Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 20-06-2016 01
Executado por SUPORTE1 (administrador) em SUPORTE1-PC (22-06-2016 10:26:47)
Executando a partir de C:\Users\SUPORTE1\Downloads\Programs
Perfis Carregados: SUPORTE1 (Perfis Disponíveis: SUPORTE1 & Classic .NET AppPool)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\ChgService.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\No-IP\DUC40.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS10_50.SQL2008\OLAP\bin\msmdsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\sqlservr.exe
(UltraVNC) C:\suporte_vnc\vncviewer.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Nalpeiron Ltd.) C:\Windows\System32\nlssrv32.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.SQL2008\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\SQLAGENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Windows\System32\1052\lsass.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files\Popcorn Time\Updater.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\fdlauncher.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Dominique Ottello aka Otomatic ) C:\Users\SUPORTE1\Downloads\Programs\wampserver3_x86_apache2.4.17_mysql5.7.9_php5.6.15.exe
() C:\Users\SUPORTE1\AppData\Local\Temp\is-DDIQU.tmp\wampserver3_x86_apache2.4.17_mysql5.7.9_php5.6.15.tmp
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Ammyy LLC) C:\Users\SUPORTE1\Desktop\AA_v3.5.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [337432 2014-02-03] (Power Software Ltd)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14685936 2015-08-27] (Realtek Semiconductor)
HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672 2016-04-22] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-06-01] (Apple Inc.)
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-11-04] (Banco do Brasil)
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [NoIPDUCv4] => C:\Program Files\No-IP\DUC40.exe [346624 2014-05-02] ()
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [MinerGateGui] => C:\Program Files\MinerGate\minergate.exe --auto
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6564776 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3919928 2016-02-14] (Tonec Inc.)
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {5a8ef216-f95f-11e4-9587-00270e387cc9} - K:\Startme.exe
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {98642cf2-e428-11e4-95d5-00270e387cc9} - M:\LG_PC_Programs.exe
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {c2109779-26c7-11e4-b20d-00270e387cc9} - K:\.\ShowModem.exe
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {c2109786-26c7-11e4-b20d-00270e387cc9} - K:\.\ShowModem.exe
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {ca4d2f3a-c4a3-11e3-ae31-00270e387cc9} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\splash.hta
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {d014e1dc-1c0c-11e4-b28a-00270e387cc9} - K:\LGAutoRun.exe
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {d328257f-da90-11e3-ae04-00270e387cc9} - J:\LGAutoRun.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1945472 2015-11-04] (Banco do Brasil)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
Startup: C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VNC para acesso com dyndns.lnk [2013-05-18]
ShortcutTarget: VNC para acesso com dyndns.lnk -> C:\suporte_vnc\vncviewer.exe (UltraVNC)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\..\Interfaces\{EDD3B21D-BB3A-4102-B883-69FACC9F41AB}: [NameServer] 192.168.1.1,8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130873937009882481&GUID=73E611A2-440D-428F-8975-ACCAFE04C748
HKU\S-1-5-21-1916607779-595488778-416714765-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130873937010182481&GUID=73E611A2-440D-428F-8975-ACCAFE04C748
SearchScopes: HKU\S-1-5-21-1916607779-595488778-416714765-1000 -> Web URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files\GbPlugin\gbieh.dll [2015-11-04] (Banco do Brasil)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
Toolbar: HKLM - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1442345516&z=4c7dcdb195144825cd24ee8gcz3z3o7c1z3w8cbw9z&from=smt&uid=SAMSUNGXHD250HJ_S19GJ50Q754691
FireFox:
========
FF ProfilePath: C:\Users\SUPORTE1\AppData\Roaming\Mozilla\Firefox\Profiles\rvc55881.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1916607779-595488778-416714765-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\SUPORTE1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\SUPORTE1\AppData\Roaming\Mozilla\Firefox\Profiles\rvc55881.default\extensions\defsearchp@gmail.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\SUPORTE1\AppData\Roaming\Mozilla\Firefox\Profiles\rvc55881.default\extensions\deskCutv2@gmail.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-03-17] [não assinado]
FF HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-01-27]
FF HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\SUPORTE1\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\SUPORTE1\AppData\Roaming\IDM\idmmzcc5 [2016-06-22] [não assinado]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-05-27]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-16]
CHR Extension: (Google Docs) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-16]
CHR Extension: (Google Drive) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Planilhas do Google) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-16]
CHR Extension: (Documentos Google off-line) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-16]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-02-11]
CHR HKU\S-1-5-21-1916607779-595488778-416714765-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Change Modem Device Service; C:\Windows\System32\ChgService.exe [135168 2013-06-21] () [Arquivo não assinado]
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [308224 2009-07-13] (Microsoft Corporation)
R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [593120 2015-11-04] (GAS Tecnologia)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-13] (Microsoft Corporation)
R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 MsDtsServer; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [199384 2005-10-14] (Microsoft Corporation)
R2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [214880 2010-04-03] (Microsoft Corporation)
S2 msftesql$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [92880 2005-08-26] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R2 MSOLAP$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe [14557912 2005-10-14] (Microsoft Corporation)
R2 MSOLAP$SQL2008; C:\Program Files\Microsoft SQL Server\MSAS10_50.SQL2008\OLAP\bin\msmdsrv.exe [25768800 2010-04-03] (Microsoft Corporation)
S2 MSSQL$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28768528 2005-10-14] (Microsoft Corporation)
R2 MSSQL$SQL2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\sqlservr.exe [42884448 2010-04-03] (Microsoft Corporation)
R3 MSSQLFDLauncher$SQL2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\fdlauncher.exe [28512 2010-04-03] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3201024 2008-07-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 nlsX86cc; C:\Windows\system32\nlssrv32.exe [66560 2010-11-22] (Nalpeiron Ltd.) [Arquivo não assinado]
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2220768 2016-01-15] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [970464 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [772832 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.)
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
R2 ReportServer$SQL2008; C:\Program Files\Microsoft SQL Server\MSRS10_50.SQL2008\Reporting Services\ReportServer\bin\ReportingServicesService.exe [1177952 2010-04-03] (Microsoft Corporation)
S2 SQLAgent$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [318680 2005-10-14] (Microsoft Corporation)
R2 SQLAgent$SQL2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\SQLAGENT.EXE [367456 2010-04-03] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 Syslogon; C:\Windows\system32\1052\lsass.exe [617104 2014-10-10] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [Arquivo não assinado]
S3 wampmysqld; C:\wamp\bin\mysql\mysql5.7.9\bin\mysqld.exe [34368000 2015-10-12] () [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 awUSB; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-07-17] (Scott)
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.)
