Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 18-07-2016
Executado por Léo (administrador) em MS (20-07-2016 11:03:05)
Executando a partir de C:\Users\Léo\Desktop
Perfis Carregados: Léo (Perfis Disponíveis: Henrique & Léo)
Platform: Windows 8 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 10 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Banco Bradesco S.A.) C:\Program Files (x86)\Scpad\scpVista.exe
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ReviverSoft) C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviver.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-07-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1110232 2016-06-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [fst_br_126] => [X]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-11] (AVAST Software)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888344 2016-02-05] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-07-13] (Raptr, Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginAbn: C:\Program Files (x86)\GbPlugin\gbiehAbn.dll [2013-02-06] (Banco Real)
HKU\S-1-5-21-605912851-4215435189-893445735-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-605912851-4215435189-893445735-1002\...\MountPoints2: {078a30a7-2199-11e5-bf74-f46d04e4e593} - "I:\SETUP.EXE" 
HKU\S-1-5-21-605912851-4215435189-893445735-1002\...\MountPoints2: {910654dd-c5a8-11e5-801a-f46d04e4e593} - "H:\setup.exe" 
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
SSODL-x32: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll (Banco Bradesco S.A.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Program Files (x86)\GbPlugin\gbiehabn.dll [1516456 2013-02-06] (Banco Real)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2014-03-20] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} =>  Nenhum Arquivo
Startup: C:\Users\Henrique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe [2015-01-27] ()
Startup: C:\Users\Léo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk [2016-01-29]
ShortcutTarget: Recorte de tela e Iniciador do OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:64692;https=127.0.0.1:64692
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{95B72259-DE25-4BBE-A0DA-A785C648A583}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A99480A3-BB2D-428D-B66F-91605141F9FB}: [DhcpNameServer] 192.168.1.2
Tcpip\..\Interfaces\{AB5CB406-4C80-4E34-A84E-78EB89477B3D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-605912851-4215435189-893445735-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/?type=994519&fr=spigot-yhp-ie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-605912851-4215435189-893445735-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-605912851-4215435189-893445735-1002 -> {F77FFC25-3A4C-4830-B36E-17E23D64ADDD} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-30] (AVAST Software)
BHO-x32: ssh2 Class -> {2E3C3651-B19C-4DD9-A979-901EC3E930AF} -> C:\Program Files (x86)\Scpad\scpsssh2.dll [2013-01-23] (Banco Bradesco S.A.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-30] (AVAST Software)
BHO-x32: Sem Nome -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> Nenhum Arquivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle Corporation)
DPF: HKLM-x32 {9EC30204-384D-11D3-9CA3-00A024F0AF03} hxxps://cpne.bradesco.com.br/certifexp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Nenhum Arquivo
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Léo\AppData\Roaming\Mozilla\Firefox\Profiles\hxkc3ood.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Nenhum Arquivo]
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-12-19] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-12-19] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-03-21] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-11]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-11]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-19] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2014-06-30] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [deonaifijhbfflmkhlbpbfplcpnagphf] - <não Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-05-16]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-16]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [mdebcffgnijbblbinknkbefciofebcda] - <não Path/update_url>

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Arquivo não assinado]
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [77944 2012-11-28] (Autodesk)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433688 2016-02-05] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413208 2016-02-05] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [859672 2016-02-05] (BlueStack Systems, Inc.)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [413784 2013-06-06] (GAS Tecnologia)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Arquivo não assinado]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 scpVista; C:\Program Files (x86)\Scpad\scpVista.exe [360640 2013-01-22] (Banco Bradesco S.A.) [Arquivo não assinado]
R2 Start Menu Logon Manager; C:\Program Files\ReviverSoft\Start Menu Reviver\StartMenuReviverService.exe [764648 2015-08-01] (ReviverSoft)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Arquivo não assinado]
U2 VRLService; C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe [209408 2014-09-05] () [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
S2 AntiVirSchedulerService; "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [X]
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
S2 HPSLPSVC; C:\Users\Henrique\AppData\Local\Temp\7zS0A60\hpslpsvc64.dll [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-22] (Advanced Micro Devices, Inc.)
