Hi zep516!
Thanks for answering.
Following the FRST.txt (It's in portuguese, I hope there's no problem)
------
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 21-08-2016 01
Executado por Sâmia (administrador) em FRANK (25-08-2016 20:33:36)
Executando a partir de C:\Users\Sâmia\Desktop
Perfis Carregados: Sâmia (Perfis Disponíveis: Sâmia)
Platform: Windows 8.1 Pro (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Inc.) D:\Adobe Collection\Acrobat 10.0\Acrobat\acrotray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Hammer & Chisel, Inc.) C:\Users\Sâmia\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Sâmia\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Sâmia\AppData\Local\Discord\app-0.0.296\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6603520 2016-06-02] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => D:\Adobe Collection\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Adobe Collection\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23889496 2016-08-23] (Dropbox, Inc.)
HKU\S-1-5-21-3829250189-3500746750-2784270290-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3829250189-3500746750-2784270290-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-3829250189-3500746750-2784270290-1001\...\Run: [GoogleChromeAutoLaunch_B066F74780E55CE6F72F236F30256F57] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1152840 2016-08-02] (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-18] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-23] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 201.6.2.89 201.6.2.179
Tcpip\..\Interfaces\{07225615-874D-4087-AC5B-C0690520C127}: [DhcpNameServer] 201.6.2.89 201.6.2.179
Tcpip\..\Interfaces\{0E8615B2-051F-4D5B-964C-8AA3C28E0E9D}: [DhcpNameServer] 201.6.2.89 201.6.2.179
Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-18] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-18] (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> D:\VLC Media Player\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> D:\VLC Media Player\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC Media Player\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> D:\Adobe Collection\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-18]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-18]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - D:\Adobe Collection\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - D:\Adobe Collection\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-06-19] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR DefaultSearchURL: Profile 1 -> chrome-extension://klbibkeccnjlkjkiokjodocebajanakg/suspended.html#uri=hxxp://cronologiadoacaso.com.br/2016/07/24/como-e-por-onde-comecar-a-estudar-cinema/
CHR Profile: C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-18]
CHR Extension: (Google Docs) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-18]
CHR Extension: (Google Drive) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-18]
CHR Extension: (YouTube) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-18]
CHR Extension: (Adblock Plus) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-23]
CHR Extension: (Avast SafePrice) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-08-17]
CHR Extension: (Planilhas do Google) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-18]
CHR Extension: (Documentos Google off-line) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-18]
CHR Extension: (Avast Online Security) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-19]
CHR Extension: (Pinterest Save Button) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-07-19]
CHR Extension: (The Great Suspender) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2016-08-17]
CHR Extension: (Hangouts do Google) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2016-08-23]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-18]
CHR Extension: (Gmail) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-18]
CHR Extension: (Chrome Media Router) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
CHR Profile: C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Apresentações) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-25]
CHR Extension: (Google Docs) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-25]
