Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 02-12-2016
Executado por Lohran (administrador) em LOHRAN-PC (04-12-2016 14:35:31)
Executando a partir de C:\Users\Lohran\Downloads
Perfis Carregados: Lohran (Perfis Disponíveis: Lohran & Administrador)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Akamai Technologies, Inc.) C:\Users\Lohran\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Akamai Technologies, Inc.) C:\Users\Lohran\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Spotify Ltd) C:\Users\Lohran\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(BitTorrent Inc.) C:\Users\Lohran\AppData\Roaming\uTorrent\uTorrent.exe
(Dropbox, Inc.) C:\Users\Lohran\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BitTorrent Inc.) C:\Users\Lohran\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(BitTorrent Inc.) C:\Users\Lohran\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(fcportables.com) C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0x948C02C63087DC8E\AGSService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0x6E41F2AA1493808A\Adobe Premiere Pro.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0x88644CDA40D3FE4F\dynamiclinkmanager.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0x6882CBA3ABB3634F\Adobe QT32 Server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0x71E898D0D659A469\CEPHtmlEngine.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0xA08D610AEE6662ED\CEPHtmlEngine.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0xA08D610AEE6662ED\CEPHtmlEngine.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(TweakBit) C:\Users\Lohran\Downloads\fix_api-ms-win-crt-runtime-l1-1-0.dll-setup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Auslogics Labs Pty Ltd ) C:\Users\Lohran\AppData\Local\Temp\2AC02BED-480E-4564-9122-78206DF1326C_fixmypc_setup.exe
() C:\Users\Lohran\AppData\Local\Temp\is-3170R.tmp\2AC02BED-480E-4564-9122-78206DF1326C_fixmypc_setup.tmp
() C:\Users\Lohran\AppData\Local\Temp\is-258PK.tmp\DefaultBrowserFinder.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-22] (NVIDIA Corporation)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4694192 2013-11-06] (VIA)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (a entrada de dados tem 36 mais caracteres).
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-22] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1868472 2016-09-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-07] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Lohran\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [HW_OPENEYE_OUC_Claro] => "C:\Program Files (x86)\Claro\UpdateDog\ouc.exe"
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [GoogleChromeAutoLaunch_648723321BE5C97E1A4822B95613F251] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [921192 2016-11-08] (Google Inc.)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [Dropbox Update] => C:\Users\Lohran\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [Spotify Web Helper] => C:\Users\Lohran\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-15] (Spotify Ltd)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3503088 2016-10-07] (Electronic Arts)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [uTorrent] => C:\Users\Lohran\AppData\Roaming\uTorrent\uTorrent.exe [2145984 2016-11-26] (BitTorrent Inc.)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-09-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {274148ad-baa7-11e4-b15f-485b390da99e} - G:\autorun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {2b99fb76-1c59-11e4-8913-485b390da99e} - F:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {34e5a0e5-f04e-11e3-ae88-a23eb9ac7066} - G:\LGAutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {34e5a17d-f04e-11e3-ae88-a23eb9ac7066} - K:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {34e5a18e-f04e-11e3-ae88-a23eb9ac7066} - J:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {3fd58640-ef74-11e3-a085-485b390da99e} - K:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {3fd586fe-ef74-11e3-a085-485b390da99e} - N:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {41021c16-fbff-11e3-8050-a23eb9ac7066} - E:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {871d8950-8c9c-11e4-b11c-485b390da99e} - M:\Autoplay.exe -auto
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {87809ea3-d73c-11e4-851a-485b390da99e} - K:\setup.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {901c0543-5aa0-11e4-88cf-485b390da99e} - G:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {cb3bc2b4-5b61-11e4-827e-485b390da99e} - G:\AutoRun.exe
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-18\...\Run: [Agente de aplicación Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1867432 2015-09-01] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1947872 2016-06-07] (Banco do Brasil)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-23] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
Startup: C:\Users\Lohran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-12-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lohran\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyServer: [S-1-5-21-3742131269-3865891433-701887904-1000] => http=127.0.0.1:13937;https=127.0.0.1:13937
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{3177B1CD-5D02-40FE-80E7-A4F54CB475EF}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{524EC1B4-381F-4D68-B375-C455D28B4558}: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{BBF0BF4F-2D08-45C2-BF19-72B39B86DE7F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C31C53F3-DEF4-423A-BE74-172B2A69512F}: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{D550B824-C9B8-4422-9966-2916992CA960}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://br.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3742131269-3865891433-701887904-1000 -> DefaultScope {166CAA8A-D2EB-4846-88BB-6209B8918880} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3742131269-3865891433-701887904-1000 -> {166CAA8A-D2EB-4846-88BB-6209B8918880} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-11-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-26] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-11-19] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-11-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-10] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-26] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-11-19] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-07] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-11-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-10] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3742131269-3865891433-701887904-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
IE Session Restore: HKU\S-1-5-21-3742131269-3865891433-701887904-1000 -> está habilitado.