S3 arusb_win7x; C:\Windows\system32\DRIVERS\arusb_win7x.sys [769024 2010-02-23] (Atheros Communications, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-06-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-30] (AVAST Software)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2015-07-01] (Advanced Micro Devices)
S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
S3 BazisPortableCDBus; C:\Windows\System32\drivers\BazisPortableCDBus.sys [268896 2015-07-03] (SysProgs.org)
S3 BprotectEx; não ImagePath
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-02-05] (BlueStack Systems)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-01-28] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-01-28] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-02-03] (REALiX(tm))
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-18] (Malwarebytes Corporation)
S3 PCFApiUtil; não ImagePath
S3 RTL8192cu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-09-17] (Realtek Semiconductor Corporation                           )
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-09-17] (Realtek Semiconductor Corporation                           )
S3 ssudobex; C:\Windows\system32\DRIVERS\ssudobex.sys [203544 2013-02-06] (DEVGURU Co., LTD.(www.devguru.co.kr))
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-20 11:02 - 2016-07-20 11:02 - 00059553 _____ C:\Users\Léo\Desktop\Addition.txt
2016-07-20 11:01 - 2016-07-20 11:03 - 00024063 _____ C:\Users\Léo\Desktop\FRST.txt
2016-07-20 11:01 - 2016-07-20 11:03 - 00000000 ____D C:\FRST
2016-07-20 11:00 - 2016-07-20 11:00 - 02391552 _____ (Farbar) C:\Users\Léo\Desktop\FRST64.exe
2016-07-20 10:48 - 2016-07-20 10:48 - 00000250 _____ C:\Windows\Tasks\CorelUpdateHelperTaskCore.job
2016-07-20 10:48 - 2016-07-20 10:45 - 00003129 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X8 (64-Bit).lnk
2016-07-20 10:48 - 2016-07-20 10:45 - 00003122 _____ C:\Users\Public\Desktop\Corel CAPTURE X8 (64-Bit).lnk
2016-07-20 10:48 - 2016-07-20 10:45 - 00003081 _____ C:\Users\Public\Desktop\CorelDRAW X8 (64-Bit).lnk
2016-07-20 10:48 - 2016-07-20 10:45 - 00002361 _____ C:\Users\Public\Desktop\Corel CONNECT X8 (64-Bit).lnk
2016-07-20 10:48 - 2016-07-20 10:45 - 00002278 _____ C:\Users\Public\Desktop\Corel Font Manager X8 (64-Bit).lnk
2016-07-20 10:47 - 2016-07-20 10:47 - 00000000 ____D C:\Users\Todos os Usuários\VsTelemetry
2016-07-20 10:47 - 2016-07-20 10:47 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-07-20 10:46 - 2016-07-20 10:46 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-07-20 10:46 - 2016-07-20 10:46 - 00000000 ____D C:\Program Files (x86)\Corel
2016-07-20 10:45 - 2016-07-20 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-07-20 10:33 - 2015-06-21 22:40 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-07-20 10:33 - 2015-06-21 22:40 - 00027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-07-20 10:33 - 2015-04-22 18:25 - 00993632 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-07-20 10:33 - 2015-04-22 18:25 - 00987848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-07-20 10:33 - 2015-04-22 18:25 - 00690016 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-07-20 10:33 - 2015-04-22 18:25 - 00484552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-07-20 10:15 - 2016-07-20 10:28 - 534612834 _____ C:\Users\Léo\Desktop\CorelDRAWGraphicsSuiteX8Installer_pt64Bit.zip