S3 BULKUSB; C:\Windows\System32\Drivers\BULKUSB.sys [23000 2011-09-26] (Windows (R) Win 7 DDK provider)
S3 cmntnet; C:\Windows\System32\DRIVERS\cmntnet.sys [120320 2013-06-21] (Wireless Data Device) [Arquivo não assinado]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-12] (Disc Soft Ltd)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [80736 2016-03-16] (FTDI Ltd.)
R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg32.sys [25848 2016-06-22] (GAS Tecnologia)
R0 GbpKm; C:\Windows\System32\drivers\GbpKm.sys [49496 2015-11-04] (GAS Tecnologia)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2014-12-15] (REALiX(tm))
R2 inpout32; C:\Windows\System32\Drivers\inpout32.sys [11936 2016-01-26] (Highresolution Enterprises [www.highrez.co.uk])
S3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [13304 2014-06-06] (TeamViewer GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2016-04-04] (GAS Tecnologia)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
S4 RsFx0150; C:\Windows\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2014-02-03] (Power Software Ltd)
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 cmnuusbser; system32\DRIVERS\cmnuusbser.sys [X]
S3 dcdbas; system32\DRIVERS\dcdbas32.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-06-22 10:07 - 2016-06-22 10:26 - 00000000 ____D C:\FRST
2016-06-22 10:04 - 2016-06-22 10:04 - 00001425 _____ C:\Users\Public\Desktop\Wampserver.lnk
2016-06-22 10:04 - 2016-06-22 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver
2016-06-22 10:01 - 2016-06-22 10:02 - 00000000 ____D C:\wamp
2016-06-22 09:25 - 2016-06-22 09:25 - 00000000 ____D C:\Users\SUPORTE1\Documents\PcSetup
2016-06-22 09:05 - 2016-04-18 15:00 - 00023232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-22 09:04 - 2016-06-22 09:04 - 00013248 _____ C:\Users\SUPORTE1\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2016-06-22 08:49 - 2015-06-23 15:00 - 00084816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-06-22 08:43 - 2016-06-22 08:43 - 00048208 _____ C:\Users\SUPORTE1\Downloads\vcruntime140.zip
2016-06-22 08:42 - 2016-06-22 08:43 - 03781536 _____ (DLL-Files.com Client ) C:\Users\SUPORTE1\Downloads\clientsetup_zip-0.exe
2016-06-22 08:31 - 2016-06-22 08:31 - 06554576 _____ (Microsoft Corporation) C:\Users\SUPORTE1\Downloads\vcredist_x86.exe
2016-06-22 08:31 - 2016-06-22 08:31 - 01453976 _____ (Microsoft Corporation) C:\Users\SUPORTE1\Downloads\vcredist_arm.exe
2016-06-20 16:35 - 2016-06-20 16:35 - 00016502 _____ C:\Users\SUPORTE1\Downloads\Novas Histórias - Ao Vivo - 2016 (MP3 - 320)-5572.torrent
2016-06-20 16:32 - 2016-06-20 16:33 - 00013332 _____ C:\Users\SUPORTE1\Downloads\Como. Sempre Feito. Nunca - 2016 (MP3 - 320)-15541.torrent
2016-06-20 16:01 - 2016-06-20 16:01 - 00000000 ____D C:\Users\SUPORTE1\AppData\LocalLow\uTorrent
2016-06-20 11:16 - 2016-06-20 11:17 - 70913045 _____ C:\Users\SUPORTE1\Downloads\SAC2007_backup_2016_06_20_091504_3301354.rar
2016-06-16 10:22 - 2016-06-16 10:22 - 65275983 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2002_-_Vol.08-_Ao_vivo_&_Inéditas.rar
2016-06-16 10:18 - 2016-06-16 10:18 - 63859647 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2002_-_Vol.09-_Amor_da_minha_vida.rar
2016-06-16 09:33 - 2016-06-16 09:33 - 50176833 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2003_-_Vol.10-_Agente_se_vê_lá.rar
2016-06-16 09:24 - 2016-06-16 09:25 - 55664292 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2004_-_Vol.11-_Hoje_a_Noite.rar
2016-06-16 09:21 - 2016-06-16 09:21 - 56426481 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2006_-_Vol.14-_Dois_amores_duas_Paixões.rar
2016-06-16 09:19 - 2016-06-16 09:20 - 68877187 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2005_-_Vol.13-_Mágica_-_Ao_vivo_em_Belém_do_Pará.rar
2016-06-13 10:50 - 2016-06-13 10:51 - 10099075 _____ (Isokron ) C:\Users\SUPORTE1\Downloads\setup-2016-03-01.exe
2016-06-11 09:56 - 2016-06-11 09:56 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-11 09:56 - 2016-06-11 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-11 09:56 - 2016-06-11 09:56 - 00000000 ____D C:\Program Files\iTunes
2016-06-11 09:56 - 2016-06-11 09:56 - 00000000 ____D C:\Program Files\iPod
2016-06-11 09:11 - 2016-06-11 09:16 - 54350789 _____ C:\Users\SUPORTE1\Downloads\GH&R - OU.COM.O.CORA.2016 - www.sistemasertanejo.com.rar
2016-06-11 08:49 - 2016-06-11 08:50 - 08634827 _____ C:\Users\SUPORTE1\Downloads\B&M - MUS.NOV.2016 - www.sistemasertanejo.com.rar
2016-06-08 15:15 - 2015-02-25 21:46 - 06886912 _____ C:\Users\SUPORTE1\Desktop\TASKREPORT.EXE
2016-05-31 14:51 - 2016-06-01 11:59 - 00000000 ____D C:\Program Files\NetBeans 8.1
2016-05-30 14:42 - 2016-05-30 14:44 - 00000000 ____D C:\Users\Todos os Usuários\Dell
2016-05-30 14:42 - 2016-05-30 14:44 - 00000000 ____D C:\ProgramData\Dell
2016-05-28 09:55 - 2016-05-28 09:55 - 00002657 _____ C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-05-28 09:54 - 2016-06-22 08:59 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\uTorrent
2016-05-25 14:54 - 2016-06-22 10:07 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\IDM
2016-05-25 14:54 - 2016-06-21 11:17 - 00000000 ____D C:\Users\SUPORTE1\Downloads\Compressed
2016-05-25 14:54 - 2016-05-25 15:13 - 00000000 ____D C:\Program Files\Internet Download Manager
2016-05-25 14:54 - 2016-05-25 14:54 - 00000979 _____ C:\Users\SUPORTE1\Desktop\Internet Download Manager.lnk
2016-05-25 14:54 - 2016-05-25 14:54 - 00000000 ____D C:\Users\SUPORTE1\Downloads\Video
2016-05-25 14:54 - 2016-05-25 14:54 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-05-25 14:54 - 2016-05-25 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-05-23 08:52 - 2016-06-22 09:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-19 15:47 - 2014-06-09 18:53 - 00290816 _____ (HcSoftware Informática) C:\Windows\system32\HCGRID4.OCX
2016-05-17 11:44 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\system32\fmcodec.DLL
2016-05-14 11:45 - 2016-05-14 11:45 - 00461766 _____ C:\Users\SUPORTE1\Documents\Tropa Special Silver Haras Bosucesso.XtoDVD
2016-05-13 17:36 - 2015-10-26 12:14 - 00000000 ____D C:\Users\SUPORTE1\Desktop\CCleaner PRO- Business-Technician 5.11.5408 FINAL + Crack
2016-05-13 17:33 - 2016-05-13 17:34 - 00000000 ____D C:\Program Files\CCleaner
