Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 15-06-2017 01
Executado por Ewerton (administrador) em EWERTON-PC (16-06-2017 23:50:36)
Executando a partir de C:\Users\Ewerton\Downloads
Perfis Carregados: Ewerton (Perfis Disponíveis: Ewerton & Dudu & Palu)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGGB.EXE
(BitTorrent Inc.) C:\Users\Ewerton\AppData\Roaming\uTorrent\uTorrent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILDE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILDE.EXE
(Spotify Ltd) C:\Users\Ewerton\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Ewerton\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Ewerton\AppData\Local\Akamai\netsession_win.exe
(Zbshareware Lab) C:\Program Files (x86)\USB Disk Security\USBGuard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(BitTorrent Inc.) C:\Users\Ewerton\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe
(BitTorrent Inc.) C:\Users\Ewerton\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Autodesk Inc.) C:\Users\Ewerton\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14030080 2015-06-25] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872720 2012-10-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3050224 2013-04-02] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-04-19] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [695528 2015-01-31] (Zbshareware Lab)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-06-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-04] (Autodesk Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2016-09-15] (Caixa Economica Federal)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [EPSON TX125 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGB.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [uTorrent] => C:\Users\Ewerton\AppData\Roaming\uTorrent\uTorrent.exe [1980608 2017-05-21] (BitTorrent Inc.)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [Spotify Web Helper] => C:\Users\Ewerton\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-06-11] (Spotify Ltd)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Ewerton\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\MountPoints2: {5388e20d-8a01-11e5-b414-bff16367f842} - H:\Autoplay.exe -auto
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\MountPoints2: {60c0c61b-c3a3-11e5-81e4-003018c3f634} - F:\Startme.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehcef.dll [1903328 2016-09-15] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 186.233.104.11 186.233.104.12
Tcpip\..\Interfaces\{4AB7FD4A-F877-4967-9272-41FBDC9575EB}: [DhcpNameServer] 186.233.104.11 186.233.104.12
Internet Explorer:
==================
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://linkzb.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll [2016-09-15] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: vg1ttgjq.default
FF ProfilePath: C:\Users\Ewerton\AppData\Roaming\Mozilla\Firefox\Profiles\vg1ttgjq.default [2017-06-16]
FF Homepage: Mozilla\Firefox\Profiles\vg1ttgjq.default -> hxxp://linkzb.com
FF Extension: (Avira Browser Safety) - C:\Users\Ewerton\AppData\Roaming\Mozilla\Firefox\Profiles\vg1ttgjq.default\Extensions\abs@avira.com [2015-11-13] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-16] ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-16] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2013-04-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2013-04-24] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2017-06-01] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\warsaw.cfg [2017-06-01] <==== ATENÇÃO
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> hxxps://www.google.com/
CHR StartupUrls: Profile 2 -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default [2017-05-14]
CHR Extension: (Google Apresentações) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-13]
CHR Extension: (Google Docs) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-13]
CHR Extension: (Google Drive) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-13]
CHR Extension: (YouTube) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]
CHR Extension: (Google Search) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (Adobe Acrobat) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-21]
CHR Extension: (Planilhas do Google) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-13]
CHR Extension: (Segurança do navegador Avira) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-14]
CHR Extension: (Documentos Google off-line) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-21]
CHR Extension: (Web Navigation) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja [2015-11-13] [UpdateUrl: hxxp://www.linkszb.com/addon/chrome/update.xml] <==== ATENÇÃO
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-21]
CHR Extension: (Gmail) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-13]
CHR Extension: (Chrome Media Router) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-14]
CHR Profile: C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-12-08]
CHR Extension: (Google Drive) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14]
CHR Extension: (YouTube) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-14]
CHR Extension: (Google Search) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (Segurança do navegador Avira) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-14]
CHR Extension: (Documentos Google off-line) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-14]
CHR Extension: (Northern Lights) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbnkklencjcmkepldaineciclcheaoef [2015-11-14]
CHR Extension: (Web Navigation) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkemddiljapcmhicklfpcbpfffahfbja [2015-11-14] [UpdateUrl: hxxp://www.linkszb.com/addon/chrome/update.xml] <==== ATENÇÃO
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-14]
CHR Extension: (Gmail) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-14]
CHR Profile: C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-06-16]
CHR Extension: (Google Drive) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Google Search) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Segurança do navegador Avira) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-08]
CHR Extension: (Documentos Google off-line) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Celestial Lights) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lbnkklencjcmkepldaineciclcheaoef [2016-06-13]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08]
CHR Extension: (Gmail) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]
CHR Extension: (Chrome Media Router) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lkemddiljapcmhicklfpcbpfffahfbja] - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx [2015-11-13]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-05-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-05-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-05-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-05-07] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [374352 2017-05-22] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-06-12] (Dropbox, Inc.)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [676336 2015-06-25] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-09-15] (GAS Tecnologia)
S3 mi-raysat_3dsmax2016_64; C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe [86016 2011-09-15] () [Arquivo não assinado]
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [Arquivo não assinado]
