Muito obrigada Boutrik e Joram, aqui estão as análises de meus logs!
FRST - http://www.cjoint.com/c/ELkuG7qkon6
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:09-12-2015
Executado por Lemos Family (administrador) em LEMOS-VISIONS (10-12-2015 18:17:37)
Executando a partir de C:\Users\André\Desktop
Perfis Carregados: Lemos Family (Perfis Disponíveis: Lemos Family & Convidado)
Platform: Windows 10 Home Single Language (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Edge)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfws.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.1\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.1\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SAMSUNG Electronics co., LTD.) C:\ProgramData\Samsung\ShutdownEvent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(TODO: ) C:\ProgramData\Samsung\DisplaySwitch.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(TODO: ) C:\ProgramData\Samsung\_DisplayChecker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(SEC) C:\Program Files\Samsung\Recovery\WCScheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242712 2015-09-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-10-04] (Realtek Semiconductor)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3965904 2013-06-06] ()
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3826600 2015-10-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2819984 2015-12-04] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1814696054-3307049566-497932591-1001\...\Run: [DisplaySwitch] => C:\programdata\samsung\DisplaySwitch.exe [1758512 2013-12-10] (TODO: )
HKU\S-1-5-21-1814696054-3307049566-497932591-1001\...\Run: [uTorrent] => C:\Users\André\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-04] (BitTorrent Inc.)
HKU\S-1-5-21-1814696054-3307049566-497932591-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-1814696054-3307049566-497932591-1001\...\MountPoints2: {3e2429fc-bfc8-11e4-826c-24f5aa672f3d} - "E:\LGAutoRun.exe"
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {3B57FB6C-A919-4F9F-A547-5338311D45B9} => C:\windows\SYSTEM32\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
ShellIconOverlayIdentifiers: [BitcasaIconOverlay] -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll [2013-06-06] ()
ShellIconOverlayIdentifiers: [BitcasaProgressOverlay] -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll [2013-06-06] ()
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [1EldosIconOverlay] -> {3B57FB6C-A919-4F9F-A547-5338311D45B9} => C:\windows\SysWOW64\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll [2013-02-11] (EldoS Corporation)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 200.189.80.123 200.189.80.128
Tcpip\..\Interfaces\{7bdf9b9f-9976-4c75-800f-08e0c6a4e71c}: [DhcpNameServer] 200.189.80.123 200.189.80.128
Tcpip\..\Interfaces\{f7d43743-d60e-4421-8bf8-506abce37aa3}: [DhcpNameServer] 200.189.80.123 200.189.80.109
Internet Explorer:
==================
HKU\S-1-5-21-1814696054-3307049566-497932591-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={510C0F03-9CAD-4D15-B0A2-CE30CA934C39}&mid=f43aa52ad5f747cda162f5bcec83c6ce-eca7a8042b214ad24fe7c7d9879874b6fa676cfb&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0415avt&pr=fr&d=2015-04-30 23:01:41&v=4.1.0.411&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1814696054-3307049566-497932591-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com/?pc=smjb
SearchScopes: HKU\S-1-5-21-1814696054-3307049566-497932591-1001 -> DefaultScope {25AEA4C0-6ABA-42AD-8BCD-644EB82536FD} URL =
SearchScopes: HKU\S-1-5-21-1814696054-3307049566-497932591-1001 -> {25AEA4C0-6ABA-42AD-8BCD-644EB82536FD} URL =
SearchScopes: HKU\S-1-5-21-1814696054-3307049566-497932591-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={510C0F03-9CAD-4D15-B0A2-CE30CA934C39}&mid=f43aa52ad5f747cda162f5bcec83c6ce-eca7a8042b214ad24fe7c7d9879874b6fa676cfb&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=0415avt&pr=fr&d=2015-04-30 23:01:41&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.1.951\AVG Web TuneUp.dll => Nenhum Arquivo
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-10-13] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.1.951\AVG Web TuneUp.dll [2015-12-04] (AVG)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\cxww4wc8.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.1\\npsitesafety.dll [Nenhum Arquivo]
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-1814696054-3307049566-497932591-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxp://fwww.google.com.br/
CHR StartupUrls: Default -> "hxxps://www.google.com.br/","hxxp://mysearch.avg.com?cid={D64B1B04-D479-4731-A8D1-FDA1E71F6EA3}&mid=d142fb926e0447d098c9d1a93b51f48d-f962e766f5fce25b8ae7fd88c88589a3e5e11caa&lang=en&ds=px011&coid=avgtbdispx&cmpid=&pr=sa&d=2014-03-27 22:48:56&v=18.0.5.292&pid=safeguard&sg=&sap=hp","hxxps://www.google.com.br/
hxxp://mysearch.avg.com?cid={D64B1B04-D479-4731-A8D1-FDA1E71F6EA3}&mid=d142fb926e0447d098c9d1a93b51f48d-f962e766f5fce25b8ae7fd88c88589a3e5e11caa&lang=en&ds=px011&coid=avgtbdispx&cmpid=&pr=sa&d=2014-03-27 22:48:56&v=18.0.5.292&pid=safeguard&sg=&sap=hp","about:newtab?source=home","hxxp://istart.webssearches.com/?type=hp&ts=1398383101&from=pcm&uid=SAMSUNGXHD081GJ_S196J50Q349603","hxxp://istart.webssearches.com/?type=hppp&ts=1398383316&from=pcm&uid=SAMSUNGXHD081GJ_S196J50Q349603","hxxp://istart.webssearches.com/?type=hppp&ts=1398395363&from=pcm&uid=SAMSUNGXHD081GJ_S196J50Q349603","hxxp://istart.webssearches.com/?type=hppp&ts=1398401948&from=pcm&uid=SAMSUNGXHD081GJ_S196J50Q349603","hxxp://istart.webssearches.com/?type=hppp&ts=1398456143&from=pcm&uid=SAMSUNGXHD081GJ_S196J50Q349603","hxxp://istart.webssearches.com/?type=hppp&ts=1398456914&from=pcm&uid=SAMSUNGXHD081GJ_S196J50Q349603","hxxp://istart.webssearches.com/?type=hp&ts=1416075753&from=pcm&uid=SAMSUNGXHD081GJ_S196J50Q349603"
CHR Profile: C:\Users\André\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (iMacros for Chrome) - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2015-11-28]
CHR Extension: (Font Changer with Google Web Fonts?) - C:\Users\André\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjhhoglgjdklldfgoffdiaceffijeke [2015-11-28]
CHR HKU\S-1-5-21-1814696054-3307049566-497932591-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [595376 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1569416 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3815648 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-10-30] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-19] (Digital Wave Ltd.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [131288 2015-09-22] (ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1594176 2014-04-21] (Samsung Electronics CO., LTD.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3025248 2015-07-07] (Samsung Electronics CO., LTD.)