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-19] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Lohran\AppData\Roaming\Mozilla\Firefox\Profiles\84vjkfbs.default-1455939651355 [2016-12-04]
FF Extension: (Hide My IP) - C:\Users\Lohran\AppData\Roaming\Mozilla\Firefox\Profiles\84vjkfbs.default-1455939651355\Extensions\admin@hide-my-ip.org.xpi [2016-10-13]
FF Extension: (Firefox Hotfix) - C:\Users\Lohran\AppData\Roaming\Mozilla\Firefox\Profiles\84vjkfbs.default-1455939651355\Extensions\firefox-hotfix@mozilla.org.xpi [2016-10-13]
FF Extension: (HMA! IP Checker) - C:\Users\Lohran\AppData\Roaming\Mozilla\Firefox\Profiles\84vjkfbs.default-1455939651355\Extensions\ipinfo@hidemyass.com.xpi [2016-05-28]
FF Extension: (DownThemAll!) - C:\Users\Lohran\AppData\Roaming\Mozilla\Firefox\Profiles\84vjkfbs.default-1455939651355\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-26]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Lohran\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: (GBBD Caixa Economica Federal) - C:\Users\Lohran\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-02-07] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [2014-08-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-08-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-31] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3742131269-3865891433-701887904-1000: adobe.com/AdobeExManCCDetect32 -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll [2013-12-05] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3742131269-3865891433-701887904-1000: adobe.com/AdobeExManCCDetect64 -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll [2013-12-05] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3742131269-3865891433-701887904-1000: gastecnologia.com.br/sf/cef -> C:\Users\Lohran\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3742131269-3865891433-701887904-1000: gastecnologia.com.br/sf/cef64 -> C:\Users\Lohran\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2015-02-23] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Users\Lohran\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default [2016-12-04]
CHR Extension: (Google Apresentações) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-24]
CHR Extension: (Google Docs) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-24]
CHR Extension: (Google Drive) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (YouTube) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Avast Online Security) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-08-21]
CHR Extension: (Feedcast - Escute os melhores podcasts) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoomfnnilkcjepombmedmnpfjogoiaf [2016-10-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-10-01]
CHR Extension: (Avast SafePrice) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15]
CHR Extension: (Avast SafePrice) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage [2016-11-15]
CHR Extension: (Planilhas do Google) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-24]
CHR Extension: (Documentos Google off-line) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-12-03]
CHR Extension: (Avast Online Security) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-01]
CHR Extension: (Podcast App) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpgebcembbojpibjdjbjpnekmabmjmp [2016-07-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Instagram Video Downloader) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccijgeciailcjildclhbjgakoemgjjg [2015-07-19]
CHR Extension: (Gmail) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]
CHR HKU\S-1-5-21-3742131269-3865891433-701887904-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-15] (Advanced Micro Devices, Inc.) [Arquivo não assinado]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Arquivo não assinado]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-23] (AVAST Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-09-05] (BitRaider, LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-10-30] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-06-07] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-22] (NVIDIA Corporation)
S4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-22] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-22] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-07] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-02-28] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-02-06] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [Arquivo não assinado]
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-22] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 VtLWQGHLwh; "C:\ProgramData\CjrwEvc\VtLWQGHLwh.exe" [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-23] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-05-27] (BitRaider)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-12-04] (GAS Tecnologia)
R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg64.sys [29816 2016-12-04] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-05-09] (GAS Tecnologia)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation) [Arquivo não assinado]
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation) [Arquivo não assinado]
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation) [Arquivo não assinado]
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [224768 2012-01-05] (Huawei Technologies Co., Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [76040 2013-05-12] (Chingachguk & Denger2k (Elite & SP edition))
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-05-09] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-11-10] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 akshhl; system32\DRIVERS\akshhl.sys [X]
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-04 14:35 - 2016-12-04 14:37 - 00046214 _____ C:\Users\Lohran\Downloads\FRST.txt
2016-12-04 14:35 - 2016-12-04 14:35 - 00001122 _____ C:\Users\Lohran\Desktop\TweakBit FixMyPC.lnk
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\Windows\System32\Tasks\TweakBit
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\Users\Todos os Usuários\Unknown
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\Users\Todos os Usuários\TweakBit
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\ProgramData\Unknown
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\ProgramData\TweakBit
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\Program Files (x86)\TweakBit
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\FRST
2016-12-04 14:34 - 2016-12-04 14:34 - 02411520 _____ (Farbar) C:\Users\Lohran\Downloads\FRST64.exe
2016-12-04 14:33 - 2016-12-04 14:33 - 00407784 _____ (TweakBit) C:\Users\Lohran\Downloads\fix_api-ms-win-crt-runtime-l1-1-0.dll-setup.exe
2016-12-04 14:20 - 2016-12-04 14:20 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk
2016-12-04 14:19 - 2016-12-04 14:19 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2016-12-04 13:58 - 2016-12-04 13:58 - 00000000 ___HD C:\OneDriveTemp
2016-12-04 13:57 - 2016-12-04 13:57 - 00000000 ____D C:\Users\Lohran\AppData\LocalLow\uTorrent
2016-12-04 13:23 - 2016-12-04 13:32 - 00000000 ____D C:\Windows\system32\MRT