2016-05-13 17:33 - 2016-05-13 17:33 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-05-13 17:33 - 2016-05-13 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-11 09:03 - 2016-05-11 09:03 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab7d1cf13c54.job
2016-05-09 16:59 - 2016-05-09 16:57 - 00004211 _____ C:\Users\SUPORTE1\Desktop\SPED_FISCAL_movimento_04_2016_MARMORARIAPEDRAAZULLTDA.txt
2016-05-07 11:24 - 2016-05-23 08:16 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\minergate
2016-05-06 15:32 - 2016-05-24 13:24 - 04950077 _____ (InfoSystem ) C:\Users\SUPORTE1\Desktop\Instalador NFe-NFCe InfoSystem.exe
2016-05-05 09:32 - 2016-05-05 09:32 - 00006302 _____ C:\Users\SUPORTE1\Desktop\lmfc.txt
2016-05-03 09:15 - 2016-05-03 09:19 - 00000000 ____D C:\Users\SUPORTE1\Desktop\j1
2016-04-27 12:30 - 2016-04-27 12:30 - 00000000 ____D C:\Program Files\DIFX
2016-04-27 12:28 - 2016-04-27 12:34 - 00000000 ____D C:\DarumaFramework
2016-04-27 12:28 - 2016-04-27 12:28 - 00000000 ____D C:\Daruma_Logs
2016-04-27 12:28 - 2016-03-16 16:33 - 00265056 _____ (FTDI Ltd.) C:\Windows\system32\ftd2xx.dll
2016-04-27 12:28 - 2016-03-16 16:33 - 00246624 _____ (FTDI Ltd.) C:\Windows\system32\FTLang.dll
2016-04-27 12:28 - 2016-03-16 16:33 - 00054624 _____ (FTDI Ltd.) C:\Windows\system32\ftserui2.dll
2016-04-27 12:28 - 2016-03-16 16:32 - 00147296 _____ (FTDI Ltd.) C:\Windows\system32\ftbusui.dll
2016-04-27 12:28 - 2016-03-16 16:32 - 00080736 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftdibus.sys
2016-04-27 12:28 - 2016-03-16 16:32 - 00074080 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftser2k.sys
2016-04-27 12:28 - 2016-03-16 16:32 - 00069984 _____ (FTDI Ltd.) C:\Windows\system32\ftcserco.dll
2016-04-26 14:38 - 2016-04-26 14:38 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2016-04-23 11:46 - 2016-04-23 11:46 - 00430162 _____ C:\Users\SUPORTE1\Documents\Parque Evanio Higinio Disputa Aspirante.XtoDVD
2016-04-22 14:37 - 2016-04-22 14:37 - 00000000 ____D C:\Users\Todos os Usuários\vsosdk
2016-04-22 14:37 - 2016-04-22 14:37 - 00000000 ____D C:\ProgramData\vsosdk
2016-04-22 13:08 - 2016-06-22 09:25 - 00087608 _____ C:\Users\SUPORTE1\AppData\Roaming\inst.exe
2016-04-22 13:08 - 2016-06-22 09:25 - 00047360 _____ (VSO Software) C:\Users\SUPORTE1\AppData\Roaming\pcouffin.sys
2016-04-22 13:08 - 2016-06-22 09:25 - 00007887 _____ C:\Users\SUPORTE1\AppData\Roaming\pcouffin.cat
2016-04-22 13:08 - 2016-06-22 09:25 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Vso
2016-04-22 13:07 - 2016-06-22 09:25 - 00000000 ____D C:\Program Files\VSO
2016-04-22 13:07 - 2016-06-22 08:59 - 00000000 ____D C:\Users\Todos os Usuários\VSO
2016-04-22 13:07 - 2016-06-22 08:59 - 00000000 ____D C:\ProgramData\VSO
2016-04-22 13:05 - 2016-04-22 13:05 - 00000000 ____D C:\Users\SUPORTE1\Desktop\x6
2016-04-20 14:33 - 2016-05-17 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-04-20 14:32 - 2016-04-20 14:32 - 00000000 ____D C:\Program Files\DsNET Corp
2016-04-20 08:12 - 2016-04-20 08:12 - 00000000 ____D C:\Program Files\Common Files\Java
2016-04-18 09:38 - 2016-04-18 09:38 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2016-04-18 09:24 - 2016-01-08 05:51 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2016-04-18 09:24 - 2016-01-08 05:51 - 00581192 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2016-04-18 09:24 - 2016-01-08 05:51 - 00191200 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2016-04-18 09:24 - 2016-01-08 05:51 - 00099296 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2016-04-13 11:03 - 2016-04-13 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-04-12 13:47 - 2016-04-12 13:47 - 00000000 ____D C:\nfe
2016-04-12 12:04 - 2016-04-12 12:04 - 00001854 _____ C:\Users\SUPORTE1\Desktop\NFe17160406049499000108550010000022401582254820.xml
2016-04-11 09:04 - 2016-04-15 08:30 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Apple Computer
2016-04-11 09:04 - 2016-04-13 11:03 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\Apple Computer
2016-04-11 09:02 - 2016-04-11 09:02 - 00000000 ____D C:\Users\Todos os Usuários\Apple Computer
2016-04-11 09:02 - 2016-04-11 09:02 - 00000000 ____D C:\ProgramData\Apple Computer
2016-04-11 09:00 - 2016-04-11 09:00 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-11 09:00 - 2016-04-11 09:00 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\Apple
2016-04-11 09:00 - 2016-04-11 09:00 - 00000000 ____D C:\Program Files\Apple Software Update
2016-04-11 08:58 - 2016-04-11 08:58 - 00000000 ____D C:\Program Files\Bonjour
2016-04-11 08:57 - 2016-06-11 09:56 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-04-11 08:57 - 2016-04-11 09:00 - 00000000 ____D C:\Users\Todos os Usuários\Apple
2016-04-11 08:57 - 2016-04-11 09:00 - 00000000 ____D C:\ProgramData\Apple
2016-04-08 16:20 - 2016-04-09 08:51 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-08 15:59 - 2016-04-08 15:59 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\Steam
2016-04-08 15:05 - 2016-04-08 15:05 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-04-05 16:02 - 2016-04-05 16:02 - 00000000 ____D C:\kodi tv
2016-04-05 15:59 - 2016-06-13 10:18 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Kodi
2016-04-05 15:35 - 2016-04-05 15:35 - 00366710 _____ C:\Users\SUPORTE1\Desktop\plugin.video.playlistLoader-1.0.6.zip
2016-04-04 17:55 - 2016-06-22 09:57 - 00025848 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg32.sys
2016-04-04 17:55 - 2016-04-04 17:55 - 00029400 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpndisrdn.sys
2016-04-04 17:54 - 2016-05-24 08:03 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-04-04 17:54 - 2016-05-24 08:03 - 00000000 ____D C:\ProgramData\GbPlugin
2016-04-04 17:54 - 2016-04-06 08:01 - 00000000 ____D C:\Program Files\GbPlugin
2016-04-04 17:54 - 2016-04-04 17:54 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2016-04-04 17:54 - 2016-04-04 17:54 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-04-04 17:54 - 2015-11-04 09:09 - 00049496 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpkm.sys
2016-04-04 17:52 - 2016-04-04 17:55 - 00000000 ____D C:\Users\Todos os Usuários\Temp
2016-04-04 17:52 - 2016-04-04 17:55 - 00000000 ____D C:\ProgramData\Temp
