Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 08-03-2017
Executado por P.Premium (administrador) em PPREMIUM-PC (09-03-2017 23:38:29)
Executando a partir de C:\Users\P.Premium\Downloads
Perfis Carregados: P.Premium (Perfis Disponíveis: P.Premium)
Platform: Windows 7 Home Basic (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(SA International) C:\Windows\SysWOW64\SAiAdmin.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SA International) C:\Windows\SysWOW64\SAiDownloaderVista.exe
(SA International) C:\Windows\SysWOW64\SAiLicSvr.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(BitTorrent Inc.) C:\Users\P.Premium\AppData\Roaming\uTorrent\uTorrent.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(BitTorrent Inc.) C:\Users\P.Premium\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(BitTorrent Inc.) C:\Users\P.Premium\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\SignCut\SignCut.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9103976 2016-10-07] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-980230588-214663944-2045836079-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-980230588-214663944-2045836079-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-980230588-214663944-2045836079-1000\...\Run: [uTorrent] => C:\Users\P.Premium\AppData\Roaming\uTorrent\uTorrent.exe [2370560 2016-08-12] (BitTorrent Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-07] (AVAST Software)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{49B792BF-C335-4E69-899F-CCE8161511FA}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-980230588-214663944-2045836079-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKU\S-1-5-21-980230588-214663944-2045836079-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: w5pkhslm.default
FF ProfilePath: C:\Users\P.Premium\AppData\Roaming\Mozilla\Firefox\Profiles\w5pkhslm.default [2017-03-09]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default [2017-03-09]
CHR Extension: (Google Apresentações) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-12]
CHR Extension: (Google Docs) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-12]
CHR Extension: (Google Drive) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-12]
CHR Extension: (YouTube) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-12]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-02-22]
CHR Extension: (Avast SafePrice) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage [2016-11-15]
CHR Extension: (Planilhas do Google) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-12]
CHR Extension: (Documentos Google off-line) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-22]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-30]
CHR Extension: (Gmail) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-12]
CHR Extension: (Chrome Media Router) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-14]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-07] (AVAST Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 SAiAdmin; C:\Windows\SysWOW64\SAiAdmin.exe [65536 2011-10-12] (SA International) [Arquivo não assinado]
R2 SAiDownloaderVista; C:\Windows\SysWOW64\SAiDownloaderVista.exe [77824 2011-10-12] (SA International) [Arquivo não assinado]
R2 SAiLicSvr; C:\Windows\SysWOW64\SAiLicSvr.exe [86016 2017-03-09] (SA International) [Arquivo não assinado]