2016-12-04 13:23 - 2016-12-04 13:23 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-04 13:21 - 2016-12-04 13:21 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-12-04 13:05 - 2016-06-25 14:03 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2016-12-04 13:05 - 2011-04-09 04:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-12-04 13:05 - 2011-04-09 03:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-12-04 13:03 - 2016-12-04 13:06 - 14572000 _____ (Microsoft Corporation) C:\Users\Lohran\Downloads\vc_redist.x64 (1).exe
2016-12-04 13:02 - 2016-12-04 13:03 - 01034556 _____ C:\Users\Lohran\Downloads\Windows6.1-KB2999226-x64 (1).msu
2016-12-04 10:28 - 2016-12-04 10:29 - 01034556 _____ C:\Users\Lohran\Downloads\Windows6.1-KB2999226-x64.msu
2016-12-04 10:01 - 2016-12-04 10:07 - 15068056 _____ (Microsoft Corporation) C:\Users\Lohran\Downloads\vc_redist.x64.exe
2016-12-04 09:53 - 2016-12-04 09:54 - 04467489 _____ C:\Users\Lohran\Downloads\Não confirmado 381491.crdownload
2016-12-04 07:59 - 2016-12-04 14:09 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-12-03 17:31 - 2016-12-03 17:37 - 00000000 ____D C:\Users\Lohran\Desktop\adobe
2016-12-03 17:19 - 2016-12-03 17:24 - 00000000 ____D C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 (v10.3) Multilingual by m0nkrus-=TEAM OS=-
2016-12-03 16:24 - 2016-12-03 16:24 - 00000000 ____D C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0
2016-12-01 22:38 - 2016-12-01 22:38 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-14 19:54 - 2016-11-15 21:38 - 00000000 ____D C:\Users\Lohran\Desktop\novas tattoos
2016-11-10 20:04 - 2016-11-10 20:05 - 00188852 _____ C:\Windows\ntbtlog.txt
2016-11-10 19:50 - 2016-11-10 19:50 - 00001419 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-10 19:50 - 2016-11-10 19:50 - 00000000 ____D C:\Users\TEMP\AppData\Local\Google
2016-11-10 19:49 - 2016-11-10 19:50 - 00000000 ____D C:\Users\TEMP
2016-11-10 19:49 - 2016-11-10 19:49 - 00000020 ___SH C:\Users\TEMP\ntuser.ini
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Modelos
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Meus documentos
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Menu Iniciar
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Documents\Minhas músicas
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Documents\Minhas imagens
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Documents\Meus vídeos
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Dados de aplicativos
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Configurações locais
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Histórico
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Dados de aplicativos
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Ambiente de rede
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Ambiente de impressão
2016-11-10 19:49 - 2015-06-01 09:23 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\AVAST Software
2016-11-10 19:49 - 2014-09-22 23:41 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2016-11-10 19:49 - 2009-07-14 16:12 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Media Center Programs
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-04 14:37 - 2014-07-03 11:28 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\uTorrent
2016-12-04 14:35 - 2014-06-09 00:25 - 00285552 _____ C:\Users\Lohran\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-04 14:31 - 2016-10-09 11:44 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-12-04 14:19 - 2016-06-26 21:00 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\Adobe
2016-12-04 14:07 - 2014-07-02 22:52 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-04 14:06 - 2009-07-14 02:45 - 00021216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-04 14:06 - 2009-07-14 02:45 - 00021216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-04 14:01 - 2016-05-15 00:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-04 14:01 - 2015-12-15 10:32 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-12-04 14:01 - 2015-12-15 10:32 - 00000000 ____D C:\ProgramData\Origin
2016-12-04 14:00 - 2016-07-04 22:04 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-12-04 14:00 - 2016-06-26 21:00 - 00000000 ____D C:\Users\Lohran\AppData\Local\Adobe
2016-12-04 14:00 - 2015-02-13 09:26 - 00000000 ___RD C:\Users\Lohran\Dropbox
2016-12-04 13:58 - 2015-02-21 20:28 - 00000000 ___RD C:\Users\Lohran\OneDrive
2016-12-04 13:56 - 2016-07-04 22:04 - 00029816 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg64.sys
2016-12-04 13:56 - 2014-09-10 17:01 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-12-04 13:56 - 2014-09-10 17:01 - 00000000 ____D C:\ProgramData\GbPlugin
2016-12-04 13:56 - 2014-07-02 22:52 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-04 13:55 - 2014-09-10 17:01 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-12-04 13:53 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-04 13:52 - 2014-07-05 23:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-12-04 13:52 - 2014-07-05 23:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-04 13:45 - 2015-06-18 00:36 - 00001034 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3742131269-3865891433-701887904-1000UA.job
2016-12-04 13:22 - 2014-07-05 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-04 12:48 - 2014-06-09 00:13 - 00000000 ____D C:\Program Files\Adobe
2016-12-04 10:08 - 2014-09-14 22:29 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-12-04 10:08 - 2014-09-14 22:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-04 08:18 - 2014-06-16 01:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-03 17:41 - 2014-07-08 13:48 - 00000000 ____D C:\Windows\Minidump
2016-12-03 17:20 - 2014-10-24 08:20 - 00000000 ____D C:\Users\Lohran\AppData\Local\Spotify
2016-12-03 17:06 - 2014-10-24 08:19 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\Spotify
2016-12-03 13:25 - 2014-06-09 00:13 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-02 20:44 - 2015-06-18 00:36 - 00000982 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3742131269-3865891433-701887904-1000Core.job
2016-12-01 22:39 - 2015-02-12 20:48 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\Dropbox
2016-11-28 20:39 - 2015-06-18 00:36 - 00004010 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3742131269-3865891433-701887904-1000UA
2016-11-28 20:39 - 2015-06-18 00:36 - 00003614 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3742131269-3865891433-701887904-1000Core
2016-11-19 20:32 - 2015-09-23 01:43 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-11-19 20:32 - 2015-09-23 01:43 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-19 20:30 - 2014-06-15 22:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-17 22:32 - 2009-07-14 15:55 - 02449350 _____ C:\Windows\system32\prfh0416.dat
2016-11-17 22:32 - 2009-07-14 15:55 - 01810410 _____ C:\Windows\system32\prfc0416.dat
2016-11-17 22:32 - 2009-07-14 03:13 - 01860216 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-16 20:39 - 2014-06-23 21:39 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\vlc
2016-11-14 20:08 - 2014-07-02 22:57 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-14 20:08 - 2014-07-02 22:57 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-13 14:03 - 2016-07-31 21:32 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-10 22:10 - 2014-06-09 00:43 - 03654998 ____H C:\Users\Lohran\AppData\Local\IconCache.db.backup