2016-07-20 10:14 - 2016-07-20 10:14 - 12505160 _____ (Corel Corporation) C:\Users\Léo\Desktop\cdgsx8seo.exe
2016-07-20 10:14 - 2016-07-20 10:14 - 00000000 ____D C:\Users\Todos os Usuários\UniqueId
2016-07-20 10:14 - 2016-07-20 10:14 - 00000000 ____D C:\ProgramData\UniqueId
2016-07-19 14:40 - 2016-07-19 14:40 - 00000606 _____ C:\Windows\Tasks\Adobe Acrobat Update Task.job
2016-07-19 14:39 - 2016-07-19 14:39 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-15 09:03 - 2016-07-15 09:03 - 00042461 _____ C:\Users\Léo\Downloads\Orcamento_4321.pdf
2016-07-14 13:41 - 2016-07-14 13:41 - 00090958 _____ C:\Users\Léo\Desktop\Ramais.pdf
2016-07-14 09:00 - 2016-07-14 09:09 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-14 09:00 - 2016-07-14 09:00 - 00987728 _____ (Google Inc.) C:\Users\Léo\Downloads\ChromeSetup.exe
2016-07-14 08:09 - 2016-07-14 08:09 - 00043232 _____ C:\Users\Léo\Downloads\Orcamento_4315.pdf
2016-07-14 08:07 - 2016-07-14 08:07 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-14 08:04 - 2016-07-14 08:04 - 00002019 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-07-13 14:26 - 2016-07-13 14:26 - 00032769 _____ C:\Users\Léo\Downloads\placa105_30x20.zip
2016-07-13 14:17 - 2016-07-13 14:17 - 00087889 _____ C:\Users\Léo\Desktop\30 cm.pdf
2016-07-13 14:16 - 2016-07-13 14:16 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-07-11 11:32 - 2016-07-11 11:32 - 00001928 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-11 11:32 - 2016-07-11 11:32 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-11 11:32 - 2016-07-11 11:32 - 00000460 _____ C:\Windows\Tasks\SafeZone scheduled Autoupdate 1463427774.job
2016-07-11 11:31 - 2016-07-11 11:31 - 00000350 ____H C:\Windows\Tasks\avast! Emergency Update.job
2016-07-11 11:31 - 2016-06-30 16:21 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-07-11 11:31 - 2016-06-30 16:21 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-07-11 11:31 - 2016-06-30 16:21 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-07-11 11:31 - 2016-06-30 16:21 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-07-11 11:31 - 2016-06-30 16:21 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-07-11 11:31 - 2016-06-30 16:21 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-07-11 11:31 - 2016-06-30 16:21 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-07-11 11:31 - 2016-06-30 16:21 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-11 11:31 - 2016-06-30 16:21 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-11 11:29 - 2016-06-30 16:21 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-08 09:47 - 2016-07-08 10:02 - 00477633 _____ C:\Users\Léo\Desktop\logo cambridge.cdr
2016-07-08 09:47 - 2016-07-08 09:47 - 00477859 _____ C:\Users\Léo\Desktop\Cópia_de_segurança_de_logo cambridge.cdr
2016-07-08 08:02 - 2016-07-08 08:02 - 00000000 ____D C:\Users\Léo\AppData\Roaming\PlaysTV
