 17:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-04-14 00:02 - 2016-02-08 17:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-04-14 00:02 - 2016-02-08 16:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-04-14 00:02 - 2016-02-08 16:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-04-14 00:02 - 2016-02-08 16:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-04-14 00:02 - 2016-02-08 16:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-04-14 00:02 - 2016-02-08 16:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-04-14 00:02 - 2016-02-08 16:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-04-14 00:02 - 2016-02-08 16:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-04-14 00:02 - 2016-02-08 15:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-04-14 00:02 - 2016-02-08 14:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-04-14 00:02 - 2016-02-08 14:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-04-14 00:02 - 2016-02-08 14:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-04-14 00:02 - 2016-02-08 14:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-04-14 00:02 - 2016-02-08 13:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-04-14 00:02 - 2016-02-08 13:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-04-14 00:02 - 2016-02-08 13:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-04-14 00:02 - 2016-02-08 13:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-04-14 00:02 - 2016-02-08 13:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-04-14 00:02 - 2016-02-08 13:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-04-14 00:02 - 2016-02-08 13:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-04-14 00:02 - 2016-02-08 13:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-04-14 00:02 - 2016-02-08 13:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-04-14 00:02 - 2016-02-05 11:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-04-14 00:02 - 2016-02-03 12:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-04-14 00:02 - 2016-02-02 14:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-04-14 00:02 - 2016-02-02 14:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-04-14 00:02 - 2016-02-02 14:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-04-14 00:02 - 2016-02-02 13:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-04-14 00:02 - 2016-02-02 13:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-04-14 00:02 - 2016-02-02 13:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-04-14 00:02 - 2016-02-02 13:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-04-14 00:02 - 2016-02-02 13:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-04-14 00:02 - 2016-01-27 12:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-14 00:01 - 2016-03-10 16:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-14 00:01 - 2016-03-10 14:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-14 00:01 - 2016-03-10 14:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-14 00:01 - 2016-03-10 13:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-14 00:01 - 2016-03-10 13:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-14 00:01 - 2016-01-22 02:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-04-14 00:01 - 2016-01-22 02:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-04-14 00:00 - 2016-02-04 15:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-04-14 00:00 - 2016-02-04 14:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-04-14 00:00 - 2016-01-26 16:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-04-14 00:00 - 2016-01-20 19:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 23:59 - 2016-06-18 11:26 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 23:59 - 2016-06-18 11:26 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 23:59 - 2016-06-18 11:26 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-13 23:59 - 2016-06-18 11:26 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 23:59 - 2016-06-18 11:26 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 23:59 - 2016-06-18 11:26 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-13 23:59 - 2016-06-18 11:26 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-13 23:59 - 2016-02-06 20:05 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-04-13 23:59 - 2016-02-05 16:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-04-13 23:59 - 2016-02-05 12:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-04-13 23:59 - 2016-02-05 12:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-04-13 23:59 - 2016-02-05 12:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-04-13 23:59 - 2016-02-05 12:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-04-13 23:59 - 2016-02-04 13:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-04-13 23:59 - 2016-02-04 13:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-04-13 23:59 - 2016-02-02 14:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-04-13 23:58 - 2016-03-03 13:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-10 22:56 - 2016-04-10 22:56 - 04297216 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athwbx.sys