2016-03-31 17:22 - 2016-03-31 17:22 - 00000037 _____ C:\Users\SUPORTE1\Desktop\backup lins.txt
2016-03-31 11:55 - 2016-03-31 11:55 - 00758914 _____ C:\Users\SUPORTE1\Desktop\joray.pdf
2016-03-30 18:09 - 2016-03-30 18:09 - 16679537 _____ C:\Users\SUPORTE1\Desktop\espelho mdf 2015.txt
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-06-22 10:02 - 2014-04-14 16:08 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-22 10:01 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-22 10:01 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-22 09:55 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\inetsrv
2016-06-22 09:53 - 2016-01-14 18:00 - 00000000 ____D C:\Temp
2016-06-22 09:53 - 2014-04-14 16:08 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-22 09:53 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-22 09:50 - 2015-09-15 17:01 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\DMCache
2016-06-22 09:37 - 2014-12-13 09:47 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-22 09:29 - 2014-12-22 11:55 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-22 08:59 - 2014-04-15 10:57 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\DAEMON Tools Lite
2016-06-22 08:59 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-06-22 08:36 - 2014-04-22 16:50 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-06-22 08:36 - 2014-04-22 16:50 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-20 17:23 - 2014-04-14 16:01 - 02388626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-20 17:23 - 2009-07-29 15:46 - 00976126 _____ C:\Windows\system32\prfh0416.dat
2016-06-20 17:23 - 2009-07-29 15:46 - 00249182 _____ C:\Windows\system32\prfc0416.dat
2016-06-20 17:01 - 2016-02-26 14:04 - 00000000 ___SD C:\Users\SUPORTE1\AppData\LocalLow\Temp
2016-06-20 15:04 - 2014-04-14 17:57 - 00000000 ____D C:\Users\SUPORTE1\Documents\SQL Server Management Studio
2016-06-18 08:10 - 2014-04-14 16:10 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 08:10 - 2014-04-14 16:10 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-17 10:37 - 2014-12-13 09:47 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-17 10:37 - 2014-12-13 09:47 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-17 08:00 - 2016-03-17 16:50 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\PDFCreator
2016-06-15 17:40 - 2014-04-14 16:22 - 00400040 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-10 10:55 - 2014-09-16 14:17 - 00000000 ____D C:\nfe-app
2016-06-08 16:50 - 2014-09-16 16:38 - 00002122 ____H C:\Users\SUPORTE1\Documents\Default.rdp
2016-06-07 13:27 - 2014-07-02 09:48 - 00123956 _____ C:\Windows\system32\SNFE.TLB
2016-06-07 12:34 - 2014-11-10 14:23 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\ElevatedDiagnostics
2016-06-02 08:17 - 2015-05-14 09:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-02 08:15 - 2014-04-14 15:57 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\VirtualStore
2016-06-01 17:27 - 2015-06-29 16:56 - 00000412 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2016-06-01 13:53 - 2014-09-01 16:15 - 00000000 ____D C:\Users\SUPORTE1\.nbi
2016-06-01 11:58 - 2015-08-27 11:10 - 00000000 ____D C:\Users\SUPORTE1\.oracle_jre_usage
2016-05-31 14:29 - 2015-09-30 14:13 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Samsung
2016-05-31 14:29 - 2015-09-30 14:05 - 00000000 ____D C:\Program Files\Samsung
2016-05-31 14:29 - 2014-04-15 08:29 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-05-28 12:02 - 2015-10-09 17:36 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\BitComet
==================== Arquivos na raiz de alguns diretórios =======
2016-04-22 13:08 - 2016-06-22 09:25 - 0087608 _____ () C:\Users\SUPORTE1\AppData\Roaming\inst.exe
2016-04-22 13:08 - 2016-06-22 09:25 - 0007887 _____ () C:\Users\SUPORTE1\AppData\Roaming\pcouffin.cat
2016-04-22 13:08 - 2016-06-22 09:25 - 0001144 _____ () C:\Users\SUPORTE1\AppData\Roaming\pcouffin.inf
2016-04-22 13:08 - 2016-06-22 09:25 - 0000055 _____ () C:\Users\SUPORTE1\AppData\Roaming\pcouffin.log
2016-04-22 13:08 - 2016-06-22 09:25 - 0047360 _____ (VSO Software) C:\Users\SUPORTE1\AppData\Roaming\pcouffin.sys
2014-10-10 17:47 - 2014-10-10 17:47 - 4194358 ____H () C:\ProgramData\bf4ppp.bmp
2014-04-15 08:35 - 2014-04-15 08:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-10 17:47 - 2014-10-10 17:47 - 0000326 ____H () C:\ProgramData\gwp2.sys
2015-09-15 16:33 - 2015-09-15 16:33 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-06-17 08:20
==================== Fim de FRST.txt ============================
Executado por SUPORTE1 (administrador) em SUPORTE1-PC (22-06-2016 10:26:47)
Executando a partir de C:\Users\SUPORTE1\Downloads\Programs
Perfis Carregados: SUPORTE1 (Perfis Disponíveis: SUPORTE1 & Classic .NET AppPool)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\ChgService.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\No-IP\DUC40.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS10_50.SQL2008\OLAP\bin\msmdsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\sqlservr.exe
(UltraVNC) C:\suporte_vnc\vncviewer.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Nalpeiron Ltd.) C:\Windows\System32\nlssrv32.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.SQL2008\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\SQLAGENT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Windows\System32\1052\lsass.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files\Popcorn Time\Updater.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\fdlauncher.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Dominique Ottello aka Otomatic ) C:\Users\SUPORTE1\Downloads\Programs\wampserver3_x86_apache2.4.17_mysql5.7.9_php5.6.15.exe
() C:\Users\SUPORTE1\AppData\Local\Temp\is-DDIQU.tmp\wampserver3_x86_apache2.4.17_mysql5.7.9_php5.6.15.tmp
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Ammyy LLC) C:\Users\SUPORTE1\Desktop\AA_v3.5.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [337432 2014-02-03] (Power Software Ltd)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14685936 2015-08-27] (Realtek Semiconductor)
HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672 2016-04-22] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-06-01] (Apple Inc.)