R2 vToolbarUpdater40.2.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.1\ToolbarUpdater.exe [1926544 2015-12-04] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1164688 2015-12-04] ()
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-01-06] (Atheros) [Arquivo não assinado]
S3 Origin Client Service; "C:\Program Files (x86)\Origin\OriginClientService.exe" [X]
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3861504 2013-10-29] (Qualcomm Atheros Communications, Inc.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-10-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255408 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [306608 2015-10-08] (AVG Technologies CZ, s.r.o.)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352448 2013-02-11] (EldoS Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [32328 2015-09-22] (ELAN Microelectronic Corp.)
S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [19968 2013-06-05] (Intel Mobile Communications)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 shspusb; C:\Windows\System32\drivers\HSPUSB.sys [24064 2013-06-05] (MobileTop)
S3 sscdserd; C:\Windows\System32\drivers\sscdserd.sys [158024 2013-06-05] (MCCI Corporation)
S3 ssceserd; C:\Windows\System32\drivers\ssceserd.sys [158024 2013-06-05] (MCCI Corporation)
S3 ssdudfu; C:\Windows\System32\drivers\ssdudfu.sys [101960 2013-06-05] (MCCI)
S3 ssm_bus; C:\Windows\System32\drivers\ssm_bus.sys [136192 2013-06-05] (MCCI Corporation)
S3 ssm_mdm; C:\Windows\System32\drivers\ssm_mdm.sys [172032 2013-06-05] (MCCI Corporation)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\Windows\System32\drivers\ss_bserd.sys [128000 2013-06-05] (MCCI Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2015-12-10 18:21 - 2015-12-10 18:21 - 00016148 _____ C:\WINDOWS\system32\LEMOS-VISIONS_Lemos Family_HistoryPrediction.bin
2015-12-10 18:17 - 2015-12-10 18:21 - 00023874 _____ C:\Users\André\Desktop\FRST.txt
2015-12-10 15:50 - 2015-12-10 15:50 - 00016148 _____ C:\WINDOWS\system32\LEMOS-VISIONS_mari__HistoryPrediction.bin
2015-12-10 14:29 - 2015-12-10 16:05 - 00000000 ____D C:\Users\mari_
2015-12-10 13:51 - 2015-12-10 13:51 - 00016148 _____ C:\WINDOWS\system32\LEMOS-VISIONS_maria_HistoryPrediction.bin
2015-12-10 13:40 - 2015-12-10 14:03 - 00000000 ____D C:\Users\maria\AppData\Local\Packages
2015-12-10 13:39 - 2015-12-10 14:03 - 00000000 ____D C:\Users\maria
2015-12-10 03:14 - 2015-12-10 03:14 - 00016148 _____ C:\WINDOWS\system32\LEMOS-FAMILY_Lemos Family_HistoryPrediction.bin
2015-12-09 23:26 - 2015-12-10 18:17 - 00000000 ___DC C:\FRST
2015-12-09 23:24 - 2015-12-09 23:25 - 02369024 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe
2015-12-09 22:34 - 2015-12-09 22:34 - 00000000 ____D C:\Program Files (x86)\ESET
2015-12-08 19:38 - 2015-12-08 19:39 - 00000000 __HDC C:\$SysReset
2015-12-07 05:07 - 2015-12-07 05:07 - 00000000 __HDC C:\$Windows.~BT
2015-12-07 03:03 - 2015-12-08 19:39 - 00000000 ____D C:\WINDOWS\Panther
2015-12-05 19:33 - 2014-12-15 01:03 - 00024104 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\fbnative.exe
2015-12-05 19:28 - 2015-12-05 19:34 - 00000000 ____D C:\Program Files (x86)\EaseUS
2015-12-05 12:58 - 2015-12-05 12:58 - 00002878 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-05 12:58 - 2015-12-05 12:58 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-05 12:58 - 2015-12-05 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-05 12:58 - 2015-12-05 12:58 - 00000000 ____D C:\Program Files\CCleaner
2015-12-05 00:04 - 2015-12-05 00:04 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-04 17:21 - 2015-12-04 17:21 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2015-11-29 17:52 - 2015-11-29 17:52 - 00000000 ____D C:\Users\Todos os Usuários\CanonIJWSpt
2015-11-29 17:52 - 2015-11-29 17:52 - 00000000 ____D C:\ProgramData\CanonIJWSpt
2015-11-29 17:24 - 2012-03-26 05:00 - 00392192 _____ (CANON INC.) C:\WINDOWS\system32\CNMXLMB5.DLL
2015-11-29 17:15 - 2015-12-05 11:02 - 00000000 ____D C:\Users\André\AppData\Roaming\Canon
2015-11-29 17:15 - 2015-11-29 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP230 series
2015-11-29 17:15 - 2015-11-29 17:15 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-11-29 17:15 - 2012-02-08 16:34 - 00320000 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B5L.dll
2015-11-29 17:15 - 2012-01-25 10:49 - 00073984 _____ C:\WINDOWS\SysWOW64\CNC175FD.TBL
2015-11-29 17:15 - 2012-01-16 14:21 - 00103424 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B5U.dll
2015-11-29 17:15 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2015-11-29 17:14 - 2015-11-29 17:14 - 00000000 ___HD C:\Program Files\CanonBJ
2015-11-29 17:11 - 2012-03-26 05:00 - 00389120 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMB5.DLL
2015-11-29 17:10 - 2012-02-08 16:36 - 00363520 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B5L.dll
2015-11-29 17:10 - 2012-01-16 14:21 - 00287744 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B5C.dll
2015-11-29 17:10 - 2012-01-16 14:20 - 00106496 _____ (CANON INC.) C:\WINDOWS\system32\CNC_B5I.dll
2015-11-29 17:10 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