2016-07-07 09:08 - 2016-07-07 09:08 - 01444992 _____ C:\Users\Léo\Downloads\SteamSetup(1).exe
2016-07-04 13:54 - 2016-07-04 13:54 - 00042469 _____ C:\Users\Léo\Downloads\Orcamento_4260.pdf
2016-07-04 08:11 - 2016-07-19 14:02 - 00000000 ____D C:\Users\Léo\Desktop\Serviços Julho
2016-06-30 16:21 - 2016-06-30 16:21 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-06-30 16:21 - 2016-06-30 16:21 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-06-30 16:21 - 2016-06-30 16:21 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146731451470302
2016-06-30 16:21 - 2016-06-30 16:21 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-06-29 14:10 - 2016-06-29 14:10 - 00043495 _____ C:\Users\Léo\Downloads\Orcamento_4230.pdf
2016-06-28 13:58 - 2016-06-28 13:58 - 00043043 _____ C:\Users\Léo\Downloads\Orcamento_4226.pdf
2016-06-24 13:51 - 2016-06-24 13:55 - 00000000 ____D C:\Users\Léo\AppData\LocalLow\uTorrent
2016-06-23 16:18 - 2016-06-23 16:18 - 00043117 _____ C:\Users\Léo\Downloads\Orcamento_4208.pdf
2016-06-23 08:25 - 2016-06-23 08:25 - 06995720 _____ (Piriform Ltd) C:\Users\Léo\Downloads\ccsetup519.exe
2016-06-23 08:25 - 2016-06-23 08:25 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-22 13:02 - 2016-06-22 13:02 - 00000000 ____D C:\Users\Léo\AppData\Local\Macromedia
2016-06-22 11:43 - 2016-06-22 11:44 - 00000000 ____D C:\Users\Henrique\AppData\Roaming\Raptr
2016-06-22 11:43 - 2016-06-22 11:44 - 00000000 ____D C:\Users\Henrique\AppData\Roaming\PlaysTV
2016-06-22 11:37 - 2016-06-22 11:37 - 00000000 ____D C:\Users\Léo\AppData\Local\Deployment
2016-06-22 11:37 - 2016-06-22 11:37 - 00000000 ____D C:\Users\Léo\AppData\Local\Apps\2.0
2016-06-22 11:33 - 2016-06-22 11:39 - 00000000 ____D C:\Users\Léo\AppData\Local\Mozilla
2016-06-22 11:32 - 2016-06-22 11:32 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-22 11:32 - 2016-06-22 11:32 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-22 11:32 - 2016-06-22 11:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-21 13:19 - 2016-06-24 13:56 - 00000000 ____D C:\Users\Léo\AppData\Roaming\uTorrent
2016-06-21 11:19 - 2016-06-21 13:28 - 00000000 ____D C:\Users\Léo\AppData\Local\MalwareProtectionLive
2016-06-21 11:19 - 2016-06-21 11:19 - 00001848 _____ C:\Users\Public\Desktop\Vuze.lnk
2016-06-21 11:19 - 2016-06-21 11:19 - 00001848 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2016-06-21 11:19 - 2016-06-21 11:19 - 00000000 ____D C:\Users\Léo\AppData\Local\{B5F70934-5E12-42d2-882D-62D42EA1FA67}
2016-06-20 16:56 - 2016-06-20 16:56 - 00042406 _____ C:\Users\Léo\Downloads\Orcamento_4192.pdf
2016-06-20 11:55 - 2016-06-20 11:56 - 58327409 _____ C:\Users\Léo\Downloads\wetransfer-2cff23.zip
2016-06-16 11:04 - 2016-06-16 11:04 - 00043550 _____ C:\Users\Léo\Downloads\Orcamento_4131.pdf
2016-06-10 15:14 - 2016-06-10 15:14 - 00042636 _____ C:\Users\Léo\Downloads\Orcamento_4153.pdf
2016-06-10 11:44 - 2016-06-10 11:44 - 00042536 _____ C:\Users\Léo\Downloads\Orcamento_4147 (1).pdf
2016-06-10 11:43 - 2016-06-10 11:43 - 00042511 _____ C:\Users\Léo\Downloads\Orcamento_4147.pdf
2016-06-07 16:02 - 2016-06-07 16:02 - 00031232 _____ C:\Users\Léo\Downloads\Notas P2 - QS - 2A 3A TGTI.xls
