Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 20-06-2016 01 Executado por SUPORTE1 (administrador) em SUPORTE1-PC (22-06-2016 10:26:47) Executando a partir de C:\Users\SUPORTE1\Downloads\Programs Perfis Carregados: SUPORTE1 (Perfis Disponíveis: SUPORTE1 & Classic .NET AppPool) Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil) Internet Explorer Versão 8 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Windows\System32\ChgService.exe (GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe (Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe (Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe (Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Program Files\No-IP\DUC40.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS10_50.SQL2008\OLAP\bin\msmdsrv.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\sqlservr.exe (UltraVNC) C:\suporte_vnc\vncviewer.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe (Nalpeiron Ltd.) C:\Windows\System32\nlssrv32.exe (pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe (© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe (Motorola) C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.SQL2008\Reporting Services\ReportServer\bin\ReportingServicesService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe () C:\Windows\System32\1052\lsass.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Popcorn Time) C:\Program Files\Popcorn Time\Updater.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\fdlauncher.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\fdhost.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe (Dominique Ottello aka Otomatic ) C:\Users\SUPORTE1\Downloads\Programs\wampserver3_x86_apache2.4.17_mysql5.7.9_php5.6.15.exe () C:\Users\SUPORTE1\AppData\Local\Temp\is-DDIQU.tmp\wampserver3_x86_apache2.4.17_mysql5.7.9_php5.6.15.tmp (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Ammyy LLC) C:\Users\SUPORTE1\Desktop\AA_v3.5.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [337432 2014-02-03] (Power Software Ltd) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14685936 2015-08-27] (Realtek Semiconductor) HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672 2016-04-22] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2016-06-01] (Apple Inc.) Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-11-04] (Banco do Brasil) HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [NoIPDUCv4] => C:\Program Files\No-IP\DUC40.exe [346624 2014-05-02] () HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-13] (Microsoft Corporation) HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [MinerGateGui] => C:\Program Files\MinerGate\minergate.exe --auto HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6564776 2015-10-19] (Piriform Ltd) HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3919928 2016-02-14] (Tonec Inc.) HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {5a8ef216-f95f-11e4-9587-00270e387cc9} - K:\Startme.exe HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {98642cf2-e428-11e4-95d5-00270e387cc9} - M:\LG_PC_Programs.exe HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {c2109779-26c7-11e4-b20d-00270e387cc9} - K:\.\ShowModem.exe HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {c2109786-26c7-11e4-b20d-00270e387cc9} - K:\.\ShowModem.exe HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {ca4d2f3a-c4a3-11e3-ae31-00270e387cc9} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\splash.hta HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {d014e1dc-1c0c-11e4-b28a-00270e387cc9} - K:\LGAutoRun.exe HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\MountPoints2: {d328257f-da90-11e3-ae04-00270e387cc9} - J:\LGAutoRun.exe IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1945472 2015-11-04] (Banco do Brasil) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.) Startup: C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VNC para acesso com dyndns.lnk [2013-05-18] ShortcutTarget: VNC para acesso com dyndns.lnk -> C:\suporte_vnc\vncviewer.exe (UltraVNC) GroupPolicy: Restrição - Chrome <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.) Tcpip\..