2015-11-11 00:44 - 2015-11-05 03:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 00:44 - 2015-11-05 03:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 00:44 - 2015-11-05 03:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 00:44 - 2015-11-05 03:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 00:44 - 2015-11-05 03:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 00:44 - 2015-11-05 03:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 00:44 - 2015-11-05 03:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 00:44 - 2015-11-05 03:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 00:44 - 2015-11-05 02:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 00:44 - 2015-11-05 02:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 00:44 - 2015-11-05 02:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 00:44 - 2015-11-05 02:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 00:44 - 2015-11-05 02:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 00:44 - 2015-11-05 02:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 00:44 - 2015-11-05 02:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 00:44 - 2015-11-05 02:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 00:44 - 2015-11-05 02:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 00:44 - 2015-11-05 02:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 00:44 - 2015-11-05 02:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 00:44 - 2015-11-05 02:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 00:44 - 2015-11-05 02:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 00:44 - 2015-11-05 02:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 00:44 - 2015-11-05 02:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 00:44 - 2015-11-05 02:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 00:44 - 2015-11-05 02:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 00:44 - 2015-11-05 02:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 00:44 - 2015-11-05 02:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 00:44 - 2015-11-05 02:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 00:44 - 2015-11-05 02:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 00:44 - 2015-11-05 02:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 00:44 - 2015-11-05 02:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 00:44 - 2015-11-05 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 00:44 - 2015-11-05 02:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 00:44 - 2015-11-05 01:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 00:44 - 2015-11-05 01:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 00:44 - 2015-11-05 01:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 00:44 - 2015-11-05 01:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 00:44 - 2015-11-05 01:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 00:44 - 2015-11-05 01:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 00:44 - 2015-11-05 01:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 00:44 - 2015-11-05 01:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 00:44 - 2015-11-05 01:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 00:44 - 2015-11-05 01:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 00:44 - 2015-11-05 01:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 00:44 - 2015-11-05 01:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 00:44 - 2015-11-05 01:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 00:44 - 2015-11-05 01:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 00:44 - 2015-11-05 01:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 00:44 - 2015-11-05 01:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 00:44 - 2015-11-05 01:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 00:44 - 2015-11-05 01:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 00:44 - 2015-11-05 01:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 00:44 - 2015-11-05 01:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2015-12-10 18:19 - 2015-04-16 01:56 - 00000000 ____D C:\Users\Todos os Usuários\MFAData
2015-12-10 18:19 - 2015-04-16 01:56 - 00000000 ____D C:\ProgramData\MFAData
2015-12-10 18:13 - 2015-07-10 09:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-10 18:11 - 2015-02-28 15:19 - 00000000 ____D C:\Users\André\AppData\Roaming\uTorrent
2015-12-10 18:08 - 2015-05-21 19:15 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-10 18:05 - 2015-07-10 10:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-10 18:03 - 2015-07-10 07:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-10 17:40 - 2015-05-21 19:15 - 00001102 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-10 17:11 - 2014-06-23 01:39 - 00000000 ____D C:\Users\Todos os Usuários\WinClon
2015-12-10 17:11 - 2014-06-23 01:39 - 00000000 ____D C:\ProgramData\WinClon
2015-12-10 16:37 - 2015-07-10 07:05 - 00000000 ____D C:\Windows
2015-12-10 15:58 - 2015-07-10 09:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-10 15:25 - 2015-07-10 08:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-10 14:40 - 2015-02-27 13:24 - 00004176 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C179E78D-3463-49D0-9A35-E79D6D7B122A}
2015-12-10 14:34 - 2015-02-27 02:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-10 13:45 - 2015-07-29 22:31 - 01810446 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-10 13:45 - 2015-07-10 14:55 - 00782022 _____ C:\WINDOWS\system32\prfh0416.dat
2015-12-10 13:45 - 2015-07-10 14:55 - 00153010 _____ C:\WINDOWS\system32\prfc0416.dat
2015-12-10 13:45 - 2015-07-10 09:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-10 13:18 - 2015-07-10 07:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-10 04:29 - 2015-07-10 09:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-10 04:01 - 2015-02-28 17:23 - 06552576 ___SH C:\Users\André\Downloads\Thumbs.db
2015-12-10 04:00 - 2015-07-29 22:08 - 00000000 ____D C:\Users\André