CHR Extension: (Google Drive) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-25]
CHR Extension: (YouTube) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-25]
CHR Extension: (Adblock Plus) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-25]
CHR Extension: (Planilhas do Google) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-25]
CHR Extension: (Documentos Google off-line) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-25]
CHR Extension: (Pinterest Save Button) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-08-25]
CHR Extension: (The Great Suspender) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2016-08-25]
CHR Extension: (Hangouts do Google) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knipolnnllmklapflnccelgolnpehhpl [2016-08-25]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-25]
CHR Extension: (Gmail) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\Sâmia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-06-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-18]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-18] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-06-20] (Dropbox, Inc.)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [Arquivo não assinado]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23808 2016-06-02] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-18] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-06-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-18] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-06-18] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-06-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [101376 2016-06-02] (Advanced Micro Devices)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S4 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2016-06-18] (Basil Projects)
S2 SADP_NPF; \??\D:\npf64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-25 20:33 - 2016-08-25 20:33 - 00020101 _____ C:\Users\Sâmia\Desktop\FRST.txt
2016-08-25 20:32 - 2016-08-25 20:33 - 00000000 ____D C:\FRST
2016-08-25 20:32 - 2016-08-25 20:32 - 02396160 _____ (Farbar) C:\Users\Sâmia\Desktop\FRST64.exe
2016-08-25 02:31 - 2016-08-25 02:31 - 00000000 ____D C:\Users\Sâmia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
2016-08-24 21:27 - 2016-08-24 21:27 - 00010648 _____ C:\Users\Sâmia\Downloads\Gone_Girl_(2014)_720p_BrRip_x264_-_YIFY.torrent
2016-08-23 21:55 - 2016-08-23 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-23 20:28 - 2016-08-24 23:36 - 00000000 ____D C:\Users\Sâmia\AppData\Roaming\discord
2016-08-23 20:28 - 2016-08-24 23:29 - 00000000 ____D C:\Users\Sâmia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-23 20:28 - 2016-08-24 23:29 - 00000000 ____D C:\Users\Sâmia\AppData\Local\Discord
2016-08-23 20:28 - 2016-08-23 20:28 - 00000000 ____D C:\Users\Sâmia\AppData\Local\SquirrelTemp
2016-08-23 20:25 - 2016-08-23 20:28 - 50899640 _____ (Hammer & Chisel, Inc.) C:\Users\Sâmia\Downloads\DiscordSetup.exe
2016-08-20 00:39 - 2016-08-20 00:39 - 00136912 _____ C:\Users\Sâmia\Downloads\boleto.pdf
2016-08-18 20:59 - 2016-08-18 21:17 - 00000000 ____D C:\Users\Sâmia\Downloads\Stranger Series
2016-08-17 21:53 - 2016-08-17 21:54 - 59842687 _____ C:\Users\Sâmia\Downloads\Tree.of.Savior.Addon.Manager-win32-ia32.zip
2016-08-13 17:30 - 2016-08-13 17:30 - 00025639 _____ C:\Users\Sâmia\Downloads\the.double.(2013).pob.1cd.(5798713).zip
2016-08-12 23:02 - 2016-08-12 23:02 - 00021445 _____ C:\Users\Sâmia\Downloads\The_Truth_About_Emanuel_2013_BRRip_XviD_MP3-RARBG.torrent
2016-08-12 22:58 - 2016-08-12 22:58 - 00026610 _____ C:\Users\Sâmia\Downloads\Honeymoon_2014_BRRip_XviD_AC3-RARBG.torrent
2016-08-12 22:12 - 2016-08-12 22:12 - 00020117 _____ C:\Users\Sâmia\Downloads\The_Crow_4_-_Wicked_Prayer_(Action_2005)_720p_BrRip.torrent
2016-08-12 22:05 - 2016-08-12 22:05 - 00024969 _____ C:\Users\Sâmia\Downloads\The_Crow_1994_720p_BluRay_H264_AAC-RARBG.torrent
2016-08-12 21:59 - 2016-08-12 21:59 - 00022485 _____ C:\Users\Sâmia\Downloads\Young_Adam_2003_BRRip_XviD_MP3-RARBG.torrent
2016-08-11 19:54 - 2016-08-11 19:54 - 00015680 _____ C:\Users\Sâmia\Downloads\Batman_Mask_Of_The_Phantasm_(1993)_x264_576p_HDRiP_{Dual_Audio}_[Hindi_2.0_-_English_2.0]-DREDD.torrent