2016-11-10 20:20 - 2014-12-23 18:11 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-10 20:10 - 2016-07-04 22:07 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-11-10 19:50 - 2009-07-14 02:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-11-06 20:43 - 2016-04-24 15:55 - 00000000 ____D C:\Users\Lohran\Desktop\Áudio Livros
2016-11-06 20:43 - 2016-02-06 19:18 - 00000408 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2016-11-06 15:51 - 2014-10-03 17:56 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2016-11-06 15:51 - 2014-10-03 17:56 - 00000000 ____D C:\ProgramData\boost_interprocess
==================== Arquivos na raiz de alguns diretórios =======
2015-06-16 12:25 - 2015-06-16 12:49 - 0000132 _____ () C:\Users\Lohran\AppData\Roaming\Adobe PNG Format CC Prefs
2015-03-26 17:14 - 2015-03-26 17:14 - 0004185 _____ () C:\Users\Lohran\AppData\Roaming\APFR
2015-08-17 13:15 - 2016-06-01 22:31 - 0000000 _____ () C:\Users\Lohran\AppData\Roaming\Brother
2015-08-17 13:15 - 2016-06-01 22:31 - 0000000 _____ () C:\Users\Lohran\AppData\Roaming\Bundle
2014-11-02 13:47 - 2015-08-03 02:01 - 0000630 _____ () C:\Users\Lohran\AppData\Roaming\burnaware.ini
2015-03-26 17:14 - 2015-03-26 17:14 - 0005542 _____ () C:\Users\Lohran\AppData\Roaming\MOWGG
2014-07-30 00:15 - 2015-05-24 13:52 - 0000132 _____ () C:\Users\Lohran\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2014-09-01 06:18 - 2014-09-01 06:18 - 0002086 _____ () C:\Users\Lohran\AppData\Roaming\QCHHJ
2014-09-01 06:18 - 2014-09-01 06:18 - 0001248 _____ () C:\Users\Lohran\AppData\Roaming\UFGMR
2015-02-07 18:46 - 2015-02-07 18:46 - 0017800 _____ () C:\Users\Lohran\AppData\Roaming\unins000.dat
2015-02-07 18:46 - 2015-02-07 18:46 - 0730322 _____ () C:\Users\Lohran\AppData\Roaming\unins000.exe
2014-07-08 11:57 - 2014-09-17 01:57 - 0000119 _____ () C:\Users\Lohran\AppData\Roaming\WB.CFG
2014-09-26 02:40 - 2014-09-27 03:20 - 0000315 _____ () C:\Users\Lohran\AppData\Local\Lockdir6
2014-09-14 16:38 - 2014-09-14 16:38 - 0301608 _____ (VuuPC Limited) C:\Users\Lohran\AppData\Local\nsr8707.tmp
2015-07-16 20:54 - 2015-11-17 00:07 - 0007633 _____ () C:\Users\Lohran\AppData\Local\Resmon.ResmonCfg
2015-06-20 18:02 - 2015-06-20 18:02 - 0000000 _____ () C:\Users\Lohran\AppData\Local\{95246FA7-1461-40DE-AC29-3DAD28227E77}
2014-07-09 08:43 - 2014-07-09 08:43 - 1199168 _____ () C:\ProgramData\1404899987.bdinstall.bin
2014-07-09 12:35 - 2014-07-09 12:35 - 0096887 _____ () C:\ProgramData\1404916514.bdinstall.bin
2014-09-07 21:01 - 2014-09-07 21:01 - 0266659 _____ () C:\ProgramData\1410130724.bdinstall.bin
2014-09-15 13:07 - 2014-09-15 13:55 - 0149539 _____ () C:\ProgramData\1410793664.369984.bin
2014-09-15 13:07 - 2014-09-15 13:55 - 0375612 _____ () C:\ProgramData\1410793664.371032.bin
2014-09-15 13:14 - 2014-09-15 13:15 - 0017899 _____ () C:\ProgramData\1410793664.371108.bin
2014-09-15 13:07 - 2014-09-15 13:55 - 0054178 _____ () C:\ProgramData\1410793664.371500.bin
2014-09-15 13:19 - 2014-09-15 13:21 - 0001547 _____ () C:\ProgramData\1410793664.372360.bin
2014-09-15 13:24 - 2014-09-15 13:24 - 0002249 _____ () C:\ProgramData\1410793664.373052.bin
2014-09-15 13:14 - 2014-09-15 13:19 - 0001092 _____ () C:\ProgramData\1410793664.373216.bin
2014-09-15 13:14 - 2014-09-15 13:14 - 0003745 _____ () C:\ProgramData\1410793664.373220.bin
2014-09-15 13:14 - 2014-09-15 13:19 - 0001092 _____ () C:\ProgramData\1410793664.373296.bin
2014-09-15 13:14 - 2014-09-15 13:25 - 0017864 _____ () C:\ProgramData\1410793664.373300.bin
2014-09-15 13:14 - 2014-09-15 13:54 - 0237613 _____ () C:\ProgramData\1410793664.373304.bin
2014-09-15 13:14 - 2014-09-15 13:15 - 0008119 _____ () C:\ProgramData\1410793664.373312.bin
2015-02-22 13:24 - 2015-02-22 13:24 - 0255288 _____ () C:\ProgramData\1424618471.bdinstall.bin
2014-09-12 12:20 - 2014-09-12 12:20 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-08-17 13:15 - 2016-06-01 22:28 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2015-08-17 13:15 - 2016-06-01 22:31 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2015-08-17 13:15 - 2016-06-01 22:31 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
2014-09-20 04:35 - 2014-09-20 04:35 - 1482640 _____ () C:\ProgramData\Setup.exe
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\Setup.exe
C:\Users\Todos os Usuários\Setup.exe
Alguns arquivos em TEMP:
====================
C:\Users\Administrador\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Administrador\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
testsigning: ==> o 'modo de teste' está configurado. Cheque por possível driver não assinado <===== ATENÇÃO
LastRegBack: 2016-12-04 11:17
==================== Fim de FRST.txt ============================
Executado por Lohran (administrador) em LOHRAN-PC (04-12-2016 14:35:31)
Executando a partir de C:\Users\Lohran\Downloads
Perfis Carregados: Lohran (Perfis Disponíveis: Lohran & Administrador)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Akamai Technologies, Inc.) C:\Users\Lohran\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Akamai Technologies, Inc.) C:\Users\Lohran\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Spotify Ltd) C:\Users\Lohran\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(BitTorrent Inc.) C:\Users\Lohran\AppData\Roaming\uTorrent\uTorrent.exe
(Dropbox, Inc.) C:\Users\Lohran\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BitTorrent Inc.) C:\Users\Lohran\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(BitTorrent Inc.) C:\Users\Lohran\AppData\Roaming\uTorrent\updates\3.4.9_42973\utorrentie.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(fcportables.com) C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0x948C02C63087DC8E\AGSService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0x6E41F2AA1493808A\Adobe Premiere Pro.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0x88644CDA40D3FE4F\dynamiclinkmanager.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0x6882CBA3ABB3634F\Adobe QT32 Server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0x71E898D0D659A469\CEPHtmlEngine.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0xA08D610AEE6662ED\CEPHtmlEngine.exe
() C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0\Adobe Premiere Pro CC 2015.3 v10.3.0\Data\Adobe Premiere Pro CC 2015\local\stubexe\0xA08D610AEE6662ED\CEPHtmlEngine.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(TweakBit) C:\Users\Lohran\Downloads\fix_api-ms-win-crt-runtime-l1-1-0.dll-setup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Auslogics Labs Pty Ltd ) C:\Users\Lohran\AppData\Local\Temp\2AC02BED-480E-4564-9122-78206DF1326C_fixmypc_setup.exe
() C:\Users\Lohran\AppData\Local\Temp\is-3170R.tmp\2AC02BED-480E-4564-9122-78206DF1326C_fixmypc_setup.tmp
() C:\Users\Lohran\AppData\Local\Temp\is-258PK.tmp\DefaultBrowserFinder.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-22] (NVIDIA Corporation)
HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4694192 2013-11-06] (VIA)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (a entrada de dados tem 36 mais caracteres).