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-02 11:09 - 2015-11-19 22:31 - 00000074 _____ C:\Users\Victor\AppData\Roaming\sp_data.sys
2016-07-02 11:08 - 2016-03-25 20:19 - 00000000 ____D C:\ProgramData\VMware
2016-07-02 11:08 - 2015-12-29 23:43 - 00000000 _____ C:\hsrv.txt
2016-07-02 11:08 - 2015-11-20 15:00 - 00029816 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg64.sys
2016-07-02 11:08 - 2015-11-20 15:00 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-07-02 11:08 - 2015-11-20 15:00 - 00000000 ____D C:\ProgramData\GbPlugin
2016-07-02 11:08 - 2015-11-20 15:00 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-07-02 11:08 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-02 02:19 - 2015-11-20 00:08 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-01 12:53 - 2016-03-13 22:16 - 00051349 _____ C:\Users\Victor\Desktop\ativos_vitao ATUALIZADA.xlsx
2016-07-01 12:00 - 2015-11-19 22:41 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2016-07-01 12:00 - 2015-11-19 22:41 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2016-07-01 08:23 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-06-30 18:11 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-30 12:32 - 2015-11-19 22:28 - 00000000 ____D C:\Users\Victor\AppData\Local\Packages
2016-06-30 12:12 - 2015-11-19 22:34 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3928538914-1254491160-1078913021-1001
2016-06-30 11:29 - 2015-11-20 17:49 - 00000000 ____D C:\Users\Victor\AppData\Roaming\IObit
2016-06-30 11:29 - 2015-11-20 17:49 - 00000000 ____D C:\ProgramData\IObit
2016-06-30 11:29 - 2015-11-20 17:49 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-30 11:17 - 2016-02-25 00:31 - 00000000 ____D C:\AdwCleaner
2016-06-30 11:13 - 2015-11-19 23:02 - 00000000 ____D C:\Users\Victor\Desktop\Marvel Avengers Alliance Trainer V9.0 x64 - Brandons PC
2016-06-30 11:13 - 2013-12-18 14:57 - 01805284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-30 11:13 - 2013-12-18 01:10 - 00779020 _____ C:\Windows\system32\prfh0416.dat
2016-06-30 11:13 - 2013-12-18 01:10 - 00160124 _____ C:\Windows\system32\prfc0416.dat
2016-06-30 09:42 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-29 08:09 - 2015-11-19 22:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-28 08:25 - 2015-11-19 22:28 - 00000000 ____D C:\Users\Victor
2016-06-27 23:25 - 2015-11-20 09:31 - 00000000 ____D C:\Users\Victor\AppData\Roaming\uTorrent
2016-06-27 16:45 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF
2016-06-27 10:43 - 2016-03-12 22:17 - 00001618 _____ C:\Windows\Sandboxie.ini
2016-06-27 08:25 - 2016-03-20 14:32 - 00000000 ____D C:\Users\Victor\AppData\Local\ElevatedDiagnostics
2016-06-26 21:08 - 2016-03-23 19:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-26 08:10 - 2015-11-20 00:25 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-06-26 08:08 - 2015-11-19 23:10 - 00000000 ____D C:\Program Files\WinRAR
2016-06-25 23:07 - 2016-03-19 00:30 - 00003570 _____ C:\Windows\System32\Tasks\klcp_update
2016-06-25 23:06 - 2016-03-19 00:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-06-25 23:06 - 2016-03-19 00:30 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2016-06-25 23:06 - 2015-11-20 18:29 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-25 23:05 - 2015-11-20 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-25 23:05 - 2015-11-19 23:10 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-25 23:05 - 2015-11-19 23:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-25 23:04 - 2015-11-20 15:23 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-25 14:19 - 2015-11-20 09:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-25 14:00 - 2014-07-10 18:16 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-25 01:34 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-25 01:21 - 2015-11-19 22:57 - 00000000 ____D C:\Users\Victor\AppData\Local\Google
2016-06-25 01:21 - 2015-11-19 22:57 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-25 01:19 - 2015-11-19 22:56 - 00000000 ____D C:\Users\Victor\AppData\Local\Deployment
2016-06-25 00:44 - 2016-03-25 20:20 - 00002139 _____ C:\Users\Public\Desktop\VMware Workstation.lnk
2016-06-25 00:44 - 2016-03-23 19:26 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-25 00:44 - 2016-03-12 22:17 - 00000974 _____ C:\Users\Victor\Desktop\Navegador web em uma caixa.lnk
2016-06-25 00:44 - 2016-02-25 01:20 - 00001336 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2016-06-25 00:44 - 2015-12-29 23:43 - 00001003 _____ C:\Users\Public\Desktop\Droid4X.lnk
2016-06-25 00:44 - 2015-12-02 13:18 - 00000973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-06-25 00:44 - 2015-12-02 13:18 - 00000967 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-06-25 00:44 - 2015-11-20 19:18 - 00000291 _____ C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lixeira.lnk
2016-06-25 00:44 - 2015-11-20 10:58 - 00001006 _____ C:\Users\Victor\Desktop\Bandicam.lnk
2016-06-25 00:44 - 2015-11-20 09:32 - 00002628 _____ C:\Users\Victor\Desktop\µTorrent.lnk
2016-06-25 00:44 - 2015-11-20 09:18 - 00001163 _____ C:\Users\Victor\Desktop\Abex Document Converter Pro.lnk
2016-06-25 00:44 - 2015-11-19 22:59 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-25 00:44 - 2015-11-19 22:59 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-25 00:44 - 2015-11-19 22:29 - 00001424 _____ C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-24 17:08 - 2015-11-25 00:17 - 00000000 ____D C:\Users\Victor\AppData\Local\Adobe
2016-06-24 09:18 - 2015-12-29 23:43 - 00000000 ____D C:\Users\Victor\AppData\Local\Droid4X
2016-06-24 08:59 - 2015-11-24 23:58 - 00000000 ____D C:\Users\Victor\AppData\Local\CrashDumps
2016-06-24 08:56 - 2015-12-29 23:43 - 00000000 ____D C:\Program Files (x86)\Droid4X
2016-06-24 08:55 - 2015-12-29 23:44 - 00000000 ____D C:\Users\Victor\.VirtualBox
2016-06-22 09:17 - 2015-12-02 13:17 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-22 09:16 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\Globalization
2016-06-20 13:12 - 2016-03-12 22:17 - 00000000 ____D C:\Program Files\Sandboxie
2016-06-19 22:01 - 2016-01-16 22:44 - 00000062 _____ C:\Users\Victor\Desktop\mega.txt
2016-06-19 08:51 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\rescache
2016-06-18 13:27 - 2013-08-22 11:44 - 00409952 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-18 13:22 - 2015-11-21 15:54 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-06-18 13:22 - 2015-11-21 15:54 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-18 13:22 - 2015-11-21 15:54 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-18 13:22 - 2013-08-22 16:12 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-18 13:22 - 2013-08-22 12:36 - 00000000 ___RD C:\Windows\ToastData
2016-06-18 12:16 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-18 12:10 - 2015-11-19 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-18 11:49 - 2015-11-20 13:52 - 00000000 ____D C:\Windows\system32\MRT
2016-06-18 11:39 - 2015-11-20 13:52 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-17 11:12 - 2015-12-14 19:19 - 00000000 ____D C:\Users\Victor\AppData\Roaming\Free Download Manager
2016-06-17 11:12 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\ModemLogs
2016-06-14 14:13 - 2013-08-22 12:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 14:13 - 2013-08-22 12:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-09 13:45 - 2015-11-19 22:41 - 00003912 _____ C:\Windows\System32\Tasks\Update Checker
2016-06-09 13:45 - 2013-12-18 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-06-09 13:45 - 2013-12-18 14:56 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-06-09 10:42 - 2015-11-19 22:30 - 00000000 ____D C:\Users\Victor\Documents\Bluetooth Folder