2016-08-03 20:39 - 2016-08-03 20:50 - 00001456 _____ C:\Users\Sâmia\AppData\Local\Adobe Save for Web 13.0 Prefs
2016-07-31 16:53 - 2016-07-31 16:53 - 00000000 ___RD C:\Users\Sâmia\Documents\Scanned Documents
2016-07-31 16:53 - 2016-07-31 16:53 - 00000000 ____D C:\Users\Sâmia\Documents\Fax
2016-07-29 19:41 - 2016-07-29 19:42 - 312297650 _____ C:\Users\Sâmia\Desktop\Sakura Card Captors Episodio 1.avi
2016-07-28 21:43 - 2016-07-28 21:43 - 00000000 ____D C:\Users\Sâmia\AppData\Local\Sony
2016-07-26 21:20 - 2016-07-26 21:20 - 06906002 _____ C:\Users\Sâmia\Documents\SAM_animatoons_09.wav
2016-07-26 21:09 - 2016-07-26 21:23 - 00000000 ____D C:\Users\Sâmia\AppData\Roaming\Audacity
2016-07-26 21:09 - 2016-07-26 21:09 - 00000560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-07-26 21:09 - 2016-07-26 21:09 - 00000000 ____D C:\Users\Sâmia\AppData\Local\Audacity
2016-07-26 21:08 - 2016-07-26 21:08 - 26496761 _____ (Audacity Team ) C:\Users\Sâmia\Downloads\audacity-win-2.1.2.exe
2016-07-26 19:17 - 2016-07-26 19:18 - 00000000 ____D C:\AOC
2016-07-26 19:15 - 2016-07-26 19:15 - 00059928 _____ C:\Users\Sâmia\Downloads\drivers_serie_70.zip
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-25 20:26 - 2016-06-18 12:50 - 00000000 __SHD C:\Users\Sâmia\AppData\LocalLow\EmieUserList
2016-08-25 20:26 - 2016-06-18 12:50 - 00000000 __SHD C:\Users\Sâmia\AppData\LocalLow\EmieSiteList
2016-08-25 20:12 - 2016-06-18 12:57 - 00001088 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-25 20:04 - 2016-06-20 23:59 - 00001030 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-08-25 18:12 - 2016-06-18 12:57 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-25 17:54 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\system32\NDF
2016-08-25 16:46 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\Inf
2016-08-25 13:19 - 2016-06-18 00:46 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3829250189-3500746750-2784270290-1001
2016-08-25 11:58 - 2016-06-20 23:59 - 00001026 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-08-25 02:46 - 2016-06-18 13:56 - 00000000 ____D C:\Users\Sâmia\AppData\Roaming\Skype
2016-08-25 02:40 - 2016-06-22 18:56 - 00000000 ____D C:\Users\Sâmia\AppData\Roaming\uTorrent
2016-08-24 21:45 - 2016-06-22 19:41 - 00000000 ____D C:\Users\Sâmia\AppData\Roaming\vlc
2016-08-23 21:55 - 2016-06-20 23:59 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-08-23 18:13 - 2016-06-19 11:48 - 00000000 ____D C:\Users\Sâmia\AppData\Local\Battle.net
2016-08-18 16:54 - 2013-08-22 12:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-17 17:21 - 2016-07-03 19:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-17 17:13 - 2016-06-18 13:47 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-10 17:12 - 2016-06-18 12:58 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-08 12:10 - 2014-03-18 07:33 - 01707228 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-08 12:10 - 2014-03-18 06:45 - 00737880 _____ C:\Windows\system32\prfh0416.dat
2016-08-08 12:10 - 2014-03-18 06:45 - 00150516 _____ C:\Windows\system32\prfc0416.dat
2016-08-05 18:24 - 2016-06-18 13:47 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-03 20:40 - 2016-06-18 12:50 - 00000000 __SHD C:\Users\Sâmia\AppData\Local\EmieUserList
2016-08-03 20:40 - 2016-06-18 12:50 - 00000000 __SHD C:\Users\Sâmia\AppData\Local\EmieSiteList
2016-08-03 20:38 - 2014-03-18 08:28 - 00000000 ____D C:\Users\Sâmia\AppData\Roaming\Adobe
2016-08-02 21:50 - 2013-08-22 11:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-02 18:38 - 2016-06-18 13:47 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147043227518701
2016-07-28 22:06 - 2013-08-22 12:36 - 00000000 ____D C:\Windows\PLA
2016-07-28 21:43 - 2016-07-11 21:42 - 00000000 ____D C:\Users\Sâmia\AppData\Roaming\Sony
2016-07-28 18:07 - 2016-06-18 12:57 - 00004060 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 18:07 - 2016-06-18 12:57 - 00003824 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-27 18:21 - 2016-06-18 13:56 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-27 18:21 - 2016-06-18 13:56 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2016-07-27 18:21 - 2016-06-18 13:56 - 00000000 ____D C:\ProgramData\Skype
2016-07-26 19:19 - 2013-08-22 10:25 - 00262144 ___SH C:\Windows\system32\config\BBI