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-05-27] (SafeNet, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2016-08-12] (VIA Technologies, Inc.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-22] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-10-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-13] (AVAST Software)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2017-03-09] (GAS Tecnologia)
R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg64.sys [29816 2017-03-09] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-08-12] (REALiX(tm))
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-08-12] (Synaptics Incorporated)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2017-03-09] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-09 23:37 - 2017-03-09 23:37 - 00029860 _____ C:\Users\P.Premium\Downloads\Addition.txt
2017-03-09 23:36 - 2017-03-09 23:38 - 00012270 _____ C:\Users\P.Premium\Downloads\FRST.txt
2017-03-09 23:36 - 2017-03-09 23:38 - 00000000 ____D C:\FRST
2017-03-09 23:35 - 2017-03-09 23:36 - 02423808 _____ (Farbar) C:\Users\P.Premium\Downloads\FRST64.exe
2017-03-09 23:27 - 2017-03-09 23:27 - 00000000 ___HD C:\Users\Todos os Usuários\{B96EB44A-7860-4F13-BC9A-0A73CA5F11C2}
2017-03-09 23:27 - 2017-03-09 23:27 - 00000000 ___HD C:\ProgramData\{B96EB44A-7860-4F13-BC9A-0A73CA5F11C2}
2017-03-09 23:27 - 2017-03-09 23:27 - 00000000 ____D C:\Users\Todos os Usuários\Solvusoft
2017-03-09 23:27 - 2017-03-09 23:27 - 00000000 ____D C:\Users\P.Premium\AppData\Local\IIIQF
2017-03-09 23:27 - 2017-03-09 23:27 - 00000000 ____D C:\ProgramData\Solvusoft
2017-03-09 23:26 - 2017-03-09 23:27 - 08932000 _____ (Solvusoft Corporation ) C:\Users\P.Premium\Downloads\Setup_WinThruster_2016.exe
2017-03-09 23:20 - 2017-03-09 23:22 - 00000000 ____D C:\Program Files (x86)\SignCut
2017-03-09 23:20 - 2017-03-09 23:20 - 00000991 _____ C:\Users\Public\Desktop\SignCut.lnk
2017-03-09 23:20 - 2017-03-09 23:20 - 00000000 ____D C:\Users\P.Premium\AppData\Roaming\SignCut
2017-03-09 23:20 - 2017-03-09 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SignCut Productivity Pro 1
2017-03-09 23:17 - 2017-03-09 23:20 - 43431704 _____ C:\Users\P.Premium\Downloads\scpro.exe
2017-03-09 23:10 - 2017-03-09 23:10 - 06571461 _____ C:\Users\P.Premium\Downloads\Flexisign_Pro_7_keygen_by_FFF (1).zip
2017-03-09 23:09 - 2017-03-09 23:09 - 07903158 _____ C:\Users\P.Premium\Downloads\Flexisign_Pro_7_keygen_by_FFF.zip
2017-03-09 22:56 - 2017-03-09 22:57 - 00000000 ____D C:\Users\P.Premium\Desktop\FlexSign10
2017-03-09 22:53 - 2000-05-22 14:58 - 00244416 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MSFLXGRD.OCX
2017-03-09 22:52 - 2017-03-09 22:41 - 00086016 _____ (SA International) C:\Windows\SysWOW64\SAiLicSvr.exe
2017-03-09 22:22 - 2017-03-09 22:22 - 00000000 ____D C:\Users\P.Premium\Documents\Downloaded Installations
2017-03-09 22:18 - 2011-10-12 08:38 - 00077824 _____ (SA International) C:\Windows\SysWOW64\SAiDownloaderVista.exe
2017-03-09 22:18 - 2011-10-12 08:28 - 00065536 _____ (SA International) C:\Windows\SysWOW64\SAiAdmin.exe
2017-03-09 22:18 - 2004-05-04 08:53 - 01645320 ____N (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2017-03-09 22:15 - 2017-03-09 22:43 - 00000000 ____D C:\Program Files (x86)\SAi
2017-03-09 22:15 - 2017-03-09 22:04 - 00024576 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\HotFldr.dll
2017-03-09 22:15 - 2017-03-09 22:04 - 00015360 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\HotFldrUI.dll
2017-03-09 22:02 - 2015-04-16 13:54 - 00000994 _____ C:\Windows\system32\GC3LNG.INI
2017-03-09 22:02 - 2012-02-15 11:11 - 00000408 _____ C:\Windows\system32\GC3.PCD
2017-03-09 22:01 - 2017-03-09 22:02 - 00000000 ____D C:\Windows\SysWOW64\gcctemp