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-11-04] (Banco do Brasil)
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [NoIPDUCv4] => C:\Program Files\No-IP\DUC40.exe [346624 2014-05-02] ()
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [MinerGateGui] => C:\Program Files\MinerGate\minergate.exe --auto
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6564776 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3919928 2016-02-14] (Tonec Inc.)
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {5a8ef216-f95f-11e4-9587-00270e387cc9} - K:\Startme.exe
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {98642cf2-e428-11e4-95d5-00270e387cc9} - M:\LG_PC_Programs.exe
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {c2109779-26c7-11e4-b20d-00270e387cc9} - K:\.\ShowModem.exe
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {c2109786-26c7-11e4-b20d-00270e387cc9} - K:\.\ShowModem.exe
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {ca4d2f3a-c4a3-11e3-ae31-00270e387cc9} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\splash.hta
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {d014e1dc-1c0c-11e4-b28a-00270e387cc9} - K:\LGAutoRun.exe
HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {d328257f-da90-11e3-ae04-00270e387cc9} - J:\LGAutoRun.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1945472 2015-11-04] (Banco do Brasil)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
Startup: C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VNC para acesso com dyndns.lnk [2013-05-18]
ShortcutTarget: VNC para acesso com dyndns.lnk -> C:\suporte_vnc\vncviewer.exe (UltraVNC)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\..\Interfaces\{EDD3B21D-BB3A-4102-B883-69FACC9F41AB}: [NameServer] 192.168.1.1,8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130873937009882481&GUID=73E611A2-440D-428F-8975-ACCAFE04C748
HKU\S-1-5-21-1916607779-595488778-416714765-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130873937010182481&GUID=73E611A2-440D-428F-8975-ACCAFE04C748
SearchScopes: HKU\S-1-5-21-1916607779-595488778-416714765-1000 -> Web URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files\GbPlugin\gbieh.dll [2015-11-04] (Banco do Brasil)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
Toolbar: HKLM - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1442345516&z=4c7dcdb195144825cd24ee8gcz3z3o7c1z3w8cbw9z&from=smt&uid=SAMSUNGXHD250HJ_S19GJ50Q754691
FireFox:
========
FF ProfilePath: C:\Users\SUPORTE1\AppData\Roaming\Mozilla\Firefox\Profiles\rvc55881.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1916607779-595488778-416714765-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\SUPORTE1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\SUPORTE1\AppData\Roaming\Mozilla\Firefox\Profiles\rvc55881.default\extensions\defsearchp@gmail.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\SUPORTE1\AppData\Roaming\Mozilla\Firefox\Profiles\rvc55881.default\extensions\deskCutv2@gmail.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-03-17] [não assinado]
FF HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-01-27]
FF HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\SUPORTE1\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\SUPORTE1\AppData\Roaming\IDM\idmmzcc5 [2016-06-22] [não assinado]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-05-27]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-16]
CHR Extension: (Google Docs) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-16]
CHR Extension: (Google Drive) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Planilhas do Google) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-16]
CHR Extension: (Documentos Google off-line) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-16]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-02-11]
CHR HKU\S-1-5-21-1916607779-595488778-416714765-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Change Modem Device Service; C:\Windows\System32\ChgService.exe [135168 2013-06-21] () [Arquivo não assinado]
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [308224 2009-07-13] (Microsoft Corporation)
R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [593120 2015-11-04] (GAS Tecnologia)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-13] (Microsoft Corporation)
R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 MsDtsServer; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [199384 2005-10-14] (Microsoft Corporation)
R2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [214880 2010-04-03] (Microsoft Corporation)
S2 msftesql$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [92880 2005-08-26] (Microsoft Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R2 MSOLAP$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe [14557912 2005-10-14] (Microsoft Corporation)
R2 MSOLAP$SQL2008; C:\Program Files\Microsoft SQL Server\MSAS10_50.SQL2008\OLAP\bin\msmdsrv.exe [25768800 2010-04-03] (Microsoft Corporation)
S2 MSSQL$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28768528 2005-10-14] (Microsoft Corporation)
R2 MSSQL$SQL2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\sqlservr.exe [42884448 2010-04-03] (Microsoft Corporation)
R3 MSSQLFDLauncher$SQL2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\fdlauncher.exe [28512 2010-04-03] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3201024 2008-07-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 nlsX86cc; C:\Windows\system32\nlssrv32.exe [66560 2010-11-22] (Nalpeiron Ltd.) [Arquivo não assinado]
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2220768 2016-01-15] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [970464 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [772832 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.)
R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
R2 ReportServer$SQL2008; C:\Program Files\Microsoft SQL Server\MSRS10_50.SQL2008\Reporting Services\ReportServer\bin\ReportingServicesService.exe [1177952 2010-04-03] (Microsoft Corporation)
S2 SQLAgent$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [318680 2005-10-14] (Microsoft Corporation)
R2 SQLAgent$SQL2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\SQLAGENT.EXE [367456 2010-04-03] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 Syslogon; C:\Windows\system32\1052\lsass.exe [617104 2014-10-10] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [Arquivo não assinado]
S3 wampmysqld; C:\wamp\bin\mysql\mysql5.7.9\bin\mysqld.exe [34368000 2015-10-12] () [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 awUSB; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-07-17] (Scott)
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.)