2015-12-08 00:35 - 2015-02-27 13:12 - 00000000 ____D C:\Users\André\AppData\Local\Packages
2015-12-07 02:52 - 2015-05-23 22:08 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-06 15:19 - 2015-05-25 04:28 - 00000132 _____ C:\Users\André\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-12-06 02:52 - 2015-03-01 15:41 - 00000000 ____D C:\Users\André\AppData\Local\Last.fm
2015-12-06 01:42 - 2015-05-01 00:02 - 00000000 ____D C:\Users\André\AppData\Local\AVG Web TuneUp
2015-12-06 01:42 - 2015-05-01 00:01 - 00000000 ____D C:\Users\Todos os Usuários\AVG Web TuneUp
2015-12-06 01:42 - 2015-05-01 00:01 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2015-12-05 17:41 - 2015-08-11 13:36 - 00000000 ____D C:\Users\André\AppData\Roaming\MPC-HC
2015-12-05 17:40 - 2015-08-08 20:30 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-05 17:40 - 2015-07-10 09:04 - 00000000 ____D C:\WINDOWS\ModemLogs
2015-12-05 17:40 - 2015-03-03 16:14 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2015-12-05 11:20 - 2015-08-19 23:32 - 00002382 _____ C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-05 11:20 - 2015-02-28 18:19 - 00000000 __RDO C:\Users\André\OneDrive
2015-12-04 22:25 - 2015-09-21 19:22 - 00000000 ____D C:\Users\Todos os Usuários\MTA San Andreas All
2015-12-04 22:25 - 2015-09-21 19:22 - 00000000 ____D C:\ProgramData\MTA San Andreas All
2015-12-04 21:44 - 2015-10-13 20:13 - 00000000 ____D C:\Users\André\AppData\Roaming\IMVU
2015-12-04 21:34 - 2015-05-21 19:15 - 00004160 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 21:34 - 2015-05-21 19:15 - 00003928 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 17:21 - 2015-05-01 00:01 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2015-12-03 02:39 - 2015-05-21 19:16 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-29 22:42 - 2015-07-10 09:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-11-29 22:35 - 2015-04-01 00:36 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics
2015-11-29 22:23 - 2015-07-10 09:04 - 00000000 __RSD C:\WINDOWS\Media
2015-11-25 19:06 - 2015-07-22 20:00 - 00000000 ____D C:\Users\André\AppData\Local\Windows Live
2015-11-25 09:22 - 2015-07-10 09:04 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2015-11-25 09:22 - 2015-07-10 09:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-25 09:20 - 2015-02-28 11:48 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-13 10:26 - 2015-07-10 09:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 18:45 - 2015-02-28 21:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 00:50 - 2015-02-28 21:50 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Arquivos na raiz de alguns diretórios =======
2015-05-25 04:28 - 2015-12-06 15:19 - 0000132 _____ () C:\Users\André\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-05-26 21:52 - 2015-10-31 14:08 - 0001456 _____ () C:\Users\André\AppData\Local\Adobe Salvar para a Web 11.0 Prefs
2015-05-23 20:34 - 2015-05-23 20:36 - 0001456 _____ () C:\Users\André\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2015-05-24 01:32 - 2015-05-24 01:32 - 0001456 _____ () C:\Users\André\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-05-13 14:29 - 2015-05-13 14:29 - 0000000 _____ () C:\Users\André\AppData\Local\{7C40DCD6-0019-454C-90E4-7A6BAAA45BBD}
2015-07-29 22:03 - 2015-07-29 22:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-23 02:00 - 2013-02-19 05:34 - 2064264 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2014-06-23 02:00 - 2013-01-12 12:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml
2015-03-27 23:22 - 2015-03-27 23:22 - 0000016 _____ () C:\ProgramData\mntemp
2015-03-27 23:22 - 2015-03-27 23:22 - 0004913 _____ () C:\ProgramData\mtbjfghn.xbe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2015-12-06 03:21
==================== Fim de FRST.txt ============================
Read more at http://www.cjoint.com/c/ELkuG7qkon6#lSGIR8lC1iEXF3p1.99
ADDITION - http://www.cjoint.com/c/ELkuKBr0Hc6
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão:09-12-2015
Executado por Lemos Family (2015-12-10 18:24:55)
Executando a partir de C:\Users\André\Desktop
Windows 10 Home Single Language (X64) (2015-07-30 00:56:08)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-1814696054-3307049566-497932591-500 - Administrator - Disabled)
Convidado (S-1-5-21-1814696054-3307049566-497932591-501 - Limited - Disabled) => C:\Users\Convidado
DefaultAccount (S-1-5-21-1814696054-3307049566-497932591-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1814696054-3307049566-497932591-1005 - Limited - Enabled)
Lemos Family (S-1-5-21-1814696054-3307049566-497932591-1001 - Administrator - Enabled) => C:\Users\André
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-1814696054-3307049566-497932591-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Apple Mobile Device Support (HKLM\...\{9B3B4129-220E-42C7-9C5B-91C65E0885B4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG (Version: 16.7.7227 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4483 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.7.7227 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.1.951 - AVG Technologies)
Bitcasa version 1.0.1.5011 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 1.0.1.5011 - Bitcasa Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP230 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP230_series) (Version: 1.03 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden
Free Video to JPG Converter (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.65.1019 - DVDVideoSoft Ltd.)
Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.3.1000 - Intel Corporation)
iTunes (HKLM\...\{C36440D2-5DBE-4F20-8D39-39D83FDBBE4E}) (Version: 12.1.1.4 - Apple Inc.)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm)
LG SP USB Driver (HKLM-x32\...\{E2AE8456-CCFE-46C0-8629-71CC507660FC}) (Version: 1.0 - LG Electronics)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
LG USB WML Modem Driver (HKLM-x32\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics)
Microsoft Office 365 - pt-br (HKLM\...\O365HomePremRetail - pt-br) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft Office 365 ProPlus - pt-br (HKLM\...\O365ProPlusRetail - pt-br) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 pt-BR)) (Version: 42.0 - Mozilla)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
MyFreeCodec (HKU\S-1-5-21-1814696054-3307049566-497932591-1001\...\MyFreeCodec) (Version: - )
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 2.0.0.21 - RSUPPORT)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.12 - Samsung Electronics CO., LTD.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Hidden
Samsung Update (HKLM-x32\...\{00ABE05F-DB49-4421-AA35-833DD9A9A94D}) (Version: 2.2.12 - Samsung Electronics CO., LTD.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Settings (HKLM-x32\...\{3BB58176-B3A7-47FD-9F18-C3576431D193}) (Version: 2.2.0 - Samsung Electronics CO., LTD.)
SideSync (HKLM-x32\...\{59687468-8CE9-4ABF-9C6A-5C31F0E09F8B}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype? 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Suporte para Aplicativos Apple (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Suporte para Aplicativos Apple Apple (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
The Sims 4 Update v1.4.83.1010 inc Outdoor Retreat DLC (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims? 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims? 3 Acelerando Coleção de Objetos (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims? 3 Anos 70, 80, e 90 Coleção de Objetos (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims? 3 Caindo na Noite (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims? 3 Cinema Coleção de Objetos (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims? 3 Diesel Coleção de Objetos (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims? 3 Estações (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims? 3 Gerações (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims? 3 Ilha Paradisíaca (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims? 3 Katy Perry Mundo Doce (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims? 3 No Futuro (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims? 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims? 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims? 3 Sobrenatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims? 3 Suíte de Luxo Coleção de Objetos (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims? 3 Vida ao Ar Livre Coleção de Objetos (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims? 3 Vida em Alto Estilo Coleção de Objetos (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims? 3 Vida Universitária (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims? 3 Vida Urbana Coleção de Objetos (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims? 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Topaz Clean 3 (64-bit) (Version: 3.0.2 - Topaz Labs) Hidden
Topaz Clean 3 (x32 Version: 3.0.2 - Topaz Labs) Hidden
Unity Web Player (HKU\S-1-5-21-1814696054-3307049566-497932591-1001\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
User Manual (HKLM-x32\...\{DA11CC4A-5E90-4EA9-8E7B-29D5328E35F0}) (Version: 2.0.00 - Samsung Electronics CO., LTD.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
CustomCLSID: HKU\S-1-5-21-1814696054-3307049566-497932591-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\André\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1814696054-3307049566-497932591-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Pontos de Restauração =========================
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 11:25 - 2013-08-22 11:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {076BAEAC-884F-4B17-A329-17D610A6F75A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21] (Google Inc.)
Task: {0E40742B-6537-433B-B208-FCF85B1671FB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Nenhum Arquivo <==== ATENÇÃO
Task: {18BC1C9C-68DD-4CF1-A440-E584EFEA85B7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {1938EFDB-D588-42BA-8708-E20156BA2402} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {28FDE171-3BA7-44DA-924A-018F31B6C475} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {3011E6B0-2F62-485B-BCEB-72332A54B168} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Nenhum Arquivo <==== ATENÇÃO
Task: {35DB4326-27E5-4F25-8758-AF1B4B884CBF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {46B0FD51-7735-4F33-81AC-9030E3FD7133} - System32\Tasks\DisplayChecker => C:\programdata\Samsung\_DisplayChecker.exe [2013-12-10] (TODO: )
Task: {4FCED468-778D-4479-88CA-1CF1889D84BD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {5825BF75-0569-4D5D-948A-095D88AFBE36} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {64801E1C-F683-4791-8934-53CEC96301F8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {68E82C38-243C-4B50-B55F-10C429486728} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-10-04] (Realtek Semiconductor)
Task: {68F02E32-BD6D-4643-95F0-34C16EAB8F48} - System32\Tasks\ShutdownOpt => C:\ProgramData\Samsung\ShutdownEvent.exe [2013-09-17] (SAMSUNG Electronics co., LTD.)
