ComboFix 15-01-22.02 - Victor 2015/01/23  11:48:51.4.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.55.1046.18.4022.2145 [GMT -2:00]
Executando de: c:\users\Victor\Desktop\ComboFix.exe
Comandos utilizados :: c:\users\Victor\Desktop\cfscript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((   Outras Exclusões   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\amd64_microsoft-windows-e..estorageengine-isam_31bf3856ad364e35_6.1.7601.21680_none_5044387f5c05474f\esent.dll --> c:\windows\system32\esent.dll
.
((((((((((((((((   Arquivos/Ficheiros criados de 2014-12-23 to 2015-01-23  ))))))))))))))))))))))))))))
.
.
2015-01-23 14:01 . 2015-01-23 14:01	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-01-22 23:16 . 2015-01-23 00:24	--------	d-----w-	c:\program files (x86)\gg Ragnarok Online
2015-01-22 18:27 . 2015-01-22 18:27	--------	d-----w-	c:\users\Victor\AppData\Roaming\MPC-HC
2015-01-22 18:26 . 2015-01-22 18:26	--------	d-----w-	c:\program files (x86)\MPC-HC
2015-01-22 18:26 . 2015-01-22 18:26	--------	d-----w-	c:\program files (x86)\LAV Filters
2015-01-21 14:26 . 2014-12-15 06:13	11870360	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1FE81F1-1A1E-4161-B1A4-A7C930D89A28}\mpengine.dll
2015-01-20 23:55 . 2015-01-20 23:55	--------	d-----w-	c:\users\Victor\AppData\Local\Hola
2015-01-20 14:26 . 2015-01-20 14:26	--------	d-----w-	c:\program files\AVAST Software
2015-01-16 00:51 . 2015-01-16 00:51	--------	d-----w-	c:\users\Victor\AppData\Local\WSplitTimer
2015-01-15 14:06 . 2014-12-13 05:09	144384	----a-w-	c:\windows\system32\ieUnatt.exe
2015-01-15 14:06 . 2014-12-13 03:33	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2015-01-14 13:54 . 2014-12-12 05:35	5553592	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-01-14 13:49 . 2014-12-11 17:47	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-01-14 05:50 . 2015-01-14 13:49	--------	d-----w-	c:\windows\system32\catroot2
2015-01-14 05:00 . 2015-01-14 05:00	--------	d-----w-	c:\windows\SysWow64\wbem\Performance
2015-01-13 02:02 . 2015-01-13 02:02	--------	d-----w-	c:\users\Victor\AppData\Roaming\fltk.org
2015-01-12 13:49 . 2015-01-12 13:49	--------	d-----w-	C:\RegBackup
2015-01-12 13:47 . 2015-01-12 13:47	--------	d-----w-	c:\program files (x86)\Tweaking.com
2015-01-07 20:25 . 2015-01-07 20:25	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2015-01-07 20:25 . 2015-01-07 20:25	--------	d-----r-	c:\program files (x86)\Skype
2015-01-07 14:37 . 2015-01-07 15:32	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-07 14:37 . 2015-01-07 14:37	--------	d-----w-	c:\program files (x86)\Malwarebytes Anti-Malware
2015-01-07 14:37 . 2015-01-07 14:37	--------	d-----w-	c:\programdata\Malwarebytes
2015-01-07 14:37 . 2014-11-21 08:14	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-01-07 14:37 . 2014-11-21 08:14	93400	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-01-07 14:37 . 2014-11-21 08:14	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-01-07 00:13 . 2015-01-07 18:07	--------	d-----w-	c:\program files (x86)\SpeedFan
2015-01-06 01:08 . 2015-01-06 01:08	--------	d-----w-	c:\windows\ERUNT
2015-01-06 00:50 . 2015-01-06 01:25	--------	d-----w-	C:\FRST
2015-01-05 20:19 . 2015-01-05 20:19	--------	d-----w-	c:\windows\Migration
2015-01-05 19:50 . 2015-01-05 19:50	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2015-01-05 19:49 . 2014-07-07 02:06	24576	----a-w-	c:\windows\system32\mfpmp.exe
2015-01-05 19:49 . 2014-07-07 02:02	2048	----a-w-	c:\windows\system32\mferror.dll
2015-01-05 19:49 . 2014-07-07 01:37	2048	----a-w-	c:\windows\SysWow64\mferror.dll