==================== Arquivos na raiz de alguns diretórios =======
2016-08-03 20:39 - 2016-08-03 20:50 - 0001456 _____ () C:\Users\Sâmia\AppData\Local\Adobe Save for Web 13.0 Prefs
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-19 13:54
==================== Fim de FRST.txt ============================
And the Addition.txt
---
Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 21-08-2016 01
Executado por Sâmia (25-08-2016 20:34:03)
Executando a partir de C:\Users\Sâmia\Desktop
Windows 8.1 Pro (Update) (X64) (2014-03-18 11:27:58)
Modo da Inicialização: Normal
==========================================================
==================== Contas: =============================
Administrador (S-1-5-21-3829250189-3500746750-2784270290-500 - Administrator - Disabled)
Convidado (S-1-5-21-3829250189-3500746750-2784270290-501 - Limited - Disabled)
Sâmia (S-1-5-21-3829250189-3500746750-2784270290-1001 - Administrator - Enabled) => C:\Users\Sâmia
==================== Central de Segurança ========================
(Se uma entrada for incluída na fixlist, será removida.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Programas Instalados ======================
(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)
µTorrent (HKU\S-1-5-21-3829250189-3500746750-2784270290-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Affinity Designer Public Beta (HKLM\...\{2BF745E5-0956-40DF-AE8F-81A95AC24DA7}) (Version: 1.5.0.4 - Serif)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
aTube Catcher versão 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
Awesomenauts (HKLM\...\Steam App 204300) (Version: - Ronimo Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Curse (HKLM-x32\...\{A20BFF62-AE3C-42BD-9C52-841CAB96BC49}) (Version: 6.0.0.0 - Curse)
Discord (HKU\S-1-5-21-3829250189-3500746750-2784270290-1001\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.43.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PewDiePie: Legend of the Brofist (HKLM\...\Steam App 390520) (Version: - Outerminds Inc.)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Relic Hunters Zero (HKLM\...\Steam App 382490) (Version: - Rogue Snail)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Slender: The Arrival (HKLM\...\Steam App 252330) (Version: - Blue Isle Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
To the Moon (HKLM\...\Steam App 206440) (Version: - Freebird Games)
Transistor (HKLM\...\Steam App 237930) (Version: - Supergiant Games)
Tree of Savior (English Ver.) (HKLM\...\Steam App 372000) (Version: - IMCGAMES Co.,Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0) (Version: 1.0.11.0 - LunarG, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Exame Personalizado CLSID (Whitelisted): ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Tarefas Agendadas (Whitelisted) =============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
Task: {0970DB51-220C-4024-B745-0257237480AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-18] (Google Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {12DC4638-7B97-4D9E-BC3F-1CF421096737} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-06-02] (Advanced Micro Devices, Inc.)
Task: {14B17A21-B4D6-4B08-92D9-D53661D4E318} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {27C4FC57-54F5-4E88-98A2-11C29453128C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-18] (AVAST Software)
Task: {5059EA28-68A7-4D19-9979-1A21CE27A4C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-18] (Google Inc.)
Task: {90000C45-5D51-4831-B7BD-422C1A6F5964} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-20] (Dropbox, Inc.)
Task: {93E79D31-D839-47D3-82CC-45767F7E01F3} - System32\Tasks\SafeZone scheduled Autoupdate 1466268627 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {9903A445-4472-4F8B-BF79-C184C21C9DDE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-06-20] (Dropbox, Inc.)
Task: {CDAC3860-E28B-4ECE-9CC6-72653D58C4C7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-18] (AVAST Software)
Task: {DDD83EF9-254B-4046-A3E2-872ABFD7ED85} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-11] ()
(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Atalhos =============================
(As entradas podem ser listadas para serem restauradas ou removidas.)