2017-03-09 22:01 - 2017-03-09 22:01 - 00000000 ____D C:\Windows\SysWOW64\driver
2017-03-09 22:01 - 2017-03-09 22:01 - 00000000 ____D C:\Users\Public\GCC
2017-03-09 22:01 - 2015-04-16 13:54 - 00000994 _____ C:\Windows\SysWOW64\GC3LNG.INI
2017-03-09 22:01 - 2015-03-02 13:29 - 00013144 _____ C:\Windows\SysWOW64\Gcrxlng64.ini
2017-03-09 22:01 - 2015-03-02 13:29 - 00013144 _____ C:\Windows\SysWOW64\Gcrxlng.ini
2017-03-09 22:01 - 2012-02-15 11:11 - 00000408 _____ C:\Windows\SysWOW64\GC6.PCD
2017-03-09 22:01 - 2012-02-15 10:11 - 00000384 _____ C:\Windows\SysWOW64\GC3.PCD
2017-03-09 22:01 - 2002-07-26 17:02 - 00153088 _____ C:\Program Files (x86)\UNWISE.EXE
2017-03-09 21:14 - 2017-03-09 21:14 - 00000348 _____ C:\Users\P.Premium\Desktop\gcc instalacao universal - Atalho.lnk
2017-03-07 12:39 - 2017-03-07 23:42 - 203460244 _____ C:\Users\P.Premium\Desktop\cardapio master mel.cdr
2017-03-07 12:39 - 2017-03-07 23:41 - 203494034 _____ C:\Users\P.Premium\Desktop\Backup_of_cardapio master mel.cdr
2017-03-06 18:56 - 2017-03-06 18:52 - 00003015 _____ C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk
2017-03-06 18:54 - 2017-03-06 18:54 - 00000000 ____D C:\Program Files\Common Files\Protexis
2017-03-06 18:52 - 2017-03-06 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2017-02-22 17:55 - 2017-02-22 17:55 - 00533866 _____ C:\Users\P.Premium\Downloads\reforco-matematica-em-radiciacao-atividade-5.pdf
2017-02-21 20:21 - 2017-03-02 14:03 - 00000000 ____D C:\Users\P.Premium\Desktop\RAIANE
2017-02-20 13:51 - 2017-02-20 13:51 - 00066963 _____ C:\Users\P.Premium\Downloads\DAS-PGMEI-07081618494584752.pdf
2017-01-14 20:07 - 2017-01-14 22:08 - 00000000 ____D C:\Users\P.Premium\Desktop\nayara
2017-01-14 19:58 - 2017-01-14 19:58 - 00000000 ____D C:\Users\P.Premium\Desktop\Nova pasta 1
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-09 23:35 - 2016-08-12 23:34 - 00000000 ____D C:\Users\P.Premium\AppData\Roaming\uTorrent
2017-03-09 23:32 - 2009-07-14 01:45 - 00014592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-09 23:32 - 2009-07-14 01:45 - 00014592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-09 23:31 - 2009-07-29 12:39 - 00708172 _____ C:\Windows\system32\prfh0416.dat
2017-03-09 23:31 - 2009-07-29 12:39 - 00147952 _____ C:\Windows\system32\prfc0416.dat
2017-03-09 23:31 - 2009-07-14 02:13 - 01641362 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-09 23:31 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-03-09 23:25 - 2016-08-22 14:43 - 00000000 ____D C:\Users\P.Premium\AppData\LocalLow\uTorrent
2017-03-09 23:25 - 2016-08-13 17:37 - 00029816 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg64.sys
2017-03-09 23:24 - 2016-08-13 17:39 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2017-03-09 23:24 - 2016-08-13 17:37 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2017-03-09 23:24 - 2016-08-13 17:37 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-03-09 23:24 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-09 23:21 - 2016-08-12 12:18 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-03-09 23:21 - 2016-08-12 12:18 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-09 23:09 - 2016-08-12 11:24 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-09 22:58 - 2016-08-12 12:23 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-09 22:53 - 2016-08-13 09:42 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-03-09 19:12 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-06 19:01 - 2016-08-12 14:26 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7 x64