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-22] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1868472 2016-09-30] (Adobe Systems Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-06-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-07] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Lohran\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [HW_OPENEYE_OUC_Claro] => "C:\Program Files (x86)\Claro\UpdateDog\ouc.exe"
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [GoogleChromeAutoLaunch_648723321BE5C97E1A4822B95613F251] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [921192 2016-11-08] (Google Inc.)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [Dropbox Update] => C:\Users\Lohran\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [Spotify Web Helper] => C:\Users\Lohran\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-15] (Spotify Ltd)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3503088 2016-10-07] (Electronic Arts)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [uTorrent] => C:\Users\Lohran\AppData\Roaming\uTorrent\uTorrent.exe [2145984 2016-11-26] (BitTorrent Inc.)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-09-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {274148ad-baa7-11e4-b15f-485b390da99e} - G:\autorun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {2b99fb76-1c59-11e4-8913-485b390da99e} - F:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {34e5a0e5-f04e-11e3-ae88-a23eb9ac7066} - G:\LGAutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {34e5a17d-f04e-11e3-ae88-a23eb9ac7066} - K:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {34e5a18e-f04e-11e3-ae88-a23eb9ac7066} - J:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {3fd58640-ef74-11e3-a085-485b390da99e} - K:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {3fd586fe-ef74-11e3-a085-485b390da99e} - N:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {41021c16-fbff-11e3-8050-a23eb9ac7066} - E:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {871d8950-8c9c-11e4-b11c-485b390da99e} - M:\Autoplay.exe -auto
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {87809ea3-d73c-11e4-851a-485b390da99e} - K:\setup.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {901c0543-5aa0-11e4-88cf-485b390da99e} - G:\AutoRun.exe
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\MountPoints2: {cb3bc2b4-5b61-11e4-827e-485b390da99e} - G:\AutoRun.exe
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-18\...\Run: [Agente de aplicación Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1867432 2015-09-01] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1947872 2016-06-07] (Banco do Brasil)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-23] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lohran\AppData\Roaming\Dropbox\bin\DropboxExt.3.0.dll [2016-11-28] (Dropbox, Inc.)
Startup: C:\Users\Lohran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-12-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Lohran\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyServer: [S-1-5-21-3742131269-3865891433-701887904-1000] => http=127.0.0.1:13937;https=127.0.0.1:13937
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{3177B1CD-5D02-40FE-80E7-A4F54CB475EF}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{524EC1B4-381F-4D68-B375-C455D28B4558}: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{BBF0BF4F-2D08-45C2-BF19-72B39B86DE7F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C31C53F3-DEF4-423A-BE74-172B2A69512F}: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{D550B824-C9B8-4422-9966-2916992CA960}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3742131269-3865891433-701887904-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://br.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3742131269-3865891433-701887904-1000 -> DefaultScope {166CAA8A-D2EB-4846-88BB-6209B8918880} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3742131269-3865891433-701887904-1000 -> {166CAA8A-D2EB-4846-88BB-6209B8918880} URL = hxxp://www.google.com/search?hl=en&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-11-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-26] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-11-19] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-11-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-10] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-26] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-11-19] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2016-06-07] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-11-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-10] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3742131269-3865891433-701887904-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-05-03] (Adobe Systems Incorporated)
IE Session Restore: HKU\S-1-5-21-3742131269-3865891433-701887904-1000 -> está habilitado.