==================== Arquivos na raiz de alguns diretórios =======

2015-12-13 07:32 - 2015-12-13 07:32 - 2516288 _____ (IObit) C:\Program Files (x86)\BigUpgrade.exe
2015-12-29 23:36 - 2015-12-29 23:44 - 0002633 _____ () C:\Users\Victor\AppData\Roaming\droid4xinstaller.log
2015-11-19 22:31 - 2016-07-02 11:09 - 0000074 _____ () C:\Users\Victor\AppData\Roaming\sp_data.sys
2013-12-18 14:55 - 2012-09-07 08:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-18 14:55 - 2009-07-22 07:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-18 14:55 - 2012-09-07 08:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Alguns arquivos em TEMP:
====================
C:\Users\Victor\AppData\Local\Temp\.gbas.dll
C:\Users\Victor\AppData\Local\Temp\7za.exe
C:\Users\Victor\AppData\Local\Temp\hijackthis.exe
C:\Users\Victor\AppData\Local\Temp\libeay32.dll
C:\Users\Victor\AppData\Local\Temp\msvcr120.dll
C:\Users\Victor\AppData\Local\Temp\NirCmd.exe
C:\Users\Victor\AppData\Local\Temp\PEVZ.EXE
C:\Users\Victor\AppData\Local\Temp\remove.exe
C:\Users\Victor\AppData\Local\Temp\s3.exe
C:\Users\Victor\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Victor\AppData\Local\Temp\sed.exe
C:\Users\Victor\AppData\Local\Temp\shortcut.exe
C:\Users\Victor\AppData\Local\Temp\sqlite3.dll
C:\Users\Victor\AppData\Local\Temp\swreg.exe
C:\Users\Victor\AppData\Local\Temp\swxcacls.exe
C:\Users\Victor\AppData\Local\Temp\wget.exe
C:\Users\Victor\AppData\Local\Temp\ZAScan.exe
C:\Users\Victor\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-23 12:41

==================== Fim de FRST.txt ============================

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não estou conseguindo acessar seu anexo, creio que seja algum problema com o fórum.

 

Já avisei a coordenação, por favor, aguarde. :)

  • Curtir 1

Compartilhar este post


Link para o post
Compartilhar em outros sites
34 minutos atrás, diego_moicano disse:

Não estou conseguindo acessar seu anexo, creio que seja algum problema com o fórum.

 

Já avisei a coordenação, por favor, aguarde. :)

 

 

Ok! Agora que você falou, também não estou conseguindo acessar o anexo. Estou aguardando! Obrigado!