R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [1995208 2017-05-19] (Scopus Soluções em TI Ltda)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966288 2014-10-22] (@ByELDI) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-04-19] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176968 2017-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148104 2017-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-29] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-11-13] (Disc Soft Ltd)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-24] (Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-01-09] (Synaptics Incorporated)
S3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2017-06-16] (GAS Tecnologia)
R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [25184 2017-04-19] (GAS Tecnologia)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [25184 2017-04-19] (GAS Tecnologia)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-06-16 23:50 - 2017-06-16 23:51 - 00031762 _____ C:\Users\Ewerton\Downloads\FRST.txt
2017-06-16 23:50 - 2017-06-16 23:50 - 00000000 ____D C:\FRST
2017-06-16 23:49 - 2017-06-16 23:49 - 02438656 _____ (Farbar) C:\Users\Ewerton\Downloads\FRST64.exe
2017-06-16 23:38 - 2017-03-14 13:23 - 00023232 _____ (Microsoft Corporation) C:\Users\Ewerton\Downloads\api-ms-win-crt-runtime-l1-1-0.dll
2017-06-16 23:38 - 2016-10-12 09:12 - 00001983 _____ C:\Users\Ewerton\Downloads\README.txt
2017-06-16 23:37 - 2017-06-16 23:37 - 00013187 _____ C:\Users\Ewerton\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2017-06-16 23:30 - 2017-06-16 23:30 - 00904176 _____ C:\Users\Ewerton\Downloads\dllkit-setup.exe
2017-06-16 22:48 - 2017-06-16 22:48 - 01034556 _____ C:\Users\Ewerton\Downloads\Windows6.1-KB2999226-x64.msu
2017-06-16 22:29 - 2017-06-16 22:29 - 00000000 ___HD C:\OneDriveTemp
2017-06-16 20:45 - 2017-06-16 20:55 - 00000000 ____D C:\Windows\system32\MRT
2017-06-16 20:44 - 2017-06-16 20:44 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-16 18:36 - 2015-03-19 00:07 - 05503416 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-16 18:36 - 2015-03-18 23:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-06-16 18:36 - 2015-03-18 23:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-06-16 18:36 - 2013-03-19 02:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-06-16 18:36 - 2013-03-19 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-06-16 18:36 - 2013-03-19 00:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-06-16 18:36 - 2011-04-09 03:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-06-16 18:36 - 2011-04-09 02:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-06-16 18:35 - 2016-06-25 13:03 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2017-06-16 18:35 - 2014-09-14 21:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-06-16 18:25 - 2017-06-16 23:52 - 1604536672 _____ C:\Users\Ewerton\Downloads\Não confirmado 676780.crdownload
2017-06-16 18:12 - 2012-06-02 19:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-16 18:12 - 2012-06-02 19:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-06-16 18:12 - 2012-06-02 19:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-06-16 18:12 - 2012-06-02 19:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-06-16 18:11 - 2012-06-02 19:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-16 18:11 - 2012-06-02 19:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-06-16 18:11 - 2012-06-02 19:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-06-16 18:11 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-06-16 18:11 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-06-16 18:00 - 2017-06-16 18:00 - 00000000 ____D C:\Windows\CheckSur
2017-06-16 17:45 - 2017-06-16 17:46 - 14749120 _____ (Microsoft Corporation) C:\Users\Ewerton\Downloads\vc_redist.x64.exe
2017-06-16 17:41 - 2017-06-16 17:41 - 00001125 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk
2017-06-16 17:41 - 2017-06-16 17:41 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\DLL-files.com
2017-06-16 17:41 - 2017-06-16 17:41 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\DFXCT
2017-06-16 17:41 - 2017-06-16 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2017-06-16 17:41 - 2017-06-16 17:41 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2017-06-16 17:40 - 2017-06-16 17:40 - 02786824 _____ (DLL-Files.com Client ) C:\Users\Ewerton\Downloads\clientsetup_d-0.exe
2017-06-16 17:31 - 2017-06-16 17:34 - 78496904 _____ C:\Users\Ewerton\Downloads\WacomTablet_6.3.22-6.exe
2017-06-16 17:21 - 2017-06-16 17:21 - 00000000 ____D C:\Program Files\TabletPlugins
2017-06-16 17:21 - 2017-06-16 17:21 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2017-06-16 17:19 - 2017-06-16 23:45 - 00000000 ____D C:\Program Files\Tablet
2017-06-16 17:19 - 2017-05-31 14:38 - 02275784 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 02268616 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 02174408 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 02112456 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 01788360 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 01781704 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 01673160 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 01632712 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2017-06-16 17:06 - 2017-06-16 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-12 08:55 - 2017-06-12 08:55 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-06-12 08:52 - 2017-06-12 08:52 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-06-12 08:52 - 2017-06-12 08:52 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-06-12 08:52 - 2017-06-12 08:52 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-06-10 08:36 - 2017-06-10 08:36 - 00000000 ____D C:\Users\Dudu\Desktop\PEDRINHO PEGAÇÃO - PLAYBOY DO SOM - JUNHO 2017
2017-06-10 08:33 - 2017-06-10 08:33 - 00000000 ____D C:\Users\Dudu\Desktop\Wesley Safadão - 2017.3 Promocional
2017-06-10 08:32 - 2017-06-10 08:32 - 00000000 ____D C:\Users\Dudu\Desktop\MÁRCIA FELLIPE (CD PARALISOU)
2017-06-10 08:22 - 2017-06-10 08:35 - 168695756 _____ C:\Users\Dudu\Downloads\PEDRINHO PEGACAO - PLAYBOY DO SOM - JUNHO 2017.rar
2017-06-10 08:22 - 2017-06-10 08:30 - 71655762 _____ C:\Users\Dudu\Downloads\Wesley Safadao - 2017-3 Promocional.rar
2017-06-10 08:21 - 2017-06-10 08:31 - 89030178 _____ C:\Users\Dudu\Downloads\MARCIA FELLIPE CD PARALISOU.rar
2017-06-10 01:59 - 2017-06-10 02:19 - 564744309 _____ C:\Users\Ewerton\Downloads\Windows6.1-KB947821-v34-x64.msu
2017-06-09 22:51 - 2017-06-09 22:52 - 00000000 ____D C:\Users\Ewerton\Downloads\Power Rangers 2017 720P HDTS-x264-AAC-Zi$t-WWRG
2017-06-08 20:41 - 2017-06-08 20:41 - 00001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-06-08 20:41 - 2017-06-08 20:41 - 00001137 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-06-08 20:29 - 2017-06-08 20:29 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-06-04 19:56 - 2017-06-04 19:56 - 00000266 _____ C:\Users\Ewerton\Desktop\Quanto ganho.txt
2017-06-02 21:19 - 2017-06-03 22:07 - 00000000 ____D C:\Users\Ewerton\Desktop\Batizado dalva
2017-06-01 19:37 - 2017-06-16 22:27 - 00028376 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2017-06-01 19:37 - 2017-04-19 17:52 - 00025184 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddprm.sys
2017-06-01 19:37 - 2017-04-19 17:52 - 00025184 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2017-06-01 19:10 - 2017-06-16 22:27 - 00000000 ____D C:\Users\Ewerton\AppData\LocalLow\uTorrent
2017-05-27 21:39 - 2017-05-27 21:39 - 00000000 ____D C:\Users\Palu\Documents\Autodesk Application Manager