\Interfaces\{EDD3B21D-BB3A-4102-B883-69FACC9F41AB}: [NameServer] 192.168.1.1,8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130873937009882481&GUID=73E611A2-440D-428F-8975-ACCAFE04C748 HKU\S-1-5-21-1916607779-595488778-416714765-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130873937010182481&GUID=73E611A2-440D-428F-8975-ACCAFE04C748 SearchScopes: HKU\S-1-5-21-1916607779-595488778-416714765-1000 -> Web URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=baixaki&hsimp=yhs-baixaki_br_solimba_01&p={searchTerms} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) BHO: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation) BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files\GbPlugin\gbieh.dll [2015-11-04] (Banco do Brasil) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation) Toolbar: HKLM - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1442345516&z=4c7dcdb195144825cd24ee8gcz3z3o7c1z3w8cbw9z&from=smt&uid=SAMSUNGXHD250HJ_S19GJ50Q754691 FireFox: ======== FF ProfilePath: C:\Users\SUPORTE1\AppData\Roaming\Mozilla\Firefox\Profiles\rvc55881.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] () FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1916607779-595488778-416714765-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\SUPORTE1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\SUPORTE1\AppData\Roaming\Mozilla\Firefox\Profiles\rvc55881.default\extensions\defsearchp@gmail.com => não encontrado (a) FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\SUPORTE1\AppData\Roaming\Mozilla\Firefox\Profiles\rvc55881.default\extensions\deskCutv2@gmail.com => não encontrado (a) FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-03-17] [não assinado] FF HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-01-27] FF HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-1916607779-595488778-416714765-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\SUPORTE1\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\SUPORTE1\AppData\Roaming\IDM\idmmzcc5 [2016-06-22] [não assinado] FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2016-05-27] Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.com.br/" CHR Profile: C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-16] CHR Extension: (Google Docs) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-16] CHR Extension: (Google Drive) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google Search) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Planilhas do Google) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-16] CHR Extension: (Documentos Google off-line) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04] CHR Extension: (Gmail) - C:\Users\SUPORTE1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-16] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-02-11] CHR HKU\S-1-5-21-1916607779-595488778-416714765-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 Change Modem Device Service; C:\Windows\System32\ChgService.exe [135168 2013-06-21] () [Arquivo não assinado] R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [308224 2009-07-13] (Microsoft Corporation) R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [593120 2015-11-04] (GAS Tecnologia) R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-13] (Microsoft Corporation) R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC) R2 MsDtsServer; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [199384 2005-10-14] (Microsoft Corporation) R2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [214880 2010-04-03] (Microsoft Corporation) S2 msftesql$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [92880 2005-08-26] (Microsoft Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation) R2 MSOLAP$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe [14557912 2005-10-14] (Microsoft Corporation) R2 MSOLAP$SQL2008; C:\Program Files\Microsoft SQL Server\MSAS10_50.SQL2008\OLAP\bin\msmdsrv.exe [25768800 2010-04-03] (Microsoft Corporation) S2 MSSQL$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [28768528 2005-10-14] (Microsoft Corporation) R2 MSSQL$SQL2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\sqlservr.exe [42884448 2010-04-03] (Microsoft Corporation) R3 MSSQLFDLauncher$SQL2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\fdlauncher.exe [28512 2010-04-03] (Microsoft Corporation) S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation) S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation) S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3201024 2008-07-29] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation) R2 nlsX86cc; C:\Windows\system32\nlssrv32.exe [66560 2010-11-22] (Nalpeiron Ltd.) [Arquivo não assinado] S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2220768 2016-01-15] (pdfforge GmbH) S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [970464 2016-01-15] (pdfforge GmbH) R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [772832 2016-01-15] (pdfforge GmbH) R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.) R2 PST Service; C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado] R2 ReportServer$SQL2008; C:\Program Files\Microsoft SQL Server\MSRS10_50.SQL2008\Reporting Services\ReportServer\bin\ReportingServicesService.exe [1177952 2010-04-03] (Microsoft Corporation) S2 SQLAgent$SQL2005; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [318680 2005-10-14] (Microsoft Corporation) R2 SQLAgent$SQL2008; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL2008\MSSQL\Binn\SQLAGENT.EXE [367456 2010-04-03] (Microsoft Corporation) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.) R2 Syslogon; C:\Windows\system32\1052\lsass.exe [617104 2014-10-10] () R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH) R2 Update service; C:\Program Files\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [Arquivo não assinado] S3 wampmysqld; C:\wamp\bin\mysql\mysql5.7.9\bin\mysqld.exe [34368000 2015-10-12] () [Arquivo não assinado] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) S3 awUSB; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-07-17] (Scott) R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.) S3 BULKUSB; C:\Windows\System32\Drivers\BULKUSB.sys [23000 2011-09-26] (Windows (R) Win 7 DDK provider) S3 cmntnet; C:\Windows\System32\DRIVERS\cmntnet.sys [120320 2013-06-21] (Wireless Data Device) [Arquivo não assinado] R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-12-12] (Disc Soft Ltd) S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [80736 2016-03-16] (FTDI Ltd.) R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg32.sys [25848 2016-06-22] (GAS Tecnologia) R0 GbpKm; C:\Windows\System32\drivers\GbpKm.sys [49496 2015-11-04] (GAS Tecnologia) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2014-12-15] (REALiX(tm)) R2 inpout32; C:\Windows\System32\Drivers\inpout32.sys [11936 2016-01-26] (Highresolution Enterprises [www.highrez.co.uk]) S3 MonitorFunction; C:\Windows\System32\DRIVERS\TVMonitor.sys [13304 2014-06-06] (TeamViewer GmbH) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation) R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2016-04-04] (GAS Tecnologia) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [15688 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] () S4 RsFx0150; C:\Windows\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2014-02-03] (Power Software Ltd) S3 andnetadb; System32\Drivers\lgandnetadb.sys [X] S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X] S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X] S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X] S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X] S3 cmnuusbser; system32\DRIVERS\cmnuusbser.sys [X] S3 dcdbas; system32\DRIVERS\dcdbas32.sys [X] S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X] S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X] S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-06-22 10:07 - 2016-06-22 10:26 - 00000000 ____D C:\FRST 