Editado por vitão89

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vitão89

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

 

Citação

CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [BankerFixV3] => \LinhaDefensiva\rotinas\postreboot.bat
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {7130a44a-8f2c-11e5-825c-10c37bc2c9b2} - "G:\autorun.exe"
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e1737e-a184-11e5-8290-10c37bc2c9b2} - "H:\autorun.exe"
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e17385-a184-11e5-8290-10c37bc2c9b2} - "I:\autorun.exe"
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e1738c-a184-11e5-8290-10c37bc2c9b2} - "J:\autorun.exe"
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-08] (Microsoft Corporation) <==== ATENÇÃO
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar763.lnk [2016-07-02]
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3928538914-1254491160-1078913021-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 svcprocess; C:\Windows\svcproxy\svcprocess.exe [X]
C:\Windows\svcproxy\svcprocess.exe
S1 HWiNFO32; \??\C:\Users\Victor\AppData\Local\Temp\HWiNFO64A.SYS [X]
U0 msahci; system32\drivers\msahci.sys [X]
2016-05-17 15:26 - 2015-10-09 11:47 - 00043800 _____ (Kurupira.net) C:\Windows\system32\Drivers\svcp64.sys
2016-05-17 15:26 - 2015-03-05 21:30 - 00460288 _____ (Kurupira.net) C:\Windows\system32\SVCProxy64.dll
2016-05-17 15:26 - 2015-03-05 21:29 - 00354304 _____ (Kurupira.net) C:\Windows\SysWOW64\SVCProxy.dll
C:\Users\Victor\AppData\Local\Temp\.gbas.dll
C:\Users\Victor\AppData\Local\Temp\7za.exe
C:\Users\Victor\AppData\Local\Temp\hijackthis.exe
C:\Users\Victor\AppData\Local\Temp\libeay32.dll
C:\Users\Victor\AppData\Local\Temp\msvcr120.dll
C:\Users\Victor\AppData\Local\Temp\NirCmd.exe
C:\Users\Victor\AppData\Local\Temp\PEVZ.EXE
C:\Users\Victor\AppData\Local\Temp\remove.exe
C:\Users\Victor\AppData\Local\Temp\s3.exe
C:\Users\Victor\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Victor\AppData\Local\Temp\sed.exe
C:\Users\Victor\AppData\Local\Temp\shortcut.exe
C:\Users\Victor\AppData\Local\Temp\sqlite3.dll
C:\Users\Victor\AppData\Local\Temp\swreg.exe
C:\Users\Victor\AppData\Local\Temp\swxcacls.exe
C:\Users\Victor\AppData\Local\Temp\wget.exe
C:\Users\Victor\AppData\Local\Temp\ZAScan.exe
C:\Users\Victor\AppData\Local\Temp\zoek-delete.exe

CMD:ipconfig /flushdns
EmptyTemp:

 

  • Salve este arquivo na Área de Trabalho (Desktop) como fixlist.txt
  • Execute novamente o FRST e clique no botão Corrigir;
  • Aguarde... ao final será gerado o log Fixlog.txt em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Após a correção, eu tive que reiniciar o notebook!

Segue o log!