2017-05-27 21:38 - 2017-05-27 21:40 - 00000000 ____D C:\Users\Palu\AppData\Roaming\Adobe
2017-05-27 21:38 - 2017-05-27 21:38 - 00000000 ____D C:\Users\Palu\AppData\Roaming\Autodesk
2017-05-27 21:38 - 2017-05-27 21:38 - 00000000 ____D C:\Users\Palu\AppData\Local\CEF
2017-05-27 21:38 - 2017-05-27 21:38 - 00000000 ____D C:\Users\Palu\AppData\Local\Autodesk
2017-05-19 21:51 - 2017-05-19 21:51 - 00000000 ____D C:\Users\Todos os Usuários\scpbrad
2017-05-19 21:51 - 2017-05-19 21:51 - 00000000 ____D C:\ProgramData\scpbrad
2017-05-19 21:51 - 2017-05-19 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Componente de Segurança Bradesco
2017-05-19 21:51 - 2017-05-19 21:51 - 00000000 ____D C:\Program Files (x86)\scpbrad
2017-05-19 21:49 - 2017-05-19 21:50 - 08168888 _____ (Banco Bradesco S.A.) C:\Users\Ewerton\Downloads\scpbradinst.exe
2017-05-19 14:34 - 2017-05-19 14:34 - 00000262 _____ C:\Users\Ewerton\Downloads\Ben 10 Ivasão Alienígena DVD-R Ben 10 Extranet.txt
2017-05-18 22:34 - 2017-06-16 22:32 - 00000000 ___RD C:\Users\Ewerton\Creative Cloud Files
2017-05-18 21:46 - 2017-05-18 21:46 - 02119848 _____ (Adobe Systems Incorporated) C:\Users\Ewerton\Downloads\Adobe_Muse_Set-Up.exe
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-06-16 23:49 - 2015-11-20 18:52 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\uTorrent
2017-06-16 23:43 - 2016-03-05 15:43 - 00000913 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {C8120CE8-02C1-47BD-8B2A-FC29BA03F204}.job
2017-06-16 23:43 - 2016-03-05 15:43 - 00000727 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {C8120CE8-02C1-47BD-8B2A-FC29BA03F204}.job
2017-06-16 23:41 - 2016-01-13 21:50 - 00001022 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-06-16 23:41 - 2016-01-13 21:49 - 00001018 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-06-16 23:16 - 2016-03-05 16:16 - 00000913 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {D8B21285-53EC-4ACD-8072-6C3EA3CA899B}.job
2017-06-16 23:16 - 2016-03-05 16:16 - 00000727 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {D8B21285-53EC-4ACD-8072-6C3EA3CA899B}.job
2017-06-16 22:55 - 2016-06-26 22:33 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2017-06-16 22:55 - 2016-06-26 22:33 - 00000000 ____D C:\ProgramData\GbPlugin
2017-06-16 22:41 - 2009-07-14 01:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-16 22:41 - 2009-07-14 01:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-16 22:32 - 2015-11-13 12:46 - 00000000 ____D C:\Users\Ewerton\AppData\Local\Adobe
2017-06-16 22:31 - 2016-01-12 09:11 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\Skype
2017-06-16 22:29 - 2017-02-11 18:23 - 00000000 ___RD C:\Users\Ewerton\OneDrive
2017-06-16 22:26 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-16 22:08 - 2015-11-13 09:40 - 00126056 _____ C:\Users\Ewerton\AppData\Local\GDIPFONTCACHEV1.DAT
2017-06-16 22:04 - 2009-07-14 01:45 - 05130432 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-16 21:03 - 2015-11-13 09:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-06-16 21:03 - 2015-11-13 09:20 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2017-06-16 20:37 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-06-16 20:35 - 2009-07-13 23:34 - 00000478 _____ C:\Windows\win.ini
2017-06-16 18:58 - 2015-11-20 22:23 - 00000000 ____D C:\Users\Ewerton\AppData\Local\Spotify
2017-06-16 18:55 - 2015-11-20 22:21 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\Spotify
2017-06-16 17:39 - 2015-11-13 13:16 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-06-16 17:39 - 2015-11-13 13:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-16 17:10 - 2015-11-13 12:53 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-16 17:10 - 2015-11-13 12:53 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-16 17:10 - 2015-11-13 12:53 - 00004384 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-16 17:09 - 2015-11-13 12:53 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-16 17:09 - 2015-11-13 12:53 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-16 17:07 - 2015-11-22 13:58 - 00000000 ____D C:\Users\Ewerton\AppData\Local\Dropbox
2017-06-16 17:07 - 2015-11-22 13:58 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-11 22:02 - 2009-07-29 13:08 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2017-06-11 22:02 - 2009-07-29 13:08 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2017-06-11 22:02 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-10 00:41 - 2015-11-22 14:54 - 00000000 ___RD C:\Users\Ewerton\Dropbox
2017-06-10 00:02 - 2016-01-20 18:05 - 00000033 _____ C:\Users\Ewerton\AppData\Roaming\AdobeWLCMCache.dat
2017-06-08 23:43 - 2016-10-30 14:15 - 00000000 ____D C:\Users\Palu\AppData\Local\Dropbox
2017-06-08 20:41 - 2015-11-13 12:49 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-06-08 20:29 - 2015-11-13 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-04 13:15 - 2015-11-22 16:27 - 00000000 ____D C:\Users\Dudu\AppData\Local\Dropbox
2017-06-04 11:38 - 2016-06-07 22:46 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2017-06-04 11:38 - 2016-06-07 22:46 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-06-02 21:11 - 2017-02-17 23:43 - 00000000 ____D C:\Users\Ewerton\Desktop\Sala
2017-05-29 21:12 - 2015-11-13 09:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-28 02:43 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2017-05-27 21:38 - 2016-10-30 14:15 - 00000000 ____D C:\Users\Palu\AppData\Local\Adobe
2017-05-27 19:37 - 2017-04-09 11:48 - 00000000 ____D C:\Users\Ewerton\Downloads\The Fosters 3ª Temporada
2017-05-19 18:18 - 2016-03-13 17:53 - 00000000 ____D C:\Users\Dudu\AppData\Roaming\Adobe
2017-05-19 18:17 - 2015-12-07 19:08 - 00000000 ____D C:\Users\Dudu\AppData\Local\Adobe
2017-05-18 23:58 - 2015-11-13 08:59 - 00000000 ____D C:\Users\Ewerton
2017-05-18 22:34 - 2015-11-20 18:53 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\Adobe
2017-05-18 22:34 - 2015-11-13 12:49 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2017-05-18 22:34 - 2015-11-13 12:49 - 00000000 ____D C:\ProgramData\Adobe
==================== Arquivos na raiz de alguns diretórios =======
2016-01-20 18:05 - 2017-06-10 00:02 - 0000033 _____ () C:\Users\Ewerton\AppData\Roaming\AdobeWLCMCache.dat
2015-11-13 10:56 - 2015-11-13 10:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Alguns arquivos em TEMP:
====================
2015-11-20 18:01 - 2015-11-20 18:01 - 0000000 ____D () C:\Users\Dudu\AppData\Local\Temp\avgnt.exe
2015-12-07 19:08 - 2015-12-07 19:08 - 0071168 _____ () C:\Users\Dudu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwmbciz.dll
2017-01-19 12:50 - 2015-01-26 05:59 - 0060296 _____ (Autodesk, Inc.) C:\Users\Ewerton\AppData\Local\Temp\AcDeltree.exe
2016-05-08 11:56 - 2015-03-05 08:54 - 2212008 _____ (Adobe Systems Incorporated) C:\Users\Ewerton\AppData\Local\Temp\AdobeApplicationManager.exe
2007-12-13 20:23 - 2007-12-13 20:23 - 0640248 _____ (Electronic Arts Inc.) C:\Users\Ewerton\AppData\Local\Temp\AutoRun.exe
2017-02-02 16:54 - 2007-12-13 20:23 - 0591096 _____ (Electronic Arts Inc.) C:\Users\Ewerton\AppData\Local\Temp\AutoRunGUI.dll
2015-11-13 13:34 - 2015-11-13 13:34 - 0000000 ____D () C:\Users\Ewerton\AppData\Local\Temp\avgnt.exe
2015-12-08 08:39 - 2015-12-08 08:39 - 0071168 _____ () C:\Users\Ewerton\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl_hneu.dll
2016-02-04 20:08 - 2016-02-04 20:09 - 32874496 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD10A2.exe
2015-11-29 21:40 - 2015-11-29 21:41 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD17D3.exe