ShortcutWithArgument: C:\Users\Sâmia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome\Hangouts do Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Sâmia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Módulos Carregados (Whitelisted) ==============
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-08-10 17:12 - 2016-08-02 20:41 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-10 17:12 - 2016-08-02 20:40 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-03-11 17:31 - 2016-03-11 17:31 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1046.dll
2016-06-18 13:47 - 2016-06-18 13:47 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-18 13:47 - 2016-06-18 13:47 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-02 18:33 - 2016-08-02 18:33 - 03002880 _____ () C:\Program Files\AVAST Software\Avast\defs\16080201\algo.dll
2016-06-18 13:47 - 2016-06-18 13:47 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-18 13:47 - 2016-06-18 13:47 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-08-03 18:05 - 2016-08-03 18:05 - 03004416 _____ () C:\Program Files\AVAST Software\Avast\defs\16080301\algo.dll
2016-08-25 20:03 - 2016-08-25 20:03 - 03016192 _____ () C:\Program Files\AVAST Software\Avast\defs\16082505\algo.dll
2016-06-18 13:47 - 2016-06-18 13:47 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-21 00:02 - 2016-07-11 23:07 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-08-23 21:55 - 2016-07-11 23:07 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-08-23 21:55 - 2016-07-11 23:07 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-08-23 21:55 - 2016-07-11 23:07 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-06-21 00:02 - 2016-07-11 23:07 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-06-21 00:02 - 2016-07-11 23:07 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-06-21 00:02 - 2016-08-23 20:17 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-06-21 00:02 - 2016-07-11 23:07 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-06-21 00:02 - 2016-07-11 23:07 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-08-04 19:10 - 2016-08-23 20:17 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-04 19:10 - 2016-08-23 20:17 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-08-23 21:55 - 2016-07-11 23:07 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-08-23 21:55 - 2016-07-11 23:09 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-06-21 00:02 - 2016-08-23 20:17 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-06-21 00:02 - 2016-08-23 20:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-21 00:02 - 2016-08-23 20:17 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-06-21 00:02 - 2016-08-23 20:17 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-06-21 00:02 - 2016-07-11 23:07 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-08-04 19:10 - 2016-07-11 23:08 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-06-21 00:02 - 2016-08-23 20:17 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-06-21 00:02 - 2016-08-23 20:17 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-08-23 21:55 - 2016-07-11 23:09 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-08-23 21:55 - 2016-08-23 20:17 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-08-23 21:55 - 2016-08-23 20:17 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-06-21 00:02 - 2016-07-11 23:07 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 03929392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 01972016 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-04 19:10 - 2016-08-23 20:17 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-06-21 00:02 - 2016-07-11 23:09 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-04 19:10 - 2016-08-23 20:17 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00168248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-08-23 21:55 - 2016-08-23 20:17 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-08-24 23:29 - 2016-08-24 17:49 - 01950392 _____ () C:\Users\Sâmia\AppData\Local\Discord\app-0.0.296\ffmpeg.dll
2016-08-24 23:36 - 2016-08-24 23:36 - 01050296 _____ () \\?\C:\Users\Sâmia\AppData\Roaming\discord\0.0.296\modules\discord_voice\discord_voice.node
2016-08-24 23:36 - 2016-08-24 23:36 - 03793080 _____ () \\?\C:\Users\Sâmia\AppData\Roaming\discord\0.0.296\modules\discord_voice\libdiscord.dll
2016-08-24 23:36 - 2016-08-24 23:36 - 00894136 _____ () \\?\C:\Users\Sâmia\AppData\Roaming\discord\0.0.296\modules\discord_utils\discord_utils.node
2016-08-24 23:36 - 2016-08-24 23:36 - 01119416 _____ () \\?\C:\Users\Sâmia\AppData\Roaming\discord\0.0.296\modules\discord_toaster\discord_toaster.node
2016-08-24 23:29 - 2016-08-24 17:49 - 02230456 _____ () C:\Users\Sâmia\AppData\Local\Discord\app-0.0.296\libglesv2.dll
2016-08-24 23:29 - 2016-08-24 17:49 - 00088760 _____ () C:\Users\Sâmia\AppData\Local\Discord\app-0.0.296\libegl.dll
2016-08-25 17:59 - 2016-08-25 17:59 - 00170496 _____ () \\?\C:\Users\Sâmia\AppData\Local\Temp\2EC9.tmp.node
==================== Alternate Data Streams (Whitelisted) =========
(Se uma entrada for incluída na fixlist, somente o ADS será removido.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\Users\Todos os Usuários\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
==================== Modo de Segurança (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)
==================== Associação (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)
==================== Internet Explorer confiável/restrito ===============
(Se uma entrada for incluída na fixlist, será removida do Registro.)
==================== Hosts Conteúdo: ===============================
(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)
2013-08-22 10:25 - 2013-08-22 10:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Outras Áreas ============================
(Atualmente não há nenhuma correção automática para esta seção.)
HKU\S-1-5-21-3829250189-3500746750-2784270290-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sâmia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 201.6.2.89 - 201.6.2.179
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.
==================== MSCONFIG/TASK MANAGER ítens desabilitados ==
(Atualmente não há nenhuma correção automática para esta seção.)