2015-01-05 19:49 . 2014-07-07 02:06	55808	----a-w-	c:\windows\system32\rrinstaller.exe
2015-01-05 19:49 . 2014-07-07 01:40	103424	----a-w-	c:\windows\SysWow64\mfps.dll
2015-01-05 19:49 . 2014-07-07 01:39	50176	----a-w-	c:\windows\SysWow64\rrinstaller.exe
2015-01-05 19:49 . 2014-07-07 01:39	23040	----a-w-	c:\windows\SysWow64\mfpmp.exe
2015-01-05 19:49 . 2014-10-18 01:33	3209728	----a-w-	c:\windows\SysWow64\mf.dll
2015-01-05 19:49 . 2014-07-07 02:06	206848	----a-w-	c:\windows\system32\mfps.dll
2015-01-05 19:49 . 2014-10-18 02:05	4121600	----a-w-	c:\windows\system32\mf.dll
2015-01-05 19:40 . 2014-06-27 02:08	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2015-01-05 19:40 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2015-01-05 00:50 . 2014-08-01 11:53	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2015-01-05 00:50 . 2014-08-01 11:35	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2015-01-05 00:36 . 2014-10-14 02:13	683520	----a-w-	c:\windows\system32\termsrv.dll
2015-01-05 00:36 . 2014-10-14 02:07	681984	----a-w-	c:\windows\system32\adtschema.dll
2015-01-05 00:36 . 2014-10-14 01:46	681984	----a-w-	c:\windows\SysWow64\adtschema.dll
2015-01-05 00:36 . 2014-10-14 01:47	146432	----a-w-	c:\windows\SysWow64\msaudite.dll
2015-01-05 00:36 . 2014-10-14 02:09	146432	----a-w-	c:\windows\system32\msaudite.dll
2015-01-05 00:36 . 2014-06-24 03:29	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2015-01-05 00:36 . 2014-06-24 02:59	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2015-01-05 00:25 . 2014-09-25 02:08	371712	----a-w-	c:\windows\system32\qdvd.dll
2015-01-05 00:25 . 2014-09-25 01:40	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2015-01-05 00:25 . 2014-08-12 02:02	878080	----a-w-	c:\windows\system32\IMJP10K.DLL
2015-01-05 00:25 . 2014-08-12 01:36	701440	----a-w-	c:\windows\SysWow64\IMJP10K.DLL
2015-01-05 00:22 . 2014-10-30 02:03	165888	----a-w-	c:\windows\system32\charmap.exe
2015-01-05 00:22 . 2014-10-30 01:45	155136	----a-w-	c:\windows\SysWow64\charmap.exe
2015-01-05 00:22 . 2014-09-04 05:23	424448	----a-w-	c:\windows\system32\rastls.dll
2015-01-05 00:22 . 2014-09-04 05:04	372736	----a-w-	c:\windows\SysWow64\rastls.dll
2015-01-05 00:22 . 2014-10-03 02:12	2020352	----a-w-	c:\windows\system32\WsmSvc.dll
2015-01-05 00:22 . 2014-10-03 02:12	310272	----a-w-	c:\windows\system32\WsmWmiPl.dll
2015-01-05 00:22 . 2014-10-03 01:45	1177088	----a-w-	c:\windows\SysWow64\WsmSvc.dll
2015-01-05 00:20 . 2014-07-17 02:07	235520	----a-w-	c:\windows\system32\winsta.dll
2015-01-05 00:20 . 2014-07-17 02:07	150528	----a-w-	c:\windows\system32\rdpcorekmts.dll
2015-01-05 00:20 . 2014-07-17 01:40	157696	----a-w-	c:\windows\SysWow64\winsta.dll
2015-01-05 00:20 . 2014-07-17 01:21	212480	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2015-01-05 00:20 . 2014-07-17 02:07	455168	----a-w-	c:\windows\system32\winlogon.exe
2015-01-05 00:20 . 2014-07-17 01:21	39936	----a-w-	c:\windows\system32\drivers\tssecsrv.sys
2015-01-05 00:20 . 2014-10-10 00:57	3198976	----a-w-	c:\windows\system32\win32k.sys
2015-01-05 00:20 . 2014-10-14 02:13	3241984	----a-w-	c:\windows\system32\msi.dll
2015-01-05 00:20 . 2014-10-14 01:50	2363904	----a-w-	c:\windows\SysWow64\msi.dll
2015-01-05 00:15 . 2014-09-05 01:52	5703168	----a-w-	c:\windows\SysWow64\mstscax.dll
2015-01-05 00:15 . 2014-09-05 02:11	6584320	----a-w-	c:\windows\system32\mstscax.dll
2015-01-05 00:14 . 2014-10-18 02:05	861696	----a-w-	c:\windows\system32\oleaut32.dll
2015-01-05 00:14 . 2014-10-18 01:33	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2015-01-02 14:53 . 2015-01-02 14:53	--------	d-----w-	c:\program files (x86)\by Decepticon
.