2016-02-11 20:38 - 2016-02-11 20:39 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD25F6.exe
2016-01-19 20:14 - 2016-01-19 20:15 - 36517888 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD27F9.exe
2016-01-20 18:00 - 2016-01-20 18:01 - 30437376 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD28A5.exe
2016-01-25 18:01 - 2016-01-25 18:03 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD2C2E.exe
2016-01-20 18:00 - 2016-01-20 18:01 - 9736192 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD3532.exe
2015-12-02 10:45 - 2015-12-02 10:46 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD3957.exe
2015-11-21 13:19 - 2015-11-21 13:20 - 2739998 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD4434.exe
2016-02-11 20:39 - 2016-02-11 20:41 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD46EE.exe
2016-01-17 21:25 - 2016-01-17 21:27 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD51B8.exe
2016-01-13 17:28 - 2016-01-13 17:28 - 5949440 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD5D8A.exe
2016-01-20 17:59 - 2016-01-20 18:00 - 8427520 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD6141.exe
2015-12-06 21:58 - 2015-12-06 21:58 - 1353728 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD6EE8.exe
2016-02-11 20:38 - 2016-02-11 20:38 - 1703936 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD7B47.exe
2016-01-25 17:37 - 2016-01-25 17:37 - 3979264 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD7C02.exe
2015-12-07 10:54 - 2015-12-07 10:55 - 26275840 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD81CC.exe
2015-12-06 21:50 - 2015-12-06 21:51 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD8516.exe
2015-11-29 17:31 - 2015-11-29 17:32 - 4184064 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD88BE.exe
2015-11-30 13:13 - 2015-11-30 13:13 - 2502656 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9146.exe
2016-02-11 20:37 - 2016-02-11 20:37 - 1437696 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD97CB.exe
2015-11-29 22:10 - 2015-11-29 22:10 - 1140736 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9887.exe
2016-01-25 17:37 - 2016-01-25 17:37 - 6666240 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9D38.exe
2016-01-11 17:09 - 2016-01-11 17:09 - 2865152 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9EAE.exe
2016-01-18 21:28 - 2016-01-18 21:28 - 2152448 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9EED.exe
2015-12-04 16:46 - 2015-12-04 16:48 - 39760958 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9FF6.exe
2015-11-25 14:17 - 2015-11-25 14:17 - 2203648 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADA0B1.exe
2015-12-08 08:29 - 2015-12-08 08:29 - 1296384 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADA302.exe
2015-11-24 14:24 - 2015-11-24 14:25 - 9404416 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADA553.exe
2016-01-20 17:59 - 2016-01-20 17:59 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADA820.exe
2016-01-25 17:37 - 2016-01-25 17:37 - 8998912 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADABD8.exe
2016-01-25 17:38 - 2016-01-25 17:39 - 15521792 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADAE96.exe
2015-12-05 13:56 - 2015-12-05 13:56 - 3790848 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB192.exe
2016-01-20 17:59 - 2016-01-20 17:59 - 1411072 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB337.exe
2016-01-16 21:22 - 2016-01-16 21:22 - 28008448 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB395.exe
2015-11-22 21:09 - 2015-11-22 21:09 - 0532480 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB396.exe
2015-11-23 08:14 - 2015-11-23 08:14 - 5527552 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB48F.exe
2015-11-22 13:54 - 2015-11-22 13:54 - 2068480 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB569.exe
2015-12-06 20:34 - 2015-12-06 20:35 - 10780672 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB579.exe
2016-01-25 17:37 - 2016-01-25 17:39 - 47482880 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADBF0A.exe
2016-01-12 09:04 - 2016-01-12 09:06 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADBFF4.exe
2015-11-28 11:08 - 2015-11-28 11:09 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC080.exe
2016-01-13 21:27 - 2016-01-13 21:27 - 4456448 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC15B.exe
2016-01-25 17:44 - 2016-01-25 17:44 - 8742912 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC199.exe
2016-02-04 20:08 - 2016-02-04 20:09 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC512.exe
2016-02-04 20:08 - 2016-02-04 20:09 - 28241920 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC7D0.exe
2016-01-12 21:08 - 2016-01-12 21:08 - 1583104 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC9A4.exe
2016-02-11 20:41 - 2016-02-11 20:41 - 26071040 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADDDD0.exe
2016-01-25 17:40 - 2016-01-25 17:41 - 34797568 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADF288.exe
2016-01-13 17:30 - 2016-01-13 17:30 - 1654784 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADFCF6.exe
2016-01-25 17:38 - 2016-01-25 17:39 - 45545472 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADFF92.exe
2017-02-02 16:54 - 2007-12-13 20:23 - 0881912 _____ (Electronic Arts Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAInstall.dll
2016-03-21 14:49 - 2016-03-22 23:12 - 0246808 _____ (BlueStack Systems) C:\Users\Ewerton\AppData\Local\Temp\HD-Logger-Native.dll
2016-03-21 14:49 - 2016-03-22 23:14 - 0128536 _____ (BlueStack Systems) C:\Users\Ewerton\AppData\Local\Temp\HD-ShortcutHandler.dll
2017-06-16 17:14 - 2017-06-16 17:14 - 78496904 _____ () C:\Users\Ewerton\AppData\Local\Temp\Setup-Wacom.exe
2016-05-11 13:29 - 2017-02-17 21:47 - 44048864 _____ (Skype Technologies S.A.) C:\Users\Ewerton\AppData\Local\Temp\SkypeSetup.exe
2016-04-05 17:50 - 2016-04-05 17:26 - 6891120 _____ (Spotify Ltd) C:\Users\Ewerton\AppData\Local\Temp\SpotifyUninstall.exe
2017-02-02 17:01 - 2007-12-13 20:23 - 0099576 _____ (Electronic Arts) C:\Users\Ewerton\AppData\Local\Temp\The Sims Castaway Stories_uninst.exe
2016-03-21 14:49 - 2016-03-22 14:46 - 0536088 _____ (BlueStack Systems, Inc.) C:\Users\Ewerton\AppData\Local\Temp\uninstall.exe
2009-03-28 18:08 - 2009-03-28 18:08 - 0195056 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\UninstallEADM.dll
2017-03-26 12:02 - 2017-03-26 12:02 - 14456872 _____ (Microsoft Corporation) C:\Users\Ewerton\AppData\Local\Temp\vc_redist.x86.exe
2016-02-04 16:51 - 2016-02-04 16:51 - 54131952 _____ (Sony) C:\Users\Ewerton\AppData\Local\Temp\xcs3295.tmp.exe
2016-02-04 16:50 - 2016-02-04 16:50 - 54131952 _____ (Sony) C:\Users\Ewerton\AppData\Local\Temp\xcsDC6B.tmp.exe
2006-10-29 21:10 - 2006-10-29 21:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Ewerton\AppData\Local\Temp\_is2201.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-06-16 21:52
==================== Fim de FRST.txt ============================
Executado por Ewerton (administrador) em EWERTON-PC (16-06-2017 23:50:36)
Executando a partir de C:\Users\Ewerton\Downloads
Perfis Carregados: Ewerton (Perfis Disponíveis: Ewerton & Dudu & Palu)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradserv.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Scopus Soluções em TI Ltda) C:\Program Files (x86)\scpbrad\scpbradguard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGGB.EXE
(BitTorrent Inc.) C:\Users\Ewerton\AppData\Roaming\uTorrent\uTorrent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILDE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILDE.EXE