==================== Regras do Firewall (Whitelisted) ===============
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BA4D5914-7FD7-4F16-A0FA-FA12C7458D24}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{71C26B77-9718-4CE3-9704-0F7BF8A972E5}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{CE79A663-0AD0-48CA-9DF1-D6D83C926D13}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{4755AD27-5745-4383-8094-6A2D73E3B209}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{77F481E2-7B64-4278-8CBD-F8527BCE216F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{CADE9DCD-41A2-4057-B28E-5F0DAD6014BB}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{84CC6A00-7CD5-4E9E-9803-20513FF0DD86}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{82A8FB11-48CE-48FD-A00D-E1A03F064598}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{484AD646-2CDA-4961-B73A-7724B700B4E2}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{4D72F189-3745-41FA-A7F1-31957ECE27BE}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{DF5DE3D9-03F8-4A66-B31D-E79E5FA25131}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4F4D121F-0EBE-4F7D-B659-CA851E88F8F3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{327B5BB8-830D-4BFB-A55C-0770A37DDEDA}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B645D703-D9EB-46B7-8DB5-E36FF6ADC4BE}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [TCP Query User{F1CA4505-3B8B-41E3-9583-35799D660EB6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{7CEA44E1-A43E-4FF7-9CDA-6089D07322B5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1884FC94-9CDF-43A5-BB03-29058509E33A}] => (Allow) D:\Steam\steamapps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{A1343403-8C4B-4346-AAB9-92FA740EEC84}] => (Allow) D:\Steam\steamapps\common\Relic Hunters Zero\RelicHuntersZero.exe
FirewallRules: [{AE801869-BCB4-481B-B9E3-2740B2409000}] => (Allow) D:\Steam\steamapps\common\PewDiePie Legend of the Brofist\PewDiePieLegendOfTheBrofist.exe
FirewallRules: [{DB64F170-3034-4189-8C84-CA9E2D727F3A}] => (Allow) D:\Steam\steamapps\common\PewDiePie Legend of the Brofist\PewDiePieLegendOfTheBrofist.exe
FirewallRules: [{B33DAB71-BC23-4631-B35B-0F35F7976DDC}] => (Allow) LPort=1688
FirewallRules: [{4F7AFFA1-17A8-4BE5-B13D-5CE8585320D1}] => (Allow) C:\Users\Sâmia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EE7A2DAF-817D-4A67-9846-D5D2BB58EBA0}] => (Allow) C:\Users\Sâmia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3C087A7C-E912-4664-8CEB-4EA48742D1AD}] => (Allow) C:\Users\Sâmia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6F93E60E-03CF-4D67-B036-C9FBB1609104}] => (Allow) C:\Users\Sâmia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6564297F-E644-462E-B48D-57ACA2FF3FF5}] => (Allow) C:\Users\Sâmia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0A0CD037-2546-4ADF-9915-C824E4A6135C}] => (Allow) C:\Users\Sâmia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{C144B2A4-260B-48F3-8E86-0678FA64E13B}D:\battle.net\games\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\games\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1C4C7FA4-F9FD-4D19-A3D6-E95977A75263}D:\battle.net\games\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\games\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
FirewallRules: [{F8AABD58-4A4B-4BBE-88AC-C24782D52F8E}] => (Allow) D:\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{351E0093-5FFD-453D-B4B7-5F57EE288838}] => (Allow) D:\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe
FirewallRules: [{EB8436B1-D157-4B2E-8804-3E926A31D8F5}] => (Allow) D:\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{AE8CBD86-6455-4A09-A5C3-4BDFCB05DB82}] => (Allow) D:\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [TCP Query User{73E254E7-0328-49D4-9567-1D941F1A68E4}D:\cms.exe] => (Allow) D:\cms.exe
FirewallRules: [UDP Query User{5EC408FF-E4A2-4137-B02B-66EE7D764079}D:\cms.exe] => (Allow) D:\cms.exe
FirewallRules: [{92BD84C8-8719-454F-A1B1-DE45144B45D5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CAFC1842-C40E-430A-BBB4-AEDAAA048B5B}D:\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [UDP Query User{D77629D8-EE06-4AE3-A95A-8497B4E47195}D:\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) D:\steam\steamapps\common\awesomenauts\awesomenauts.exe
FirewallRules: [TCP Query User{DF0BC9CC-1FFF-47B4-AD38-E80EB01CBF2D}D:\battle.net\games\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\games\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{BDCC4DEA-5414-4012-891E-BA19FCC310ED}D:\battle.net\games\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => (Allow) D:\battle.net\games\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