Task: {72CCBB4D-E9D2-4755-8A0F-ADB66AB75117} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {74103C7D-F777-4157-82B0-642A77D80839} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Nenhum Arquivo <==== ATENÇÃO
Task: {995FE329-D5E2-4AA9-A5CA-86570F17A5CB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Nenhum Arquivo <==== ATENÇÃO
Task: {99AD8D04-A971-453C-8564-A89F710A0387} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {AA55F23D-FA4C-4EA9-A75C-A21FB1EC861C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {B71D5170-0EA0-47F8-BB0D-D81102330B71} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-04-17] (SEC)
Task: {BEEB6D46-C980-49EC-8672-914DEA6098E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21] (Google Inc.)
Task: {C067745D-BB67-4368-B5D5-90B66A52644A} - System32\Tasks\{257D25F8-265A-4097-8DDC-A4C7A9D5C5C3} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.7.0.103/pt/abandoninstall?page=tsProgressBar
Task: {C21A88A3-900C-4F99-B12E-0375D255CDF5} - System32\Tasks\1015avUpdateInfo => C:\ProgramData\Avg_Update_1015av\1015av_AVG-Secure-Search-Update.exe [2015-10-11] ()
Task: {C7625ABF-CC24-494E-B4E5-028CE27D7414} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Nenhum Arquivo <==== ATENÇÃO
Task: {CEDD71D0-D8D1-4BB6-9CDF-4BF315D2220B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-10-13] (Microsoft Corporation)
Task: {D538424A-2413-4429-B7E4-42047FC72629} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Nenhum Arquivo <==== ATENÇÃO
Task: {E417EB21-B478-4D11-A5B4-5D3A28487B7B} - System32\Tasks\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2014-04-21] ()
Task: {E67FC238-A32C-4A78-9635-C39CF8417D2F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {EF08709D-9A91-449A-A36B-CA78160F89B9} - System32\Tasks\SettingsEventHandlerMonitor => C:\Program Files (x86)\Samsung\Settings\CmdServer\RSSettingEventHandler.exe [2014-04-21] (Samsung Electronics CO., LTD.)
Task: {F25E08DC-72A6-4021-A1C7-F41053FDC253} - System32\Tasks\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [2014-04-21] (Samsung Electronics CO., LTD.)
Task: {F4613043-21DE-4820-AFF2-C3749E6C9C35} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FA3E95CA-BE91-4F8A-91CF-1C416D92DF09} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
==================== Módulos Carregados (Whitelisted) ==============
2015-07-29 21:52 - 2015-07-29 21:52 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-05-01 00:01 - 2015-12-04 17:21 - 01164688 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-02-28 11:48 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-18 19:59 - 2015-08-11 07:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-12-04 17:21 - 2015-12-04 17:21 - 00192912 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.1\loggingserver.exe
2015-10-03 23:18 - 2015-09-17 04:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-03 23:18 - 2015-09-17 04:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-06-23 01:35 - 2013-06-06 02:15 - 00288720 _____ () C:\Program Files\Bitcasa\ExplorerMenu.dll
2014-06-23 01:36 - 2013-06-06 02:23 - 01645056 _____ () C:\Program Files\Bitcasa\bitcasaui.dll
2015-10-03 23:17 - 2015-09-17 03:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-03 23:18 - 2015-09-17 03:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-03 23:17 - 2015-09-17 03:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-03 23:17 - 2015-09-17 03:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-03 23:18 - 2015-09-17 03:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-05-01 00:01 - 2015-12-04 17:21 - 02819984 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-08-18 20:00 - 2015-08-11 07:57 - 02641760 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-26 18:48 - 2015-10-19 18:13 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-10-26 18:48 - 2015-10-19 18:13 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-10-26 18:48 - 2015-10-19 18:13 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-26 18:48 - 2015-10-19 18:13 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-10-26 18:48 - 2015-10-19 18:13 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-10-26 18:48 - 2015-10-19 18:13 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-12-04 17:21 - 2015-12-04 17:21 - 00533904 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.1\log4cplusU.dll
2014-06-23 00:33 - 2013-09-16 18:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-04-21 22:42 - 2014-04-21 22:42 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2015-11-03 13:59 - 2015-11-03 11:19 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-12-03 02:39 - 2015-11-24 06:00 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libglesv2.dll
2015-12-03 02:39 - 2015-11-24 06:00 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Program Files\Bitcasa:Win32App
AlternateDataStreams: C:\Program Files\Bonjour:Win32App
AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Office 15:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files\MPC-HC:Win32App
AlternateDataStreams: C:\Program Files\Zune:Win32App
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App
AlternateDataStreams: C:\Program Files (x86)\Bonjour:Win32App
AlternateDataStreams: C:\Program Files (x86)\DVDVideoSoft:Win32App
AlternateDataStreams: C:\Program Files (x86)\ImgBurn:Win32App
AlternateDataStreams: C:\Program Files (x86)\iTunes:Win32App
AlternateDataStreams: C:\Program Files (x86)\Last.fm:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
AlternateDataStreams: C:\Program Files (x86)\Qualcomm Atheros:Win32App
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App
AlternateDataStreams: C:\Program Files (x86)\The Sims 4:Win32App
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App
AlternateDataStreams: C:\Program Files (x86)\WinRAR:Win32App
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\Users\Todos os Usuários:NT
AlternateDataStreams: C:\Users\Todos os Usuários:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\AVG:Win32App
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:NT
AlternateDataStreams: C:\ProgramData\Dados de Aplicativos:NT2
AlternateDataStreams: C:\ProgramData\Microsoft:Win32App
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App
AlternateDataStreams: C:\Users\André\Dados de Aplicativos:NT
AlternateDataStreams: C:\Users\André\Dados de Aplicativos:NT2
AlternateDataStreams: C:\Users\André\AppData\Roaming:NT
AlternateDataStreams: C:\Users\André\AppData\Roaming:NT2
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Application Data:NT2
AlternateDataStreams: C:\Users\Todos os Usuários\AVG:Win32App
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de Aplicativos:NT
AlternateDataStreams: C:\Users\Todos os Usuários\Dados de Aplicativos:NT2