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 02-07-2016
Executado por Victor (2016-07-06 10:02:19) Run:1
Executando a partir de C:\Users\Victor\Desktop
Perfis Carregados: Victor (Perfis Disponíveis: Victor)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Run: [BankerFixV3] => \LinhaDefensiva\rotinas\postreboot.bat
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {7130a44a-8f2c-11e5-825c-10c37bc2c9b2} - "G:\autorun.exe"
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e1737e-a184-11e5-8290-10c37bc2c9b2} - "H:\autorun.exe"
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e17385-a184-11e5-8290-10c37bc2c9b2} - "I:\autorun.exe"
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\MountPoints2: {a2e1738c-a184-11e5-8290-10c37bc2c9b2} - "J:\autorun.exe"
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-08] (Microsoft Corporation) <==== ATENÇÃO
Startup: C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar763.lnk [2016-07-02]
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-3928538914-1254491160-1078913021-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 svcprocess; C:\Windows\svcproxy\svcprocess.exe [X]
C:\Windows\svcproxy\svcprocess.exe
S1 HWiNFO32; \??\C:\Users\Victor\AppData\Local\Temp\HWiNFO64A.SYS [X]
U0 msahci; system32\drivers\msahci.sys [X]
2016-05-17 15:26 - 2015-10-09 11:47 - 00043800 _____ (Kurupira.net) C:\Windows\system32\Drivers\svcp64.sys
2016-05-17 15:26 - 2015-03-05 21:30 - 00460288 _____ (Kurupira.net) C:\Windows\system32\SVCProxy64.dll
2016-05-17 15:26 - 2015-03-05 21:29 - 00354304 _____ (Kurupira.net) C:\Windows\SysWOW64\SVCProxy.dll
C:\Users\Victor\AppData\Local\Temp\.gbas.dll
C:\Users\Victor\AppData\Local\Temp\7za.exe
C:\Users\Victor\AppData\Local\Temp\hijackthis.exe
C:\Users\Victor\AppData\Local\Temp\libeay32.dll
C:\Users\Victor\AppData\Local\Temp\msvcr120.dll
C:\Users\Victor\AppData\Local\Temp\NirCmd.exe
C:\Users\Victor\AppData\Local\Temp\PEVZ.EXE
C:\Users\Victor\AppData\Local\Temp\remove.exe
C:\Users\Victor\AppData\Local\Temp\s3.exe
C:\Users\Victor\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\Victor\AppData\Local\Temp\sed.exe
C:\Users\Victor\AppData\Local\Temp\shortcut.exe
C:\Users\Victor\AppData\Local\Temp\sqlite3.dll
C:\Users\Victor\AppData\Local\Temp\swreg.exe
C:\Users\Victor\AppData\Local\Temp\swxcacls.exe
C:\Users\Victor\AppData\Local\Temp\wget.exe
C:\Users\Victor\AppData\Local\Temp\ZAScan.exe
C:\Users\Victor\AppData\Local\Temp\zoek-delete.exe
CMD:ipconfig /flushdns
EmptyTemp:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BankerFixV3 => valor removido (a) com sucesso.
"HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7130a44a-8f2c-11e5-825c-10c37bc2c9b2}" => chave removido (a) com sucesso.
HKCR\CLSID\{7130a44a-8f2c-11e5-825c-10c37bc2c9b2} => chave não encontrado (a). 
"HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a2e1737e-a184-11e5-8290-10c37bc2c9b2}" => chave removido (a) com sucesso.
HKCR\CLSID\{a2e1737e-a184-11e5-8290-10c37bc2c9b2} => chave não encontrado (a). 
"HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a2e17385-a184-11e5-8290-10c37bc2c9b2}" => chave removido (a) com sucesso.
HKCR\CLSID\{a2e17385-a184-11e5-8290-10c37bc2c9b2} => chave não encontrado (a). 
"HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a2e1738c-a184-11e5-8290-10c37bc2c9b2}" => chave removido (a) com sucesso.
HKCR\CLSID\{a2e1738c-a184-11e5-8290-10c37bc2c9b2} => chave não encontrado (a). 
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => valor removido (a) com sucesso.
C:\Users\Victor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar763.lnk => não encontrado (a).
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => valor restaurado com sucesso
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => valor restaurado com sucesso
HKU\S-1-5-21-3928538914-1254491160-1078913021-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => valor removido (a) com sucesso.
svcprocess => serviço removido (a) com sucesso.
"C:\Windows\svcproxy\svcprocess.exe" => não encontrado (a).
HWiNFO32 => serviço removido (a) com sucesso.
msahci => serviço removido (a) com sucesso.
C:\Windows\system32\Drivers\svcp64.sys => movido com sucesso
C:\Windows\system32\SVCProxy64.dll => movido com sucesso
C:\Windows\SysWOW64\SVCProxy.dll => movido com sucesso
C:\Users\Victor\AppData\Local\Temp\.gbas.dll => movido com sucesso
"C:\Users\Victor\AppData\Local\Temp\7za.exe" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\hijackthis.exe" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\libeay32.dll" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\msvcr120.dll" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\NirCmd.exe" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\PEVZ.EXE" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\remove.exe" => não encontrado (a).
C:\Users\Victor\AppData\Local\Temp\s3.exe => movido com sucesso
"C:\Users\Victor\AppData\Local\Temp\SandboxieInstall.exe" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\sed.exe" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\shortcut.exe" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\sqlite3.dll" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\swreg.exe" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\swxcacls.exe" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\wget.exe" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\ZAScan.exe" => não encontrado (a).
"C:\Users\Victor\AppData\Local\Temp\zoek-delete.exe" => não encontrado (a).

========= ipconfig /flushdns =========


Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 41974057 B
Java, Flash, Steam htmlcache => 318682192 B
Windows/system/drivers => 541790 B
Edge => 0 B
Chrome => 485797266 B
Firefox => 121433054 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 192357 B
systemprofile32 => 128 B
LocalService => 65224 B
NetworkService => 0 B
Victor => 64917215 B

RecycleBin => 0 B
EmptyTemp: => 993.7 MB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 10:03:56 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vitão89

 

Baixe a Malwarebytes Anti-Malware (MBAM).
 