2016-06-22 10:04 - 2016-06-22 10:04 - 00001425 _____ C:\Users\Public\Desktop\Wampserver.lnk 2016-06-22 10:04 - 2016-06-22 10:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver 2016-06-22 10:01 - 2016-06-22 10:02 - 00000000 ____D C:\wamp 2016-06-22 09:25 - 2016-06-22 09:25 - 00000000 ____D C:\Users\SUPORTE1\Documents\PcSetup 2016-06-22 09:05 - 2016-04-18 15:00 - 00023232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2016-06-22 09:04 - 2016-06-22 09:04 - 00013248 _____ C:\Users\SUPORTE1\Downloads\api-ms-win-crt-runtime-l1-1-0.zip 2016-06-22 08:49 - 2015-06-23 15:00 - 00084816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll 2016-06-22 08:43 - 2016-06-22 08:43 - 00048208 _____ C:\Users\SUPORTE1\Downloads\vcruntime140.zip 2016-06-22 08:42 - 2016-06-22 08:43 - 03781536 _____ (DLL-Files.com Client ) C:\Users\SUPORTE1\Downloads\clientsetup_zip-0.exe 2016-06-22 08:31 - 2016-06-22 08:31 - 06554576 _____ (Microsoft Corporation) C:\Users\SUPORTE1\Downloads\vcredist_x86.exe 2016-06-22 08:31 - 2016-06-22 08:31 - 01453976 _____ (Microsoft Corporation) C:\Users\SUPORTE1\Downloads\vcredist_arm.exe 2016-06-20 16:35 - 2016-06-20 16:35 - 00016502 _____ C:\Users\SUPORTE1\Downloads\Novas Histórias - Ao Vivo - 2016 (MP3 - 320)-5572.torrent 2016-06-20 16:32 - 2016-06-20 16:33 - 00013332 _____ C:\Users\SUPORTE1\Downloads\Como. Sempre Feito. Nunca - 2016 (MP3 - 320)-15541.torrent 2016-06-20 16:01 - 2016-06-20 16:01 - 00000000 ____D C:\Users\SUPORTE1\AppData\LocalLow\uTorrent 2016-06-20 11:16 - 2016-06-20 11:17 - 70913045 _____ C:\Users\SUPORTE1\Downloads\SAC2007_backup_2016_06_20_091504_3301354.rar 2016-06-16 10:22 - 2016-06-16 10:22 - 65275983 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2002_-_Vol.08-_Ao_vivo_&_Inéditas.rar 2016-06-16 10:18 - 2016-06-16 10:18 - 63859647 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2002_-_Vol.09-_Amor_da_minha_vida.rar 2016-06-16 09:33 - 2016-06-16 09:33 - 50176833 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2003_-_Vol.10-_Agente_se_vê_lá.rar 2016-06-16 09:24 - 2016-06-16 09:25 - 55664292 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2004_-_Vol.11-_Hoje_a_Noite.rar 2016-06-16 09:21 - 2016-06-16 09:21 - 56426481 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2006_-_Vol.14-_Dois_amores_duas_Paixões.rar 2016-06-16 09:19 - 2016-06-16 09:20 - 68877187 _____ C:\Users\SUPORTE1\Downloads\Calcinha_Preta_-_2005_-_Vol.13-_Mágica_-_Ao_vivo_em_Belém_do_Pará.rar 2016-06-13 10:50 - 2016-06-13 10:51 - 10099075 _____ (Isokron ) C:\Users\SUPORTE1\Downloads\setup-2016-03-01.exe 2016-06-11 09:56 - 2016-06-11 09:56 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-06-11 09:56 - 2016-06-11 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-06-11 09:56 - 2016-06-11 09:56 - 00000000 ____D C:\Program Files\iTunes 2016-06-11 09:56 - 2016-06-11 09:56 - 00000000 ____D C:\Program Files\iPod 2016-06-11 09:11 - 2016-06-11 09:16 - 54350789 _____ C:\Users\SUPORTE1\Downloads\GH&R - OU.COM.O.CORA.2016 - www.sistemasertanejo.com.rar 2016-06-11 08:49 - 2016-06-11 08:50 - 08634827 _____ C:\Users\SUPORTE1\Downloads\B&M - MUS.NOV.2016 - www.sistemasertanejo.com.rar 2016-06-08 15:15 - 2015-02-25 21:46 - 06886912 _____ C:\Users\SUPORTE1\Desktop\TASKREPORT.EXE 2016-05-31 14:51 - 2016-06-01 11:59 - 00000000 ____D C:\Program Files\NetBeans 8.1 2016-05-30 14:42 - 2016-05-30 14:44 - 00000000 ____D C:\Users\Todos os Usuários\Dell 2016-05-30 14:42 - 2016-05-30 14:44 - 00000000 ____D C:\ProgramData\Dell 2016-05-28 09:55 - 2016-05-28 09:55 - 00002657 _____ C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2016-05-28 09:54 - 2016-06-22 08:59 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\uTorrent 2016-05-25 14:54 - 2016-06-22 10:07 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\IDM 2016-05-25 14:54 - 2016-06-21 11:17 - 00000000 ____D C:\Users\SUPORTE1\Downloads\Compressed 2016-05-25 14:54 - 2016-05-25 15:13 - 00000000 ____D C:\Program Files\Internet Download Manager 2016-05-25 14:54 - 2016-05-25 14:54 - 00000979 _____ C:\Users\SUPORTE1\Desktop\Internet