2017-03-06 19:01 - 2016-08-12 14:26 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2017-03-06 18:51 - 2016-08-13 10:01 - 00000000 ____D C:\Program Files\Corel
2017-02-26 09:45 - 2016-09-06 19:14 - 00000000 ____D C:\Users\P.Premium\AppData\Local\ElevatedDiagnostics
2017-02-14 23:32 - 2016-11-27 03:48 - 00000000 ____D C:\Users\P.Premium\AppData\LocalLow\Mozilla
2017-02-14 23:31 - 2016-11-19 16:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Arquivos na raiz de alguns diretórios =======
2017-03-09 22:01 - 2017-03-09 22:01 - 0013591 _____ () C:\Program Files (x86)\INSTALL.LOG
2017-03-09 22:01 - 2002-07-26 17:02 - 0153088 _____ () C:\Program Files (x86)\UNWISE.EXE
2016-08-17 18:33 - 2016-08-17 18:36 - 0000132 _____ () C:\Users\P.Premium\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-08-12 20:43 - 2016-08-12 20:48 - 0000132 _____ () C:\Users\P.Premium\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2016-10-29 03:42 - 2016-10-29 03:42 - 0000000 _____ () C:\Users\P.Premium\AppData\Local\{B4C175D3-7E33-47B4-AA87-4EAC392B3D8C}
2016-09-11 12:40 - 2016-09-11 12:40 - 0000000 _____ () C:\Users\P.Premium\AppData\Local\{C7BB31BD-2352-4A6E-AACE-9DDE200CE459}
Alguns arquivos em TEMP:
====================
2016-12-26 21:59 - 2016-12-26 22:24 - 0000000 _____ () C:\Users\P.Premium\AppData\Local\Temp\{02A18779-DB67-472E-AC7E-AD48F1744F08}-55.0.2883.87_54.0.2840.99_chrome_updater.exe
2016-11-03 08:07 - 2016-11-03 08:07 - 0000000 _____ () C:\Users\P.Premium\AppData\Local\Temp\{8FAD700A-E246-4A65-B60B-BDD38D60F876}-54.0.2840.71_chrome_installer.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-03-09 20:06
==================== Fim de FRST.txt ============================
Executado por P.Premium (administrador) em PPREMIUM-PC (09-03-2017 23:38:29)
Executando a partir de C:\Users\P.Premium\Downloads
Perfis Carregados: P.Premium (Perfis Disponíveis: P.Premium)
Platform: Windows 7 Home Basic (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(SA International) C:\Windows\SysWOW64\SAiAdmin.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SA International) C:\Windows\SysWOW64\SAiDownloaderVista.exe
(SA International) C:\Windows\SysWOW64\SAiLicSvr.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(BitTorrent Inc.) C:\Users\P.Premium\AppData\Roaming\uTorrent\uTorrent.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(BitTorrent Inc.) C:\Users\P.Premium\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(BitTorrent Inc.) C:\Users\P.Premium\AppData\Roaming\uTorrent\updates\3.4.8_42449\utorrentie.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\SignCut\SignCut.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9103976 2016-10-07] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-980230588-214663944-2045836079-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-980230588-214663944-2045836079-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-980230588-214663944-2045836079-1000\...\Run: [uTorrent] => C:\Users\P.Premium\AppData\Roaming\uTorrent\uTorrent.exe [2370560 2016-08-12] (BitTorrent Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-07] (AVAST Software)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{49B792BF-C335-4E69-899F-CCE8161511FA}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-980230588-214663944-2045836079-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKU\S-1-5-21-980230588-214663944-2045836079-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: w5pkhslm.default