2016-06-07 16:02 - 2016-06-07 16:02 - 00031232 _____ C:\Users\Léo\Downloads\Notas P2 - GC GTI - 2A 3A TGTI.xls
2016-06-07 15:30 - 2016-06-07 15:30 - 00043150 _____ C:\Users\Léo\Downloads\Orcamento_4123.pdf
2016-06-07 15:07 - 2016-06-07 15:07 - 00043003 _____ C:\Users\Léo\Downloads\Orcamento_4068 (1).pdf
2016-06-06 17:26 - 2016-06-06 17:28 - 00000000 ____D C:\Users\Léo\Desktop\leo
2016-06-06 09:16 - 2016-06-06 09:16 - 06893688 _____ (Piriform Ltd) C:\Users\Léo\Downloads\ccsetup518.exe
2016-06-03 14:09 - 2016-06-03 14:09 - 00048623 _____ C:\Users\Léo\Downloads\Orcamento_4074.pdf
2016-06-03 11:34 - 2016-06-03 11:46 - 00000000 ___HD C:\$Windows.~BT
2016-06-03 10:49 - 2016-06-03 10:49 - 00000000 ___HD C:\$Windows.~WS
2016-06-03 10:43 - 2016-06-03 11:46 - 00001908 _____ C:\Windows\diagwrn.xml
2016-06-03 10:43 - 2016-06-03 11:46 - 00001908 _____ C:\Windows\diagerr.xml
2016-06-03 09:56 - 2016-06-03 09:56 - 19646888 _____ (Microsoft Corporation) C:\Users\Léo\Downloads\instalador windows 10.exe
2016-06-03 09:02 - 2016-06-03 09:02 - 00043893 _____ C:\Users\Léo\Downloads\Pedido_4000.pdf
2016-06-03 09:02 - 2016-06-03 09:02 - 00043850 _____ C:\Users\Léo\Downloads\Pedido_4000 (1).pdf
2016-06-02 15:26 - 2016-06-02 15:26 - 00042845 _____ C:\Users\Léo\Downloads\Orcamento_4096 (1).pdf
2016-06-02 15:26 - 2016-06-02 15:26 - 00042824 _____ C:\Users\Léo\Downloads\Orcamento_4096.pdf
2016-06-02 14:41 - 2016-06-02 14:41 - 00043535 _____ C:\Users\Léo\Downloads\Orcamento_4095.pdf
2016-06-02 14:35 - 2016-06-02 14:35 - 00043002 _____ C:\Users\Léo\Downloads\Orcamento_4094.pdf
2016-06-02 14:34 - 2016-06-02 14:34 - 00043002 _____ C:\Users\Léo\Downloads\Orcamento_4093.pdf
2016-06-02 14:32 - 2016-06-02 14:32 - 00043003 _____ C:\Users\Léo\Downloads\Orcamento_4092.pdf
2016-06-02 14:30 - 2016-06-02 14:30 - 00042971 _____ C:\Users\Léo\Downloads\Orcamento_4091.pdf
2016-06-02 10:58 - 2016-07-04 13:12 - 00000000 ____D C:\Users\Léo\Desktop\Serviços Junho
2016-06-02 09:56 - 2016-06-02 09:56 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-02 09:56 - 2016-06-02 09:56 - 00000000 ____D C:\Intel
2016-05-31 09:08 - 2016-05-31 09:08 - 00043006 _____ C:\Users\Léo\Downloads\Orcamento_4068.pdf
2016-05-31 09:01 - 2016-05-31 09:01 - 00043440 _____ C:\Users\Léo\Downloads\Orcamento_4067.pdf
2016-05-30 17:29 - 2016-05-30 17:29 - 04915443 _____ C:\Users\Léo\Downloads\Segurança e auditoria2.pptx
2016-05-25 16:23 - 2016-05-25 16:23 - 00042443 _____ C:\Users\Léo\Downloads\Orcamento_4051.pdf
2016-05-25 15:40 - 2016-05-25 15:40 - 01427892 _____ C:\Users\Léo\Downloads\Animeai.apk
2016-05-25 14:32 - 2016-05-25 14:32 - 00047419 _____ C:\Users\Léo\Downloads\Orcamento_4038.pdf
2016-05-25 09:04 - 2016-05-25 09:04 - 00000000 ____D C:\Users\Léo\AppData\Local\Mega Limited
2016-05-25 09:03 - 2016-05-25 09:03 - 10644488 _____ (MEGA Limited) C:\Users\Léo\Downloads\MEGAsyncSetup.exe
2016-05-23 16:05 - 2016-05-23 16:05 - 00042921 _____ C:\Users\Léo\Downloads\Orcamento_4014.pdf
2016-05-23 09:53 - 2016-05-23 09:53 - 00042457 _____ C:\Users\Léo\Downloads\Orcamento_4013.pdf
2016-05-20 15:56 - 2016-05-20 15:56 - 09862206 _____ C:\Users\Léo\Downloads\MSCV arquivos.zip