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-11-19] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Lohran\AppData\Roaming\Mozilla\Firefox\Profiles\84vjkfbs.default-1455939651355 [2016-12-04]
FF Extension: (Hide My IP) - C:\Users\Lohran\AppData\Roaming\Mozilla\Firefox\Profiles\84vjkfbs.default-1455939651355\Extensions\admin@hide-my-ip.org.xpi [2016-10-13]
FF Extension: (Firefox Hotfix) - C:\Users\Lohran\AppData\Roaming\Mozilla\Firefox\Profiles\84vjkfbs.default-1455939651355\Extensions\firefox-hotfix@mozilla.org.xpi [2016-10-13]
FF Extension: (HMA! IP Checker) - C:\Users\Lohran\AppData\Roaming\Mozilla\Firefox\Profiles\84vjkfbs.default-1455939651355\Extensions\ipinfo@hidemyass.com.xpi [2016-05-28]
FF Extension: (DownThemAll!) - C:\Users\Lohran\AppData\Roaming\Mozilla\Firefox\Profiles\84vjkfbs.default-1455939651355\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-06-26]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKU\S-1-5-21-3742131269-3865891433-701887904-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Lohran\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: (GBBD Caixa Economica Federal) - C:\Users\Lohran\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-02-07] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [2014-08-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-08-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-31] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-11-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3742131269-3865891433-701887904-1000: adobe.com/AdobeExManCCDetect32 -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll [2013-12-05] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3742131269-3865891433-701887904-1000: adobe.com/AdobeExManCCDetect64 -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll [2013-12-05] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3742131269-3865891433-701887904-1000: gastecnologia.com.br/sf/cef -> C:\Users\Lohran\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3742131269-3865891433-701887904-1000: gastecnologia.com.br/sf/cef64 -> C:\Users\Lohran\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2015-02-23] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Users\Lohran\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default [2016-12-04]
CHR Extension: (Google Apresentações) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-24]
CHR Extension: (Google Docs) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-24]
CHR Extension: (Google Drive) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (YouTube) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Avast Online Security) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2016-08-21]
CHR Extension: (Feedcast - Escute os melhores podcasts) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoomfnnilkcjepombmedmnpfjogoiaf [2016-10-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-10-01]
CHR Extension: (Avast SafePrice) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15]
CHR Extension: (Avast SafePrice) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage [2016-11-15]
CHR Extension: (Planilhas do Google) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-24]
CHR Extension: (Documentos Google off-line) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-12-03]
CHR Extension: (Avast Online Security) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-11-01]
CHR Extension: (Podcast App) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpgebcembbojpibjdjbjpnekmabmjmp [2016-07-14]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Instagram Video Downloader) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccijgeciailcjildclhbjgakoemgjjg [2015-07-19]
CHR Extension: (Gmail) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-24]
CHR Extension: (Chrome Media Router) - C:\Users\Lohran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]
CHR HKU\S-1-5-21-3742131269-3865891433-701887904-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [737984 2016-06-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-15] (Advanced Micro Devices, Inc.) [Arquivo não assinado]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Arquivo não assinado]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-23] (AVAST Software)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-09-05] (BitRaider, LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2946304 2016-10-30] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-06-07] (GAS Tecnologia)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-22] (NVIDIA Corporation)
S4 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-22] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-22] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-07] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-02-28] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-02-06] ()
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [Arquivo não assinado]
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-22] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 VtLWQGHLwh; "C:\ProgramData\CjrwEvc\VtLWQGHLwh.exe" [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-23] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2016-05-27] (BitRaider)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2016-12-04] (GAS Tecnologia)
R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg64.sys [29816 2016-12-04] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2016-05-09] (GAS Tecnologia)
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation) [Arquivo não assinado]
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation) [Arquivo não assinado]
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation) [Arquivo não assinado]
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [224768 2012-01-05] (Huawei Technologies Co., Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [76040 2013-05-12] (Chingachguk & Denger2k (Elite & SP edition))
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2016-05-09] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
S1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-11-10] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 akshhl; system32\DRIVERS\akshhl.sys [X]
S1 Bfilter; \??\C:\Windows\System32\drivers\Bfilter.sys [X]
S1 Bfmon; \??\C:\Windows\System32\drivers\Bfmon.sys [X]
S1 Bnbase; System32\drivers\bnbasex64.sys [X]
S1 Bndef; \??\C:\Windows\System32\drivers\bndef64.sys [X]
S1 Bprotect; \??\C:\Windows\System32\drivers\Bprotect.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-04 14:35 - 2016-12-04 14:37 - 00046214 _____ C:\Users\Lohran\Downloads\FRST.txt
2016-12-04 14:35 - 2016-12-04 14:35 - 00001122 _____ C:\Users\Lohran\Desktop\TweakBit FixMyPC.lnk