.
.
(((((((((((((((((((((((((((((((((((((   Relatório Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-14 03:02 . 2013-01-04 15:15	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-01-14 03:02 . 2013-01-04 15:15	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-06 06:36 . 2013-01-04 15:14	298120	------w-	c:\windows\system32\MpSigStub.exe
2014-12-12 00:21 . 2014-12-12 00:24	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-12-02 21:59 . 2014-12-02 21:59	466456	----a-w-	c:\windows\system32\wrap_oal.dll
2014-12-02 21:59 . 2014-12-02 21:59	122904	----a-w-	c:\windows\system32\OpenAL32.dll
2014-12-02 21:59 . 2014-12-02 21:59	444952	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2014-12-02 21:59 . 2014-12-02 21:59	109080	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2014-11-27 18:40 . 2013-01-27 20:55	112710672	----a-w-	c:\windows\system32\MRT.exe
2014-11-18 16:56 . 2014-11-18 16:56	1202848	----a-w-	c:\windows\SysWow64\FM20.DLL
.
.
((((((((((((((((((((((((((((((((((((((((((((   Look   )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of %user%\library ----
.
.
---- Directory of c:\program files\Common ----
.
.
.
((((((((((((((((((((((((((   Pontos de Carregamento do Registro   )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Victor\AppData\Roaming\uTorrent\uTorrent.exe" [2014-01-29 969104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;d:\hi-rez studios\HiPatchService.exe;d:\hi-rez studios\HiPatchService.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-01-15 23:57	1087816	----a-w-	c:\program files (x86)\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2015-01-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-04 03:02]
.
2014-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04 15:08]
.
2015-01-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04 15:08]
.
.
--------- X64 Entries -----------
.
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.1
FF - ProfilePath - c:\users\Victor\AppData\Roaming\Mozilla\Firefox\Profiles\mknxlisv.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORFÃOS REMOVIDOS - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-Bioshock Infinite_R.G. Mechanics_is1 - c:\users\Valmir\AppData\Roaming\Bioshock Infinite\Uninstall\unins000.exe
AddRemove-CoreAAC Audio Decoder - c:\windows\system32\CoreAAC-uninstall.exe
AddRemove-DFO - d:\dfo\DFOLauncher.exe
AddRemove-G-Senjou_no_Maou_Aegis - c:\program files (x86)\?????????\G?????\uninstall.exe
AddRemove-HaaliMkx - c:\program files (x86)\Matroska Pack\haali\uninstall.exe
AddRemove-Luftrausers 1.0.0.1 - c:\program files (x86)\Devolver Digital\Luftrausers\Uninstall.exe
AddRemove-Melty Blood Actress Again Current Code English - c:\users\Valmir\Downloads\MBAACC\aq\MBAACC\uninstall.exe
AddRemove-Monaco What's Yours Is Mine_is1 - c:\program files (x86)\Monaco\unins000.exe
AddRemove-Q2hpbGRvZkxpZ2h0_is1 - d:\child of light\unins000.exe
AddRemove-Sonic Generations_is1 - d:\sonic generations\unins000.exe
AddRemove-The Swapper_is1 - c:\program files (x86)\The Swapper\unins000.exe
AddRemove-The Walking Dead Season 2 EP 2_is1 - c:\program files (x86)\The Walking Dead Season 2 EP 2\unins000.exe
AddRemove-Trine 2_is1 - d:\r.g. catalyst\Trine 2\uninstall\unins000.exe
AddRemove-{1744E95A-53A5-9D5F-9935-A1CF739879A4}_is1 - d:\r.g. catalyst\Dark Souls - Prepare to Die\uninstall\unins000.exe
AddRemove-{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC} - d:\hi-rez studios\HiRezGamesDiagAndSupport.exe
AddRemove-{B641E348-377C-4819-B92F-03F1D35A7EE3}_is1 - c:\game\tasofro\th135\unins000.exe
.
.
.
Tempo para conclusão: 2015-01-23  12:05:30
ComboFix-quarantined-files.txt  2015-01-23 14:05
ComboFix2.txt  2015-01-22 02:21
.
Pré-execução: 8.997.408.768 bytes disponíveis
Pós execução: 8.556.224.512 bytes disponíveis
.
- - End Of File - - 38C1AFEEC3A00200D986773EBA577230
A36C5E4F47E84449FF07ED3517B43A31