S3 BULKUSB; C:\Windows\System32\Drivers\BULKUSB.sys [23000 2011-09-26] (Windows (R) Win 7 DDK provider)
S3 cmntnet; C:\Windows\System32\DRIVERS\cmntnet.sys [120320 2013-06-21] (Wireless Data Device) [Arquivo não assinado]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-12] (Disc Soft Ltd)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [80736 2016-03-16] (FTDI Ltd.)
R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg32.sys [25848 2016-06-22] (GAS Tecnologia)
R0 GbpKm; C:\Windows\System32\drivers\GbpKm.sys [49496 2015-11-04] (GAS Tecnologia)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2014-12-15] (REALiX(tm))
R2 inpout32; C:\Windows\System32\Drivers\inpout32.sys [11936 2016-01-26] (Highresolution Enterprises [www.highrez.co.uk])
S3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [13304 2014-06-06] (TeamViewer GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2016-04-04] (GAS Tecnologia)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
S4 RsFx0150; C:\Windows\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2014-02-03] (Power Software Ltd)
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 cmnuusbser; system32\DRIVERS\cmnuusbser.sys [X]
S3 dcdbas; system32\DRIVERS\dcdbas32.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-06-22 10:07 - 2016-06-22 10:26 - 00000000 ____D C:\FRST
2016-06-22 10:04 - 2016-06-22 10:04 - 00001425 _____ C:\Users\Public\Desktop\Wampserver.lnk
2016-06-22 10:04 - 2016-06-22 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver
2016-06-22 10:01 - 2016-06-22 10:02 - 00000000 ____D C:\wamp
2016-06-22 09:25 - 2016-06-22 09:25 - 00000000 ____D C:\Users\SUPORTE1\Documents\PcSetup
2016-06-22 09:05 - 2016-04-18 15:00 - 00023232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-06-22 09:04 - 2016-06-22 09:04 - 00013248 _____ C:\Users\SUPORTE1\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2016-06-22 08:49 - 2015-06-23 15:00 - 00084816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-06-22 08:43 - 2016-06-22 08:43 - 00048208 _____ C:\Users\SUPORTE1\Downloads\vcruntime140.zip
2016-06-22 08:42 - 2016-06-22 08:43 - 03781536 _____ (DLL-Files.com Client ) C:\Users\SUPORTE1\Downloads\clientsetup_zip-0.exe
2016-06-22 08:31 - 2016-06-22 08:31 - 06554576 _____ (Microsoft Corporation) C:\Users\SUPORTE1\Downloads\vcredist_x86.exe
2016-06-22 08:31 - 2016-06-22 08:31 - 01453976 _____ (Microsoft Corporation) C:\Users\SUPORTE1\Downloads\vcredist_arm.exe
2016-06-20 16:35 - 2016-06-20 16:35 - 00016502 _____ C:\Users\SUPORTE1\Downloads\Novas Histórias - Ao Vivo - 2016 (MP3 - 320)-5572.torrent
2016-06-20 16:32 - 2016-06-20 16:33 - 00013332 _____ C:\Users\SUPORTE1\Downloads\Como. Sempre Feito. Nunca - 2016 (MP3 - 320)-15541.torrent
2016-06-20 16:01 - 2016-06-20 16:01 - 00000000 ____D C:\Users\SUPORTE1\AppData\LocalLow\uTorrent
2016-06-20 11:16 - 2016-06-20 11:17 - 70913045 _____ C:\Users\SUPORTE1\Downloads\SAC2007_backup_2016_06_20_091504_3301354.rar
2016-06-16 10:22 - 2016-06-16 10:22 - 65275983 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2002_-_Vol.08-_Ao_vivo_&_Inéditas.rar
2016-06-16 10:18 - 2016-06-16 10:18 - 63859647 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2002_-_Vol.09-_Amor_da_minha_vida.rar
2016-06-16 09:33 - 2016-06-16 09:33 - 50176833 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2003_-_Vol.10-_Agente_se_vê_lá.rar
2016-06-16 09:24 - 2016-06-16 09:25 - 55664292 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2004_-_Vol.11-_Hoje_a_Noite.rar
2016-06-16 09:21 - 2016-06-16 09:21 - 56426481 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2006_-_Vol.14-_Dois_amores_duas_Paixões.rar
2016-06-16 09:19 - 2016-06-16 09:20 - 68877187 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2005_-_Vol.13-_Mágica_-_Ao_vivo_em_Belém_do_Pará.rar
2016-06-13 10:50 - 2016-06-13 10:51 - 10099075 _____ (Isokron ) C:\Users\SUPORTE1\Downloads\setup-2016-03-01.exe
2016-06-11 09:56 - 2016-06-11 09:56 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-11 09:56 - 2016-06-11 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-11 09:56 - 2016-06-11 09:56 - 00000000 ____D C:\Program Files\iTunes
2016-06-11 09:56 - 2016-06-11 09:56 - 00000000 ____D C:\Program Files\iPod
2016-06-11 09:11 - 2016-06-11 09:16 - 54350789 _____ C:\Users\SUPORTE1\Downloads\GH&R - OU.COM.O.CORA.2016 - www.sistemasertanejo.com.rar
2016-06-11 08:49 - 2016-06-11 08:50 - 08634827 _____ C:\Users\SUPORTE1\Downloads\B&M - MUS.NOV.2016 - www.sistemasertanejo.com.rar
2016-06-08 15:15 - 2015-02-25 21:46 - 06886912 _____ C:\Users\SUPORTE1\Desktop\TASKREPORT.EXE
2016-05-31 14:51 - 2016-06-01 11:59 - 00000000 ____D C:\Program Files\NetBeans 8.1
2016-05-30 14:42 - 2016-05-30 14:44 - 00000000 ____D C:\Users\Todos os Usuários\Dell
2016-05-30 14:42 - 2016-05-30 14:44 - 00000000 ____D C:\ProgramData\Dell
2016-05-28 09:55 - 2016-05-28 09:55 - 00002657 _____ C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-05-28 09:54 - 2016-06-22 08:59 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\uTorrent
2016-05-25 14:54 - 2016-06-22 10:07 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\IDM
2016-05-25 14:54 - 2016-06-21 11:17 - 00000000 ____D C:\Users\SUPORTE1\Downloads\Compressed
2016-05-25 14:54 - 2016-05-25 15:13 - 00000000 ____D C:\Program Files\Internet Download Manager
2016-05-25 14:54 - 2016-05-25 14:54 - 00000979 _____ C:\Users\SUPORTE1\Desktop\Internet Download Manager.lnk
2016-05-25 14:54 - 2016-05-25 14:54 - 00000000 ____D C:\Users\SUPORTE1\Downloads\Video
2016-05-25 14:54 - 2016-05-25 14:54 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-05-25 14:54 - 2016-05-25 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-05-23 08:52 - 2016-06-22 09:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-19 15:47 - 2014-06-09 18:53 - 00290816 _____ (HcSoftware Informática) C:\Windows\system32\HCGRID4.OCX