(Spotify Ltd) C:\Users\Ewerton\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Ewerton\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Ewerton\AppData\Local\Akamai\netsession_win.exe
(Zbshareware Lab) C:\Program Files (x86)\USB Disk Security\USBGuard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(BitTorrent Inc.) C:\Users\Ewerton\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe
(BitTorrent Inc.) C:\Users\Ewerton\AppData\Roaming\uTorrent\updates\3.5.0_43804\utorrentie.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Autodesk Inc.) C:\Users\Ewerton\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14030080 2015-06-25] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2872720 2012-10-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3050224 2013-04-02] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-04-19] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [USB Security] => C:\Program Files (x86)\USB Disk Security\USBGuard.exe [695528 2015-01-31] (Zbshareware Lab)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3487032 2017-06-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-04] (Autodesk Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2406496 2017-06-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2016-09-15] (Caixa Economica Federal)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [EPSON TX125 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGB.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [uTorrent] => C:\Users\Ewerton\AppData\Roaming\uTorrent\uTorrent.exe [1980608 2017-05-21] (BitTorrent Inc.)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [EPLTarget\P0000000000000002] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILDE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [Spotify Web Helper] => C:\Users\Ewerton\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-06-11] (Spotify Ltd)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Ewerton\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\MountPoints2: {5388e20d-8a01-11e5-b414-bff16367f842} - H:\Autoplay.exe -auto
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\...\MountPoints2: {60c0c61b-c3a3-11e5-81e4-003018c3f634} - F:\Startme.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehcef.dll [1903328 2016-09-15] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-12] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 186.233.104.11 186.233.104.12
Tcpip\..\Interfaces\{4AB7FD4A-F877-4967-9272-41FBDC9575EB}: [DhcpNameServer] 186.233.104.11 186.233.104.12
Internet Explorer:
==================
HKU\S-1-5-21-2051878273-3156160604-437763902-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://linkzb.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll [2016-09-15] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: vg1ttgjq.default
FF ProfilePath: C:\Users\Ewerton\AppData\Roaming\Mozilla\Firefox\Profiles\vg1ttgjq.default [2017-06-16]
FF Homepage: Mozilla\Firefox\Profiles\vg1ttgjq.default -> hxxp://linkzb.com
FF Extension: (Avira Browser Safety) - C:\Users\Ewerton\AppData\Roaming\Mozilla\Firefox\Profiles\vg1ttgjq.default\Extensions\abs@avira.com [2015-11-13] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-16] ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-06-04] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-16] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2013-04-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2013-04-24] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-06-04] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\autoconf_warsaw.js [2017-06-01] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\warsaw.cfg [2017-06-01] <==== ATENÇÃO
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> hxxps://www.google.com/
CHR StartupUrls: Profile 2 -> "hxxps://www.google.com/"
CHR Profile: C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default [2017-05-14]
CHR Extension: (Google Apresentações) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-13]
CHR Extension: (Google Docs) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-13]
CHR Extension: (Google Drive) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-13]
CHR Extension: (YouTube) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-13]
CHR Extension: (Google Search) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-13]
CHR Extension: (Adobe Acrobat) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-21]
CHR Extension: (Planilhas do Google) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-13]
CHR Extension: (Segurança do navegador Avira) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-14]
CHR Extension: (Documentos Google off-line) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-21]
CHR Extension: (Web Navigation) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja [2015-11-13] [UpdateUrl: hxxp://www.linkszb.com/addon/chrome/update.xml] <==== ATENÇÃO
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-21]
CHR Extension: (Gmail) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-13]
CHR Extension: (Chrome Media Router) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-14]
CHR Profile: C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-12-08]
CHR Extension: (Google Drive) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-14]
CHR Extension: (YouTube) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-14]
CHR Extension: (Google Search) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-14]
CHR Extension: (Segurança do navegador Avira) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-14]
CHR Extension: (Documentos Google off-line) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-14]
CHR Extension: (Northern Lights) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbnkklencjcmkepldaineciclcheaoef [2015-11-14]
CHR Extension: (Web Navigation) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lkemddiljapcmhicklfpcbpfffahfbja [2015-11-14] [UpdateUrl: hxxp://www.linkszb.com/addon/chrome/update.xml] <==== ATENÇÃO
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-14]
CHR Extension: (Gmail) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-14]
CHR Profile: C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-06-16]
CHR Extension: (Google Drive) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Google Search) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Segurança do navegador Avira) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-08]
CHR Extension: (Documentos Google off-line) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Celestial Lights) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lbnkklencjcmkepldaineciclcheaoef [2016-06-13]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-08]
CHR Extension: (Gmail) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]
CHR Extension: (Chrome Media Router) - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lkemddiljapcmhicklfpcbpfffahfbja] - C:\Users\Ewerton\AppData\Local\Google\Chrome\User Data\Default\extensions\WebNavigation.crx [2015-11-13]
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-04] (Autodesk Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-06-04] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-05-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-05-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-05-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-05-07] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [374352 2017-05-22] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [48944 2017-06-12] (Dropbox, Inc.)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [676336 2015-06-25] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-09-15] (GAS Tecnologia)