FF ProfilePath: C:\Users\P.Premium\AppData\Roaming\Mozilla\Firefox\Profiles\w5pkhslm.default [2017-03-09]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-26] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default [2017-03-09]
CHR Extension: (Google Apresentações) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-12]
CHR Extension: (Google Docs) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-12]
CHR Extension: (Google Drive) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-12]
CHR Extension: (YouTube) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-12]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-02-22]
CHR Extension: (Avast SafePrice) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage [2016-11-15]
CHR Extension: (Planilhas do Google) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-12]
CHR Extension: (Documentos Google off-line) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-22]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-30]
CHR Extension: (Gmail) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-12]
CHR Extension: (Chrome Media Router) - C:\Users\P.Premium\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-14]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-07] (AVAST Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 SAiAdmin; C:\Windows\SysWOW64\SAiAdmin.exe [65536 2011-10-12] (SA International) [Arquivo não assinado]
R2 SAiDownloaderVista; C:\Windows\SysWOW64\SAiDownloaderVista.exe [77824 2011-10-12] (SA International) [Arquivo não assinado]
R2 SAiLicSvr; C:\Windows\SysWOW64\SAiLicSvr.exe [86016 2017-03-09] (SA International) [Arquivo não assinado]
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-05-27] (SafeNet, Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2016-08-12] (VIA Technologies, Inc.)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-22] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-10-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-13] (AVAST Software)
R1 gbpddfac; C:\Windows\System32\drivers\gbpddfac64.sys [28888 2017-03-09] (GAS Tecnologia)
R0 gbpddreg; C:\Windows\System32\drivers\gbpddreg64.sys [29816 2017-03-09] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-08-12] (REALiX(tm))
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-08-12] (Synaptics Incorporated)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2017-03-09] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-09 23:37 - 2017-03-09 23:37 - 00029860 _____ C:\Users\P.Premium\Downloads\Addition.txt
2017-03-09 23:36 - 2017-03-09 23:38 - 00012270 _____ C:\Users\P.Premium\Downloads\FRST.txt
2017-03-09 23:36 - 2017-03-09 23:38 - 00000000 ____D C:\FRST
2017-03-09 23:35 - 2017-03-09 23:36 - 02423808 _____ (Farbar) C:\Users\P.Premium\Downloads\FRST64.exe
2017-03-09 23:27 - 2017-03-09 23:27 - 00000000 ___HD C:\Users\Todos os Usuários\{B96EB44A-7860-4F13-BC9A-0A73CA5F11C2}
2017-03-09 23:27 - 2017-03-09 23:27 - 00000000 ___HD C:\ProgramData\{B96EB44A-7860-4F13-BC9A-0A73CA5F11C2}
2017-03-09 23:27 - 2017-03-09 23:27 - 00000000 ____D C:\Users\Todos os Usuários\Solvusoft
2017-03-09 23:27 - 2017-03-09 23:27 - 00000000 ____D C:\Users\P.Premium\AppData\Local\IIIQF
2017-03-09 23:27 - 2017-03-09 23:27 - 00000000 ____D C:\ProgramData\Solvusoft
2017-03-09 23:26 - 2017-03-09 23:27 - 08932000 _____ (Solvusoft Corporation ) C:\Users\P.Premium\Downloads\Setup_WinThruster_2016.exe
2017-03-09 23:20 - 2017-03-09 23:22 - 00000000 ____D C:\Program Files (x86)\SignCut
2017-03-09 23:20 - 2017-03-09 23:20 - 00000991 _____ C:\Users\Public\Desktop\SignCut.lnk