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\Windows\System32\Tasks\TweakBit
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\Users\Todos os Usuários\Unknown
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\Users\Todos os Usuários\TweakBit
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\ProgramData\Unknown
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\ProgramData\TweakBit
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\Program Files (x86)\TweakBit
2016-12-04 14:35 - 2016-12-04 14:35 - 00000000 ____D C:\FRST
2016-12-04 14:34 - 2016-12-04 14:34 - 02411520 _____ (Farbar) C:\Users\Lohran\Downloads\FRST64.exe
2016-12-04 14:33 - 2016-12-04 14:33 - 00407784 _____ (TweakBit) C:\Users\Lohran\Downloads\fix_api-ms-win-crt-runtime-l1-1-0.dll-setup.exe
2016-12-04 14:20 - 2016-12-04 14:20 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.3.lnk
2016-12-04 14:19 - 2016-12-04 14:19 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2016-12-04 13:58 - 2016-12-04 13:58 - 00000000 ___HD C:\OneDriveTemp
2016-12-04 13:57 - 2016-12-04 13:57 - 00000000 ____D C:\Users\Lohran\AppData\LocalLow\uTorrent
2016-12-04 13:23 - 2016-12-04 13:32 - 00000000 ____D C:\Windows\system32\MRT
2016-12-04 13:23 - 2016-12-04 13:23 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-04 13:21 - 2016-12-04 13:21 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-12-04 13:05 - 2016-06-25 14:03 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2016-12-04 13:05 - 2011-04-09 04:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-12-04 13:05 - 2011-04-09 03:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-12-04 13:03 - 2016-12-04 13:06 - 14572000 _____ (Microsoft Corporation) C:\Users\Lohran\Downloads\vc_redist.x64 (1).exe
2016-12-04 13:02 - 2016-12-04 13:03 - 01034556 _____ C:\Users\Lohran\Downloads\Windows6.1-KB2999226-x64 (1).msu
2016-12-04 10:28 - 2016-12-04 10:29 - 01034556 _____ C:\Users\Lohran\Downloads\Windows6.1-KB2999226-x64.msu
2016-12-04 10:01 - 2016-12-04 10:07 - 15068056 _____ (Microsoft Corporation) C:\Users\Lohran\Downloads\vc_redist.x64.exe
2016-12-04 09:53 - 2016-12-04 09:54 - 04467489 _____ C:\Users\Lohran\Downloads\Não confirmado 381491.crdownload
2016-12-04 07:59 - 2016-12-04 14:09 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-12-03 17:31 - 2016-12-03 17:37 - 00000000 ____D C:\Users\Lohran\Desktop\adobe
2016-12-03 17:19 - 2016-12-03 17:24 - 00000000 ____D C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 (v10.3) Multilingual by m0nkrus-=TEAM OS=-
2016-12-03 16:24 - 2016-12-03 16:24 - 00000000 ____D C:\Users\Lohran\Downloads\Adobe Premiere Pro CC 2015.3 v10.3.0
2016-12-01 22:38 - 2016-12-01 22:38 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-14 19:54 - 2016-11-15 21:38 - 00000000 ____D C:\Users\Lohran\Desktop\novas tattoos
2016-11-10 20:04 - 2016-11-10 20:05 - 00188852 _____ C:\Windows\ntbtlog.txt
2016-11-10 19:50 - 2016-11-10 19:50 - 00001419 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-10 19:50 - 2016-11-10 19:50 - 00000000 ____D C:\Users\TEMP\AppData\Local\Google
2016-11-10 19:49 - 2016-11-10 19:50 - 00000000 ____D C:\Users\TEMP
2016-11-10 19:49 - 2016-11-10 19:49 - 00000020 ___SH C:\Users\TEMP\ntuser.ini
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Modelos
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Meus documentos
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Menu Iniciar
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Documents\Minhas músicas
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Documents\Minhas imagens
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Documents\Meus vídeos
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Dados de aplicativos
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Configurações locais
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Histórico
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\AppData\Local\Dados de aplicativos
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Ambiente de rede
2016-11-10 19:49 - 2016-11-10 19:49 - 00000000 _SHDL C:\Users\TEMP\Ambiente de impressão
2016-11-10 19:49 - 2015-06-01 09:23 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\AVAST Software
2016-11-10 19:49 - 2014-09-22 23:41 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2016-11-10 19:49 - 2009-07-14 16:12 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Media Center Programs
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-04 14:37 - 2014-07-03 11:28 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\uTorrent
2016-12-04 14:35 - 2014-06-09 00:25 - 00285552 _____ C:\Users\Lohran\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-04 14:31 - 2016-10-09 11:44 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2016-12-04 14:19 - 2016-06-26 21:00 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\Adobe
2016-12-04 14:07 - 2014-07-02 22:52 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-04 14:06 - 2009-07-14 02:45 - 00021216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-04 14:06 - 2009-07-14 02:45 - 00021216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-04 14:01 - 2016-05-15 00:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-04 14:01 - 2015-12-15 10:32 - 00000000 ____D C:\Users\Todos os Usuários\Origin
2016-12-04 14:01 - 2015-12-15 10:32 - 00000000 ____D C:\ProgramData\Origin
2016-12-04 14:00 - 2016-07-04 22:04 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2016-12-04 14:00 - 2016-06-26 21:00 - 00000000 ____D C:\Users\Lohran\AppData\Local\Adobe
2016-12-04 14:00 - 2015-02-13 09:26 - 00000000 ___RD C:\Users\Lohran\Dropbox
2016-12-04 13:58 - 2015-02-21 20:28 - 00000000 ___RD C:\Users\Lohran\OneDrive
2016-12-04 13:56 - 2016-07-04 22:04 - 00029816 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg64.sys
2016-12-04 13:56 - 2014-09-10 17:01 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-12-04 13:56 - 2014-09-10 17:01 - 00000000 ____D C:\ProgramData\GbPlugin
2016-12-04 13:56 - 2014-07-02 22:52 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-04 13:55 - 2014-09-10 17:01 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-12-04 13:53 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-04 13:52 - 2014-07-05 23:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-12-04 13:52 - 2014-07-05 23:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-04 13:45 - 2015-06-18 00:36 - 00001034 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3742131269-3865891433-701887904-1000UA.job
2016-12-04 13:22 - 2014-07-05 23:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-04 12:48 - 2014-06-09 00:13 - 00000000 ____D C:\Program Files\Adobe