S3 mi-raysat_3dsmax2016_64; C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe [86016 2011-09-15] () [Arquivo não assinado]
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [Arquivo não assinado]
R2 scpbradserv; C:\Program Files (x86)\scpbrad\scpbradserv.exe [1995208 2017-05-19] (Scopus Soluções em TI Ltda)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [966288 2014-10-22] (@ByELDI) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [954416 2017-04-19] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176968 2017-03-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148104 2017-03-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-29] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-11-13] (Disc Soft Ltd)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-04-24] (Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-01-09] (Synaptics Incorporated)
S3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [28376 2017-06-16] (GAS Tecnologia)
R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [25184 2017-04-19] (GAS Tecnologia)
R3 wsddprm; C:\Windows\system32\drivers\wsddprm.sys [25184 2017-04-19] (GAS Tecnologia)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-06-16 23:50 - 2017-06-16 23:51 - 00031762 _____ C:\Users\Ewerton\Downloads\FRST.txt
2017-06-16 23:50 - 2017-06-16 23:50 - 00000000 ____D C:\FRST
2017-06-16 23:49 - 2017-06-16 23:49 - 02438656 _____ (Farbar) C:\Users\Ewerton\Downloads\FRST64.exe
2017-06-16 23:38 - 2017-03-14 13:23 - 00023232 _____ (Microsoft Corporation) C:\Users\Ewerton\Downloads\api-ms-win-crt-runtime-l1-1-0.dll
2017-06-16 23:38 - 2016-10-12 09:12 - 00001983 _____ C:\Users\Ewerton\Downloads\README.txt
2017-06-16 23:37 - 2017-06-16 23:37 - 00013187 _____ C:\Users\Ewerton\Downloads\api-ms-win-crt-runtime-l1-1-0.zip
2017-06-16 23:30 - 2017-06-16 23:30 - 00904176 _____ C:\Users\Ewerton\Downloads\dllkit-setup.exe
2017-06-16 22:48 - 2017-06-16 22:48 - 01034556 _____ C:\Users\Ewerton\Downloads\Windows6.1-KB2999226-x64.msu
2017-06-16 22:29 - 2017-06-16 22:29 - 00000000 ___HD C:\OneDriveTemp
2017-06-16 20:45 - 2017-06-16 20:55 - 00000000 ____D C:\Windows\system32\MRT
2017-06-16 20:44 - 2017-06-16 20:44 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-16 18:36 - 2015-03-19 00:07 - 05503416 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-16 18:36 - 2015-03-18 23:57 - 03963320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-06-16 18:36 - 2015-03-18 23:57 - 03908024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-06-16 18:36 - 2013-03-19 02:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-06-16 18:36 - 2013-03-19 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-06-16 18:36 - 2013-03-19 00:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-06-16 18:36 - 2011-04-09 03:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-06-16 18:36 - 2011-04-09 02:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-06-16 18:35 - 2016-06-25 13:03 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\EOSNotify.exe
2017-06-16 18:35 - 2014-09-14 21:44 - 03195392 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-06-16 18:25 - 2017-06-16 23:52 - 1604536672 _____ C:\Users\Ewerton\Downloads\Não confirmado 676780.crdownload
2017-06-16 18:12 - 2012-06-02 19:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-16 18:12 - 2012-06-02 19:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-06-16 18:12 - 2012-06-02 19:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-06-16 18:12 - 2012-06-02 19:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-06-16 18:11 - 2012-06-02 19:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-16 18:11 - 2012-06-02 19:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-06-16 18:11 - 2012-06-02 19:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-06-16 18:11 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-06-16 18:11 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-06-16 18:00 - 2017-06-16 18:00 - 00000000 ____D C:\Windows\CheckSur
2017-06-16 17:45 - 2017-06-16 17:46 - 14749120 _____ (Microsoft Corporation) C:\Users\Ewerton\Downloads\vc_redist.x64.exe
2017-06-16 17:41 - 2017-06-16 17:41 - 00001125 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk
2017-06-16 17:41 - 2017-06-16 17:41 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\DLL-files.com
2017-06-16 17:41 - 2017-06-16 17:41 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\DFXCT
2017-06-16 17:41 - 2017-06-16 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2017-06-16 17:41 - 2017-06-16 17:41 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2017-06-16 17:40 - 2017-06-16 17:40 - 02786824 _____ (DLL-Files.com Client ) C:\Users\Ewerton\Downloads\clientsetup_d-0.exe
2017-06-16 17:31 - 2017-06-16 17:34 - 78496904 _____ C:\Users\Ewerton\Downloads\WacomTablet_6.3.22-6.exe
2017-06-16 17:21 - 2017-06-16 17:21 - 00000000 ____D C:\Program Files\TabletPlugins
2017-06-16 17:21 - 2017-06-16 17:21 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2017-06-16 17:19 - 2017-06-16 23:45 - 00000000 ____D C:\Program Files\Tablet
2017-06-16 17:19 - 2017-05-31 14:38 - 02275784 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Tablet.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 02268616 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 02174408 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 02112456 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 01788360 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 01781704 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 01673160 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2017-06-16 17:19 - 2017-05-31 14:38 - 01632712 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2017-06-16 17:06 - 2017-06-16 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-12 08:55 - 2017-06-12 08:55 - 00048944 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-06-12 08:52 - 2017-06-12 08:52 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-06-12 08:52 - 2017-06-12 08:52 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-06-12 08:52 - 2017-06-12 08:52 - 00045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-06-10 08:36 - 2017-06-10 08:36 - 00000000 ____D C:\Users\Dudu\Desktop\PEDRINHO PEGAÇÃO - PLAYBOY DO SOM - JUNHO 2017
2017-06-10 08:33 - 2017-06-10 08:33 - 00000000 ____D C:\Users\Dudu\Desktop\Wesley Safadão - 2017.3 Promocional
2017-06-10 08:32 - 2017-06-10 08:32 - 00000000 ____D C:\Users\Dudu\Desktop\MÁRCIA FELLIPE (CD PARALISOU)
2017-06-10 08:22 - 2017-06-10 08:35 - 168695756 _____ C:\Users\Dudu\Downloads\PEDRINHO PEGACAO - PLAYBOY DO SOM - JUNHO 2017.rar
2017-06-10 08:22 - 2017-06-10 08:30 - 71655762 _____ C:\Users\Dudu\Downloads\Wesley Safadao - 2017-3 Promocional.rar
2017-06-10 08:21 - 2017-06-10 08:31 - 89030178 _____ C:\Users\Dudu\Downloads\MARCIA FELLIPE CD PARALISOU.rar
2017-06-10 01:59 - 2017-06-10 02:19 - 564744309 _____ C:\Users\Ewerton\Downloads\Windows6.1-KB947821-v34-x64.msu
2017-06-09 22:51 - 2017-06-09 22:52 - 00000000 ____D C:\Users\Ewerton\Downloads\Power Rangers 2017 720P HDTS-x264-AAC-Zi$t-WWRG
2017-06-08 20:41 - 2017-06-08 20:41 - 00001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-06-08 20:41 - 2017-06-08 20:41 - 00001137 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-06-08 20:29 - 2017-06-08 20:29 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-06-04 19:56 - 2017-06-04 19:56 - 00000266 _____ C:\Users\Ewerton\Desktop\Quanto ganho.txt
2017-06-02 21:19 - 2017-06-03 22:07 - 00000000 ____D C:\Users\Ewerton\Desktop\Batizado dalva