FirewallRules: [{F2C76AB2-009D-42E0-B9DD-1587AA088785}] => (Allow) D:\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{85B25FF8-3C90-449E-8441-DA6707113C4C}] => (Allow) D:\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{8987AFD2-A52C-4B84-8C55-45E5D40B0DB4}] => (Allow) D:\Steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe
FirewallRules: [{562B26BB-4AEA-46A5-BDB4-0D04576A0A8D}] => (Allow) D:\Steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe
FirewallRules: [{097373C6-F2AE-428E-A6EF-877E14EA5087}] => (Allow) D:\Steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe
FirewallRules: [{C7275F6E-C6E9-44FF-A635-FA6B31E4DD4D}] => (Allow) D:\Steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe
FirewallRules: [{405CA752-6A1D-4AD2-8C2E-62A3421D7C0A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Pontos de Restauração =========================
07-08-2016 09:34:52 Ponto de Verificação Agendado
16-08-2016 17:57:18 Ponto de Verificação Agendado
18-08-2016 16:03:52 DirectX instalado
==================== Dispositivos Apresentando Falhas No Gerenciador =============
==================== Erros no Log de eventos: =========================
Erros em Aplicativos:
==================
Error: (08/25/2016 01:19:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: O volume Reservado pelo Sistema não foi otimizado porque houve um erro: Parâmetro incorreto. (0x80070057)
Error: (08/25/2016 11:54:05 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (08/24/2016 09:34:43 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (08/23/2016 01:46:43 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (08/20/2016 04:26:36 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (08/20/2016 02:01:59 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (08/20/2016 07:31:37 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (08/19/2016 05:01:19 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (08/19/2016 02:08:36 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: O volume Reservado pelo Sistema não foi otimizado porque houve um erro: Parâmetro incorreto. (0x80070057)
Error: (08/19/2016 01:54:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: O volume Reservado pelo Sistema não foi otimizado porque houve um erro: Parâmetro incorreto. (0x80070057)
Erros de Sistema:
=============
Error: (08/25/2016 01:20:41 PM) (Source: DCOM) (EventID: 10010) (User: Frank)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (08/25/2016 01:20:11 PM) (Source: DCOM) (EventID: 10010) (User: Frank)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (08/25/2016 02:43:52 AM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: Um alerta fatal foi gerado e enviado ao ponto de extremidade remoto. Isso pode resultar no término da conexão. O código de erro fatal definido do protocolo TLS é 10. O estado de erro do Windows SChannel é 10.
Error: (08/25/2016 02:24:39 AM) (Source: usbehci) (EventID: 4) (User: )
Description: A timeout occurred while waiting for the EHCI host controller Interrupt on Async Advance Doorbell response.
Error: (08/24/2016 09:29:47 PM) (Source: Schannel) (EventID: 4120) (User: AUTORIDADE NT)
Description: Um alerta fatal foi gerado e enviado ao ponto de extremidade remoto. Isso pode resultar no término da conexão. O código de erro fatal definido do protocolo TLS é 10. O estado de erro do Windows SChannel é 10.
Error: (08/24/2016 09:50:04 AM) (Source: DCOM) (EventID: 10010) (User: Frank)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (08/24/2016 09:49:34 AM) (Source: DCOM) (EventID: 10010) (User: Frank)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (08/23/2016 11:58:03 PM) (Source: usbehci) (EventID: 4) (User: )
Description: A timeout occurred while waiting for the EHCI host controller Interrupt on Async Advance Doorbell response.
Error: (08/23/2016 07:33:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Não foi possível iniciar o serviço Steam Client Service devido ao seguinte erro:
%%1053 = O serviço não respondeu à requisição de início ou controle em tempo hábil.
Error: (08/23/2016 07:33:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Steam Client Service.
==================== Informações da Memória ===========================
Processador: AMD FX-6300 Six-Core Processor
Percentagem de memória em uso: 35%
RAM física total: 8174.11 MB
RAM física disponível: 5280.7 MB
Virtual Total: 10126.11 MB
Virtual disponível: 5405.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.45 GB) (Free:71.35 GB) NTFS
Drive d: (HD Slave) (Fixed) (Total:931.51 GB) (Free:746.36 GB) NTFS
==================== MBR & Tabela de Partições ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 5509673C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 58BDA1F8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Fim de Addition.txt ============================