2016-05-17 11:44 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\system32\fmcodec.DLL
2016-05-14 11:45 - 2016-05-14 11:45 - 00461766 _____ C:\Users\SUPORTE1\Documents\Tropa Special Silver Haras Bosucesso.XtoDVD
2016-05-13 17:36 - 2015-10-26 12:14 - 00000000 ____D C:\Users\SUPORTE1\Desktop\CCleaner PRO- Business-Technician 5.11.5408 FINAL + Crack
2016-05-13 17:33 - 2016-05-13 17:34 - 00000000 ____D C:\Program Files\CCleaner
2016-05-13 17:33 - 2016-05-13 17:33 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-05-13 17:33 - 2016-05-13 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-11 09:03 - 2016-05-11 09:03 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab7d1cf13c54.job
2016-05-09 16:59 - 2016-05-09 16:57 - 00004211 _____ C:\Users\SUPORTE1\Desktop\SPED_FISCAL_movimento_04_2016_MARMORARIAPEDRAAZULLTDA.txt
2016-05-07 11:24 - 2016-05-23 08:16 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\minergate
2016-05-06 15:32 - 2016-05-24 13:24 - 04950077 _____ (InfoSystem ) C:\Users\SUPORTE1\Desktop\Instalador NFe-NFCe InfoSystem.exe
2016-05-05 09:32 - 2016-05-05 09:32 - 00006302 _____ C:\Users\SUPORTE1\Desktop\lmfc.txt
2016-05-03 09:15 - 2016-05-03 09:19 - 00000000 ____D C:\Users\SUPORTE1\Desktop\j1
2016-04-27 12:30 - 2016-04-27 12:30 - 00000000 ____D C:\Program Files\DIFX
2016-04-27 12:28 - 2016-04-27 12:34 - 00000000 ____D C:\DarumaFramework
2016-04-27 12:28 - 2016-04-27 12:28 - 00000000 ____D C:\Daruma_Logs
2016-04-27 12:28 - 2016-03-16 16:33 - 00265056 _____ (FTDI Ltd.) C:\Windows\system32\ftd2xx.dll
2016-04-27 12:28 - 2016-03-16 16:33 - 00246624 _____ (FTDI Ltd.) C:\Windows\system32\FTLang.dll
2016-04-27 12:28 - 2016-03-16 16:33 - 00054624 _____ (FTDI Ltd.) C:\Windows\system32\ftserui2.dll
2016-04-27 12:28 - 2016-03-16 16:32 - 00147296 _____ (FTDI Ltd.) C:\Windows\system32\ftbusui.dll
2016-04-27 12:28 - 2016-03-16 16:32 - 00080736 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftdibus.sys
2016-04-27 12:28 - 2016-03-16 16:32 - 00074080 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftser2k.sys
2016-04-27 12:28 - 2016-03-16 16:32 - 00069984 _____ (FTDI Ltd.) C:\Windows\system32\ftcserco.dll
2016-04-26 14:38 - 2016-04-26 14:38 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2016-04-23 11:46 - 2016-04-23 11:46 - 00430162 _____ C:\Users\SUPORTE1\Documents\Parque Evanio Higinio Disputa Aspirante.XtoDVD
2016-04-22 14:37 - 2016-04-22 14:37 - 00000000 ____D C:\Users\Todos os Usuários\vsosdk
2016-04-22 14:37 - 2016-04-22 14:37 - 00000000 ____D C:\ProgramData\vsosdk
2016-04-22 13:08 - 2016-06-22 09:25 - 00087608 _____ C:\Users\SUPORTE1\AppData\Roaming\inst.exe
2016-04-22 13:08 - 2016-06-22 09:25 - 00047360 _____ (VSO Software) C:\Users\SUPORTE1\AppData\Roaming\pcouffin.sys
2016-04-22 13:08 - 2016-06-22 09:25 - 00007887 _____ C:\Users\SUPORTE1\AppData\Roaming\pcouffin.cat
2016-04-22 13:08 - 2016-06-22 09:25 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Vso
2016-04-22 13:07 - 2016-06-22 09:25 - 00000000 ____D C:\Program Files\VSO
2016-04-22 13:07 - 2016-06-22 08:59 - 00000000 ____D C:\Users\Todos os Usuários\VSO
2016-04-22 13:07 - 2016-06-22 08:59 - 00000000 ____D C:\ProgramData\VSO
2016-04-22 13:05 - 2016-04-22 13:05 - 00000000 ____D C:\Users\SUPORTE1\Desktop\x6
2016-04-20 14:33 - 2016-05-17 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-04-20 14:32 - 2016-04-20 14:32 - 00000000 ____D C:\Program Files\DsNET Corp
2016-04-20 08:12 - 2016-04-20 08:12 - 00000000 ____D C:\Program Files\Common Files\Java
2016-04-18 09:38 - 2016-04-18 09:38 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2016-04-18 09:24 - 2016-01-08 05:51 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2016-04-18 09:24 - 2016-01-08 05:51 - 00581192 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2016-04-18 09:24 - 2016-01-08 05:51 - 00191200 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2016-04-18 09:24 - 2016-01-08 05:51 - 00099296 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2016-04-13 11:03 - 2016-04-13 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-04-12 13:47 - 2016-04-12 13:47 - 00000000 ____D C:\nfe
2016-04-12 12:04 - 2016-04-12 12:04 - 00001854 _____ C:\Users\SUPORTE1\Desktop\NFe17160406049499000108550010000022401582254820.xml
2016-04-11 09:04 - 2016-04-15 08:30 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Apple Computer
2016-04-11 09:04 - 2016-04-13 11:03 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\Apple Computer
2016-04-11 09:02 - 2016-04-11 09:02 - 00000000 ____D C:\Users\Todos os Usuários\Apple Computer
2016-04-11 09:02 - 2016-04-11 09:02 - 00000000 ____D C:\ProgramData\Apple Computer
2016-04-11 09:00 - 2016-04-11 09:00 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-11 09:00 - 2016-04-11 09:00 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\Apple
2016-04-11 09:00 - 2016-04-11 09:00 - 00000000 ____D C:\Program Files\Apple Software Update
2016-04-11 08:58 - 2016-04-11 08:58 - 00000000 ____D C:\Program Files\Bonjour
2016-04-11 08:57 - 2016-06-11 09:56 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-04-11 08:57 - 2016-04-11 09:00 - 00000000 ____D C:\Users\Todos os Usuários\Apple
2016-04-11 08:57 - 2016-04-11 09:00 - 00000000 ____D C:\ProgramData\Apple
2016-04-08 16:20 - 2016-04-09 08:51 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-08 15:59 - 2016-04-08 15:59 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\Steam
2016-04-08 15:05 - 2016-04-08 15:05 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-04-05 16:02 - 2016-04-05 16:02 - 00000000 ____D C:\kodi tv