2017-06-01 19:37 - 2017-06-16 22:27 - 00028376 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2017-06-01 19:37 - 2017-04-19 17:52 - 00025184 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddprm.sys
2017-06-01 19:37 - 2017-04-19 17:52 - 00025184 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2017-06-01 19:10 - 2017-06-16 22:27 - 00000000 ____D C:\Users\Ewerton\AppData\LocalLow\uTorrent
2017-05-27 21:39 - 2017-05-27 21:39 - 00000000 ____D C:\Users\Palu\Documents\Autodesk Application Manager
2017-05-27 21:38 - 2017-05-27 21:40 - 00000000 ____D C:\Users\Palu\AppData\Roaming\Adobe
2017-05-27 21:38 - 2017-05-27 21:38 - 00000000 ____D C:\Users\Palu\AppData\Roaming\Autodesk
2017-05-27 21:38 - 2017-05-27 21:38 - 00000000 ____D C:\Users\Palu\AppData\Local\CEF
2017-05-27 21:38 - 2017-05-27 21:38 - 00000000 ____D C:\Users\Palu\AppData\Local\Autodesk
2017-05-19 21:51 - 2017-05-19 21:51 - 00000000 ____D C:\Users\Todos os Usuários\scpbrad
2017-05-19 21:51 - 2017-05-19 21:51 - 00000000 ____D C:\ProgramData\scpbrad
2017-05-19 21:51 - 2017-05-19 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Componente de Segurança Bradesco
2017-05-19 21:51 - 2017-05-19 21:51 - 00000000 ____D C:\Program Files (x86)\scpbrad
2017-05-19 21:49 - 2017-05-19 21:50 - 08168888 _____ (Banco Bradesco S.A.) C:\Users\Ewerton\Downloads\scpbradinst.exe
2017-05-19 14:34 - 2017-05-19 14:34 - 00000262 _____ C:\Users\Ewerton\Downloads\Ben 10 Ivasão Alienígena DVD-R Ben 10 Extranet.txt
2017-05-18 22:34 - 2017-06-16 22:32 - 00000000 ___RD C:\Users\Ewerton\Creative Cloud Files
2017-05-18 21:46 - 2017-05-18 21:46 - 02119848 _____ (Adobe Systems Incorporated) C:\Users\Ewerton\Downloads\Adobe_Muse_Set-Up.exe
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-06-16 23:49 - 2015-11-20 18:52 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\uTorrent
2017-06-16 23:43 - 2016-03-05 15:43 - 00000913 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {C8120CE8-02C1-47BD-8B2A-FC29BA03F204}.job
2017-06-16 23:43 - 2016-03-05 15:43 - 00000727 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {C8120CE8-02C1-47BD-8B2A-FC29BA03F204}.job
2017-06-16 23:41 - 2016-01-13 21:50 - 00001022 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-06-16 23:41 - 2016-01-13 21:49 - 00001018 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-06-16 23:16 - 2016-03-05 16:16 - 00000913 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Update {D8B21285-53EC-4ACD-8072-6C3EA3CA899B}.job
2017-06-16 23:16 - 2016-03-05 16:16 - 00000727 _____ C:\Windows\Tasks\EPSON XP-211 214 216 Series Invitation {D8B21285-53EC-4ACD-8072-6C3EA3CA899B}.job
2017-06-16 22:55 - 2016-06-26 22:33 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2017-06-16 22:55 - 2016-06-26 22:33 - 00000000 ____D C:\ProgramData\GbPlugin
2017-06-16 22:41 - 2009-07-14 01:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-06-16 22:41 - 2009-07-14 01:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-06-16 22:32 - 2015-11-13 12:46 - 00000000 ____D C:\Users\Ewerton\AppData\Local\Adobe
2017-06-16 22:31 - 2016-01-12 09:11 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\Skype
2017-06-16 22:29 - 2017-02-11 18:23 - 00000000 ___RD C:\Users\Ewerton\OneDrive
2017-06-16 22:26 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-16 22:08 - 2015-11-13 09:40 - 00126056 _____ C:\Users\Ewerton\AppData\Local\GDIPFONTCACHEV1.DAT
2017-06-16 22:04 - 2009-07-14 01:45 - 05130432 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-16 21:03 - 2015-11-13 09:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-06-16 21:03 - 2015-11-13 09:20 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2017-06-16 20:37 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2017-06-16 20:35 - 2009-07-13 23:34 - 00000478 _____ C:\Windows\win.ini
2017-06-16 18:58 - 2015-11-20 22:23 - 00000000 ____D C:\Users\Ewerton\AppData\Local\Spotify
2017-06-16 18:55 - 2015-11-20 22:21 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\Spotify
2017-06-16 17:39 - 2015-11-13 13:16 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-06-16 17:39 - 2015-11-13 13:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-16 17:10 - 2015-11-13 12:53 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-16 17:10 - 2015-11-13 12:53 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-16 17:10 - 2015-11-13 12:53 - 00004384 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-06-16 17:09 - 2015-11-13 12:53 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-16 17:09 - 2015-11-13 12:53 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-16 17:07 - 2015-11-22 13:58 - 00000000 ____D C:\Users\Ewerton\AppData\Local\Dropbox
2017-06-16 17:07 - 2015-11-22 13:58 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-11 22:02 - 2009-07-29 13:08 - 00705070 _____ C:\Windows\system32\prfh0416.dat
2017-06-11 22:02 - 2009-07-29 13:08 - 00146910 _____ C:\Windows\system32\prfc0416.dat
2017-06-11 22:02 - 2009-07-14 02:13 - 01633534 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-10 00:41 - 2015-11-22 14:54 - 00000000 ___RD C:\Users\Ewerton\Dropbox
2017-06-10 00:02 - 2016-01-20 18:05 - 00000033 _____ C:\Users\Ewerton\AppData\Roaming\AdobeWLCMCache.dat
2017-06-08 23:43 - 2016-10-30 14:15 - 00000000 ____D C:\Users\Palu\AppData\Local\Dropbox
2017-06-08 20:41 - 2015-11-13 12:49 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-06-08 20:29 - 2015-11-13 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-06-04 13:15 - 2015-11-22 16:27 - 00000000 ____D C:\Users\Dudu\AppData\Local\Dropbox
2017-06-04 11:38 - 2016-06-07 22:46 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2017-06-04 11:38 - 2016-06-07 22:46 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-06-02 21:11 - 2017-02-17 23:43 - 00000000 ____D C:\Users\Ewerton\Desktop\Sala
2017-05-29 21:12 - 2015-11-13 09:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-28 02:43 - 2009-07-14 02:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2017-05-27 21:38 - 2016-10-30 14:15 - 00000000 ____D C:\Users\Palu\AppData\Local\Adobe
2017-05-27 19:37 - 2017-04-09 11:48 - 00000000 ____D C:\Users\Ewerton\Downloads\The Fosters 3ª Temporada
2017-05-19 18:18 - 2016-03-13 17:53 - 00000000 ____D C:\Users\Dudu\AppData\Roaming\Adobe
2017-05-19 18:17 - 2015-12-07 19:08 - 00000000 ____D C:\Users\Dudu\AppData\Local\Adobe
2017-05-18 23:58 - 2015-11-13 08:59 - 00000000 ____D C:\Users\Ewerton
2017-05-18 22:34 - 2015-11-20 18:53 - 00000000 ____D C:\Users\Ewerton\AppData\Roaming\Adobe
2017-05-18 22:34 - 2015-11-13 12:49 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2017-05-18 22:34 - 2015-11-13 12:49 - 00000000 ____D C:\ProgramData\Adobe
==================== Arquivos na raiz de alguns diretórios =======
2016-01-20 18:05 - 2017-06-10 00:02 - 0000033 _____ () C:\Users\Ewerton\AppData\Roaming\AdobeWLCMCache.dat
2015-11-13 10:56 - 2015-11-13 10:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Alguns arquivos em TEMP:
====================
2015-11-20 18:01 - 2015-11-20 18:01 - 0000000 ____D () C:\Users\Dudu\AppData\Local\Temp\avgnt.exe
2015-12-07 19:08 - 2015-12-07 19:08 - 0071168 _____ () C:\Users\Dudu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwmbciz.dll
2017-01-19 12:50 - 2015-01-26 05:59 - 0060296 _____ (Autodesk, Inc.) C:\Users\Ewerton\AppData\Local\Temp\AcDeltree.exe
2016-05-08 11:56 - 2015-03-05 08:54 - 2212008 _____ (Adobe Systems Incorporated) C:\Users\Ewerton\AppData\Local\Temp\AdobeApplicationManager.exe
2007-12-13 20:23 - 2007-12-13 20:23 - 0640248 _____ (Electronic Arts Inc.) C:\Users\Ewerton\AppData\Local\Temp\AutoRun.exe