AlternateDataStreams: C:\Users\Todos os Usuários\Microsoft:Win32App
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Todos os Usuários\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Todos os Usuários\regid.1991-06.com.microsoft:Win32App
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== EXE Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
IE trusted site: HKU\S-1-5-21-1814696054-3307049566-497932591-1001\...\sharepoint.com -> hxxps://etecspgov.sharepoint.com
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-1814696054-3307049566-497932591-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Pictures\d'Hurt Locker\Japan-Night-Street-Wallpaper-HD-Background.jpg
DNS Servers: 200.189.80.123 - 200.189.80.128
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4C9C0BEE-92F2-4EAF-99F4-56761C744505}] => (Allow) LPort=1900
FirewallRules: [{1FD9B234-D711-4DDA-B07A-DDCB04F71D60}] => (Allow) LPort=2869
FirewallRules: [{409F8039-FB6B-43F4-ABD2-5CD912066CF7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{BB8E5EBB-238C-42A6-BBC5-3A2C1C2D0995}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{1AC1807D-D4E4-4732-ACA7-39F3F834BBBF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{BCF29704-66CE-4E23-B979-E8772F8A9D65}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{4B8C279E-0937-486B-B2C1-FDB8A1BCE625}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [UDP Query User{F76EB836-DC68-48D2-B771-616883D99522}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [TCP Query User{3B29C035-C4D3-4E23-AB2E-599D5DADBF7C}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [{4F7D0DB0-0093-4451-B494-50A507AB4833}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{FCE19755-E79F-47A0-883D-3A6D9A9ECDB2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{DD0E036F-B8F0-462C-8B4D-7D896EC1F0FD}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DEAAAF59-0E84-442E-BDDE-FD1B5CFC2AB2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F6DB942F-2AA9-48B2-A508-B9EA084C004F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A4133810-1F20-4E82-93B8-7553716B9124}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{72567C36-A037-42AA-AC73-60054C58DDE0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7767D65F-41A6-4B9A-B7FB-E22D67BE8777}] => (Allow) C:\Users\André\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{360810C5-E20C-40BC-B867-109C1AE9C42B}] => (Allow) C:\Users\André\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B29F53C4-D0B9-4474-90E8-C00E0838CF97}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{8779CBCE-7B37-4748-8CCC-DF2285308BFE}] => (Allow) LPort=1900
FirewallRules: [{A5C96F71-1AA7-4126-AD48-447A83289243}] => (Allow) LPort=7900
FirewallRules: [{0BE568B1-2CC1-4A46-83D5-2A32E428EB91}] => (Allow) LPort=24234
FirewallRules: [{55A43250-4040-4684-9E43-B48FFE417B45}] => (Allow) LPort=7679
FirewallRules: [{B7837078-B61E-493F-85BB-AB101AC5B825}] => (Allow) LPort=7676
FirewallRules: [{A88B72F0-5FF9-42D5-9BFF-089956630F30}] => (Allow) LPort=8643
FirewallRules: [{535B8D4D-1AD0-4AFE-A296-0EE68622661E}] => (Allow) LPort=8743
FirewallRules: [TCP Query User{C1A16EC2-0000-402D-B641-07DC4010CF6A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BB2914AF-97AC-4B61-8662-50EBEFA9C471}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7894BB73-8DB1-4A65-96DB-6F3DA4595AD5}C:\users\andré\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\andré\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{A3859004-4BE5-46F2-A7F2-D3B0AFA5FA82}C:\users\andré\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\andré\appdata\local\popcorn time\nw.exe
FirewallRules: [{491181BC-A071-4302-8D2A-3717659BC7CE}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{0C9B1310-BA23-402E-BE85-43522B7747B3}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [TCP Query User{007DC06F-4B97-4BDC-AC65-1401B1BC8CF6}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [UDP Query User{A1659CB9-8877-4179-ABF2-E1F6BD9B3910}C:\program files (x86)\mta san andreas 1.5\server\mta server.exe] => (Block) C:\program files (x86)\mta san andreas 1.5\server\mta server.exe
FirewallRules: [{C0E454F2-0266-4F34-A8B5-32D5EC41D404}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{B7EDFA8F-7407-471D-8A08-F1AF677EDCCC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{86EF1DBF-F8C4-48DB-92C7-2E67F04693AE}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{08B7C9A6-4AE7-4238-82D1-A574BB639E7D}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E84C840D-8E25-48C5-B8FA-FB282D2A5005}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E7B40B8D-83F5-415E-9C8C-155FBA9C7FAE}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{34D99E65-1E35-4F03-9E98-0ACAF0F42004}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1FDEC7B1-B6B8-447C-89DD-B54F1BBC6791}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{DD333142-829E-4EB5-8DC9-364BD1E77EF9}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{7732DB9D-F599-497E-AA4A-F29DDBBBD400}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{3F254429-241F-4B0A-BC75-EC7730A391D8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{D62FB83C-22F9-4D25-9D24-F6AFD22A9C8B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{31EF2B10-254F-41FF-827B-01EE7B1FB691}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{E65C6FCA-779C-4CEF-AF8F-56F360955E7A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6830B79C-8F7A-437E-94B5-464F4638D95F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{AAD1152A-2FB8-44DF-B834-48E7471F7716}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{914A4F02-946C-4C5C-9CA3-E84EAAA9D7CF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{69E99BED-8FA5-4BC1-B248-318081D684DA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{F50225BB-90B3-4B38-833E-8C48425480C6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A5683468-9A60-4E37-B0B0-6C923C3F949B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A089B13A-C78E-43B2-8826-66F7306DE912}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2D1A5755-4168-4789-96EA-CBA2A5D0C3FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{71F8861D-2844-467C-AB8D-0DFE4C6F8A86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3B9B2B0E-A38E-4D6D-9A89-089A29C04FA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (12/10/2015 06:03:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LEMOS-VISIONS)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (12/10/2015 05:14:08 PM) (Source: ESENT) (EventID: 471) (User: )
Description: svchost (1912) SRUJet: Não é possível reverter a operação #495 no banco de dados C:\WINDOWS\system32\SRU\SRUDB.dat. Erro: -529. Todas as atualizações futuras serão rejeitadas.