2017-03-09 23:20 - 2017-03-09 23:20 - 00000000 ____D C:\Users\P.Premium\AppData\Roaming\SignCut
2017-03-09 23:20 - 2017-03-09 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SignCut Productivity Pro 1
2017-03-09 23:17 - 2017-03-09 23:20 - 43431704 _____ C:\Users\P.Premium\Downloads\scpro.exe
2017-03-09 23:10 - 2017-03-09 23:10 - 06571461 _____ C:\Users\P.Premium\Downloads\Flexisign_Pro_7_keygen_by_FFF (1).zip
2017-03-09 23:09 - 2017-03-09 23:09 - 07903158 _____ C:\Users\P.Premium\Downloads\Flexisign_Pro_7_keygen_by_FFF.zip
2017-03-09 22:56 - 2017-03-09 22:57 - 00000000 ____D C:\Users\P.Premium\Desktop\FlexSign10
2017-03-09 22:53 - 2000-05-22 14:58 - 00244416 ____N (Microsoft Corporation) C:\Windows\SysWOW64\MSFLXGRD.OCX
2017-03-09 22:52 - 2017-03-09 22:41 - 00086016 _____ (SA International) C:\Windows\SysWOW64\SAiLicSvr.exe
2017-03-09 22:22 - 2017-03-09 22:22 - 00000000 ____D C:\Users\P.Premium\Documents\Downloaded Installations
2017-03-09 22:18 - 2011-10-12 08:38 - 00077824 _____ (SA International) C:\Windows\SysWOW64\SAiDownloaderVista.exe
2017-03-09 22:18 - 2011-10-12 08:28 - 00065536 _____ (SA International) C:\Windows\SysWOW64\SAiAdmin.exe
2017-03-09 22:18 - 2004-05-04 08:53 - 01645320 ____N (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2017-03-09 22:15 - 2017-03-09 22:43 - 00000000 ____D C:\Program Files (x86)\SAi
2017-03-09 22:15 - 2017-03-09 22:04 - 00024576 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\HotFldr.dll
2017-03-09 22:15 - 2017-03-09 22:04 - 00015360 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\HotFldrUI.dll
2017-03-09 22:02 - 2015-04-16 13:54 - 00000994 _____ C:\Windows\system32\GC3LNG.INI
2017-03-09 22:02 - 2012-02-15 11:11 - 00000408 _____ C:\Windows\system32\GC3.PCD
2017-03-09 22:01 - 2017-03-09 22:02 - 00000000 ____D C:\Windows\SysWOW64\gcctemp
2017-03-09 22:01 - 2017-03-09 22:01 - 00000000 ____D C:\Windows\SysWOW64\driver
2017-03-09 22:01 - 2017-03-09 22:01 - 00000000 ____D C:\Users\Public\GCC
2017-03-09 22:01 - 2015-04-16 13:54 - 00000994 _____ C:\Windows\SysWOW64\GC3LNG.INI
2017-03-09 22:01 - 2015-03-02 13:29 - 00013144 _____ C:\Windows\SysWOW64\Gcrxlng64.ini
2017-03-09 22:01 - 2015-03-02 13:29 - 00013144 _____ C:\Windows\SysWOW64\Gcrxlng.ini
2017-03-09 22:01 - 2012-02-15 11:11 - 00000408 _____ C:\Windows\SysWOW64\GC6.PCD
2017-03-09 22:01 - 2012-02-15 10:11 - 00000384 _____ C:\Windows\SysWOW64\GC3.PCD
2017-03-09 22:01 - 2002-07-26 17:02 - 00153088 _____ C:\Program Files (x86)\UNWISE.EXE
2017-03-09 21:14 - 2017-03-09 21:14 - 00000348 _____ C:\Users\P.Premium\Desktop\gcc instalacao universal - Atalho.lnk
2017-03-07 12:39 - 2017-03-07 23:42 - 203460244 _____ C:\Users\P.Premium\Desktop\cardapio master mel.cdr
2017-03-07 12:39 - 2017-03-07 23:41 - 203494034 _____ C:\Users\P.Premium\Desktop\Backup_of_cardapio master mel.cdr
2017-03-06 18:56 - 2017-03-06 18:52 - 00003015 _____ C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk
2017-03-06 18:54 - 2017-03-06 18:54 - 00000000 ____D C:\Program Files\Common Files\Protexis
2017-03-06 18:52 - 2017-03-06 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2017-02-22 17:55 - 2017-02-22 17:55 - 00533866 _____ C:\Users\P.Premium\Downloads\reforco-matematica-em-radiciacao-atividade-5.pdf
2017-02-21 20:21 - 2017-03-02 14:03 - 00000000 ____D C:\Users\P.Premium\Desktop\RAIANE
2017-02-20 13:51 - 2017-02-20 13:51 - 00066963 _____ C:\Users\P.Premium\Downloads\DAS-PGMEI-07081618494584752.pdf
2017-01-14 20:07 - 2017-01-14 22:08 - 00000000 ____D C:\Users\P.Premium\Desktop\nayara
2017-01-14 19:58 - 2017-01-14 19:58 - 00000000 ____D C:\Users\P.Premium\Desktop\Nova pasta 1