Clique duas vezes no mbam-setup.exe para instalar o programa.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas..
  • Clique em Configurações, clique em Detecção e proteção, marque Verificar por Rootkits.
  • Volte ao Painel e por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Registros do aplicativo na janela principal do programa.
  • Clique duas vezes no log (Registro de verificação). Utilize o formato .txt para exportar o log.
  • O log de Proteção é desnecessário para a análise, exporte sempre o log correto.
  • Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

 

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Data da verificação: 08/07/2016
Hora da verificação: 09:20
Arquivo de registro: log mbam.txt
Administrador: Sim

Versão: 2.2.1.1043
Banco de dados de malware: v2016.07.08.04
Banco de dados de rootkit: v2016.05.27.01
Licença: Premium
Proteção contra malware: Habilitado
Proteção contra website malicioso: Habilitado
Autoproteção: Desabilitado

Sistema operacional: Windows 8.1
CPU: x64
Sistema de arquivos: NTFS
Usuário: Victor

Tipo de verificação: Verificação da ameaça
Resultado: Concluído
Objetos verificados: 306166
Tempo decorrido: 30 min, 14 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Aviso
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de registro: 0
(Nenhum item malicioso detectado)

Valores de registro: 1
PUP.Optional.HohoSearch, HKLM\SOFTWARE\MICROSOFT|help, http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBXItBHMoB0..&v=20160620&uid=ECA6758E5649EEA74D402130568B10EF&ptid=isr&mode=loadmex, Quarentena, [cbc9928f7e1cbe78663a3bc5d331e818]

Dados de registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 10
PUP.Optional.HohoSearch, C:\Users\Victor\AppData\Roaming\Profiles\kbime1qm.default\prefs.js, Bom: (), Ruim: (user_pref("browser.search.defaultenginename", "hohosearch");), Substituído,[3c5854cd0595b28472e083253ec651af]
PUP.Optional.HohoSearch, C:\Users\Victor\AppData\Roaming\Profiles\kbime1qm.default\prefs.js, Bom: (), Ruim: (r", 1466531588);
user_pref("app.update.lastUpdateTime.br), Substituído,[6e267aa7fb9f2d0991c1396f976d946c]
PUP.Optional.Elex, C:\Users\Victor\AppData\Roaming\Profiles\kbime1qm.default\prefs.js, Bom: (), Ruim: (user_pref("browser.newtab.url", "http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBXItBHMoB0..&v=20160620&uid=ECA6758E5649EEA74D402130568B10EF&ptid=isr&mode=loadm");), Substituído,[aee646dbf9a15ed80b55149457ad9769]
PUP.Optional.Elex, C:\Users\Victor\AppData\Roaming\Profiles\kbime1qm.default\prefs.js, Bom: (), Ruim: (okmarks.restore_default_bookmarks", false);
user_pref("browser.cache.disk.capacity", 358400);
user_pref("browser.cache.disk.filesystem_reported", 1);
user_pref("browser.c), Substituído,[751fe041b2e864d22d33e2c6b35142be]
PUP.Optional.Elex, C:\Users\Victor\AppData\Roaming\Profiles\kbime1qm.default\prefs.js, Bom: (), Ruim: (humbnails", 1466530868);
user_pref("app.update.lastUpdateTime.experiments-update-timer", 1466531348);
user_pref("app.update.lastUpdateTime.search-engine-update-timer), Substituído,[f4a0f928aaf043f374ec03a5d62e1ae6]
PUP.Optional.HohoSearch, C:\Users\Victor\AppData\Roaming\Profiles\yzzfdyu4.default\prefs.js, Bom: (), Ruim: (user_pref("browser.search.defaultenginename", "hohosearch");), Substituído,[227238e90b8f5fd793bf7f29ee16b54b]
PUP.Optional.HohoSearch, C:\Users\Victor\AppData\Roaming\Profiles\yzzfdyu4.default\prefs.js, Bom: (), Ruim: (r", 1466531588);
user_pref("app.update.lastUpdateTime.br), Substituído,[e3b14ed36139b97dea68fdab7e865ba5]
PUP.Optional.Elex, C:\Users\Victor\AppData\Roaming\Profiles\yzzfdyu4.default\prefs.js, Bom: (), Ruim: (user_pref("browser.newtab.url", "http://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBXItBHMoB0..&v=20160620&uid=ECA6758E5649EEA74D402130568B10EF&ptid=isr&mode=loadm");), Substituído,[256f67ba8a10f4424719ebbd6c987d83]
PUP.Optional.Elex, C:\Users\Victor\AppData\Roaming\Profiles\yzzfdyu4.default\prefs.js, Bom: (), Ruim: (okmarks.restore_default_bookmarks", false);
user_pref("browser.cache.disk.capacity", 358400);
user_pref("browser.cache.disk.filesystem_reported", 1);
user_pref("browser.c), Substituído,[99fbd8495c3ea294154bdace16eee61a]
PUP.Optional.Elex, C:\Users\Victor\AppData\Roaming\Profiles\yzzfdyu4.default\prefs.js, Bom: (), Ruim: (humbnails", 1466530868);
user_pref("app.update.lastUpdateTime.experiments-update-timer", 1466531348);
user_pref("app.update.lastUpdateTime.search-engine-update-timer), Substituído,[5e36ed34099140f688d84068c93b6898]

Setores físicos: 0
(Nenhum item malicioso detectado)


(end)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vitão89

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

McAfee® Labs Stinger™ Version 12.1.0.2052 built on Jul 8 2016 at 13:24:30 Copyright© 2015, McAfee, Inc. All Rights Reserved.