Download Manager.lnk 2016-05-25 14:54 - 2016-05-25 14:54 - 00000000 ____D C:\Users\SUPORTE1\Downloads\Video 2016-05-25 14:54 - 2016-05-25 14:54 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2016-05-25 14:54 - 2016-05-25 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager 2016-05-23 08:52 - 2016-06-22 09:52 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-05-19 15:47 - 2014-06-09 18:53 - 00290816 _____ (HcSoftware Informática) C:\Windows\system32\HCGRID4.OCX 2016-05-17 11:44 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\system32\fmcodec.DLL 2016-05-14 11:45 - 2016-05-14 11:45 - 00461766 _____ C:\Users\SUPORTE1\Documents\Tropa Special Silver Haras Bosucesso.XtoDVD 2016-05-13 17:36 - 2015-10-26 12:14 - 00000000 ____D C:\Users\SUPORTE1\Desktop\CCleaner PRO- Business-Technician 5.11.5408 FINAL + Crack 2016-05-13 17:33 - 2016-05-13 17:34 - 00000000 ____D C:\Program Files\CCleaner 2016-05-13 17:33 - 2016-05-13 17:33 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-05-13 17:33 - 2016-05-13 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-05-11 09:03 - 2016-05-11 09:03 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1ab7d1cf13c54.job 2016-05-09 16:59 - 2016-05-09 16:57 - 00004211 _____ C:\Users\SUPORTE1\Desktop\SPED_FISCAL_movimento_04_2016_MARMORARIAPEDRAAZULLTDA.txt 2016-05-07 11:24 - 2016-05-23 08:16 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\minergate 2016-05-06 15:32 - 2016-05-24 13:24 - 04950077 _____ (InfoSystem ) C:\Users\SUPORTE1\Desktop\Instalador NFe-NFCe InfoSystem.exe 2016-05-05 09:32 - 2016-05-05 09:32 - 00006302 _____ C:\Users\SUPORTE1\Desktop\lmfc.txt 2016-05-03 09:15 - 2016-05-03 09:19 - 00000000 ____D C:\Users\SUPORTE1\Desktop\j1 2016-04-27 12:30 - 2016-04-27 12:30 - 00000000 ____D C:\Program Files\DIFX 2016-04-27 12:28 - 2016-04-27 12:34 - 00000000 ____D C:\DarumaFramework 2016-04-27 12:28 - 2016-04-27 12:28 - 00000000 ____D C:\Daruma_Logs 2016-04-27 12:28 - 2016-03-16 16:33 - 00265056 _____ (FTDI Ltd.) C:\Windows\system32\ftd2xx.dll 2016-04-27 12:28 - 2016-03-16 16:33 - 00246624 _____ (FTDI Ltd.) C:\Windows\system32\FTLang.dll 2016-04-27 12:28 - 2016-03-16 16:33 - 00054624 _____ (FTDI Ltd.) C:\Windows\system32\ftserui2.dll 2016-04-27 12:28 - 2016-03-16 16:32 - 00147296 _____ (FTDI Ltd.) C:\Windows\system32\ftbusui.dll 2016-04-27 12:28 - 2016-03-16 16:32 - 00080736 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftdibus.sys 2016-04-27 12:28 - 2016-03-16 16:32 - 00074080 _____ (FTDI Ltd.) C:\Windows\system32\Drivers\ftser2k.sys 2016-04-27 12:28 - 2016-03-16 16:32 - 00069984 _____ (FTDI Ltd.) C:\Windows\system32\ftcserco.dll 2016-04-26 14:38 - 2016-04-26 14:38 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi 2016-04-23 11:46 - 2016-04-23 11:46 - 00430162 _____ C:\Users\SUPORTE1\Documents\Parque Evanio Higinio Disputa Aspirante.XtoDVD 2016-04-22 14:37 - 2016-04-22 14:37 - 00000000 ____D C:\Users\Todos os Usuários\vsosdk 2016-04-22 14:37 - 2016-04-22 14:37 - 00000000 ____D C:\ProgramData\vsosdk 2016-04-22 13:08 - 2016-06-22 09:25 - 00087608 _____ C:\Users\SUPORTE1\AppData\Roaming\inst.exe 2016-04-22 13:08 - 2016-06-22 09:25 - 00047360 _____ (VSO Software) C:\Users\SUPORTE1\AppData\Roaming\pcouffin.sys 2016-04-22 13:08 - 2016-06-22 09:25 - 00007887 _____ C:\Users\SUPORTE1\AppData\Roaming\pcouffin.cat 2016-04-22 13:08 - 2016-06-22 09:25 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Vso 2016-04-22 13:07 - 2016-06-22 09:25 - 00000000 ____D C:\Program Files\VSO 2016-04-22 13:07 - 2016-06-22 08:59 - 00000000 ____D C:\Users\Todos os Usuários\VSO 2016-04-22 13:07 - 2016-06-22 08:59 - 00000000 ____D C:\ProgramData\VSO 2016-04-22 13:05 - 2016-04-22 13:05 - 00000000 ____D C:\Users\SUPORTE1\Desktop\x6 2016-04-20 14:33 - 2016-05-17 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2016-04-20 14:32 - 2016-04-20 14:32 - 00000000 ____D C:\Program Files\DsNET Corp 2016-04-20 08:12 - 2016-04-20 08:12 - 00000000 ____D C:\Program Files\Common Files\Java 2016-04-18 09:38 - 2016-04-18 09:38 