2016-05-20 08:57 - 2016-05-20 08:57 - 00042747 _____ C:\Users\Léo\Downloads\Orcamento_3995.pdf
2016-05-17 16:47 - 2016-05-17 16:47 - 00047446 _____ C:\Users\Léo\Downloads\Orcamento_3983.pdf
2016-05-17 08:04 - 2016-05-17 08:04 - 00000000 ____D C:\Users\Léo\AppData\Local\AVAST Software
2016-05-16 13:52 - 2016-05-16 13:52 - 00000000 ____D C:\Users\Léo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-16 13:41 - 2016-05-16 13:41 - 01380712 _____ C:\Users\Léo\Downloads\SteamSetup.exe
2016-05-16 13:03 - 2016-05-16 13:03 - 00048352 _____ C:\Users\Léo\Downloads\Orcamento_3486.pdf
2016-05-16 08:35 - 2016-07-08 14:47 - 00000000 ____D C:\Users\Léo\Desktop\AGRUPAMENTO LOJAS SETA
2016-05-16 08:11 - 2016-05-16 08:11 - 00042585 _____ C:\Users\Léo\Downloads\Orcamento_3971 (1).pdf
2016-05-16 08:11 - 2016-05-16 08:11 - 00042544 _____ C:\Users\Léo\Downloads\Orcamento_3971.pdf
2016-05-13 14:56 - 2016-05-13 14:56 - 00042879 _____ C:\Users\Léo\Downloads\Orcamento_3966 (1).pdf
2016-05-13 13:46 - 2016-05-13 13:46 - 00042879 _____ C:\Users\Léo\Downloads\Orcamento_3966.pdf
2016-05-13 08:49 - 2016-05-13 08:49 - 00043452 _____ C:\Users\Léo\Downloads\Orcamento_3930 (5).pdf
2016-05-13 08:48 - 2016-05-13 08:48 - 00043529 _____ C:\Users\Léo\Downloads\Orcamento_3930 (3).pdf
2016-05-13 08:48 - 2016-05-13 08:48 - 00043383 _____ C:\Users\Léo\Downloads\Orcamento_3930 (4).pdf
2016-05-13 08:34 - 2016-05-13 08:34 - 00043447 _____ C:\Users\Léo\Downloads\Orcamento_3930 (2).pdf
2016-05-12 09:43 - 2016-05-12 09:43 - 00043387 _____ C:\Users\Léo\Downloads\Orcamento_3930 (1).pdf
2016-05-12 09:25 - 2016-05-12 09:25 - 00043312 _____ C:\Users\Léo\Downloads\Orcamento_3930.pdf
2016-05-11 15:41 - 2016-05-11 15:41 - 00048255 _____ C:\Users\Léo\Downloads\Orcamento_3928.pdf
2016-05-11 08:37 - 2016-05-11 08:37 - 00042539 _____ C:\Users\Léo\Downloads\Orcamento_3953.pdf
2016-05-10 15:05 - 2016-05-10 15:05 - 00048194 _____ C:\Users\Léo\Downloads\Orcamento_3945.pdf
2016-05-09 15:59 - 2016-05-09 15:59 - 00042745 _____ C:\Users\Léo\Downloads\Orcamento_3938.pdf
2016-05-05 13:21 - 2016-05-05 13:21 - 00042924 _____ C:\Users\Léo\Downloads\Orcamento_3929.pdf
2016-05-05 11:45 - 2016-05-05 11:45 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2016-05-05 11:45 - 2012-09-22 23:17 - 00021160 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmafd.sys
2016-05-05 11:37 - 2016-07-07 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-05-05 11:37 - 2016-07-07 09:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-05-05 11:37 - 2016-05-05 11:37 - 00000000 ____D C:\Users\Todos os Usuários\ATI
2016-05-05 11:37 - 2016-05-05 11:37 - 00000000 ____D C:\ProgramData\ATI
2016-05-05 11:33 - 2016-05-05 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-05-05 11:33 - 2016-05-05 11:33 - 00000000 ____D C:\Program Files (x86)\AMD
2016-05-05 11:25 - 2016-05-05 11:30 - 300897896 _____ (AMD Inc.) C:\Users\Léo\Downloads\amd-catalyst-15.7.1-with-dotnet45-win8.1-64bit.exe
2016-05-04 13:34 - 2016-05-04 13:35 - 40673869 _____ C:\Users\Léo\Downloads\wetransfer-1407d8.zip
2016-05-03 16:58 - 2016-05-03 16:58 - 00048153 _____ C:\Users\Léo\Downloads\Orcamento_3899.pdf