 

AV Engine version v5800.7501 for Windows.

Virus data file v1000.0 created on Jul 8, 2016

Ready to scan for 9820 viruses, trojans and variants.

 

Custom scan initiated on domingo, julho 10, 2016 13:41:56

Rootkit scan result : Clean.

 

C:\Program Files (x86)\Playboy - The Mansion\deviance.exe [MD5:d4a5ff81aaa8a0f0b832ca7f00c59a3a] is infected with Artemis!D4A5FF81AAA8

C:\Program Files (x86)\Playboy - The Mansion\deviance.exe has been Deleted

 

Summary Report on C:

D:

File(s)

TotalFiles:............ 801758

Clean:................. 261425

Not Scanned:........... 540332

Possibly Infected:..... 1

 

Time: 03:38:37

 

Scan completed on domingo, julho 10, 2016 17:20:33

Editado por vitão89

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vitão89

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final salve log como SecurityCheck.html
  • Abra o arquivo com o bloco de notas;
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 11.07.2016 08:53:09
Path starting: C:\Users\Victor\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Victor
VersionXML: 3.20is-08.07.2016
___________________________________________________________________________

Windows 8.1(6.3.9600) (x64) CoreSingleLanguage Lang: Portuguese(0416)
Installation date OS: 20.11.2015 01:28:27
LicenseStatus: Office 15, OfficeProPlusVL_KMS_Client edition Volume activation will expire : 237558 minutes
LicenseStatus: Windows(R), CoreSingleLanguage edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [186.3 Gb] Used: [151.8 Gb] Free: [34.5 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18350
User Account Control enabled
Notify of download and installation
Date install updates: 2016-06-18 15:16:15
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service has stopped
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2013 x86 v.15.0.4569.1506
Microsoft Office 2013 x64 v.15.0.4569.1506
---------------------------- [ Antivirus_WMI ] ----------------------------
ESET NOD32 Antivírus 5.2 (enabled and up to date)
Windows Defender (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall do Windows (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
ESET NOD32 Antivírus 5.2 (enabled and up to date)
Windows Defender (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
ESET NOD32 Antivirus v.5.2.9.12
Kaspersky Software Updater Beta v.1.5.2.228
Kaspersky Security Scan v.16.0.0.1344
-------------------------- [ SecurityUtilities ] --------------------------
Sandboxie 5.12 (64-bit) v.5.12
Malwarebytes Anti-Malware versão 2.2.1.1043 v.2.2.1.1043
Unchecky v0.4.3 v.0.4.3
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.31 (64-bit) v.5.31.0
Oracle VM VirtualBox 4.3.12_ZZZZ v.4.3.12 Warning! Download Update
Foxit Reader v.7.3.4.311 Warning! Download Update
TeamViewer 11 v.11.0.52465 Warning! Download Update
TeamViewer 11 (TeamViewer) - The service is running
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.4.7.42330 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 91 v.8.0.910.15 Warning! Download Update
Uninstall old version and install new one (jre-8u92-windows-i586.exe).
Java 8 Update 92 v.8.0.920.14
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 22 NPAPI v.22.0.0.192
Adobe Shockwave Player 12.2 v.12.2.4.194
------------------------------- [ Browser ] -------------------------------
Google Chrome v.51.0.2704.106
Mozilla Firefox 47.0.1 (x86 pt-BR) v.47.0.1
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.51.0.2704.106
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe v.5.2.7.0
ESET Service (ekrn) - The service is running
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe v.5.2.7.0
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe v.16.0.0.1344
MBAMScheduler (MBAMScheduler) - The service has stopped
MBAMService (MBAMService) - The service has stopped
Malwarebytes Anti-Exploit Service (MbaeSvc) - The service is running
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe v.1.8.1.2563
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\Windows\System32\mfevtps.exe
Serviço Windows Defender (WinDefend) - The service has stopped
Serviço de Inspeção de Rede do Windows Defender (WdNisSvc) - The service has stopped
----------------------------- [ End of Log ] ------------------------------
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vitão89

 

Amigo, como está seu Windows?