2016-04-05 15:59 - 2016-06-13 10:18 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Kodi
2016-04-05 15:35 - 2016-04-05 15:35 - 00366710 _____ C:\Users\SUPORTE1\Desktop\plugin.video.playlistLoader-1.0.6.zip
2016-04-04 17:55 - 2016-06-22 09:57 - 00025848 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg32.sys
2016-04-04 17:55 - 2016-04-04 17:55 - 00029400 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpndisrdn.sys
2016-04-04 17:54 - 2016-05-24 08:03 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-04-04 17:54 - 2016-05-24 08:03 - 00000000 ____D C:\ProgramData\GbPlugin
2016-04-04 17:54 - 2016-04-06 08:01 - 00000000 ____D C:\Program Files\GbPlugin
2016-04-04 17:54 - 2016-04-04 17:54 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia
2016-04-04 17:54 - 2016-04-04 17:54 - 00000000 ____D C:\ProgramData\GAS Tecnologia
2016-04-04 17:54 - 2015-11-04 09:09 - 00049496 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpkm.sys
2016-04-04 17:52 - 2016-04-04 17:55 - 00000000 ____D C:\Users\Todos os Usuários\Temp
2016-04-04 17:52 - 2016-04-04 17:55 - 00000000 ____D C:\ProgramData\Temp
2016-03-31 17:22 - 2016-03-31 17:22 - 00000037 _____ C:\Users\SUPORTE1\Desktop\backup lins.txt
2016-03-31 11:55 - 2016-03-31 11:55 - 00758914 _____ C:\Users\SUPORTE1\Desktop\joray.pdf
2016-03-30 18:09 - 2016-03-30 18:09 - 16679537 _____ C:\Users\SUPORTE1\Desktop\espelho mdf 2015.txt
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-06-22 10:02 - 2014-04-14 16:08 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-22 10:01 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-22 10:01 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-22 09:55 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\inetsrv
2016-06-22 09:53 - 2016-01-14 18:00 - 00000000 ____D C:\Temp
2016-06-22 09:53 - 2014-04-14 16:08 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-22 09:53 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-22 09:50 - 2015-09-15 17:01 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\DMCache
2016-06-22 09:37 - 2014-12-13 09:47 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-22 09:29 - 2014-12-22 11:55 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-22 08:59 - 2014-04-15 10:57 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\DAEMON Tools Lite
2016-06-22 08:59 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-06-22 08:36 - 2014-04-22 16:50 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-06-22 08:36 - 2014-04-22 16:50 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-20 17:23 - 2014-04-14 16:01 - 02388626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-20 17:23 - 2009-07-29 15:46 - 00976126 _____ C:\Windows\system32\prfh0416.dat
2016-06-20 17:23 - 2009-07-29 15:46 - 00249182 _____ C:\Windows\system32\prfc0416.dat
2016-06-20 17:01 - 2016-02-26 14:04 - 00000000 ___SD C:\Users\SUPORTE1\AppData\LocalLow\Temp
2016-06-20 15:04 - 2014-04-14 17:57 - 00000000 ____D C:\Users\SUPORTE1\Documents\SQL Server Management Studio
2016-06-18 08:10 - 2014-04-14 16:10 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 08:10 - 2014-04-14 16:10 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-17 10:37 - 2014-12-13 09:47 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-17 10:37 - 2014-12-13 09:47 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-17 08:00 - 2016-03-17 16:50 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\PDFCreator
2016-06-15 17:40 - 2014-04-14 16:22 - 00400040 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-10 10:55 - 2014-09-16 14:17 - 00000000 ____D C:\nfe-app
2016-06-08 16:50 - 2014-09-16 16:38 - 00002122 ____H C:\Users\SUPORTE1\Documents\Default.rdp
2016-06-07 13:27 - 2014-07-02 09:48 - 00123956 _____ C:\Windows\system32\SNFE.TLB
2016-06-07 12:34 - 2014-11-10 14:23 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\ElevatedDiagnostics
2016-06-02 08:17 - 2015-05-14 09:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-02 08:15 - 2014-04-14 15:57 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\VirtualStore
2016-06-01 17:27 - 2015-06-29 16:56 - 00000412 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2016-06-01 13:53 - 2014-09-01 16:15 - 00000000 ____D C:\Users\SUPORTE1\.nbi
2016-06-01 11:58 - 2015-08-27 11:10 - 00000000 ____D C:\Users\SUPORTE1\.oracle_jre_usage
2016-05-31 14:29 - 2015-09-30 14:13 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Samsung
2016-05-31 14:29 - 2015-09-30 14:05 - 00000000 ____D C:\Program Files\Samsung
2016-05-31 14:29 - 2014-04-15 08:29 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-05-28 12:02 - 2015-10-09 17:36 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\BitComet
==================== Arquivos na raiz de alguns diretórios =======
2016-04-22 13:08 - 2016-06-22 09:25 - 0087608 _____ () C:\Users\SUPORTE1\AppData\Roaming\inst.exe
2016-04-22 13:08 - 2016-06-22 09:25 - 0007887 _____ () C:\Users\SUPORTE1\AppData\Roaming\pcouffin.cat
2016-04-22 13:08 - 2016-06-22 09:25 - 0001144 _____ () C:\Users\SUPORTE1\AppData\Roaming\pcouffin.inf
2016-04-22 13:08 - 2016-06-22 09:25 - 0000055 _____ () C:\Users\SUPORTE1\AppData\Roaming\pcouffin.log
2016-04-22 13:08 - 2016-06-22 09:25 - 0047360 _____ (VSO Software) C:\Users\SUPORTE1\AppData\Roaming\pcouffin.sys
2014-10-10 17:47 - 2014-10-10 17:47 - 4194358 ____H () C:\ProgramData\bf4ppp.bmp
2014-04-15 08:35 - 2014-04-15 08:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-10 17:47 - 2014-10-10 17:47 - 0000326 ____H () C:\ProgramData\gwp2.sys
2015-09-15 16:33 - 2015-09-15 16:33 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-06-17 08:20
==================== Fim de FRST.txt ============================