2017-02-02 16:54 - 2007-12-13 20:23 - 0591096 _____ (Electronic Arts Inc.) C:\Users\Ewerton\AppData\Local\Temp\AutoRunGUI.dll
2015-11-13 13:34 - 2015-11-13 13:34 - 0000000 ____D () C:\Users\Ewerton\AppData\Local\Temp\avgnt.exe
2015-12-08 08:39 - 2015-12-08 08:39 - 0071168 _____ () C:\Users\Ewerton\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl_hneu.dll
2016-02-04 20:08 - 2016-02-04 20:09 - 32874496 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD10A2.exe
2015-11-29 21:40 - 2015-11-29 21:41 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD17D3.exe
2016-02-11 20:38 - 2016-02-11 20:39 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD25F6.exe
2016-01-19 20:14 - 2016-01-19 20:15 - 36517888 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD27F9.exe
2016-01-20 18:00 - 2016-01-20 18:01 - 30437376 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD28A5.exe
2016-01-25 18:01 - 2016-01-25 18:03 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD2C2E.exe
2016-01-20 18:00 - 2016-01-20 18:01 - 9736192 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD3532.exe
2015-12-02 10:45 - 2015-12-02 10:46 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD3957.exe
2015-11-21 13:19 - 2015-11-21 13:20 - 2739998 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD4434.exe
2016-02-11 20:39 - 2016-02-11 20:41 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD46EE.exe
2016-01-17 21:25 - 2016-01-17 21:27 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD51B8.exe
2016-01-13 17:28 - 2016-01-13 17:28 - 5949440 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD5D8A.exe
2016-01-20 17:59 - 2016-01-20 18:00 - 8427520 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD6141.exe
2015-12-06 21:58 - 2015-12-06 21:58 - 1353728 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD6EE8.exe
2016-02-11 20:38 - 2016-02-11 20:38 - 1703936 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD7B47.exe
2016-01-25 17:37 - 2016-01-25 17:37 - 3979264 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD7C02.exe
2015-12-07 10:54 - 2015-12-07 10:55 - 26275840 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD81CC.exe
2015-12-06 21:50 - 2015-12-06 21:51 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD8516.exe
2015-11-29 17:31 - 2015-11-29 17:32 - 4184064 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD88BE.exe
2015-11-30 13:13 - 2015-11-30 13:13 - 2502656 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9146.exe
2016-02-11 20:37 - 2016-02-11 20:37 - 1437696 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD97CB.exe
2015-11-29 22:10 - 2015-11-29 22:10 - 1140736 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9887.exe
2016-01-25 17:37 - 2016-01-25 17:37 - 6666240 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9D38.exe
2016-01-11 17:09 - 2016-01-11 17:09 - 2865152 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9EAE.exe
2016-01-18 21:28 - 2016-01-18 21:28 - 2152448 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9EED.exe
2015-12-04 16:46 - 2015-12-04 16:48 - 39760958 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAD9FF6.exe
2015-11-25 14:17 - 2015-11-25 14:17 - 2203648 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADA0B1.exe
2015-12-08 08:29 - 2015-12-08 08:29 - 1296384 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADA302.exe
2015-11-24 14:24 - 2015-11-24 14:25 - 9404416 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADA553.exe
2016-01-20 17:59 - 2016-01-20 17:59 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADA820.exe
2016-01-25 17:37 - 2016-01-25 17:37 - 8998912 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADABD8.exe
2016-01-25 17:38 - 2016-01-25 17:39 - 15521792 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADAE96.exe
2015-12-05 13:56 - 2015-12-05 13:56 - 3790848 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB192.exe
2016-01-20 17:59 - 2016-01-20 17:59 - 1411072 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB337.exe
2016-01-16 21:22 - 2016-01-16 21:22 - 28008448 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB395.exe
2015-11-22 21:09 - 2015-11-22 21:09 - 0532480 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB396.exe
2015-11-23 08:14 - 2015-11-23 08:14 - 5527552 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB48F.exe
2015-11-22 13:54 - 2015-11-22 13:54 - 2068480 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB569.exe
2015-12-06 20:34 - 2015-12-06 20:35 - 10780672 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADB579.exe
2016-01-25 17:37 - 2016-01-25 17:39 - 47482880 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADBF0A.exe
2016-01-12 09:04 - 2016-01-12 09:06 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADBFF4.exe
2015-11-28 11:08 - 2015-11-28 11:09 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC080.exe
2016-01-13 21:27 - 2016-01-13 21:27 - 4456448 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC15B.exe
2016-01-25 17:44 - 2016-01-25 17:44 - 8742912 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC199.exe
2016-02-04 20:08 - 2016-02-04 20:09 - 47796216 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC512.exe
2016-02-04 20:08 - 2016-02-04 20:09 - 28241920 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC7D0.exe
2016-01-12 21:08 - 2016-01-12 21:08 - 1583104 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADC9A4.exe
2016-02-11 20:41 - 2016-02-11 20:41 - 26071040 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADDDD0.exe
2016-01-25 17:40 - 2016-01-25 17:41 - 34797568 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADF288.exe
2016-01-13 17:30 - 2016-01-13 17:30 - 1654784 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADFCF6.exe
2016-01-25 17:38 - 2016-01-25 17:39 - 45545472 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\EADFF92.exe
2017-02-02 16:54 - 2007-12-13 20:23 - 0881912 _____ (Electronic Arts Inc.) C:\Users\Ewerton\AppData\Local\Temp\EAInstall.dll
2016-03-21 14:49 - 2016-03-22 23:12 - 0246808 _____ (BlueStack Systems) C:\Users\Ewerton\AppData\Local\Temp\HD-Logger-Native.dll
2016-03-21 14:49 - 2016-03-22 23:14 - 0128536 _____ (BlueStack Systems) C:\Users\Ewerton\AppData\Local\Temp\HD-ShortcutHandler.dll
2017-06-16 17:14 - 2017-06-16 17:14 - 78496904 _____ () C:\Users\Ewerton\AppData\Local\Temp\Setup-Wacom.exe
2016-05-11 13:29 - 2017-02-17 21:47 - 44048864 _____ (Skype Technologies S.A.) C:\Users\Ewerton\AppData\Local\Temp\SkypeSetup.exe
2016-04-05 17:50 - 2016-04-05 17:26 - 6891120 _____ (Spotify Ltd) C:\Users\Ewerton\AppData\Local\Temp\SpotifyUninstall.exe
2017-02-02 17:01 - 2007-12-13 20:23 - 0099576 _____ (Electronic Arts) C:\Users\Ewerton\AppData\Local\Temp\The Sims Castaway Stories_uninst.exe
2016-03-21 14:49 - 2016-03-22 14:46 - 0536088 _____ (BlueStack Systems, Inc.) C:\Users\Ewerton\AppData\Local\Temp\uninstall.exe
2009-03-28 18:08 - 2009-03-28 18:08 - 0195056 _____ (Electronic Arts, Inc.) C:\Users\Ewerton\AppData\Local\Temp\UninstallEADM.dll
2017-03-26 12:02 - 2017-03-26 12:02 - 14456872 _____ (Microsoft Corporation) C:\Users\Ewerton\AppData\Local\Temp\vc_redist.x86.exe
2016-02-04 16:51 - 2016-02-04 16:51 - 54131952 _____ (Sony) C:\Users\Ewerton\AppData\Local\Temp\xcs3295.tmp.exe
2016-02-04 16:50 - 2016-02-04 16:50 - 54131952 _____ (Sony) C:\Users\Ewerton\AppData\Local\Temp\xcsDC6B.tmp.exe
2006-10-29 21:10 - 2006-10-29 21:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Ewerton\AppData\Local\Temp\_is2201.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-06-16 21:52
==================== Fim de FRST.txt ============================