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.
 
# Etapa nº 2 #
 
imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
 
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
 
Basta clicar no Download Update de cada aviso (post acima), que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

 

# Etapa nº 3 #

 

O Ccleaner é um excelente utilitário de limpeza para o computador.

 

Faça o download dele aqui Ccleaner

 

  • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
  • Clique duas vezes nesta pasta;
  • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
  • Coloque o nome de backups.
  • Abra o programa e clique em Executar Limpeza;
  • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
  • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não acontece nada de anormal aqui. Minha única preocupação é com o IE...

Eu nem uso o IE mas fui abrir ele e apareceu uma msg que tem um programa tentando alterar minha página inicial. Teria como descobrir que programa é esse? Vou fazer os procedimentos do seu último post agora. Obrigado!

 

Algumas dúvidas: 

 

1) No log do securitycheck, diz que o virtualbox está desatualizado mas fui no painel de controle e não aparece esse programa instalado. O que eu tenho aqui é o VMWare workstation

 

2) Eu também tinha um filme salvo na área de trabalho. O ZHPCleaner fez alguma coisa com ele, conforme o log:

MOVIDO arquivo: C:\Users\Victor\Desktop\Goosebumps.2015.1080p.BluRay.x264-Replica 

 

 

3) O JRT removeu um programa do computador. Segue o log abaixo:

O programa a que me refiro está destacado em negrito no log abaixo. Qual foi o motivo da remoção do programa? Ele estava infectado? Eu lembro de ter baixado o programa no próprio site..

 

 

JRT

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 8.1 Single Language x64 
Ran by Victor (Administrator) on 30/06/2016 at 11:27:51,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 11 

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\ProgramData\thunder network (Folder) 
Successfully deleted: C:\Users\Public\thunder network (Folder) 
Successfully deleted: C:\Users\Victor\AppData\Roaming\iobit\driver booster (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (Victor) (Task)

Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder) 
Successfully deleted: C:\Windows\prefetch\DRIVERBOOSTER.EXE-5A181E91.pf (File) 
Successfully deleted: C:\Windows\prefetch\DRIVERBOOSTER.EXE-D5205666.pf (File) 

Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/06/2016 at 11:48:44,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Editado por vitão89

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vitão89

 

Citação

Teria como descobrir que programa é esse?

 

Poderia tirar um print para mim e postar aqui?

 

Com relação aos arquivos do JRT e ZHP eles removem basicamente programas indesejados, e seus respectivos arquivos.

 

Quanto ao filme, depois que terminarmos aqui baixe-o novamente! ;)

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
7 horas atrás, diego_moicano disse:

Caro @vitão89

 

 

Poderia tirar um print para mim e postar aqui?

 

Com relação aos arquivos do JRT e ZHP eles removem basicamente programas indesejados, e seus respectivos arquivos.

 

Quanto ao filme, depois que terminarmos aqui baixe-o novamente! ;)

 

Abraços :D

 

 

Abri o IE pra tirar o print mas não aparece mais a mensagem que eu falei...

 

Eu usava o driver booster pra atualizar os drivers do note e eu baixei do próprio site do programa. Não acho que ele era indesejado. Há algum risco em instalar ele novamente? Obrigado!

 

Esqueci de uma coisa. Como eu faço pra remover o stinger? Ele continua iniciando junto com o sistema mas não aparece entre os programas instalados...

Editado por vitão89

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @vitão89

 

Amigo não curto estes programas a grande maioria faz um scan e mostra drivers desnecessários ou inexistentes, mas você é quem decide. ;)

 

Quanto ao Stinger, remova-o com o Ccleaner, no link (abaixo) do artigo vá no subtítulo Ferramentas e veja como proceder.

 

http://www.tecmundo.com.br/632-aprenda-a-usar-o-ccleaner-o-software-que-vai-deixar-o-seu-computador-tinindo.htm

 

Aguardo

Compartilhar este post


Link para o post
Compartilhar em outros sites
2 horas atrás, diego_moicano disse:

Caro @vitão89

 

Amigo não curto estes programas a grande maioria faz um scan e mostra drivers desnecessários ou inexistentes, mas você é quem decide. ;)

 

Quanto ao Stinger, remova-o com o Ccleaner, no link (abaixo) do artigo vá no subtítulo Ferramentas e veja como proceder.

 

http://www.tecmundo.com.br/632-aprenda-a-usar-o-ccleaner-o-software-que-vai-deixar-o-seu-computador-tinindo.htm

 

Aguardo

 

 

você não usa nenhum outro programa desse tipo? Tem alguma sugestão?

Tentei usar o CCleaner mas o stinger não aparece lá também

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×