2016-12-04 10:08 - 2014-09-14 22:29 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-12-04 10:08 - 2014-09-14 22:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-04 08:18 - 2014-06-16 01:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-03 17:41 - 2014-07-08 13:48 - 00000000 ____D C:\Windows\Minidump
2016-12-03 17:20 - 2014-10-24 08:20 - 00000000 ____D C:\Users\Lohran\AppData\Local\Spotify
2016-12-03 17:06 - 2014-10-24 08:19 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\Spotify
2016-12-03 13:25 - 2014-06-09 00:13 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-02 20:44 - 2015-06-18 00:36 - 00000982 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3742131269-3865891433-701887904-1000Core.job
2016-12-01 22:39 - 2015-02-12 20:48 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\Dropbox
2016-11-28 20:39 - 2015-06-18 00:36 - 00004010 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3742131269-3865891433-701887904-1000UA
2016-11-28 20:39 - 2015-06-18 00:36 - 00003614 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3742131269-3865891433-701887904-1000Core
2016-11-19 20:32 - 2015-09-23 01:43 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-11-19 20:32 - 2015-09-23 01:43 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-19 20:30 - 2014-06-15 22:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-17 22:32 - 2009-07-14 15:55 - 02449350 _____ C:\Windows\system32\prfh0416.dat
2016-11-17 22:32 - 2009-07-14 15:55 - 01810410 _____ C:\Windows\system32\prfc0416.dat
2016-11-17 22:32 - 2009-07-14 03:13 - 01860216 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-16 20:39 - 2014-06-23 21:39 - 00000000 ____D C:\Users\Lohran\AppData\Roaming\vlc
2016-11-14 20:08 - 2014-07-02 22:57 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-14 20:08 - 2014-07-02 22:57 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-13 14:03 - 2016-07-31 21:32 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-10 22:10 - 2014-06-09 00:43 - 03654998 ____H C:\Users\Lohran\AppData\Local\IconCache.db.backup
2016-11-10 20:20 - 2014-12-23 18:11 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-10 20:10 - 2016-07-04 22:07 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-11-10 19:50 - 2009-07-14 02:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-11-06 20:43 - 2016-04-24 15:55 - 00000000 ____D C:\Users\Lohran\Desktop\Áudio Livros
2016-11-06 20:43 - 2016-02-06 19:18 - 00000408 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2016-11-06 15:51 - 2014-10-03 17:56 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2016-11-06 15:51 - 2014-10-03 17:56 - 00000000 ____D C:\ProgramData\boost_interprocess
==================== Arquivos na raiz de alguns diretórios =======
2015-06-16 12:25 - 2015-06-16 12:49 - 0000132 _____ () C:\Users\Lohran\AppData\Roaming\Adobe PNG Format CC Prefs
2015-03-26 17:14 - 2015-03-26 17:14 - 0004185 _____ () C:\Users\Lohran\AppData\Roaming\APFR
2015-08-17 13:15 - 2016-06-01 22:31 - 0000000 _____ () C:\Users\Lohran\AppData\Roaming\Brother
2015-08-17 13:15 - 2016-06-01 22:31 - 0000000 _____ () C:\Users\Lohran\AppData\Roaming\Bundle
2014-11-02 13:47 - 2015-08-03 02:01 - 0000630 _____ () C:\Users\Lohran\AppData\Roaming\burnaware.ini
2015-03-26 17:14 - 2015-03-26 17:14 - 0005542 _____ () C:\Users\Lohran\AppData\Roaming\MOWGG
2014-07-30 00:15 - 2015-05-24 13:52 - 0000132 _____ () C:\Users\Lohran\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2014-09-01 06:18 - 2014-09-01 06:18 - 0002086 _____ () C:\Users\Lohran\AppData\Roaming\QCHHJ
2014-09-01 06:18 - 2014-09-01 06:18 - 0001248 _____ () C:\Users\Lohran\AppData\Roaming\UFGMR
2015-02-07 18:46 - 2015-02-07 18:46 - 0017800 _____ () C:\Users\Lohran\AppData\Roaming\unins000.dat
2015-02-07 18:46 - 2015-02-07 18:46 - 0730322 _____ () C:\Users\Lohran\AppData\Roaming\unins000.exe
2014-07-08 11:57 - 2014-09-17 01:57 - 0000119 _____ () C:\Users\Lohran\AppData\Roaming\WB.CFG
2014-09-26 02:40 - 2014-09-27 03:20 - 0000315 _____ () C:\Users\Lohran\AppData\Local\Lockdir6
2014-09-14 16:38 - 2014-09-14 16:38 - 0301608 _____ (VuuPC Limited) C:\Users\Lohran\AppData\Local\nsr8707.tmp
2015-07-16 20:54 - 2015-11-17 00:07 - 0007633 _____ () C:\Users\Lohran\AppData\Local\Resmon.ResmonCfg
2015-06-20 18:02 - 2015-06-20 18:02 - 0000000 _____ () C:\Users\Lohran\AppData\Local\{95246FA7-1461-40DE-AC29-3DAD28227E77}
2014-07-09 08:43 - 2014-07-09 08:43 - 1199168 _____ () C:\ProgramData\1404899987.bdinstall.bin
2014-07-09 12:35 - 2014-07-09 12:35 - 0096887 _____ () C:\ProgramData\1404916514.bdinstall.bin
2014-09-07 21:01 - 2014-09-07 21:01 - 0266659 _____ () C:\ProgramData\1410130724.bdinstall.bin
2014-09-15 13:07 - 2014-09-15 13:55 - 0149539 _____ () C:\ProgramData\1410793664.369984.bin
2014-09-15 13:07 - 2014-09-15 13:55 - 0375612 _____ () C:\ProgramData\1410793664.371032.bin
2014-09-15 13:14 - 2014-09-15 13:15 - 0017899 _____ () C:\ProgramData\1410793664.371108.bin
2014-09-15 13:07 - 2014-09-15 13:55 - 0054178 _____ () C:\ProgramData\1410793664.371500.bin
2014-09-15 13:19 - 2014-09-15 13:21 - 0001547 _____ () C:\ProgramData\1410793664.372360.bin
2014-09-15 13:24 - 2014-09-15 13:24 - 0002249 _____ () C:\ProgramData\1410793664.373052.bin
2014-09-15 13:14 - 2014-09-15 13:19 - 0001092 _____ () C:\ProgramData\1410793664.373216.bin
2014-09-15 13:14 - 2014-09-15 13:14 - 0003745 _____ () C:\ProgramData\1410793664.373220.bin
2014-09-15 13:14 - 2014-09-15 13:19 - 0001092 _____ () C:\ProgramData\1410793664.373296.bin
2014-09-15 13:14 - 2014-09-15 13:25 - 0017864 _____ () C:\ProgramData\1410793664.373300.bin
2014-09-15 13:14 - 2014-09-15 13:54 - 0237613 _____ () C:\ProgramData\1410793664.373304.bin
2014-09-15 13:14 - 2014-09-15 13:15 - 0008119 _____ () C:\ProgramData\1410793664.373312.bin
2015-02-22 13:24 - 2015-02-22 13:24 - 0255288 _____ () C:\ProgramData\1424618471.bdinstall.bin
2014-09-12 12:20 - 2014-09-12 12:20 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-08-17 13:15 - 2016-06-01 22:28 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2015-08-17 13:15 - 2016-06-01 22:31 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2015-08-17 13:15 - 2016-06-01 22:31 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT
2014-09-20 04:35 - 2014-09-20 04:35 - 1482640 _____ () C:\ProgramData\Setup.exe
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\Setup.exe
C:\Users\Todos os Usuários\Setup.exe
Alguns arquivos em TEMP:
====================
C:\Users\Administrador\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Administrador\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
testsigning: ==> o 'modo de teste' está configurado. Cheque por possível driver não assinado <===== ATENÇÃO
LastRegBack: 2016-12-04 11:17
==================== Fim de FRST.txt ============================