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-03-09 23:35 - 2016-08-12 23:34 - 00000000 ____D C:\Users\P.Premium\AppData\Roaming\uTorrent
2017-03-09 23:32 - 2009-07-14 01:45 - 00014592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-09 23:32 - 2009-07-14 01:45 - 00014592 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-09 23:31 - 2009-07-29 12:39 - 00708172 _____ C:\Windows\system32\prfh0416.dat
2017-03-09 23:31 - 2009-07-29 12:39 - 00147952 _____ C:\Windows\system32\prfc0416.dat
2017-03-09 23:31 - 2009-07-14 02:13 - 01641362 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-09 23:31 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-03-09 23:25 - 2016-08-22 14:43 - 00000000 ____D C:\Users\P.Premium\AppData\LocalLow\uTorrent
2017-03-09 23:25 - 2016-08-13 17:37 - 00029816 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddreg64.sys
2017-03-09 23:24 - 2016-08-13 17:39 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2017-03-09 23:24 - 2016-08-13 17:37 - 00028888 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpddfac64.sys
2017-03-09 23:24 - 2016-08-13 17:37 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2017-03-09 23:24 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-09 23:21 - 2016-08-12 12:18 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-03-09 23:21 - 2016-08-12 12:18 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-09 23:09 - 2016-08-12 11:24 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-09 22:58 - 2016-08-12 12:23 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-09 22:53 - 2016-08-13 09:42 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2017-03-09 19:12 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2017-03-06 19:01 - 2016-08-12 14:26 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7 x64
2017-03-06 19:01 - 2016-08-12 14:26 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2017-03-06 18:51 - 2016-08-13 10:01 - 00000000 ____D C:\Program Files\Corel
2017-02-26 09:45 - 2016-09-06 19:14 - 00000000 ____D C:\Users\P.Premium\AppData\Local\ElevatedDiagnostics
2017-02-14 23:32 - 2016-11-27 03:48 - 00000000 ____D C:\Users\P.Premium\AppData\LocalLow\Mozilla
2017-02-14 23:31 - 2016-11-19 16:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Arquivos na raiz de alguns diretórios =======
2017-03-09 22:01 - 2017-03-09 22:01 - 0013591 _____ () C:\Program Files (x86)\INSTALL.LOG
2017-03-09 22:01 - 2002-07-26 17:02 - 0153088 _____ () C:\Program Files (x86)\UNWISE.EXE
2016-08-17 18:33 - 2016-08-17 18:36 - 0000132 _____ () C:\Users\P.Premium\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-08-12 20:43 - 2016-08-12 20:48 - 0000132 _____ () C:\Users\P.Premium\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2016-10-29 03:42 - 2016-10-29 03:42 - 0000000 _____ () C:\Users\P.Premium\AppData\Local\{B4C175D3-7E33-47B4-AA87-4EAC392B3D8C}
2016-09-11 12:40 - 2016-09-11 12:40 - 0000000 _____ () C:\Users\P.Premium\AppData\Local\{C7BB31BD-2352-4A6E-AACE-9DDE200CE459}
Alguns arquivos em TEMP:
====================
2016-12-26 21:59 - 2016-12-26 22:24 - 0000000 _____ () C:\Users\P.Premium\AppData\Local\Temp\{02A18779-DB67-472E-AC7E-AD48F1744F08}-55.0.2883.87_54.0.2840.99_chrome_updater.exe
2016-11-03 08:07 - 2016-11-03 08:07 - 0000000 _____ () C:\Users\P.Premium\AppData\Local\Temp\{8FAD700A-E246-4A65-B60B-BDD38D60F876}-54.0.2840.71_chrome_installer.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-03-09 20:06
==================== Fim de FRST.txt ============================