2016-05-03 16:28 - 2016-06-02 10:45 - 00000000 ____D C:\Users\Léo\Desktop\SETA - LOJA COMPLETA
2016-05-03 13:40 - 2016-07-07 09:22 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-05-03 13:40 - 2016-05-03 13:40 - 00000000 ____D C:\Users\Léo\AppData\Roaming\library_dir
2016-05-03 13:39 - 2016-07-20 10:43 - 00000000 ____D C:\Users\Léo\AppData\Roaming\Raptr
2016-05-03 13:28 - 2016-05-03 13:28 - 04952336 _____ (Advanced Micro Devices, Inc.) C:\Users\Léo\Downloads\autodetectutility.exe
2016-05-02 17:20 - 2016-05-02 17:20 - 00042991 _____ C:\Users\Léo\Downloads\Orcamento_3902 (1).pdf
2016-05-02 17:19 - 2016-05-02 17:19 - 00042945 _____ C:\Users\Léo\Downloads\Orcamento_3902.pdf
2016-05-02 13:55 - 2016-05-02 13:55 - 00042799 _____ C:\Users\Léo\Downloads\Orcamento_3897.pdf
2016-05-02 13:40 - 2016-05-02 13:40 - 00042815 _____ C:\Users\Léo\Downloads\Orcamento_3894.pdf
2016-05-02 10:47 - 2016-05-02 10:47 - 00043093 _____ C:\Users\Léo\Downloads\Orcamento_3893 (1).pdf
2016-05-02 10:45 - 2016-05-02 10:45 - 00043051 _____ C:\Users\Léo\Downloads\Orcamento_3893.pdf
2016-05-02 09:14 - 2016-05-02 09:14 - 00043125 _____ C:\Users\Léo\Downloads\Orcamento_3889.pdf
2016-05-02 08:45 - 2016-07-04 08:12 - 00000000 ____D C:\Users\Léo\Desktop\Serviços Maio
2016-04-29 09:57 - 2016-04-29 09:57 - 00048340 _____ C:\Users\Léo\Downloads\Orcamento_3871.pdf
2016-04-29 09:35 - 2016-04-29 09:35 - 00043125 _____ C:\Users\Léo\Downloads\Orcamento_3883.pdf
2016-04-28 14:16 - 2016-04-28 14:16 - 00938032 _____ C:\Users\Léo\Downloads\FlashPlayer_Upgrade.exe
2016-04-27 16:09 - 2016-04-27 16:09 - 00048010 _____ C:\Users\Léo\Downloads\Orcamento_3852.pdf
2016-04-22 08:14 - 2016-04-22 08:13 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-20 10:47 - 2014-04-09 19:26 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-20 10:47 - 2014-04-09 19:26 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-20 10:47 - 2013-09-03 10:03 - 00000000 ____D C:\Program Files (x86)\gs
2016-07-20 10:47 - 2012-07-26 05:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-07-20 10:46 - 2012-11-29 12:26 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-07-20 10:46 - 2012-11-29 12:26 - 00000000 ____D C:\ProgramData\Corel
2016-07-20 10:46 - 2012-11-29 12:23 - 00000000 ____D C:\Program Files\Corel
2016-07-20 10:45 - 2012-11-29 12:26 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-07-20 10:42 - 2015-07-03 13:27 - 00000000 ____D C:\Users\Léo\AppData\LocalLow\Scpad
2016-07-20 10:39 - 2012-07-26 02:26 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-07-20 10:36 - 2012-07-26 04:59 - 00000000 ____D C:\Windows\CbsTemp
2016-07-19 13:18 - 2015-07-20 15:05 - 00000132 _____ C:\Users\Léo\AppData\Roaming\Preferências do formato PNG do Adobe CS5
2016-07-18 08:14 - 2014-08-18 11:51 - 00000000 ____D C:\Users\Todos os Usuários\BlueStacksSetup
2016-07-18 08:14 - 2014-08-18 11:51 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-07-14 09:09 - 2015-07-03 11:50 - 00000000 ____D C:\Users\Léo\AppData\Local\Google
2016-07-14 08:09 - 2015-07-03 12:38 - 00000000 ____D C:\Users\Léo\AppData\Local\Adobe