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2016-04-18 09:24 - 2016-01-08 05:51 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2016-04-18 09:24 - 2016-01-08 05:51 - 00581192 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2016-04-18 09:24 - 2016-01-08 05:51 - 00191200 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2016-04-18 09:24 - 2016-01-08 05:51 - 00099296 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2016-04-13 11:03 - 2016-04-13 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2016-04-12 13:47 - 2016-04-12 13:47 - 00000000 ____D C:\nfe 2016-04-12 12:04 - 2016-04-12 12:04 - 00001854 _____ C:\Users\SUPORTE1\Desktop\NFe17160406049499000108550010000022401582254820.xml 2016-04-11 09:04 - 2016-04-15 08:30 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Apple Computer 2016-04-11 09:04 - 2016-04-13 11:03 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\Apple Computer 2016-04-11 09:02 - 2016-04-11 09:02 - 00000000 ____D C:\Users\Todos os Usuários\Apple Computer 2016-04-11 09:02 - 2016-04-11 09:02 - 00000000 ____D C:\ProgramData\Apple Computer 2016-04-11 09:00 - 2016-04-11 09:00 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-04-11 09:00 - 2016-04-11 09:00 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\Apple 2016-04-11 09:00 - 2016-04-11 09:00 - 00000000 ____D C:\Program Files\Apple Software Update 2016-04-11 08:58 - 2016-04-11 08:58 - 00000000 ____D C:\Program Files\Bonjour 2016-04-11 08:57 - 2016-06-11 09:56 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-04-11 08:57 - 2016-04-11 09:00 - 00000000 ____D C:\Users\Todos os Usuários\Apple 2016-04-11 08:57 - 2016-04-11 09:00 - 00000000 ____D C:\ProgramData\Apple 2016-04-08 16:20 - 2016-04-09 08:51 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-04-08 15:59 - 2016-04-08 15:59 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\Steam 2016-04-08 15:05 - 2016-04-08 15:05 - 00000000 ____D C:\Program Files\Common Files\Steam 2016-04-05 16:02 - 2016-04-05 16:02 - 00000000 ____D C:\kodi tv 2016-04-05 15:59 - 2016-06-13 10:18 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Kodi 2016-04-05 15:35 - 2016-04-05 15:35 - 00366710 _____ C:\Users\SUPORTE1\Desktop\plugin.video.playlistLoader-1.0.6.zip 2016-04-04 17:55 - 2016-06-22 09:57 - 00025848 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg32.sys 2016-04-04 17:55 - 2016-04-04 17:55 - 00029400 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpndisrdn.sys 2016-04-04 17:54 - 2016-05-24 08:03 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin 2016-04-04 17:54 - 2016-05-24 08:03 - 00000000 ____D C:\ProgramData\GbPlugin 2016-04-04 17:54 - 2016-04-06 08:01 - 00000000 ____D C:\Program Files\GbPlugin 2016-04-04 17:54 - 2016-04-04 17:54 - 00000000 ____D C:\Users\Todos os Usuários\GAS Tecnologia 2016-04-04 17:54 - 2016-04-04 17:54 - 00000000 ____D C:\ProgramData\GAS Tecnologia 2016-04-04 17:54 - 2015-11-04 09:09 - 00049496 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpkm.sys 2016-04-04 17:52 - 2016-04-04 17:55 - 00000000 ____D C:\Users\Todos os Usuários\Temp 2016-04-04 17:52 - 2016-04-04 17:55 - 00000000 ____D C:\ProgramData\Temp 2016-03-31 17:22 - 2016-03-31 17:22 - 00000037 _____ C:\Users\SUPORTE1\Desktop\backup lins.txt 2016-03-31 11:55 - 2016-03-31 11:55 - 00758914 _____ C:\Users\SUPORTE1\Desktop\joray.pdf 2016-03-30 18:09 - 2016-03-30 18:09 - 16679537 _____ C:\Users\SUPORTE1\Desktop\espelho mdf 2015.txt ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-06-22 10:02 - 2014-04-14 16:08 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-22 10:01 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-06-22 10:01 - 2009-07-14 01:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-06-22 09:55 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\system32\inetsrv 2016-06-22 09:53 - 2016-01-14 18:00 - 00000000 ____D C:\Temp 2016-06-22 09:53 - 2014-04-14 16:08 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-22 09:53 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-22 09:50 - 2015-09-15 17:01 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\DMCache 