Error: (12/10/2015 05:14:08 PM) (Source: ESENT) (EventID: 492) (User: )
Description: svchost (1912) SRUJet: A sequência de arquivo de log em "C:\WINDOWS\system32\SRU\" foi interrompida devido a um erro fatal. Não serão possíveis outras atualizações dos bancos de dados que utilizam essa sequência de arquivo de log. Corrija o problema e reinicie, ou restaure do backup.
Error: (12/10/2015 05:14:08 PM) (Source: ESENT) (EventID: 413) (User: )
Description: svchost (1912) SRUJet: Não é possível criar um novo arquivo de log porque o banco de dados não pode gravar na unidade de log. Talvez a unidade seja somente leitura, tenha espaço em disco insuficiente, esteja mal configurada ou esteja corrompida. Erro -529.
Error: (12/10/2015 05:14:07 PM) (Source: ESENT) (EventID: 482) (User: )
Description: svchost (1912) SRUJet: Falha ao tentar gravar no arquivo "C:\WINDOWS\system32\SRU\SRUtmp.log" no deslocamento 0 (0x0000000000000000) para 65536 (0x00010000) bytes após svchost0 segundos com o erro de sistema 112 (0x00000070): "Espaço insuficiente no disco. ". A operação de gravação falhará com o erro -1808 (0xfffff8f0). Se o erro persistir, talvez o arquivo esteja danificado e necessite ser restaurado de um backup anterior.
Error: (12/10/2015 04:16:23 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Falha na geração de contexto de ativação para "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Erro no arquivo de manifesto ou de política UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2", na linha UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Identidade do componente localizado no manifesto não corresponde à identidade do componente solicitado.
A referência é UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
A definição é UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Use o arquivo sxstrace.exe para obter um dignóstico detalhado.
Error: (12/10/2015 04:11:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LEMOS-VISIONS)
Description: Falha na ativação do aplicativo Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (12/10/2015 04:11:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LEMOS-VISIONS)
Description: Falha na ativação do aplicativo microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (12/10/2015 04:11:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LEMOS-VISIONS)
Description: Falha na ativação do aplicativo Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp com o erro: -2144927148. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.
Error: (12/10/2015 04:06:04 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: LEMOS-VISIONS)
Description: O Windows não pôde excluir o diretório C:\Users\mari_ do perfil. Isso pode ter ocorrido porque alguns arquivos do diretório podem estar sendo usados por outro programa.
DETALHE - A pasta não está vazia.
Erros de Sistema:
=============
Error: (12/10/2015 06:03:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Host de Sincronização_Session1.
Error: (12/10/2015 06:03:16 PM) (Source: DCOM) (EventID: 10010) (User: LEMOS-VISIONS)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (12/10/2015 06:03:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_Session1 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (12/10/2015 04:18:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Serviço Intel(R) Management and Security Application Local Management Service suspenso ao iniciar.
Error: (12/10/2015 04:11:32 PM) (Source: DCOM) (EventID: 10010) (User: LEMOS-VISIONS)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (12/10/2015 04:11:30 PM) (Source: DCOM) (EventID: 10010) (User: LEMOS-VISIONS)
Description: Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.3
Error: (12/10/2015 04:11:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: O serviço Host de Sincronização_Session2 foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
Error: (12/10/2015 04:06:12 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (12/10/2015 03:50:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: App.AppX9s1cz53zc86xn39kwrb02jyft9ecn62r.mca
Error: (12/10/2015 03:50:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
CodeIntegrity:
===================================
Date: 2015-12-10 04:59:53.482
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-10 04:59:53.269
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-10 04:59:52.531
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-10 04:59:52.224
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-10 02:56:11.317
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-10 02:56:11.264
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-10 02:56:10.876
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-10 02:56:10.814
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-10 02:12:00.452
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-10 02:12:00.170
Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Informações da Memória ===========================
Processador: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
Percentagem de memória em uso: 55%
RAM física total: 3969.85 MB
RAM física disponível: 1775.2 MB
Virtual Total: 4165.55 MB
Virtual disponível: 2085.18 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:448.87 GB) (Free:0.16 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 723F0560)
Partition: GPT.
==================== Fim de Addition.txt ============================