2016-07-14 08:07 - 2012-07-26 05:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-14 08:07 - 2012-07-26 05:12 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-14 08:00 - 2015-07-01 14:45 - 00000000 ____D C:\Users\Todos os Usuários\ProductData
2016-07-14 08:00 - 2015-07-01 14:45 - 00000000 ____D C:\ProgramData\ProductData
2016-07-11 11:24 - 2015-04-27 08:03 - 06275016 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-08 17:22 - 2015-07-03 11:48 - 00000000 ____D C:\Users\Léo
2016-07-07 09:21 - 2014-03-21 08:49 - 00000000 ____D C:\Program Files\CCleaner
2016-07-05 07:59 - 2015-07-03 13:15 - 00223200 _____ C:\Users\Léo\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-30 08:23 - 2013-08-13 17:57 - 00000000 ____D C:\Windows\Minidump
2016-06-28 08:16 - 2012-07-26 05:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-06-28 08:15 - 2012-07-26 05:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-24 13:56 - 2015-07-08 13:51 - 00000000 ____D C:\Users\Léo\AppData\Roaming\Azureus
2016-06-23 15:53 - 2012-07-26 07:33 - 00765522 _____ C:\Windows\system32\prfh0416.dat
2016-06-23 15:53 - 2012-07-26 07:33 - 00155254 _____ C:\Windows\system32\prfc0416.dat
2016-06-23 15:53 - 2012-07-26 04:28 - 01773510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-23 15:53 - 2012-07-26 02:37 - 00000000 ____D C:\Windows\Inf
2016-06-23 13:16 - 2015-07-03 16:09 - 00000000 ____D C:\Users\Léo\AppData\Roaming\vlc
2016-06-22 11:33 - 2015-07-08 16:09 - 00000000 ____D C:\Users\Léo\AppData\Roaming\Mozilla
2016-06-22 11:32 - 2013-02-15 16:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 11:19 - 2015-07-08 13:51 - 00000000 ____D C:\Program Files (x86)\Vuze

==================== Arquivos na raiz de alguns diretórios =======

2015-09-08 15:14 - 2015-09-08 15:14 - 0000132 _____ () C:\Users\Léo\AppData\Roaming\Preferências do filtro IllExport Adobe CS5
2015-07-20 15:05 - 2016-07-19 13:18 - 0000132 _____ () C:\Users\Léo\AppData\Roaming\Preferências do formato PNG do Adobe CS5
2015-04-19 09:20 - 2015-07-10 13:03 - 0000626 _____ () C:\Users\Léo\AppData\Roaming\vbpu9cf7NrpqK9pvYDe
2015-04-19 09:20 - 2015-07-10 13:03 - 0000626 _____ () C:\Users\Léo\AppData\Roaming\xPXhOxvg2DbbRe3DR
2015-09-08 15:11 - 2015-09-08 16:39 - 0001456 _____ () C:\Users\Léo\AppData\Local\Adobe Salvar para a Web 12.0 Prefs
2016-04-14 18:21 - 2016-04-14 18:21 - 0004096 ____H () C:\Users\Léo\AppData\Local\keyfile3.drm
2015-07-08 17:01 - 2015-07-08 17:01 - 0613255 _____ (CMI Limited) C:\Users\Léo\AppData\Local\nsxCE58.tmp
2013-08-26 08:41 - 2013-08-26 08:41 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-07 11:16 - 2015-04-07 11:16 - 0000160 _____ () C:\ProgramData\bc.ini
2015-07-01 15:13 - 2015-07-01 15:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-02-21 10:07 - 2013-02-21 10:30 - 0001126 _____ () C:\ProgramData\hpzinstall.log
2013-03-01 16:07 - 2013-03-01 16:12 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-03-26 13:10 - 2014-03-26 13:10 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\StartMenuReviver.exe
C:\Users\Henrique\gbpluginabnsetup.exe
C:\Users\Todos os Usuários\StartMenuReviver.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2013-09-10 07:53

==================== Fim de FRST.txt ============================