2016-06-22 09:37 - 2014-12-13 09:47 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-06-22 09:29 - 2014-12-22 11:55 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-06-22 08:59 - 2014-04-15 10:57 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\DAEMON Tools Lite 2016-06-22 08:59 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf 2016-06-22 08:36 - 2014-04-22 16:50 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache 2016-06-22 08:36 - 2014-04-22 16:50 - 00000000 ____D C:\ProgramData\Package Cache 2016-06-20 17:23 - 2014-04-14 16:01 - 02388626 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-20 17:23 - 2009-07-29 15:46 - 00976126 _____ C:\Windows\system32\prfh0416.dat 2016-06-20 17:23 - 2009-07-29 15:46 - 00249182 _____ C:\Windows\system32\prfc0416.dat 2016-06-20 17:01 - 2016-02-26 14:04 - 00000000 ___SD C:\Users\SUPORTE1\AppData\LocalLow\Temp 2016-06-20 15:04 - 2014-04-14 17:57 - 00000000 ____D C:\Users\SUPORTE1\Documents\SQL Server Management Studio 2016-06-18 08:10 - 2014-04-14 16:10 - 00002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-18 08:10 - 2014-04-14 16:10 - 00002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-06-17 10:37 - 2014-12-13 09:47 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-06-17 10:37 - 2014-12-13 09:47 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-06-17 08:00 - 2016-03-17 16:50 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\PDFCreator 2016-06-15 17:40 - 2014-04-14 16:22 - 00400040 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-06-10 10:55 - 2014-09-16 14:17 - 00000000 ____D C:\nfe-app 2016-06-08 16:50 - 2014-09-16 16:38 - 00002122 ____H C:\Users\SUPORTE1\Documents\Default.rdp 2016-06-07 13:27 - 2014-07-02 09:48 - 00123956 _____ C:\Windows\system32\SNFE.TLB 2016-06-07 12:34 - 2014-11-10 14:23 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\ElevatedDiagnostics 2016-06-02 08:17 - 2015-05-14 09:11 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-06-02 08:15 - 2014-04-14 15:57 - 00000000 ____D C:\Users\SUPORTE1\AppData\Local\VirtualStore 2016-06-01 17:27 - 2015-06-29 16:56 - 00000412 _____ C:\Windows\Tasks\DriverEasy Scheduled Scan.job 2016-06-01 13:53 - 2014-09-01 16:15 - 00000000 ____D C:\Users\SUPORTE1\.nbi 2016-06-01 11:58 - 2015-08-27 11:10 - 00000000 ____D C:\Users\SUPORTE1\.oracle_jre_usage 2016-05-31 14:29 - 2015-09-30 14:13 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\Samsung 2016-05-31 14:29 - 2015-09-30 14:05 - 00000000 ____D C:\Program Files\Samsung 2016-05-31 14:29 - 2014-04-15 08:29 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-05-28 12:02 - 2015-10-09 17:36 - 00000000 ____D C:\Users\SUPORTE1\AppData\Roaming\BitComet ==================== Arquivos na raiz de alguns diretórios ======= 2016-04-22 13:08 - 2016-06-22 09:25 - 0087608 _____ () C:\Users\SUPORTE1\AppData\Roaming\inst.exe 2016-04-22 13:08 - 2016-06-22 09:25 - 0007887 _____ () C:\Users\SUPORTE1\AppData\Roaming\pcouffin.cat 2016-04-22 13:08 - 2016-06-22 09:25 - 0001144 _____ () C:\Users\SUPORTE1\AppData\Roaming\pcouffin.inf 2016-04-22 13:08 - 2016-06-22 09:25 - 0000055 _____ () C:\Users\SUPORTE1\AppData\Roaming\pcouffin.log 2016-04-22 13:08 - 2016-06-22 09:25 - 0047360 _____ (VSO Software) C:\Users\SUPORTE1\AppData\Roaming\pcouffin.sys 2014-10-10 17:47 - 2014-10-10 17:47 - 4194358 ____H () C:\ProgramData\bf4ppp.bmp 2014-04-15 08:35 - 2014-04-15 08:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-10-10 17:47 - 2014-10-10 17:47 - 0000326 ____H () C:\ProgramData\gwp2.sys 2015-09-15 16:33 - 2015-09-15 16:33 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Arquivos para serem movidos ou deletados: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\Windows\explorer.exe => O arquivo é assinado digitalmente C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente C:\Windows\system32\services.exe => O arquivo é assinado digitalmente C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-06-17 08:20 ==================== Fim de FRST.txt ============================